The Xposed Newsletter #2

Welcome to the second edition of The Xposed Newsletter!  We’re thrilled that our very first newsletter was so well received, so thank you to everyone who took the time to have a look.

So, let’s crack on with the very best in cyber security news, updates, research, expert opinion, and insights from our brilliant experts and other leading voices in the cyber security industry.

Mass exploitation: The vulnerable edge of enterprise security

In this cutting-edge piece of research, Stephen Robinson , our Senior Threat Intelligence Analyst, takes a deep dive into the world of mass exploitation and how it could impact your business.

Extract:

There is just one thing that is required for a mass exploitation incident to occur, and that is a vulnerable edge service, meaning a piece of software that is accessible from the Internet. What many exploited edge services have in common is that they are infrastructure devices, such as Firewalls, VPN gateways, or Email gateways, which are commonly locked down black box like devices. Devices such as these are often intended to make a network more secure, yet time and again vulnerabilities have been discovered in such devices and exploited by attackers, providing a perfect foothold in a target network.

This report explores the trend of mass exploitation of Edge Services and Infrastructure and will put forward several theories as to why they have been so heavily and successfully targeted by attackers.

Read more and download the entire report here:

The Xposed Podcast – August 2024

“The effectiveness of an attack is not related to how cool it is.”

Join Tim and Steve for another bumper edition of Cyber Threats Xposed – a monthly round-up of everything important in the world of ransomware.

This month, our dynamic duo talk social engineering, ransomware turnover, hactivism, international arrests and much, much more! It’s available wherever you get your podcasts.

This episode is brought to you in association with Phoenix Software Limited , a proud WithSecure partner.

Why are robust software updates important?

Take a look at how our own Andrew Fawcett believes that updates can have far-reaching consequences

Extract:

The recent update published by Crowdstrike, which caused global issues, highlights the need for all software vendors to ensure that their updates to customers are robust and fit for purpose. This applies to all software vendors, not just those delivering cybersecurity products.

However cybersecurity software typically runs some parts with higher privileges, as it needs low-level access to detect and remediate threats, and this means even more care is needed as the impact of any mistake can result in a bluescreen rather than a simple crash. This is critically important when you release several updates every day.

For over 30 years, WithSecure has been delivering updates to our customers in a variety of methods, ranging from floppy discs sent through the postal system, all the way to today's fully automated systems. In those early days, when getting an update to customers could take a week or more, we quickly learned that there is no room for poor quality in updates.

Read the whole article here:

Mikko Uncut 

When he talks, people listen. Welcome to Mikko Uncut, a series in which Mikko Hypponen takes on the biggest issues facing the cyber security industry – in 60 seconds

This time, Mikko asks whether we have seen the end of ransomware…

You can watch the whole series on YouTube by clicking right here

See you next month!