Week in Review: Spring4Shell Vulnerability, Attackers Exploiting Patched RCE in Sophos Firewall


Here’s a look at some of the most interesting news, articles and interviews from the past week:

Spring4Shell: No need to panic, but mitigation measures are advised
Security teams around the world got another shock on Thursday when news of a PoC disclosure for an unauthenticated zero-day RCE vulnerability in Spring Core, a hugely popular framework for building modern enterprise applications. based on Java, began to circulate online.

Beware of old and new tax scams and schemes
April 18 marks the end of the 2022 tax season in the United States and people who have yet to file their taxes should move on.

Attackers exploit recently patched RCE in Sophos Firewall (CVE-2022-1040)
A critical vulnerability (CVE-2022-1040) in Sophos Firewall is being exploited in the wild to target “a small set of specific organizations primarily in the South Asia region”, Sophos warned.

IceID Trojan delivered via hijacked chat threads, compromised MS Exchange servers
A malicious actor exploits vulnerable on-premises Microsoft Exchange servers and uses hijacked email threads to distribute the IceID Trojan (BokBot) without triggering email security solutions.

How to recruit cybersecurity talent from atypical backgrounds
In this interview with Help Net Security, Max Shuftan, Director of Mission Programs and Partnerships at the SANS Institute, discusses how companies and the cybersecurity industry should try to recruit hobbyists and do-it-yourselfers – as well as people from many atypical backgrounds – to help fill the growing cybersecurity workforce gap.

Mars Stealer malware distributed via Google Ads and phishing emails
Cybercriminals trying to force the Mars Stealer malware onto users apparently have a penchant for a particular tactic: disguising it as legitimate, benign software to trick users into downloading it.

JavaScript security: the importance of putting the client side first
In this interview with Help Net Security, Vitaly Lim, CTO at Feroot, talks about the most common JavaScript threats, the devastating impact of malicious or vulnerable code, and the importance of JavaScript security in the development process.

Not enough companies have a formal ransomware plan in place
Research from Thales has revealed that malware, ransomware and phishing continue to plague organizations worldwide.

Why low-code and identity must coexist
Software development has become an essential task for organizations looking to compete in the digital economy. It fuels more and more innovation and even rupture.

Subdomain takeover attacks are on the rise and harder to monitor
Research by Detectify found that subdomain takeovers are on the rise, but are also becoming more difficult to monitor as domains now appear to contain more vulnerabilities.

Is next-generation threat modeling even about threats?
The threat landscape is changing with technology, and as threats grow in sophistication, there are fears that major events like the Colonial Pipeline ransomware attack or the Equifax breach could be repeated elsewhere.

Security vulnerabilities that can be exposed by cybersecurity asset management
Cybersecurity asset management doesn’t come with the excitement that follows metaverse, blockchain, or smokescreen detection technologies, but it’s essential for protecting enterprise infrastructure.

Cybercriminals launched 9.75 million DDoS attacks in 2021
In the second half of 2021, cybercriminals launched an estimated 4.4 million distributed denial-of-service (DDoS) attacks, bringing the total number of DDoS attacks in 2021 to 9.75 million, a NETSCOUT report reveals.

Web3 and the Future of Data Portability: Rethinking User Experiences and Incentives on the Internet
Tech conversations are now peppered with a controversial new buzzword: Web3, and we’re likely to hear a lot more about it in the years to come.

COVID 2021 rebound: malware is back in force
At a particularly perilous time for privacy and security, Malwarebytes research has revealed a COVID rebound, a massive resurgence of cyber threats in 2021 across multiple categories after pandemic-induced declines in 2020.

Where should companies start when it comes to device security?
The Internet of Things (IoT) market has a security problem that is turning into a business problem. According to a recent survey conducted by the Ponemon Institute, 59% of in-vehicle product security decision makers say they have lost revenue due to product security issues.

The landscape of Israeli cybersecurity funding over the past year
In this video for Help Net Security, Yonit Wiseman, Partner at YL Ventures, talks about the Israeli cybersecurity funding landscape over the past year.

We need an industry-backed, technology-neutral resource to restore trust in voice communications
With illegal robocalls now accounting for nearly half of all unwanted calls in the United States, consumers are simply choosing not to pick up their phones.

Posts on name-and-shame dark web leak sites soared 85% in 2021
Ransomware payments hit new highs in 2021 as cybercriminals increasingly turned to dark web leak sites where they pressured victims to pay by threatening to leak sensitive data, according to a study published by Unit 42 by Palo Alto Networks.

Cybercriminals focus on crypto donations to Ukraine to trick victims
As the war in Ukraine unfolded, one way to help was to donate cryptocurrency, which resulted in over $50 million in crypto donations. Cybercriminals were quick to move on and take advantage of this lucrative situation and inattentive victims.

Adopting cloud-native shifts responsibility for security across teams
Styra released a research report that explores how in-sync or mis-aligned IT managers and developers are when it comes to the use and security of cloud-native technologies during their digital transformation journeys.

Extended Threat Intelligence: a new approach to threat intelligence
Every day the world is shaken by different new crises and cyber events. All sectors are affected by the events, whether in terms of production, transport or security.

Product showcase: Specops uReset SSPR solution
According to Forrester, a single password reset can cost an organization $70. As impressive as that figure is, it pales in comparison to organization-wide password reset costs.

Product showcase: Secure online authentication “Made in Germany” by Swissbit
Today, it’s more critical than ever for businesses to have basic data and cybersecurity processes in place to avoid costly mistakes.

New infosec products of the week: April 1, 2022
Here’s a look at some of the hottest products from the past week, with releases from CRITICALSTART, MetricStream, Nebulon, Rapid7, SEON, and Veriff.


Comments are closed.