Project Hyphae
Search

Information Security New – 10/10/2022

Share This Post

Hackers Can Use ‘App Mode’ in Chromium Browsers’ for Stealth Phishing Attacks

Article Link: https://thehackernews.com/2022/10/hackers-can-use-app-mode-in-chromium.html

  • According to security researcher mr.d0x, a bad actor can leverage Application Mode in Chromium-based web browsers to resort to some HTML/CSS trickery, display a fake address bar on top of the window to create a realistic desktop phishing application, and fool users into giving up their credentials on rogue login forms.
  • The success of the attack is predicated on the fact that the attacker already has access to the target’s machine; however, the technique could technically be used in an external phishing scenario.
  • Google has said they are phasing out support for Chrome apps in favor of Progressive Web Apps (PWAs) and web-standard technologies, and the feature is expected to be fully discontinued in Chrome 109 or later on Windows, macOS, and Linux. Chrome is currently on version 106.

Email Defenses Under Siege: Phishing Attacks Dramatically Improve

Article Link: https://www.darkreading.com/remote-workforce/email-defenses-under-siege-phishing-attacks-dramatically-improve

  • Threat actors are getting better at slipping phishing attacks through the weak spots in platform email defenses, using a variety of techniques, such as zero-point font obfuscation, hiding behind cloud-messaging services, and delaying payload activation. They’re also doing more targeting and research on victims.
  • As a result, nearly 1 in 5 phishing emails (18.8%) bypassed Microsoft’s platform defenses and landed in workers’ inboxes in 2022, a rate that increased 74% compared to 2020, according to research by Check Point. Both Proofpoint and Trend Micro have reported similar increases as well.
  • Attackers are improving, too, because of the effort that cyber attackers make in collecting intel for targeting victims with social engineering. The data suggests that attackers are also getting better at analyzing defensive technologies and determining their limitations.

Back to Basics: Cybersecurity’s Weakest Link

Article Link: https://thehackernews.com/2022/10/back-to-basics-cybersecuritys-weakest.html

  • While there are many tools that make big promises, there is no easy, technology-driven fix for what is really cybersecurity’s biggest challenge: the actions of human beings.
  • Social engineering attacks have so consistently been in the public news, not just cybersecurity news, that the excuse “I didn’t know I shouldn’t click email links” is getting harder and harder to accept.
  • There is no magic solution for the cybersecurity implications of human behavior. Humans will make mistakes and reinforcing education is really your only option.

Russian Hackers Shut Down US State Government Websites

Article Link: https://www.darkreading.com/attacks-breaches/russian-hackers-shut-down-state-government-sites

  • A hacktvist group with ties to the Russian government has claimed credit for cyberattacks on the government websites of three US states: Colorado, Kentucky, and Mississippi.
  • Reports of the compromise of state government systems by the so-called Killnet hacktivist group is particularly alarming in light of upcoming November US midterm elections.
  • Whether it’s the defacement of websites or taking them offline with attacks such as DDoS attacks, it does erode public trust in the organizations that these websites represent.

CISOs, Boards Not Always on the Same Page

Article Link: https://www.techrepublic.com/article/cisos-boards-not-same-page/

  • According to a report from Proofpoint in collaboration with Cybersecurity at MIT Sloan, while 69% of board members report seeing eye-to-eye with their CISO, only 51% of CISOs say the same thing.
  • Board members often disagree with CISOs about which impacts of a cyber incident are most important. The top concern of boards (37%) was data becoming public, while 34% said reputational damage and 33% said revenue loss were the most serious consequence. CISOs, on the other hand, are more concerned about downtime, disrupted operations and impact on business valuations.
  • The good news is 77% of board members surveyed in the Cybersecurity: The 2022 Board Perspective report agree that cybersecurity is a top priority. Most (65%) believe they are at risk of cyberattack in the next 12 months compared to just 48% of CISOs. Likewise, board members and CISOs seem to be on the same page when it comes to the top threat they face, business email compromise.
  • Lucia Milică, a Proofpoint VP said that “A failure of board members and CISOs to see eye-to-eye with one another presents significant risk to an organization as the CISO needs buy-in from the board.”

Unearth Offboarding Risks Before Your Employees Say Goodbye

Article Link: https://www.helpnetsecurity.com/2022/10/06/unearth-offboarding-risks/

  • Torii research suggests that 76% of IT leaders believe offboarding is a significant security risk for their organization. Why? Because there are too many unknowns and complexities, including remote and hybrid work environments and a rise in SaaS applications/shadow IT.
  • Torii’s customer data shows that most organizations are now adding 15-20 new apps each month. App ownership is scattered throughout companies. Individuals provision as needed and decide who to give access to. The issue? No one is telling IT when they add a new app to the stack or a new user to the app. That means that when the time comes for offboarding, complete deprovisioning seldom occurs.
  • While IT departments do their best to manually track down the applications an employee was using, it can quickly turn into a time-consuming game of telephone. To address this, organizations need to gain visibility on SaaS usage and then act on this visibility through automation or technical mechanisms.

The Essentials of GRC and Cybersecurity — How They Empower Each Other

Article Link: https://thehackernews.com/2022/10/the-essentials-of-grc-and-cybersecurity.html

  • While cybersecurity focuses on the technical side of protecting systems, networks, devices, and data, governance, risk, and compliance (GRC) is the tool that will help the entire organization understand and communicate how to do it. GRC is the medium for creating awareness around cybersecurity’s best practices to reduce risks and achieve business goals.
  • Integrating GRC and cybersecurity is imperative for organizations that want to build a long-term, successful security strategy. Aside from faster communication, congruent metrics, collaboration, and decision-making, the integration of GRC and cybersecurity offers additional distinct advantages.
  • On a technical level, GRC helps with risk mitigation, regulatory compliance, audit support, third-party vendor selection, data privacy, and visibility.
  • Open Compliance and Ethics Group (OCEG) GRC Capability Model: https://go.oceg.org/grc-capability-model-red-book

Is Mandatory Password Expiration Helping or Hurting Your Password Security?

Article Link: https://www.helpnetsecurity.com/2022/10/04/mandatory-password-expiration-helping-or-hurting-password-security/

  • For decades cybersecurity professionals held tight to the idea that passwords needed to be changed on a regular basis. In recent years, however, organizations such as NIST and Microsoft have abandoned this best practice and are now recommending against mandatory password expiration.
  • This change is due to the fact that fast-acting criminals won’t be deterred by a 90-day change policy and end-users are tired of needless changes to perfectly good passwords.
  • A solution for this dilemma is to combine a strong password policy with an end-user reward system, where users keep their stronger passwords for longer.

US Consumers Are Finally Becoming More Security & Privacy Conscious

Article Link: https://www.darkreading.com/remote-workforce/survey-shows-us-consumers-are-becoming-more-security-and-privacy-conscious

  • A survey of 2,103 US adults, conducted by Consumer Reports (CR), showed substantial improvement in consumer cybersecurity and privacy practices over the past three years. Many more individuals appear aware of the security and privacy risks associated with their digital footprint and have modified their behavior significantly to try and protect it better with actions like adopting MFA.
  • 88% of survey respondents said they use what CR describes as strong passwords (eight characters or more, with upper and lowercase letters, numbers, and symbols) to protect access to their Wi-Fi networks. That’s up from 74% in the last survey. Similarly, 85%, up from 69%, have implemented measures to unlock their smartphone.
  • While the trends in the CR survey are encouraging, it’s also important to view them in the right perspective. For example, an 8-character password and MFA alone are not sufficient.


Reach out to our incident response team for help

More To Explore

Information Security News 4-22-2024

Cisco Duo Warns Third-Party Data Breach Exposed SMS MFA Logs Article Link: https://www.bleepingcomputer.com/news/security/cisco-duo-warns-third-party-data-breach-exposed-sms-mfa-logs/ Notorious Russian Hacking Unit Linked to Breach of Texas Water Facility Article

Shane Farmer April 22, 2024

Information Security News 4-15-2024

Roku Disclosed a Security Incident Impacting 576,000 Accounts Article Link: https://securityaffairs.com/161765/data-breach/roku-second-data-breach.html FBI Warns of Massive Wave of Road Toll SMS Phishing Attacks Article Link: https://www.bleepingcomputer.com/news/security/fbi-warns-of-massive-wave-of-road-toll-sms-phishing-attacks/

Shane Farmer April 15, 2024

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.