September 2020 - Page 3 of 5 - Cyber Security Minute

Improving privacy of a global genomic data sharing network

Issued by: Help Net Security

A Case Western Reserve University computer and data sciences researcher is working to shore up privacy protections for people whose genomic information is stored in a vast global collection of vital, personal data. Erman Ayday pursued novel methods for identifying and analyzing privacy vulnerabilities in the genomic data sharing network known commonly as “the Beacons.”…

Vulnerabilities

Information Disclosure, XSS Vulnerabilities Patched in Drupal

Issued by: Security Week

The most serious of the flaws is CVE-2020-13668, a critical XSS issue affecting Drupal 8 and 9. It’s worth noting that Drupal uses the NIST Common Misuse Scoring System to determine security risk levels and critical is the second highest level, after highly critical. The issue is a reflected XSS and exploitation is only possible…

Network Security

7 best practices when selecting a PAM solution

Issued by: CSO

Privileged Access Management (PAM) creates an extra security layer that helps to reduce risk, eliminating unnecessary local admin privileges. It takes the credentials from admin accounts and puts them in a secure repository, minimizing the endpoints that can be accessed via local administrators and reducing potential access by unauthorized users. IT Central Station’s PeerPaper based…

Malware & Threats

Ransom from Home – How to close the cyber front door to remote working ransomware attacks

Issued by: Trend Micro Blog

Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting the corporate network. Why? Because…

Vulnerabilities

Report: The cybersecurity impact of COVID-19

Issued by: Help Net Security

Cybersecurity company Cynet has released a report detailing changes in cyberattacks they’ve observed across North America and Europe since the beginning of the COVID-19 pandemic. The report shares the cyberattack volume change observed across industry sectors, the increased use of spear phishing as an initial attack vector, and the approaches being used to distribute malware…

Vulnerabilities

8 top open source intelligence tools

Issued by: CSO

OSINT, or open source intelligence, is the practice of collecting information from published or otherwise publicly available sources. OSINT operations, whether practiced by IT security pros, malicious hackers, or state-sanctioned intelligence operatives, use advanced techniques to search through the vast haystack of visible data to find the needles they’re looking for to achieve their goals—and…

Cloud Security

Attacks growing in both scope and sophistication, exposing gaps in the cloud native toolchain

Issued by: Help Net Security

There’s a growing, organized and increasingly sophisticated pattern of attacks on cloud native infrastructure, according to Aqua Security. While most attacks were aimed at abusing public cloud compute resources for cryptocurrency mining, the methods used open the door for higher-value targets that leverage security gaps in container software supply chains and runtime environments. The report…

Malware & Threats

Cyber losses are increasing in frequency and severity

Issued by: Help Net Security

Cyber attacks have increased in number and severity since the onset of the pandemic. The changes organizations implemented to facilitate remote work have given cybercriminals new opportunities to launch campaigns exploiting mass uncertainty and fear. Ransomware attack severity increases In fact, since the beginning of COVID-19, Coalition observed a 47% increase in the severity of…

Vulnerabilities

Telehealth is healthcare industry’s biggest cybersecurity risk

Issued by: Help Net Security

While COVID-19 has proven the healthcare industry’s overall resilience, it has also increased its cybersecurity risk with new and emerging threats. The rapid adoption and onboarding of telehealth vendors led to a significantly increased digital footprint, attack surface, and cybersecurity risk for both provider and patient data, a new report released by SecurityScorecard and DarkOwl…

Vulnerabilities

How does XDR improve enterprise security in the face of evolving threats?

Issued by: Help Net Security

Cybercriminals will never run out of ways to breach the security protocols enterprises put in place. As security systems upgrade their defenses, attackers also level up their attacks. They develop stealthier ways to compromise networks to avoid detection and enhance the chances of penetration. Adversarial machine learning, for example, emerges as one of the stealthy…