Week in Review: Microsoft Patches Critical Vulnerability, Best Cybersecurity Books to Give for the Holidays!

Here’s a look at the most interesting news, articles, interviews and videos from the past week:

Microsoft fixes exploited vulnerability (CVE-2024-49138)
On Patch Tuesday in December 2024, Microsoft fixed 71 vulnerabilities in several of its products, including a zero-day (CVE-2024-49138) that was exploited by attackers to execute code with elevated privileges.

Cybersecurity Books to give for the holidays
The holiday season is approaching, bringing with it the tradition of exchanging gifts. For professionals and enthusiasts alike, a well-chosen book can offer both knowledge and inspiration. To help you make choices, we’ve put together a list of cybersecurity books to consider.

Cleo fixes a zero-day exploited by a ransomware group
Cleo has released a security patch to address a critical vulnerability that was exploited while still in zero-day, affecting exposed instances of Cleo Internet Harmony, VLTrader and LexiCom.

Improve software vulnerabilities with smarter development strategies
In an interview with Help Net Security, Karl Mattson, CISO at Endor Labs, discusses strategies to improve secure software development.

Cybersecurity incident at Krispy Kreme disrupts online ordering
The famous American donut chain Krispy Kreme has been experiencing problems with its online ordering system as well as digital payments in its stores since the end of November. An 8-K report filed with the United States Securities and Exchange Commission (SEC) revealed that the company suffered a “cybersecurity incident.”

Effective AI governance: reconciling innovation and humanity
In an interview with Help Net Security, Ben de Bont, CISO at ServiceNow, discusses AI governance with a focus on how to foster innovation while providing accountable oversight.

On-demand DDoS platforms seized by law enforcement
As part of an ongoing international crackdown, known as Operation PowerOFF, law enforcement has seized more than two dozen platforms used to carry out distributed denial of service (DDoS) attacks.

Why Crisis Simulations Fail and How to Improve Them
In an interview with Help Net Security, Allison Ritter, cyber drill manager at Cyberbit, shares her thoughts on the key differences between in-person and virtual cyber crisis simulations, as well as what makes each approach effective.

Microsoft strengthens its defenses against NTLM relay attacks
Since Kerberos became the default authentication protocol for Windows in 2000, Microsoft has been working to phase out NTLM, its less secure and obsolete counterpart.

Strengthen security posture with comprehensive cybersecurity assessments
In an interview with Help Net Security, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methods, the role of AI and automation, and strategies to align these assessments with organizational needs.

Update your OpenWrt router! Security glitch enabled supply chain attack
A security issue that could have allowed attackers to deliver malicious firmware images to users has been fixed by the OpenWrt Project, the organization driving the development of the popular Linux distribution for embedded devices.

What is whose responsibility? Common Misunderstandings About SaaS Security
In an interview with Help Net Security, James Dolph, CISO at Guidewire, discusses common misconceptions regarding security responsibilities in cloud environments, particularly in SaaS, and how these misunderstandings can lead to security risks.

Microsoft: “Hack” this service powered by LLM and get paid
Microsoft, in collaboration with the Australian Institute of Science and Technology and ETH Zurich, announced the LLMail-Inject Challenge, a competition to test and improve defenses against prompt injection attacks.

BadRAM: $10 hack unlocks AMD’s encrypted memory
Cybersecurity researchers have identified a vulnerability (CVE-2024-21944, nicknamed BadRAM) affecting AMD processors, which can be triggered by malicious memory modules to unlock the chips’ encrypted memory.

8Base hacks port operating company Luka Rijeka
Luka Rijeka, a company offering shipping, goods storage and shipping services in Rijeka, Croatia, was hacked by the 8Base ransomware group.

Reassess expectations for the CISO role
The role of Chief Information Security Officer (CISO), once a background function primarily focused on technical oversight, is now at the heart of companies’ strategic concerns.

Exposed APIs and challenges in the largest organizations
In a Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report.

Open source malware up 200% since 2023
Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packets has exceeded 778,500 since tracking began in 2019.

Preventing data leaks in low-code/no-code environments
Low-code/no-code (LCNC) platforms enable the development of applications by citizen developers, often generating “shadow engineering” projects escaping security oversight. Although LCNC solutions like Power BI reporting and automated workflows promote agility and innovation, they also introduce considerable risks, including data leaks.

What makes a career in cybersecurity fulfilling
In a Help Net Security video, Richard Hummel, Director of Threat Intelligence at NETSCOUT, shares his journey into cybersecurity and gives advice to those who want to pursue it professionally.

Containers have on average more than 600 vulnerabilities
Containers are the weakest and fastest-growing cybersecurity link in software supply chains, according to NetRise.

US sanctions Chinese cybersecurity firm for firewall compromise, ransomware attacks
The US Treasury Department is sanctioning Chinese cybersecurity company Sichuan Silence and one of its employees, Guan Tianfeng, for their role in the April 2020 compromise of tens of thousands of firewalls around the world.

Businesses facing a constant stream of malicious emails
According to Hornetsecurity’s analysis of the more than 55.6 billion emails processed by its security services between November 1, 2023 and October 31, 2024, 36.9% of all emails received by businesses ( 20.5 billion) were spam, of which 2.3% contained malicious content, making a total of 427.8 million emails.

Cybersecurity Jobs Available Now: December 10, 2024
We’ve explored the market to bring you a selection of positions covering varying skill levels in the cybersecurity field. Discover our weekly selection of currently available cybersecurity jobs.

TPM 2.0: The new standard for secure firmware
Connected devices are better protected against cyberattacks and less likely to be compromised by errors thanks to the new TPM 2.0 specification from the Trusted Computing Group (TCG).

Only Cynet Delivers 100% Protection and Detection Visibility in MITER ATT&CK 2024 Assessment
Cynet guaranteed 100% detection visibility, detecting every attack action without configuration changes and delays.

New security information products of the week: December 13, 2024
Here’s a look at some of the most exciting products from the past week, featuring new releases from Cato Networks, Horizon3.ai, SecureAuth, Stamus Networks, Trellix, and Versa Networks.