Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The purpose of the Netskope Threat Labs News Roundup series is to provide enterprise security teams an actionable brief on the top cybersecurity news from around the world. The brief includes summaries and links to the top news items spanning cloud-enabled threats, malware, and ransomware.

As digitalization becomes a norm, businesses are transitioning to cloud services for increased scalability, cost-effectiveness, and operational efficiency. But this transformation comes with a new challenge — securing the cloud.

Oh no! You’ve been hacked, and you have experts onsite to identify the terrible things done to your organization. It doesn’t take long before the beardy dude or cyber lady says, “Yeah...they used DNS to control compromised hosts and then exfiltrated your data.” As you reflect on this event, you think, “Did I even have a chance against that kind of attack?” Yes, you did because Splunk can be used to detect and respond to DNS exfiltration.

Authentication and authorization are two key processes that ensure only trustworthy and verified users can gain access to authorized system resources and data. They enable your organization’s information security — your ability to protect sensitive information against unauthorized access. Although these two processes are used interchangeably, they have several fundamental differences.

At one time, the internet was seen as a place where users could remain anonymous: they could scroll from the privacy of their screen. Today, we know that’s no longer the case. In an attempt to sell more products, and create a personalized digital experience, tech firms, companies and advertisers track and analyze each user across the digital landscape. Privacy is still important to users: 90% of individuals in a recent global survey said online privacy was important to them.

On May 19, 2023, Barracuda Networks identified a remote command injection vulnerability (CVE-2023-2868) present in the Barracuda Email Security Gateway (appliance form factor only) versions 5.1.3.001-9.2.0.006. In its security advisory, Barracuda said the vulnerability existed in the Barracuda software component responsible for screening attachments for malware. In subsequent days, Barracuda deployed a series of patches.

The vastness of the deep and dark web can easily turn attempts to monitor for cyber threats into a firehose of useless information. Part of the problem is the nature of the data streams that need to be monitored. Every day, more credentials are stolen and exposed. Illegal criminal forums are full of repeated spamming of illicit advertisements. Thousands of new domain names are registered daily, including many that can be considered typosquatted.

The recent discovery of a zero-day vulnerability in a well-known email security product further underscores the importance of robust email security that can effectively counter advanced email threats, offer a defense-in-depth approach, and operate in the cloud or on-premises. To start, if you believe you have suffered a breach, Trustwave’s Digital Forensics and Incident Response (DFIR) is ready and online to take your call and start helping your organization recover. Click here.