From the cyber vulnerabilities front —
CISA released an alert on 2021 top malware strains and added one more known exploited vulnerability to its catalog.
The Health Sector Cybersecurity Coordination Center (H3C) released an analyst note on internet of things security and a PowerPoint presentation on the Open Web Application Security Project’s (OWASP) Top 10.
OWASP is a nonprofit foundation dedicated to improvingsoftware security, and its Top 10 is “a standard awareness document for developersand web application security that represents a broad consensus about the most critical security risks to web applications.”
Cybersecurity Dive reported last Tuesday
VMware disclosed yet another critical vulnerability that threat actors could exploit to bypass authentication in the same products that carried a similar defect in May with equal potential for severe damage.
The latest vulnerability, CVE-2022-31656, impacts VMware Workspace ONE Access, Identity Manager and vRealize Automation, according to an initial security advisory issued Tuesday by VMware. This is the second authentication bypass vulnerability to hit these products in less than three months.
VMware issued patches for three impacted products and rated the vulnerability in the critical severity range with a 9.8 score on the common vulnerability scoring system, bearing another similarity to the previous bug.
From the ransomware front, Bleeping Computer’s The Week in Ransomware is back. This issue concerns cyberinsurance.
Cybersecurity Dive reported last Monday
Ransomware and business email compromise accounted for more than two-thirds of all cyberattacks during the past 12 months, according to Palo Alto Networks’ Unit 42.
The pair of top attacks represent the most lucrative means by which threat actors can turn illicit network access into financial gain.
Software vulnerabilities accounted for nearly half of all cases of initial access used by threat actors to deploy ransomware, Unit 42 wrote in a report published last week. The outsized threat posed by software vulnerabilities is further exacerbated by threat actors that can scan the internet at scale for weak points.
and last Thursday
A new report created to help organizations navigate ransomware risks exemplifies the challenges small- to medium-sized businesses confront in the battle against just one of many cyberthreats.
The recommendations, identified to help SMBs with limited cybersecurity expertise, include 40 safeguards. That’s a curated subset of the guidance in the Center for Internet Security’s critical security controls.
The report’s authors acknowledge not every organization has the resources to implement every safeguard immediately, but they maintain any actions taken, full or partial, represent a step in the right direction.
An ISACA experts offers an interesting perspective on “midgame” defenses against ransomware.
From the cyberdefense front —
The FEHBlog ran across this HHS 405(d) site with news and awareness resources. The awareness resources include information on data patching and security for small, medium, large businesses. “The 405(d) program is a collaborative effort between industry and the federal government to align healthcare industry security practices in an effort to develop consensus-based guidelines, practices, and methodologies to strengthen the healthcare and public health (HPH) sector’s cybersecurity posture against cyber threats.”
Health IT Security discusses about how to identify and address insider threats in healthcare.
CSO explains how to create defense in depth by layering tools and processes for better cybersecurity.