WEEKLY CYBERSECURITY NEWSLETTER NO: 175

#Weekly Cybersecurity Tip: Use a Different Password for Every Online Account You Create and Try Using a Password Manager.

Jul 12, 2021 11:34 am

1- Lazarus Targets Engineers with Job Offers Using Poisoned Emails

Security researchers report that a notorious hacking group has been targeting engineers working in the defense industry. In recent months there have been a series of reports of malicious emails that use the disguise of a job offer to target defense contractors in the United States and Europe.

2- Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign

A sophisticated campaign targeting large international companies in the oil and gas sector has been underway for more than a year, spreading common remote access trojans for cyber-espionage purposes. Victims have been found around the world, but the primary targets are South Korean companies.

3- Microsoft Says Its Patch for PrintNightmare Works, Despite Claims of Workarounds

Microsoft recently released an emergency Windows patch to address a vulnerability known as PrintNightmare. The issue was serious enough to warrant a patch on several versions of Windows, including Windows 7, which is out of support. The patch was supposed to address security vulnerabilities, but reports claim there are workarounds.

4- 79% of Organizations Identify Threat Modeling as a Top Priority in 2021

Researchers published the results of a report designed to provide a better understanding of the current state of threat modeling in mid-sized, $100M to $999M and large sized, $1B + enterprises, with a specific focus on the challenges organizations face in scaling threat modeling for the applications they build and deploy. There is a clear need for more scalability and automation in threat modeling.