Week in review: Kali Linux 2020.4, AWS Network Firewall, speeding up malware analysis

Here’s an overview of some of last week’s most interesting news, reviews and articles: Kali Linux 2020.4 released: New default shell, fresh tools, and more![1]
Offensive Security has released Kali Linux 2020.4, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it.

Critical vulnerabilities in Cisco Security Manager fixed, researcher discloses PoCs[2]
Cisco has patched two vulnerabilities in its Cisco Security Manager solution, both of which could allow unauthenticated, remote attackers to gain access to sensitive information on an affected system. How do I select a security assessment solution for my business?[3]
To select a suitable security assessment solution for your business, you need to think about a variety of factors. We’ve talked to several cybersecurity professionals to get their insight on the topic.

Researchers break Intel SGX by creating £30 device to control CPU voltage[4]
Researchers at the University of Birmingham have managed to break Intel SGX, a set of security functions used by Intel processors, by creating a £30 device to control CPU voltage. How to speed up malware analysis[5]
The goal of malware analysis is to research a malicious sample: its functions, origin, and possible effects on the infected system. This data allows analysts to detect malware, react to the attack effectively, and enhance security.

Multi-cloud environments leaving businesses at risk[6]
Businesses around the globe are facing challenges as they try to protect data stored in complex hybrid multi-cloud environments, from the growing threat of ransomware, according to a Veritas Technologies survey. Cisco Webex vulnerabilities may enable attackers to covertly join meetings[7]
Cisco has fixed three bugs in its Cisco Webex video conferencing offering. The flaws were discovered by IBM researchers, after the company’s research department and the Office of the CISO decided to analyze their primary tool for remote meetings.

How a move to the cloud can improve disaster recovery plans[8]
Bad actors are well aware that endpoints are not being maintained at the same level as pre-pandemic, and they are more than willing to take advantage. VMware patches serious vulnerabilities in ESXi hypervisor, SD-WAN Orchestrator[9]
VMware has patched critical vulnerabilities affecting its ESXi enterprise-class hypervisor and has released a security update for its SD-WAN Orchestrator, plugging a handful of serious security holes. Review: Group-IB Fraud Hunting Platform[10]
In this review, we will take a close look at the Fraud Hunting Platform (FHP) developed by Group-IB, which helps web and mobile service owners monitor users’ usage and investigate potential misuses.

The effectiveness of vulnerability disclosure and exploit development[11]
New research into what happens after a new software vulnerability is discovered provides an unprecedented window into the outcomes and effectiveness of responsible vulnerability disclosure and exploit development. Healthcare organizations are sitting ducks for attacks and breaches[12]
Seventy-three percent of health system, hospital and physician organizations report their infrastructures are unprepared to respond to attacks. The survey results estimated 1500 healthcare providers are vulnerable to data breaches of 500 or more records, representing a 300 percent increase over this year.

2021 predictions for the Everywhere Enterprise[13]
As we near 2021, it seems that the changes to our working life that came about in 2020 are set to remain. Businesses are transforming as companies continue to embrace remote working practices to adhere to government guidelines. Why biometrics will not fix all your authentication woes[14]
In recent years biometrics have increasingly been lauded as a superior authentication solution to passwords.

However, biometrics are not immune from problems and once you look under the hood, they bring their own set of challenges. Accept your IT security limits and call in the experts[15]
For IT security teams, the work-from-home switch meant even more work and struggling finding new ways to keep their organization and their employees secure from an increasing number and frequency of cyber threats. AWS Network Firewall: Network protection across all AWS workloads[16]
Amazon Web Services announced the general availability of AWS Network Firewall, a new managed security service that makes it easier for customers to enable network protections across all of their AWS workloads.

eBook: The security certification healthcare relies on[17]
In the new (ISC)2 eBook, HCISPPs around the world share how becoming certified has helped advance their careers – and keep healthcare IT healthy.

New infosec products of the week: November 20, 2020[18]
A rundown of the most important infosec products released last week.

References

  1. ^ Kali Linux 2020.4 released: New default shell, fresh tools, and more! (www.helpnetsecurity.com)
  2. ^ Critical vulnerabilities in Cisco Security Manager fixed, researcher discloses PoCs (www.helpnetsecurity.com)
  3. ^ How do I select a security assessment solution for my business? (www.helpnetsecurity.com)
  4. ^ Researchers break Intel SGX by creating £30 device to control CPU voltage (www.helpnetsecurity.com)
  5. ^ How to speed up malware analysis (www.helpnetsecurity.com)
  6. ^ Multi-cloud environments leaving businesses at risk (www.helpnetsecurity.com)
  7. ^ Cisco Webex vulnerabilities may enable attackers to covertly join meetings (www.helpnetsecurity.com)
  8. ^ How a move to the cloud can improve disaster recovery plans (www.helpnetsecurity.com)
  9. ^ VMware patches serious vulnerabilities in ESXi hypervisor, SD-WAN Orchestrator (www.helpnetsecurity.com)
  10. ^ Review: Group-IB Fraud Hunting Platform (www.helpnetsecurity.com)
  11. ^ The effectiveness of vulnerability disclosure and exploit development (www.helpnetsecurity.com)
  12. ^ Healthcare organizations are sitting ducks for attacks and breaches (www.helpnetsecurity.com)
  13. ^ 2021 predictions for the Everywhere Enterprise (www.helpnetsecurity.com)
  14. ^ Why biometrics will not fix all your authentication woes (www.helpnetsecurity.com)
  15. ^ Accept your IT security limits and call in the experts (www.helpnetsecurity.com)
  16. ^ AWS Network Firewall: Network protection across all AWS workloads (www.helpnetsecurity.com)
  17. ^ eBook: The security certification healthcare relies on (www.helpnetsecurity.com)
  18. ^ New infosec products of the week: November 20, 2020 (www.helpnetsecurity.com)

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *