Friday Five: New Guidance for At-Home Employees, Ransomware Demands Evolving, & Emerging Vulnerabilities
The White House and NSA are releasing new security guidance for organizations and employees alike, but ransomware and new vulnerabilities remain dangerous. Read about all the latest in this week’s Friday Five.
WHITE HOUSE CYBERSECURITY STRATEGY TO FORCE LARGE COMPANIES TO MAKE SYSTEMS SECURE BY DESIGN BY ELIAS GROLL
According to an early draft of a forthcoming White House cybersecurity strategy document, large companies may soon shoulder greater responsibility for designing secure products and redesigning digital ecosystems to be more secure. The strategy reportedly includes a wide range of mandatory regulations on American critical infrastructure companies to improve security and authorizes law enforcement and intelligence agencies to take a more aggressive approach to hacking into foreign networks to prevent attacks or retaliate after they have occurred. Read more about the potential new regulations and what Camille Stewart Gloster, the deputy national cyber director for technology and ecosystem security, has to say about them in the full story from CyberScoop.
NSA SHARES GUIDANCE ON HOW TO SECURE YOUR HOME NETWORK BY SERGIU GATLAN
The U.S. National Security Agency (NSA) has issued guidance to help remote workers secure their home networks and defend their devices from attacks, which includes recommendations to keep devices updated, back up data regularly, and schedule reboots to remove non-persistent malware. The NSA also recommends using a regularly-updated personal router over the standard ISP-provided modem or router, saying that "your router is the gateway into your home network. Without proper security and patching, it is more likely to be compromised, which can lead to the compromise of other devices on the network as well."
HARDBIT RANSOMWARE TAILORS RANSOM TO FIT YOUR CYBER INSURANCE PAYOUT BY CHRISTOPHER BOYD
In a somewhat strange turn of events, HardBit ransomware has been found to quiz victims about the specifics of their cyber insurance policy so the threat actors can adjust their ransom to ensure it falls inside of the insurance claim requirements. Theoretically, this would allow for a mutually beneficial transaction between the scammers and victims in that the ransom is at the top-end limit of the ransom payout scale provided and does not go past this limit, meaning the affected organization receives every cent they've paid out while the scammers still receive their demands. Notably, however, there is no guarantee that the ransomware authors won’t use the reveal of potentially confidential insurance information against the victim at a later date.
SECURITY RESEARCHERS WARN OF A NEW CLASS OF APPLE BUGS BY CARLY PAGE & LORENZO FRANCESCHI-BICCHIERAI
Security researchers say they have uncovered a “new class” of vulnerabilities ranging from medium to high severity that, if left unpatched, could allow malicious apps to escape their protective “sandbox” and access sensitive information on someone’s device, including a person’s messages, location data, call history, and photos. According to the researchers, “the vulnerabilities uncovered by our team this week have fundamentally broken [Apple's] security model... These bugs essentially allow an attacker that has achieved low privileged code execution, i.e., basic functions on macOS or iOS, to gain much higher privileges.” Read more about the vulnerabilities and why Apple's security updates may not be enough in the full story from TechCrunch.
HALF OF APPS HAVE HIGH-RISK VULNERABILITIES DUE TO OPEN SOURCE BY ROBERT LEMOS
A recent 2023 report found that almost every software program (96%) included some kind of open source software component, with the average codebase consisting of 76% open source code. Roughly 80% of those codebases are said to have at least one vulnerability, while roughly 48% of applications were found to have high-risk vulnerabilities--a 12% drop since 2020. Despite this promising trend, however, open source components, and the dependencies on which popular application frameworks rely, continue to pose security problems for software makers and application developers. 91% of applications, for example, include at least one open source component that has had no development in the past two years, which can present a security risk.