Cybersecurity Digest #48: 18/04/2022 – 29/04/2022

Cybersecurity news

Cybersecurity Blog Posts

Research and analytics

  • The 2022 Open Source Security and Risk Analysis report by Synopsys, examines vulnerabilities and license conflicts found in more than 2,400 codebases across 17 industries. This year’s report shows a modest 3% decrease in vulnerabilities from the previous year, though the overall percentage of codebases containing vulnerabilities remains troublingly high. This trend indicates that progress toward minimizing risk is slow, but it’s moving in the right direction.
  • Claroty experts have published details of a vulnerability in Snort that allows you to remotely transfer a preprocessor into an infinite loop. Cisco, which oversees the opensource project, has already released patches for both affected versions, 2 and 3, as well as for a number of its products. The vulnerability of CVE-2022-20685 is estimated as 7.5 CVSS points and is associated with an integer overflow error that occurs during preprocessing of Modbus packets.
  • Last year, Google specialists discovered 58 zero-day vulnerabilities that were used in real attacks, the most ever recorded since Project Zero began tracking in mid-2014. That’s more than double the previous maximum of 28 detected in 2015 and especially stark when you consider that there were only 25 detected in 2020. Out of the 58 in-the-wild 0-days for the year, 39, or 67% were memory corruption vulnerabilities.
  • Security researchers are warning that LinkedIn has become the most spoofed brand in phishing attacks, accounting for more than 52% of all such incidents at a global level. The data comes cybersecurity company Check Point, who recorded a dramatic uptick in LinkedIn brand abuse in phishing incidents in the first quarter of this year. According to the company, in the last quarter of 2021, LinkedIn held the fifth spot on the list, the count for impersonating attacks being a much lower 8%.
  • The Torii 2022 SaaS Visibility and Impact Report states that 69% of tech executives believe that shadow IT is the main problem associated with SaaS. Most respondents made exceptions to their SaaS security protocols, although the applications were adopted outside the competence of the IT department. To combat these and other SaaS proliferation issues, 64% are evaluating or planning to deploy SaaS management tools.
  • The 451 Research and Noname Security Report The 2022 API Security Trends Report examines the key characteristics and security risks present in modern API usage. 41% of the organizations represented by the survey respondents had an API security incident in the last 12 months; 63% of them noted that the incident was related to a data leak or loss.
  • Pindrop Voice Intelligence & Security Report reveals innovative ways for attackers to use certain authentication methods to commit fraud in order to better protect customer accounts. 92% of scammers have passed the knowledge-based authentication (KBA) based on the case study of the national contact center, while real customers have passed the KBA test only in 46% of cases.
  • Kaspersky Lab experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. The researchers also found out that the encryption process depends on the size of the files, and identified the prerequisites for successful decryption.
  • According to a study by Kaspersky Lab Kaspersky ICS Security Survey 2022, 30% of industrial enterprises around the world have a common practice of disabling cybersecurity products if they affect production processes or the operation of automation systems. 43% of organizations have faced such problems at least once, and another 38% face them from time to time.

Major Cyber Incidents