Weekly Recap: MS Office bug can leak NTLM hashes and malicious Chrome and Edge browser extensions

Here is an overview of some of the most interesting news, articles, interviews and videos from the last week:

Unpatched MS Office bug can leak NTLM hashes to attackers (CVE-2024-38200)
A new zero-day vulnerability in MS Office (CVE-2024-38200) can be exploited by attackers to steal NTLM hashes from users, Microsoft announced late last week.

Fixed critical RCE bug in SolarWinds Web Help Desk (CVE-2024-28986)
SolarWinds has fixed a critical vulnerability (CVE-2024-28986) in its Web Help Desk (WHD) solution that could allow attackers to execute commands on the host computer.

IntelOwl: Open Source Threat Intelligence Management
IntelOwl is an open source solution for large-scale threat intelligence management.

How to avoid password management problems with Passkeys
In this interview with Help Net Security, David Cottingham, President of rf IDEAS, discusses the key benefits organizations can expect from implementing passkeys.

Key metrics for monitoring and improving ZTNA implementations
In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of implementing Zero Trust Network Access (ZTNA), focusing on balancing security with operational efficiency.

Authenticity: Open source identity provider
Authentik is an open source identity provider designed for maximum flexibility and adaptability. It integrates easily into existing environments and supports new protocols.

Microsoft fixes 6 zero-day vulnerabilities that are being actively attacked
Patch Tuesday August 2024 is here and Microsoft has provided fixes for 90 vulnerabilities, six of which were exploited as zero-day vulnerabilities in the wild and four of which are publicly known.

Chrome and Edge users are plagued by malicious extensions that are not easy to remove
Researchers have discovered a large-scale campaign in which a malicious installer forces users to install malicious Chrome and Edge browser extensions that are difficult to remove.

Tech support scammers impersonate Google through malicious search ads
Google search ads targeting users looking for Google's own services lead them to fake websites and to Microsoft and Apple tech support scams.

Hide your environment files! Or risk having your data stored in the cloud stolen and demanded for ransom
Cybercriminals break into organizations' cloud storage containers and steal their confidential data. In several cases, they have been paid by the affected organizations not to share or sell the stolen data.

Fraudsters trick chemical companies into transferring $60 million
Orion SA, a global chemical company based in Luxembourg, has fallen victim to a fraud: the company lost around 60 million dollars through “several fraudulently induced outgoing transfers to accounts controlled by unknown third parties”.

Australian gold mining company hit by ransomware
Australian gold mining company Evolution Mining announced on Monday that it learned of a ransomware attack on its IT systems on August 8, 2024 and is working with its third-party cyber forensics experts to investigate the incident.

Currently available cybersecurity jobs: August 14, 2024
We've scoured the market to bring you a selection of roles that cover a range of skill levels in the cybersecurity field. Check out this weekly selection of cybersecurity jobs currently available.

Delta vs. CrowdStrike: What obligations do providers have towards their customers – or do they?
In a potentially groundbreaking dispute, Delta Air Lines is threatening to sue CrowdStrike, a leading cybersecurity company, for alleged negligence and breach of contract.

How NoCode and LowCode free up resources for cybersecurity
In this Help Net Security video, Frederic Najman, board member of SFPN (French Association of NoCode Experts), discusses how companies can use NoCode and LowCode technologies to free up development resources to address cybersecurity issues.

Misconfigurations and IAM weaknesses are the biggest security concerns in the cloud
Traditional cloud security issues often associated with cloud service providers (CSPs) continue to decline, according to the Cloud Security Alliance’s Top Threats to Cloud Computing 2024 report.

Browser backdoors: Securing the new frontline of shadow IT
Browser extensions are a prime target for cybercriminals. And this isn't just a consumer problem – it's a new front in the enterprise fight against shadow IT.

Current attacks, targets and other threat trends
In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber ​​​​Threat Intelligence at Cisco Talos, discusses the trends Cisco Talos Incident Response has observed in incident response engagements during the second quarter of 2024 (April to June).

74% of ransomware victims were attacked multiple times within a year
A worrying trend of multiple, sometimes simultaneous, cyberattacks is forcing business leaders to review their cyber resilience strategies to address common vulnerabilities, including inadequate procedures for securing and restoring identity systems, according to Semperis.

Steps to improve quality engineering and system robustness
In this Help Net Security video, Stephen Johnson, CEO of Roq, explains that it is now imperative for companies and organizations to invest significantly more resources and effort to ensure that all their activities are based on future-proof systems.

Different views of CIOs, CTOs and CISOs on cyber risks
According to LevelBlue, senior managers face a unique challenge: they must align their priorities between driving technological innovation and ensuring business stability, while also managing the ever-evolving cyber threats posed by criminals adept at exploiting the latest technologies.

New Infosec Products of the Week: August 16, 2024
Here's a look at the most interesting products from the last week, including releases from ClearSale, Guardio, Ivanti, Resecurity and Stellar.