Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Weekly Cyber Security News 07/11/2024

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Could turn nasty: Does anyone pay any attention to DocuSign random emails? I suppose if you did, you could have nasty surprise: It was bad enough with robo vacs spying but your trusty air fryer now?

How to comply with PCI DSS 4's Req 6.4.3 and 11.6.1 in 4 minutes or less?

Being PCI DSS 4 compliant is crucial for e-commerce merchants—businesses that accept credit card payments on their websites and web applications. The new PCI DSS requirements (6.4.3 and 11.6.1) are designed to strengthen payment page security, and if you’re processing online payments, you’re likely required to comply. Compliance helps protect your customers’ sensitive payment information while ensuring the integrity and security of your payment process.

Phishing Campaign Impersonates OpenAI To Collect Financial Data

Cybercriminals are impersonating OpenAI in a widespread phishing campaign designed to trick users into handing over financial information. The emails inform users that a payment for their ChatGPT subscription was declined, inviting them to click a link in order to update their payment method. The phishing emails appear fairly convincing, but trained users could spot some red flags. The most obvious giveaway is that the emails were sent from “info@mtacom,” which is clearly unrelated to OpenAI.

Attackers Abuse DocuSign to Send Phony Invoices

Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm. “Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard,” Wallarm says.

Analyzing Play and LockBit: The Top Ransomware Threats Facing Retailers

This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. Retailer databases are chock-full of information that makes them highly attractive targets for ransomware gangs, as highlighted by Trustwave SpiderLabs in its recent 2024 Trustwave Risk Radar Report: Retail Sector.

What Is Remote Browser Isolation?

Remote Browser Isolation (RBI) is a cybersecurity solution that significantly reduces cyber threats by allowing you to browse the internet on an isolated server. Also referred to as browser isolation, RBI effectively separates web content from your device, significantly reducing the attack surface. By implementing an RBI solution, your organization can protect users against online threats, block malicious content from reaching computers and support Zero Trust Network Access (ZTNA).

Can Someone Steal Your Identity With Your ID?

Yes, someone can steal your identity with your government-issued ID or driver’s license. Any documents that contain Personally Identifiable Information (PII) – including your full name, home address, date of birth, photo or even your signature – can be used to steal your identity and target you with phishing scams. Continue reading to learn what someone can do with your ID, how to tell if someone is using your ID, what to do if your ID is lost or stolen and how to keep your ID safe.

Support Universal ZTNA with Netskope One Private Access

As hybrid work becomes the norm, it’s clear that traditional virtual private networks (VPNs) and network access control (NAC) solutions are falling short. Once the gold standard for secure remote access, VPNs now pose more problems than solutions—think slow performance, security risks, and complex operations.

Protect your applications from zero-day attacks with Datadog Exploit Prevention

Due to their numerous components and dependencies, web applications often have multiple vulnerabilities—many of them unknown and susceptible to zero-day attacks—that can be exploited by malicious HTTP requests. Determining whether a vulnerability exists is challenging without visibility into an application’s real-time data and event flows, which isn’t possible with existing firewall-based solutions.

Runtime security in multi-cloud environments: best practices and importance

Runtime security in multi-cloud environments encompasses the continuous monitoring and protection of cloud-based resources during their active operation. Unlike traditional security approaches that focus on static configurations or pre-deployment checks, runtime security emphasizes: This approach ensures that potential risks are identified and mitigated in real-time, providing an additional layer of protection against both known and emerging threats in complex multi-cloud setups.