Last Week’s Cybersecurity Highlights: BloodHound CE Release, Impact of Cyberattacks on Patient Safety, and More

Last week’s cybersecurity news brought a variety of interesting developments and insights in the field. One notable release was the launch of BloodHound Community Edition (CE) version 5.0 by SpecterOps. This open-source penetration testing tool maps attack paths in Microsoft Active Directory and Azure environments, providing valuable resources to security professionals in their efforts to assess and secure their systems.

Dr. Omar Sangurima, Principal Technical Program Manager at Memorial Sloan Kettering Cancer Center, emphasized the direct impact of cyberattacks on patient safety and care delivery in an interview. He highlighted how disruptions to critical healthcare services can harm patients and lead to life-threatening situations, underscoring the critical need for robust cybersecurity measures in the healthcare sector.

Google’s AI Red Team, led by Daniel Fabian, Head of Google Red Teams, plays a significant role in advancing cybersecurity on the AI frontier. The team faces unique challenges in securing AI-driven technologies and ensuring their resilience against potential threats.

Attila Török, CISO at GoTo, shared insights into the role of a CISO, discussing the balance between technical expertise and leadership. Navigating the rapidly evolving technological landscape requires a combination of skills to effectively address cybersecurity challenges.

Jean-Charles Chemin, CEO of Legapass, emphasized the correlation between maintaining customer trust and protecting sensitive customer data. The interview highlights the importance of a data privacy vault in securing sensitive data while navigating regulatory demands.

The Tor Project’s Executive Director discussed their mission to advance human rights and provide privacy-preserving software globally. By enabling individuals to browse the internet privately and bypass online censorship, the Tor Project plays a crucial role in promoting internet freedom.

Microsoft warned of phishing attacks via Microsoft Teams by an APT group linked to Russia’s Foreign Intelligence Service. Cybercriminals continue to exploit popular communication platforms to target employees of global organizations. Mitiga researchers discovered a post-exploitation technique enabling persistent remote access to AWS Elastic Compute Cloud instances, as well as non-EC2 machines, posing a serious threat to AWS security.

The Biden-Harris Administration unveiled the National Cyber Workforce and Education Strategy, addressing immediate and long-term cyber workforce needs in the wake of a National Cybersecurity Strategy’s release. Palo Alto Networks researchers found that web browsing remains the primary entry vector for ransomware infections, underscoring the importance of robust web security measures.

Google’s efforts to improve user privacy include making it easier for users to remove personal contact information and explicit imagery from search results, granting users more control over their personal data.

Ivanti disclosed critical vulnerabilities affecting old versions of MobileIron Core, which rebranded to Ivanti Endpoint Manager Mobile. Such disclosures are crucial in ensuring users update to more secure versions and protect their systems from potential exploits.

Google reviewed zero-day vulnerabilities exploited in the wild in 2022 and found that n-day vulnerabilities in the Android ecosystem pose a significant threat, almost on par with zero-days.

August’s Patch Tuesday forecast focuses on software security improvements to mitigate risks associated with exploitation and phishing attacks. In a Help Net Security video, Ben Sebree, Senior VP of R&D at CivicPlus, discussed steps local governments need to take for successful cloud adoption while protecting confidential information and data from cybercrime. Rezilion highlighted the risks of relying solely on CVSS for vulnerability prioritization and emphasized the importance of proactive vulnerability management strategies.

IT must adopt multi-modal data protection with AI’s help to address complex threats and minimize risks in an evolving technological landscape. Jim Jackson, President of TuxCare, discussed strategies for ensuring compliance and security in outdated healthcare IT systems, emphasizing the automation of patch deployment and threat monitoring.

Ermetic released CNAPPgoat, an open-source project for testing cloud security skills, tools, and posture in interactive sandbox environments. Organizations must empower teams with knowledge and tools to implement secure practices in the cloud to minimize the risks associated with misconfigurations and human errors. The Stremio team disputed the findings of CyFox, which reported a vulnerability, underscoring the importance of effective communication between security researchers and software developers.

Superstar CISOs are keenly aware of the cybersecurity skills shortage and the evolving threat landscape, demonstrating resilience and strategic thinking in their approach to cybersecurity. BigID’s report on cyber resilience strategies highlights the importance of data security capabilities in maintaining business continuity.RSA stressed the importance of addressing the super-human problem of identity in a rapidly evolving technological landscape to protect against cyber threats. Guardio’s discovery of a phishing campaign exploiting a zero-day vulnerability in Salesforce’s email services and SMTP servers highlights the need for vigilant security measures.

Perception Point’s report indicates that 1 in 100 emails is malicious, with BEC and phishing attacks soaring in the first half of 2023. July’s infosec products showcased releases from various companies, including BreachRx, Code42, ComplyAdvantage, Darktrace, Dig Security, Diligent, Fidelis Cybersecurity, Hubble, Netscout, Panorays, Privacera, Regula, SeeMetrics, Tenable, and WatchGuard.New infosec products of the week include releases from Forescout, Menlo Security, Qualys, Sonar, SpecterOps, Synopsys, Traceable AI, and Lineage.

In conclusion, last week’s cybersecurity news encompassed a diverse range of topics, from the release of the open-source penetration testing tool BloodHound CE to discussions on the impact of cyberattacks on patient safety, the role of AI Red Teams in cybersecurity, and strategies for combating cybercrime in local governments. Various reports and interviews highlighted the ongoing efforts to address cybersecurity challenges and promote a secure digital landscape.