Security leaders on how to cope with stress of Log4j.

Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.

Accessed on 30 December 2021, 1405 UTC.

Content provided by “CSOonline.com.”

Source:

https://www.csoonline.com/news-analysis/

Please click link or scroll down to read your selections.

News Analyses

A stressed businessman with head in hand sits at a desk and computer in an office workspace.

Second Log4j vulnerability carries denial-of-service threat, new patch available

The fallout from the Apache Log4j vulnerability continues as researchers discover a second exploit that could lead to denial-of-service attacks. A patch is available to fix the issue.

Survey: Hackers approach staff to assist in ransomware attacks

Cyberattackers have approached employees in 48% of organizations in North America to assist in ransomware attacks, according to a report by Pulse and Hitachi ID.

Cybereason, Google Cloud launch XDR solution to streamline threat detection and response

New joint solution enhances ability to predict, detect, and respond to cyberattacks at scale across endpoints, networks, identities, cloud, and workspaces.

NIST gears up for software security and IoT labeling pilot programs

Intended to help consumer make more secure software and IoT device purchases, the labeling guidelines are voluntary and self-policing at this time.

Researchers warn about continuous abuse of unpatched MikroTik routers

Attackers are still exploiting unaddressed vulnerabilities in an estimated 300,000 MikroTik routers. A new tool will detect compromised devices.

Google disrupts major malware distribution network Glupteba

The botnet take-down is believed to be temporary as the criminal group has a backup command-and-control mechanism based on Bitcoin blockchain.

Critical flaw in ManageEngine Desktop Central MSP tool exploited in the wild

Each of two flaws allow attackers to bypass authentication, leaving customers of MSPs that use ManageEngine at risk. Patches are available.

U.S. Cyber Command’s actions against ransomware draw support and criticism

The actions, which temporarily took down REvil, raise questions about using the military to combat ransomware.

Ubiquiti breach an inside job, says FBI and DoJ

Investigators claim Ubiquiti employee Nikolas Sharp stole company data and then played the role of whistleblower to draw attention away from is actions.

UK ICO to fine Clearview AI £17 million for data protection law breaches

The facial recognition company is cited for not having proper data protection processes in place or a lawful reason to collect personal information, among other violations.

New HP MFP vulnerabilities show why you should update and isolate printers

Researchers have discovered two dangerous vulnerabilities in HP multifunction printers that use its FutureSmart firmware, including one that is exploitable remotely.

Study: Storage systems are weakest link in IT infrastructure security

Continuity Software analyzed systems from businesses in multiple industry sectors in the US, Europe, and Middle East, finding that storage system security lags behind compute and network security.

NIST workshop provides clues to upcoming software supply chain security guidelines

Experts at a NIST-sponsored workshop weigh in on what might be in the final version of the Biden executive-order-mandated supply chain security guidelines.

Void Balaur explained—a stealthy cyber mercenary group that spies on thousands

Unlike other groups, Void Balaur will target individuals and organizations in Russian-speaking countries and seems to have intimate knowledge of telecom systems.

Cyberwar’s global players—it’s not always Russia or China

Research reveals that countries such as Belarus, India, and Colombia are responsible for significant cyberattacks.

Which countries are most (and least) at risk for cybercrime?

Cybersecurity firm SEON has come up with a snapshot of how the threat of cybercrime differs around the world, ranking countries that are most and least vulnerable.

Flaws in the Nucleus embedded TCP/IP stack puts critical systems at risk

The NUCLEUS:13 vulnerabilities can allow remote code execution or denial of service attacks. Billions of devices could be affected.

BusyBox flaws highlight need for consistent IoT updates

Some of the 14 vulnerabilities could result in remote code execution or denial of service attacks.

LOAD MORE

For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.

Russ Roberts (https://cyber-security-intelligence.org).