Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack
An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy.
Elastic Security Labs, which is monitoring the intrusion set under the name REF9134, said the attack led to the installation of Swiftbelt, a Swift-based enumeration tool inspired by an open-source utility called SeatBelt.
JokerSky was first Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from endpoint security platforms, SIEM tools, and phishing emails reported by internal users. Security Read More
A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI’s ChatGPT, Google’s Gemini, or Microsoft’s CoPilot. […] Read More
CISA and the FBI released the Secure by Design Alert to address SQL injection vulnerabilities in software that affect thousands of organizations.
A persistent class of defects in commercial software solutions is SQL injection, or SQLi, vulnerabilities.
Even though SQL vulnerabilities have been known about and documented for a decade now, and there are workable mitigations available, software manufacturers have persisted in creating products that have this flaw, endangering a large number of users.
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.
:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, which helps you to quantify risk accurately:
Secure by Design refers to how manufacturers design and create products to prevent malicious cyber actors from exploiting flaws.
Customers’ burden with cybersecurity and public risk is decreased by incorporating this mitigation from the start, especially in the design phase and continuing through development, release, and updates.
“SQL vulnerabilities (such as CWE-89) are still a prevalent class of vulnerability. CWE-89 is on top 25 lists for both the most dangerous and stubborn software weaknesses in 2023”, CISA and FBI said in the report.
Specifics Of The SQL Injection Vulnerabilities
When user input is directly injected into a SQL command, an SQL injection vulnerability occurs, enabling threat actors to run arbitrary queries.
Software developers’ neglect of security best practices leads to the combination of user-supplied data with database queries, which is the root cause of SQLi vulnerabilities.
A successful SQLi exploitation can have disastrous consequences since it compromises the availability, confidentiality, and integrity of a database and the data within it.
In particular, malicious cyber actors may be able to take sensitive data, and modify, remove, or render data in a database unavailable due to SQLi vulnerabilities.
How To Eliminate SQL Injection Vulnerabilities
To avoid this kind of vulnerability, developers should utilize prepared statements in parameterized queries to isolate SQL code from user-supplied data while designing and developing software products.
Software developers should mandate the usage of parametrized queries in all of their applications to systematically eliminate SQLi vulnerabilities.
“CISA and the FBI urge senior executives at technology manufacturers to mount a formal review of their code to determine its susceptibility to SQLi compromises and encourage all technology customers to ask their vendors whether they have conducted such a review”, reads the joint alert.
Three Essential Principles For Developing Software That Is Secure By Design
Take Ownership Of Customer Security Outcomes
It is recommended that software producers implement the common practice of using prepared statements with parameterized queries in software development
Senior executives at software producers must accept responsibility for their customers’ security, beginning with formal code reviews to assess vulnerabilities.
Embrace Radical Transparency And Accountability
Software makers ought to monitor the types of vulnerabilities linked to their products and notify customers about them through the CVE initiative. Manufacturers have to make sure that all of the information in their CVE records is accurate.
Build Organizational Structure And Leadership To Achieve These Goals
As a declared company objective, leaders should create the proper incentive programs and make the necessary investments to support security.
Manufacturers are urged by CISA and the FBI to release their own secure by design roadmap as evidence that they are strategically reconsidering their role in ensuring the safety of their consumers, rather than just putting in place tactical safeguards.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.