Security News

Offensive Security released Kali Linux 2021.4, which comes with a number of improvements: wider Samba compatibility, switching package manager mirrors, enhanced Apple M1 support, Kaboxer theming, updates to Xfce, GNOME and KDE, Raspberry Pi Zero 2 W + USBArmory MkII ARM images, as well as new tools. Starting Kali Linux 2021.4, the Samba client is now configured for Wide Compatibility so that it can connect to pretty much every Samba server out there, regardless of the version of the protocol in use.

Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. In curtailing the exports, the move effectively makes it harder for local cybersecurity firms to market their software to countries with totalitarian regimes or with a track record of perpetrating human abuses.

A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis. "In every attack, the threat actor demonstrates extensive red teaming skills and the ability to bypass traditional antivirus detection using their own custom malware," Group-IB's Ivan Pisarev said.

Phishing emails are now skating past traditional defenses. Even with the most sophisticated email scanning and phishing detection system available, phishing emails are still a very common intrusion vector for cybercriminals to use to introduce malware, including ransomware, to a business' network.

A crew of highly-skilled hackers specialized in corporate espionage has resumed activity, one of their victims this year being a large wholesale company in Russia. Active since 2018, RedCurl is responsible for at least 30 attacks against businesses in Russia, Ukraine, Canada, Norway, the UK, and Germany, the latest four of them occurring this year.

An astonishing piece of vulnerability probing gave infosec researchers a way into to Microsoft's management controls for Azure Cosmos DB - with full read and write privileges over customer databases. The so-called ChaosDB vuln gave Wiz researchers "Access to the control panel of the underlying service" that hosts Azure Cosmos, Microsoft's managed cloudy document database service, they said.

Business leaders and managers who have integrated SIEMs to detect, analyze and respond to organizational threats - both external and internal - are already one step ahead. SIEM tools, when integrated with other layers of security, can help flag anomalous behavior and potential issues in real time. An SIEM could immediately handle a DoS attack or, at the very least, identify compromised devices.

The survey found that concerns around internet security rose by 16% from 2020 to the highest level of U.S. internet security concerns in the 15 years that Unisys has been running the study. "With the hybrid workforce here to stay, the survey shines a light on the need to balance productivity and collaboration tools with security, which do not have to be mutually exclusive," said Leon Gilbert, SVP and GM, Digital Workplace Solutions, Unisys.

Most notably, the research reveals data exfiltration remains a significant threat and despite large investments in security tools, organizations are not confident they can stop data exfiltration. "Existing tools are no longer a sufficient measure to prevent data exfiltration. Anti data exfiltration provides a new approach in the ongoing fight against cyberattacks."

Surveying 100 key executives across financial services, Theta Lake found that 83% of respondents are turning off key productivity and usability features of collaboration platforms like Zoom, Microsoft Teams, and Webex due to their organizations' technical inability to adhere to relevant regulatory compliance and security requirements. Collaboration tools need appropriate compliance oversight The top three collaboration features considered to be threats or challenges to privacy and security include: files uploaded or transferred in chats, links shared in chats or onscreen and screenshares.