Week in Review: Exploiting F5 BIG-IP RCE, URL Spoofing Flaws in Zoom, Google Docs

Here’s a look at some of the most interesting news, articles and interviews from the past week:

Microsoft fixes Windows LSA spoofing zero-day under active attack (CVE-2022-26925)
May 2022 Patch Tuesday is here, and Microsoft marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day vulnerability under active attack (CVE-2022-26925) and two publicly known vulnerabilities ( CVE-2022-29972 and CVE-2022-22713).

Attackers attempt to exploit critical F5 BIG-IP RCE
Researchers have developed PoC exploits for CVE-2022-1388, a critical remote code execution bug affecting F5 BIG-IP general purpose network devices/modules.

Researchers find URL spoofing flaws in Zoom, Box, Google Docs
Researchers have discovered several URL spoofing bugs in Box, Zoom, and Google Docs that would allow phishers to link to malicious content and make it appear to be hosted by an organization’s SaaS account .

Critical Flaw in Zyxel Firewalls Allows Access to Corporate Networks (CVE-2022-30525)
A critical vulnerability (CVE-2022-30525) affecting several models of Zyxel firewalls has been publicly disclosed, along with a Metasploit module that exploits it.

Data centers on steel wheels: can we trust the safety of rail infrastructure?
In this interview for Help Net Security, Dimitri van Zantvliet Rozemeijer, CISO at Nederlandse Spoorwegen (Dutch Railways), talks about railway cybersecurity and the progress the industry has made in ensuring safety.

Google Drive emerges as the best app for malware downloads
Netskope published research which found that phishing downloads have seen a surge of 450% over the past 12 months, fueled by attackers using search engine optimization (SEO) techniques to boost the rankings of malicious PDF files on popular search engines including Google and Bing. .

The role of streaming machine learning in analyzing encrypted traffic
Organizations now create and move more data than at any other time in human history. Network traffic continues to increase and global Internet bandwidth increased by 29% in 2021, reaching 786 Tbps.

Password reuse is commonplace among Fortune 1000 employees
SpyCloud has released an annual analysis of identity exposure among employees of Fortune 1000 companies in key industries such as technology, finance, retail and telecommunications.

How to set up a powerful insider threat program
Security spending continues to focus on external threats despite threats often originating from within the organization. A recent Imperva report (by Forrester Research) found that only 18% of priority spending was dedicated to an insider threat program (ITP), compared to 25% focused on external threat intelligence.

Is this health app safe to use? A new framework aims to provide an answer
The American College of Physicians (ACP), the American Telemedicine Association (ATA), and ORCHA, the Organization for the Review of Healthcare Applications.

An offensive mindset is crucial for effective cyber defense
As ransomware attacks continue to rise and cybercriminals become more sophisticated, the federal government has implemented a more proactive approach to cybersecurity.

How to avoid headaches when posting a CVE
Finding a CVE (Common Vulnerabilities and Exposures) is the first step in a process that begins with identifying a zero-day and could end in fame and glory – if the discovery is big enough.

A 10-point plan to improve the security of open source software
The Linux Foundation and the Open Source Software Security Foundation, with input from leaders from 37 companies and numerous U.S. government leaders, presented a 10-point plan to comprehensively address open source software supply chain security. , securing open source security production, improving vulnerability discovery and remediation, and shortening ecosystem patch response time.

The SaaS-to-SaaS supply chain is a wild mess
The SaaS-to-SaaS supply chain continues to grow unhindered, without alerting security teams to new risks and connections created by non-human identities that cannot be resolved using traditional security controls designed for human-application interactions.

Funding Women-Led Cybersecurity Startups: Where Do We Stand?
In this video for Help Net Security, Lisa Xu, CEO of NopSec, talks about the cybersecurity funding landscape and its lack of diversity.

Hardware security threats are on the rise
In this video for Help Net Security, Jason Oberg, CTO at Tortuga Logic, talks about the growing threats to hardware security.

Ransomware works fast, you need to be faster to counter it
In this video for Help Net Security, Chuck Everette, Director of Cybersecurity Advocacy at Deep Instinct, talks about the threat of ransomware, the speed at which ransomware attacks happen, and offers advice on how to mitigate the associated risk.

Closing healthcare cybersecurity gaps between hospitals and manufacturers
In this video for Help Net Security, Christopher Gates, Director of Product Security at Velentium, discusses gaps in healthcare cybersecurity, as well as the FDA’s new premarket cybersecurity guidelines for medical device manufacturers and the Health Sector Coordinating Council model contract language.

Why are DDoS attacks so easy to launch and so hard to fight?
In this video for Help Net Security, Ivan Shefrin, Executive Director of Comcast Business, explains how businesses can monitor and mitigate DDoS attacks.

Welcome “Frappo” – Resecurity has identified a new Phishing-as-a-Service
The Resecurity HUNTER unit has identified a new underground service called “Frappo”, which is available on the Dark Web.

Download Guide: Assessing Third-Party Security Platforms
A comprehensive third-party security program can align your vendor security with your internal security controls and risk appetite. Such a program can also help you address risks if your suppliers fall short.

New infosec products of the week: May 13, 2022
Here’s a look at some of the hottest products from the past week, with releases from Cohesity, ForgeRock, iDenfy, Nasuni, Orca Security, SecureAge, and Sonatype.

Comments are closed.