Due care and due diligence, your responsibility - weekly cyber

Hi all, this week I wanted to remind you about the concept of due care and due diligence.

These are very simple, and are tight to responsibility and accountability. As I see the cloud hell leaking non stop, and abuses non stop, it would be good to get due care and due diligence on the front of everything, eventually leading to security and privacy by design and by default.

Due diligence, is the act of making sure that anything you integrated, handle, produce, is actually built from safe practice with privacy and security in mind, making sure that everything is aligned with best practices, or at least, your, or your organization's best practice. The idea is not to affect your risk profile.

Due diligence is usually happening when a company is purchased, and the buyer will review / audit the purchased organization to ensure that everything claimed is true, and good practice is in place. No one wants to bring in a ticking bomb !

Due care is the act of maintaining good practice during the life cycle of the project, organization, product, or anything. It means that you'll keep your best practices under watch, in a continuous manner. If you have a cloud project, due care means that not only you applied the best practices from the start, but also during the whole life cycle. It means continuous analysis, audit, tracking and enforcing of the good practices.

When due diligence and due care are in place, companies can proudly stand behind their engagement. If there is no due care and due diligence, then anything a company claim is bullshit.

Company that is driven just by time to market without due care, only delivers bullshit, and it will blow. You know me, factual ! Actual more formal due care and due diligence CISSP style description here in video :)

What you should have seen this week in cyber in 34 points :

1 - Data is leaking, regulation is not respected, reputation is impacted, and people's life is destroyed with the following identity theft and abuses - We can do better - Top 8 Most Common Storage Misconfigurations And Vulnerabilities

2 - Connected car bring only threats and rip off ! Tesla Is Turning Navigation Into a Subscription Service (I think you might manage to paste a big tablet on top of that useless screen in this stupid car :D :P )

3 - We can read that "Through proper understanding and support, your organization can ensure it is secure while operating in the cloud and start taking advantage of the many possibilities present." - Cloud Native and the Hype of Security

4 - Even your cloud infrastructure deserves a strong protection !?Researcher Found XSS Flaws In Google Cloud and Google Play (post by Cyberdefense AI)

5 - Have you patched your CISCO nexus dashboard ? Cisco Patched Multiple Security Vulnerabilities In Nexus Dashboard

6 - When organizations adopt a good security posture, place proper defenses in place, they manage to lower their risk and impact of incidents ! Ransomware gangs are hitting roadblocks, but aren’t stopping (yet). (post by VARS Corporation)

7 - We are all part of the supply chain. Your business is part of it, and when you enforce your security posture, and validate your controls, you do make a difference ! Now is the time to focus on software supply chain security improvements. (post by Orenda Security)

8 - Monoculture is wrong ! Leave security to real security specialist, not to cloud data mining companies ! LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload

9 - Anything you connect becomes a risk ! Over 3,200 apps leak Twitter API keys, some allowing account hijacks

10 - Do you have proper detection and response, or will you fall like this other victim ? Ransomware Hit on European Pipeline & Energy Supplier Encevo Linked to BlackCat

11 - You know, this fairly bad hardcoded credentials in the system allowing anyone to connect and take over ? Many options to get this fixed ! How to fix CVE-2022-26138 in Atlassian

12 - Does your organization have DMARC ? or at least SPF defined in its DNS zone ? Universities Put Email Users at Cyber Risk (because responsibility belong to each and every admin, your configuration affects other's ability to defend their users efficiently)

13 - The cloud is dangerous, it's not something to implement without best practices in place - Manufacturing Sector in 2022 Is More Vulnerable to Account Compromise and Supply Chain Attacks in the Cloud than Other Verticals

14 - Insider threat can be very expensive ! T-Mobile Store Owner Made $25M Using Stolen Employee Credentials

15 - It's about knowing your footprint, and understanding that all the digital trails you leave as an organization, is information helping attackers or criminals to build tailored attacks against you - Digital Risk Protection: The Complete Guide

16 - You can't avoid cloud and internet, but you must treat this as a highly corrupted environment - VirusTotal Reveals Most Impersonated Software in Malware Attacks

17 - Motivated attackers will find a way, they key for you is not to be an easy target - Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts

18 - Your likelihood to be a target is not often under your control - Taiwanese Websites Hit by DDoS Attacks as Nancy Pelosi’s Visit

19 - So?#clowd?! Watching the cloud leading to failure and destruction on a daily basis - Thousands of Solana wallets drained in attack using unknown exploit

20 - it's VMware patch time ! authentication bypass - VMware: Patch this critical vulnerability immediately! (CVE-2022-31656)

21 - Easy way, fork and add malware - 35,000 code repos not hacked—but clones flood GitHub to serve malware

22 - Cloud and big tech are funny - American Express, Snapchat Open-Redirect Vulnerabilities Exploited in Phishing Scheme

23 - Are you going to wait for such incident to get decent XDR in place (reducing impact), and overall posture enhancement, including incident response plan ? German Chambers of Industry and Commerce hit by 'massive' cyberattack

24 - cyber weapon, for sure, but the name "woody rat" sounds like the ultimate hacker, ninja turtle mutant kind of hacker?- New Woody RAT Malware Being Used to Target Russian Organizations (as some commented, it's totally master splinter ! )

25 - Don't fall for the scams ! Phishing campaign targets Coinbase wallet holders to steal cryptocurrency in real-time

26 - And we keep connecting more and more stuff while we don't even to manage emergency systems !!! DHS warns of critical flaws in Emergency Alert System devices

27 - Sweet, when security service becomes a backdoor ! High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover

28 - And that's for lazy hackers ! Real hackers hide their C&C in a way more custom and hidden way so as it looks like normal traffic - Thousands of hackers flock to 'Dark Utilities' C2-as-a-Service

29 - Because cloud can quickly turn into a nightmare, we recommend that you get external support with regular posture check from professionals - Who Has Control: The SaaS App Admin Paradox

30 - Your router is the bridge and the gate between your infrastructure and the wild internet. Do you make sure your router is up to date ? Critical RCE Bug Could Let Hackers Remotely Take Over DrayTek Vigor Routers

31 - Hopefully, if you host a Zimbra instance, you patched ! CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog

32 - ?is your K8 part of your security strategy ? have you included it in your pentests ? Organizations grew to love Kubernetes: Usage in production is high

33 - Cloud leaks not about to stop - Cyberattackers Increasingly Target Cloud IAM as a Weak Link

34 - Despite these facts, you still have responsibilities so that at least, only the solution provider abuse your data, yes, so read on on the pseudo controls that are left to you - What It Takes to Tackle Your SaaS Security

Have a good end of week all, thanks for likes, shares and comment if you find anything relevant for you ! Enjoy !