Security News > 2022 > November

This lack of in-house compliance experience and expertise often prompts companies to turn to third-party solutions to streamline the compliance process and act as a liaison with their auditors. Some of the most common compliance myths stem from misnomers and confusing or conflated terminology.

MFA protects a system, location, or sensitive data from being accessed by an unauthorized user. MFA systems also consider a one-time password/code received by the user via SMS or authenticator app as a possession factor.

Microsoft's latest round of monthly security updates has been released with fixes for 68 vulnerabilities spanning its software portfolio, including patches for six actively exploited zero-days.Also separately addressed at the start of the month is an actively exploited flaw in Chromium-based browsers that was plugged by Google as part of an out-of-band update late last month.

The importance of software threat modeling continues to grow. NIST advises software engineers to adhere to secure software development best practices and do software threat modeling repeatedly during the development process, especially when creating new capabilities.

Dark web marketplaces sell a plethora of tools, stolen data, and forged documents, and some of the things for sale are priced higher than the rest. The dark web also houses victims' personal information, including national insurance numbers, passports, and their driver's license details.

Titania launched an independent research report that uncovers the impact of exploitable misconfigurations on the security of networks in the US federal government. The study, "The impact of exploitable misconfigurations on the security of agencies' networks and current approaches to mitigating risks in the US Federal Government", finds that network professionals report that they are meeting their security and compliance practices, but data suggest that risk remains elevated.

Security teams are in charge of their company's most important asset - data. Their mission is to make sure they discover and remediate all of the data-related risks and keep up with the frequent changes that can affect their sensitive data.

VMware has revealed a terrible trio of critical-rated flaws in Workspace ONE Assist for Windows - a product used by IT and help desk staff to remotely take over and manage employees' devices. A miscreant able to reach a Workspace ONE Assist deployment, either over the internet or on the network, can exploit any of these three bugs to obtain administrative access without the need to authenticate.

Another now-patched bug listed under active exploit, CVE-2022-41091, is a Windows Mark of the Web bypass vulnerability. Exploiting CVE-2022-41091 involves tricking a victim into opening "a malicious file that would evade Mark of the Web defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MotW tagging," Redmond explained.

A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. The Amadey Bot malware is an old strain capable of performing system reconnaissance, data exfiltration, and payload loading.