CYBER THIS WEEK – JULY 10, 2022

How Open-Source PKI Is Innovating Cybersecurity

It’s a development strategy born of both necessity and opportunity. It shows the critical role developer teams play in securing business software—especially in a rapidly evolving cloud environment facing a changing threat landscape—but it also highlights the essential contributions the open-source and public-key infrastructure (PKI) communities continue to make toward creating more secure software.

Read More: How Open-Source PKI Is Innovating Cybersecurity (forbes.com)

CISO Challenges for Implementing Cybersecurity

The expanding threat landscape coupled with increasing frequency and sophistication of cyberattacks are a cause of constant nightmares for Chief Information Security Officers (CISOs). CISOs have to address attacks across all mediums, such as mobile phones, web, social media platforms and other attack surfaces to ensure data security.

Read More: CISO Challenges for Implementing Cybersecurity – Express Computer

These are the biggest cybersecurity threats. Make sure you aren’t ignoring them

Cybersecurity is hard. Technology is continually changing, cyber criminals’ tools and techniques are always evolving and maintaining the security of a network with users who each want to do their own thing without being restricted by security is a constant challenge.

Read More: These are the biggest cybersecurity threats. Make sure you aren’t ignoring them | ZDNet

Google patches new Chrome zero-day flaw exploited in attacks

Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild, the fourth Chrome zero-day patched in 2022.

“Google is aware that an exploit for CVE-2022-2294 exists in the wild,” the browser vendor explained in a security advisory published on Monday.

Read More: Google patches new Chrome zero-day flaw exploited in attacks (bleepingcomputer.com)

Dangers Of Opening Email Attachments

Malicious emails remain some of the most common and destructive computer security threats businesses face today. Research shows that email as a threat vector represents 96% of cyberattacks carried out across various industries. Cybercriminals use email-based attacks to steal login credentials, lure individuals into clicking malicious links, and deliver malware. This article will discuss why opening an attachment delivered via email is not always safe, and how to avoid being the victim of an attack.

Attribution link: https://latesthackingnews.com/2022/07/08/dangers-of-opening-email-attachments/

The biggest global cyber threat we still face is ransomware – Lindy Cameron Speech at Tel Aviv Cyber Week

Ransomware attacks strike hard and fast. They are evolving rapidly, they are all-pervasive, they’re increasingly offered by gangs as a service, lowering the bar for entry into cybercrime.

If we are to ensure that the digital world remains a place of opportunity, and to avoid it becoming a place of conflict and struggle, we must be clearer about the guidelines and norms that transcend international borders. We must explore innovative new technologies and share lessons learnt.

Read More: Lindy Cameron speech at Tel Aviv Cyber Week – NCSC.GOV.UK

Universities are fighting a cyber security war on multiple fronts

For years, a war has been quietly raging between cyber criminals and academic institutions, which are finding themselves increasingly under pressure. Despite the multifaceted cyber security fabric protecting universities, including anti-phishing measures and professionals with titles like threat hunter, the danger seems more prevalent than ever.

Read More: Universities are fighting a cyber security war on multiple fronts | IT PRO

Microsoft rolls back decision to block Office macros by default

While Microsoft announced earlier this year that it would block VBA macros on downloaded documents by default, Redmond said on Thursday that it will roll back this change based on “feedback” until further notice.

The company has also failed to explain the reason behind this decision and is yet to publicly inform customers that VBA macros embedded in malicious Office documents will no longer be blocked automatically in Access, Excel, PowerPoint, Visio, and Word.

Read More: Microsoft rolls back decision to block Office macros by default (bleepingcomputer.com)

No confirmation yet on claim that data on 1 billion Chinese are in stolen police databases

Cybersecurity experts still can’t confirm the claims of a person selling what they say are databases of stolen information of 1 billion Chinese residents from the Shanghai police department.

Read More: No confirmation yet on claim that data on 1 billion Chinese are in stolen police databases | IT World Canada News

Why today’s CISOs need a seat on the board

The daily barrage of cyber-attacks and data breaches pose significant threats to all organizations and no enterprise is immune to the risk of becoming a victim of cybercriminals.

With this in mind, there is a clear argument for CISOs, with valuable cyber security expertise, to have a seat on the board. They must also evolve their reporting to the board to include risk-assessments and quantitative projections of potential risk loss exposure.

Read More: Why today’s CISOs need a seat on the board | Cyber Security Hub (cshub.com)