“CSO provides news, analysis and research on security and risk management.”

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 26 November 2021, 1306 UTC.

Content provided by “CSOonline.com.”

Source:  https://www.csoonline.com/news/

Please click link or scroll down to read your selections.


Conceptual image of a network of executives / silhouettes of executives in motion.

NIST workshop provides clues to upcoming software supply chain security guidelines

Experts at a NIST-sponsored workshop weigh in on what might be in the final version of the Biden executive-order-mandated supply chain security guidelines.

Void Balaur explained—a stealthy cyber mercenary group that spies on thousands

Unlike other groups, Void Balaur will target individuals and organizations in Russian-speaking countries and seems to have intimate knowledge of telecom systems.

Cyberwar’s global players—it’s not always Russia or China

Research reveals that countries such as Belarus, India, and Colombia are responsible for significant cyberattacks.

Which countries are most (and least) at risk for cybercrime?

Cybersecurity firm SEON has come up with a snapshot of how the threat of cybercrime differs around the world, ranking countries that are most and least vulnerable.

Flaws in the Nucleus embedded TCP/IP stack puts critical systems at risk

The NUCLEUS:13 vulnerabilities can allow remote code execution or denial of service attacks. Billions of devices could be affected.

BusyBox flaws highlight need for consistent IoT updates

Some of the 14 vulnerabilities could result in remote code execution or denial of service attacks.

Pentagon announces version 2.0 of its controversial CMMC program

CMMC 2.0 simplifies the process for SMBs, but critics say the verification process relies too much on self-attestation.

US DOJ recovers $6 million and indicts two REvil principals

The DOJ promises a whole of government approach to fighting ransomware groups no matter which country they operate from.

Infrastructure bill includes $1.9 billion for cybersecurity

Passage of the infrastructure bill includes $1.9 billion for cybersecurity, and more could be on the way with the Build Back Better and other bills working their way through Congress.

Update and isolate your Nagios servers now

Recently discovered vulnerabilities in Nagios servers could give attackers broad access to systems and data if exploited.

Graylog unites SIEM, AI-based anomaly detection in new security suite

Graylog is consolidating SIEM and UEBA (anomaly detection and user entity behavior analytics) in its new security package for streamlined detection and elimination of enterprise security threats .

CISA releases directive to remediate dangerous vulnerabilities across civilian agencies

While the move is applauded, a short timeframe to address vulnerabilities will be a challenge for security resource-strapped agencies.

Stealthy Trojan that roots Android devices makes its way on app stores

The criminals behind the Trojan have placed fully functional utilities that carry malicious code on the Google Play store in a way that evades detection.

Enterprises with subsidiaries more prone to cyberattacks, study says

Global enterprises with numerous subsidiaries are more exposed to cybersecurity threats and have more difficulty managing risk than companies with no or fewer subsidiaries, according to an Osterman Research report.

Biden’s cybersecurity executive order, a progress report

Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.

Russian cyberspies target cloud services providers and resellers to abuse delegated access

A new Microsoft advisory claims Russia’s Nobelium group is trying to gain long-term access to the technology supply chain and offers mitigation advice.

Decline in ransomware claims could spark change for cyber insurance

New research indicates that ransomware attack and payment claims are in decline as resiliency takes priority for organizations.

Detecting anomalies with TLS fingerprints could pinpoint supply chain compromises

Researchers at Splunk outline a technique, pioneered by Salesforce, that could detect malicious activity in the software supply chain, but with some limitations.


For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.  Thanks for joining us today.

Russ Roberts