Security News > 2023 > July

Do we admit that a data breach has occurred or just call it a system glitch that caused some minor accidental data visibility? CISOs are tasked with crucial, timely decisions to avoid legal repercussions. Often the most underrated component of a security program, skilled people can be the most valuable security layer by far.

In this Help Net Security interview, Dr. Lindsey Polley de Lopez, Director of Cyber & Space Intelligence at MACH37, proposes strategies for companies, educational institutions, and governments on how to address the ongoing shortage of cybersecurity talent through the introduction of upskilling initiatives. At the federal level, the Cybersecurity and Infrastructure Security Agency's has a "Cybersecurity Workforce Training Guide" that helps early-career professionals plan a career pathway in cybersecurity, as well as a Cybersecurity Education and Training Assistance Program that helps teachers bring cybersecurity education into K-12 classrooms by providing worksheets, lesson plans, and notes that cover foundational concepts.

Though Exchange recovery is possible with the native tools, Exchange Administrators would face long hours of downtime. To come out of such sticky situations, you can bank on specialized third-party software, like Stellar Toolkit for Exchange, that can help in repairing and recovering corrupt databases after Exchange failure or any other issue.

Zero trust is here to stay, with 82% of experts currently working on implementing zero trust, and 16% planning to begin within 18 months, according to Beyond Identity. Over 90% of those working on zero trust cited that the 2022 Federal Zero Trust Strategy was a primary motivating factor.

Despite increased cybersecurity discussions at the C-suite and boardroom level, a sharp juxtaposition has emerged between executives who believe that every security alert is being addressed and the teams on the ground addressing the alerts. 70% of executives believe that all alerts are being handled by their security team, while only 36% of front-line roles responsible for managing alerts agree.

A critical severity 'Super Admin' privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to take full control over a device and remain undetected. The Mikrotik CVE-2023-30799 vulnerability was first disclosed without an identifier in June 2022, and MikroTik fixed the issue in October 2022 for RouterOS stable and on July 19, 2023, for RouterOS Long-term.

Google is set to improve Chrome by introducing a new "Link Preview" feature. Link Preview allows users to view a small popup web page preview simply by clicking or hovering over a hyperlink.

Apple has released fixes for several security flaws that affect its iPhones, iPads, macOS computers, and Apple TV and watches, and warned that some of these bugs have already been exploited. Apple credits Kaspersky researchers Valentin Pashkov, Mikhail Vinogradov, Georgy Kucherin, Leonid Bezvershenko, and Boris Larin with finding this bug, which looks similar to the kernel vulnerability used to infect iPhones with TriangleDB spyware and also uncovered by the aforementioned team.

Ivanti has also confirmed that the bug is actively exploited in attacks and warned customers that it's critical to "Immediately take action" to ensure their systems are fully protected. U.S. Federal Civilian Executive Branch Agencies have a three-week deadline, until August 15th, to secure their devices against attacks targeting the CVE-2023-35078 flaw, which was added to CISA's list of Known Exploited Vulnerabilities on Tuesday.

A new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its latest variants including support for macOS 14 Sonoma, which is still in development. In reality, the game installers infect devices with information-stealing malware, such as RedLine Stealer on Windows and Realst on macOS. This type of malware will steal data from the victim's web browsers and cryptocurrency wallet apps and send them back to the threat actors.