Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro and Snyk’s new co-developed solution to help manage the risk of open source vulnerabilities. Also, read about a new ransomware strain that emulates the practices of a legitimate enterprise.
Read on:
Trend Micro, Snyk Fight Open Source Security Flaws
This week, Trend Micro announced plans for a new, co-developed solution with Snyk, which expands on the company’s ongoing strategic partnership to enhance DevOps security. The joint solution will help security teams manage the risk of open source vulnerabilities from the moment open source code is introduced without interrupting the software delivery process. Trend Micro’s COO Kevin Simzer shares more details on the solution in this article.
Securing the Pandemic-Disrupted Workplace: Trend Micro 2020 Midyear Cybersecurity Report
Trend Micro’s 2020 Midyear Security Roundup examines pressing security issues during the first half of this year, including Covid-19-related threats and targeted ransomware attacks, and offers recommendations to help enterprises secure their systems from cybercriminals in the new normal terrain.
Ransomware Has Gone Corporate—and Gotten More Cruel
DarkSide is the latest strain of ransomware built to shake down big-game targets for millions—with attacks that seem legitimate by including guaranteed turnaround times, real-time chat support and brand awareness. As ransomware becomes big business, its purveyors have embraced the tropes of legitimate enterprises, down to corporate responsibility pledges. Ed Cabrera, chief cybersecurity officer at Trend Micro, comments on the serious risks of ransomware in this article.
Probing Attempts on Home Routers Increase in 1H 2020
The current reality of having many connected devices in the home has given rise to incidents of potential home network intrusions. In the first half of 2020, Trend Micro detected more than 10.6 billion suspicious connection attempts on routers’ unavailable TCP ports. TCP port 23, in particular, had the most detections of suspicious connection attempts, with more than 5.3 billion.
Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack
Threat actors exploited a vulnerability in the popular 3D computer graphics Autodesk software to launch a recent cyber-espionage attack against an international architectural and video production company. Researchers said that further analysis of the attack points to a sophisticated, APT-style group that had prior knowledge of the company’s security systems and used software applications, carefully planning their attack to infiltrate the company and exfiltrate data undetected.
CVE-2020-1380: Analysis of Recently Fixed IE Zero-Day
Microsoft recently patched a zero-day vulnerability that targeted Internet Explorer (IE) 11. It’s a use-after-free (UAF) bug in IE’s JavaScript engine, jscript9.dll. Previously, Trend Micro observed that zero-day attacks against IE usually exploit vbscript.dll and jscript.dll to run shellcode. This time, the target changed to jscript9.dll and used the modern JavaScript engine’s Just-In-Time (JIT) engine to trigger the bug, so Trend Micro decided to dive into the jscrtip9.dll JIT engine to figure out the root cause of CVE-2020-1380.
CSO Insights: Ricoh USA’s David Levine on Employing a Cloud- and Cybersecurity-First Strategy
In this blog, David Levine, vice president of corporate and information security and CSO for Ricoh USA, Inc., shares how his organization accommodates mobility by reinforcing a security-first mindset, employing a cloud-first strategy, managing risk, and enabling employees in the ‘new normal’.
Is the Electric Grid Closer to a Devastating Cyberattack that Could Mean Lights Out?
Could the electric grid be taken down with a $50 device secreted in the bottom of a coffee cup as researchers have claimed? Maybe, but the more likely threat comes from bad actors with improved capabilities who’ve ramped up their attacks on critical infrastructure and utilities. Seventy percent of industrial controls system (ICS) vulnerabilities disclosed in the first half of 2020 can be exploited remotely, according to a report from Claroty.
The Basics of Keeping Your Kubernetes Cluster Secure: Part 1
With Kubernetes’ popularity and increasingly high adoption rates, its security should always be prioritized. In this blog, Trend Micro provides vital tips and recommendations on keeping the master node, the API server, etcd, RBAC, and network policies secure.
After a Decade, Qbot Trojan Malware Gains New, Dangerous Tricks
The Qbot Trojan has been plaguing computer users and businesses for over a decade and the cybercriminals behind it are still coming up with new tricks that keep it one of the most prevalent and successful malware threats. The latest technique observed by security researchers involves the malware inserting itself into the legitimate email threads of their victims to spread.
Surprised by the DarkSide ransomware’s professionalism? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
