Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)

Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws.

13Critical

71Important

0Moderate

0Low

Microsoft patched 84 CVEs in its October 2022 Patch Tuesday release, with 13 rated as critical and 71 rated as important.

This month’s update includes patches for:

Active Directory Domain Services
Azure
Azure Arc
Client Server Run-time Subsystem (CSRSS)
Microsoft Edge (Chromium-based)
Microsoft Graphics Component
Microsoft Office
Microsoft Office SharePoint
Microsoft Office Word
Microsoft WDAC OLE DB provider for SQL
NuGet Client
Remote Access Service Point-to-Point Tunneling Protocol
Role: Windows Hyper-V
Service Fabric
Visual Studio Code
Windows Active Directory Certificate Services
Windows ALPC
Windows CD-ROM Driver
Windows COM+ Event System Service
Windows Connected User Experiences and Telemetry
Windows CryptoAPI
Windows Defender
Windows DHCP Client
Windows Distributed File System (DFS)
Windows DWM Core Library
Windows Event Logging Service
Windows Group Policy
Windows Group Policy Preference Client
Windows Internet Key Exchange (IKE) Protocol
Windows Kernel
Windows Local Security Authority (LSA)
Windows Local Security Authority Subsystem Service (LSASS)
Windows Local Session Manager (LSM)
Windows NTFS
Windows NTLM
Windows ODBC Driver
Windows Perception Simulation Service
Windows Point-to-Point Tunneling Protocol
Windows Portable Device Enumerator Service
Windows Print Spooler Components
Windows Resilient File System (ReFS)
Windows Secure Channel
Windows Security Support Provider Interface
Windows Server Remotely Accessible Registry Keys
Windows Server Service
Windows Storage
Windows TCP/IP
Windows USB Serial Driver
Windows Web Account Manager
Windows Win32K
Windows WLAN Service
Windows Workstation Service

Elevation of privilege (EoP) accounted for 46.4% of the vulnerabilities patched this month, followed by remote code execution (RCE) vulnerabilities at 23.8%.

Note: Microsoft has not included patches for the two zero-day vulnerabilities in Microsoft Exchange, CVE-2022-41040 and CVE-2022-41082, that were disclosed on September 28 in this release.

Tenable Solutions

Users can create scans that focus specifically on our Patch Tuesday plugins. From a new advanced scan, in the plugins tab, set an advanced filter for Plugin Name contains October 2022.

With that filter set, click the plugin families to the left and enable each plugin that appears on the right side. Note: If your families on the left say Enabled, then all the plugins in that family are set. Disable the whole family before selecting the individual plugins for this scan. Here’s an example from Tenable.io:

A list of all the plugins released for Tenable’s October 2022 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.

Get more information

Microsoft’s October 2022 Security Updates
Tenable plugins for Microsoft October 2022 Patch Tuesday Security Updates

Join Tenable’s Security Response Team on the Tenable Community.

Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface.

Get a free 30-day trial of Tenable.io Vulnerability Management.

Read More

You’ve got questions and they’ve got answers. A global survey provides a snapshot of what it’s like to sit in the CISO chair, as these cybersecurity leaders face increasingly sophisticated cyber threats and heightened expectations from their organizations. 

They’re questions that most cybersecurity professionals have about their CISOs. Which career path do they take on their way to becoming cyber chiefs? How long do they stay at their jobs? How much do they earn? And, most importantly, what keeps a CISO up at night? 

The third annual global survey of CISOs from executive search firm Heidrick & Struggle takes a deep dive into the organizational structure and compensation data from top cybersecurity leaders around the world. 

The 2022 Global Chief Information Security (CISO) Survey polled 327 CISOs from the U.S., Europe and Asia-Pacific. While most respondents were predominantly from the U.S., other countries such as Australia, Belgium, France, Germany, the Netherlands, Singapore, South Korea, and the U.K. were also represented. 

What CISOs had to say

The survey revealed some significant findings in the following areas: 

Most significant threats facing their organizations. Most CISOs listed ransomware (67%) as their organization’s top threat, followed by insider threats (32%), nation/state attacks (31%) and malware attacks (21%). 

Tenure length. In an encouraging trend for job stability, 77% of respondents said they’ve been at their current position for at least three years, up from 5% of respondents in 2021’s survey. Additionally, almost two-thirds of CISOs who have been in their current role for less than a year came from a previous CISO role, highlighting a broader trend that CISO roles are often terminal. 

An increase in cash compensation. In the U.S., CISO’s reported median cash compensation rose from $509,000 to $584,000, a 15% increase from last year and a 23% increase from 2020. Total compensation, including equity grants and other incentives, has increased to $971,000 from $936,000 in 2021. 

Team size. In comparison to last year, CISOs’ team size grew, with the share of CISOs with the smallest teams dropping from 38% to 31% while the share with the largest teams rose from 18% to 21%. Team-size growth reflects increased investment by organizations in cybersecurity. And with burnout being a key concern among CISOs, larger teams may, over time, help to reduce it. 

Organizational visibility. CISOs reported having significant visibility with their board of directors, with 88% of CISOs saying that they present to either the full board or to a board committee. However, regionally, U.S. CISOs most often present to the full board while CISOs in APAC and the Middle East most often present to a committee with reporting to the audit committee typically being more frequent. 

Personal risks. CISOs reported burnout, stress and higher-than-usual staff turnover as the highest personal risks associated with this role. It is recommended that organizations succession or retention plans so that CISOs do not make unnecessary exits. 

(Source: “2022 Global Chief Information Security Officer (CISO) Survey” from Heidrick & Struggles, August 2022.)

Where do CISOs see themselves in the future? 

The majority of CISOs desire to be something other than a CISO with more than half wanting to be board members. Regionally, 56% of CISOs in the U.S. desire to be board members while only 40% of CISOs in Europe expressed the same desire. 

Although there’s an increased focus and investment in cybersecurity, the study found that there is still not enough interest from organizations in having CISOs become board members, though this could change in the future. Outside of board roles, the career path of a CISO still remains tricky. Despite 38% of CISOs globally reporting to their CIO, only 13% see that as an ideal next role. Therefore, the career path for CISOs moving forward still remains unclear. 

Learn more: 

“Cybersecurity on the board: How the CISO role is evolving for a new era” (TechMonitor) 
“7 best reasons to be a CISO” (CSO) 
“Effective Board Communication for CISOs” (CISO Street) 
“7 mistakes CISOs make when presenting to the board” (CSO)
Cybersecurity Snapshot: 6 Things That Matter Right Now

Read More

Google embeds in cloud security market with new software suite

Read More

The leak was caused by an access key being made publicly available on GitHub for almost five years

Read More

“I’ll just Uber home.” 

Who hails a taxi anymore? These days, city streets are full of double-parked sedans with their hazards on, looking for their charges. Uber is synonymous with ridesharing and has made it so far into our culture that it’s not just a company name but a verb.  

Uber’s reputation has ebbed and flowed since its creation in 2009, and it’s taken another hit recently as more details are coming to light about a massive 2016 cybersecurity breach and the chief security officer’s attempts to cover it up.  

What Happened in the 2016 Uber Breach?

In 2016, a ransomware group trawled the internet and gathered Uber’s credentials that opened the door into the company’s server database. The cybercriminals then stole the information of customers and drivers alike and held it for a $100,000 Bitcoin ransom. Joe Sullivan, Uber’s chief security officer at the time, paid the ransom and the criminal group agreed to delete the information they uncovered. While it’s not uncommon for large corporations to give in to cybercriminals and dole out huge ransom payments, Sullivan is facing potential jail time because he didn’t report the incident to the Federal Trade Commission. He was recently found guilty of wire fraud and concealing a felony from authorities.  

Uber account holders had their personally identifiable information in nefarious hands without their knowledge. The cybercriminals allegedly downloaded the names, email addresses and phone numbers of 57 million Uber customers and drivers, plus the license plate numbers of 600,000 drivers.1  

Why It’s Important for Companies to Report Leaks

Organizations have a responsibility to their customers to report any cyberbreaches. With a full name, email address, and phone number, cybercriminals can inflict a lot of damage on an innocent person’s credit, steal money from online accounts, or invade someone’s digital privacy. Customers must act swiftly to put the proper safeguards in place, but they can’t do that if they don’t even know a breach has happened! The longer a cybercriminal has to poke and prod someone’s digital footprint, the more havoc they can wreak and profits they can gain. 

How to Protect Your Personal Information Before and After a Breach 

Acting swiftly is key to keeping your personally identifiable information (PII) private after a breach, though there are a few measures you can take right now that could prevent your information from being compromised. Here’s what you can do before and after a breach. 

Preventive measures

One way to shrink your attack surface – or the number of possible entry points into your digital life – is to regularly vet your online accounts and apps. For example, when you’re cleaning your closet, it’s common to donate or trash any clothing you haven’t worn in a year. The same method works for your digital life. If you haven’t logged into a shopping site or mobile gaming app in over a year, it’s unlikely that you will use them anytime soon, so it’s time to say goodbye and delete it. 

McAfee credit lock and security freeze are other preventive measures that can keep your credit safe in case your PII is ever compromised. These services make it easy to prevent one or all three major credit bureaus from accessing your credit. In turn, this prevents anyone other than you from opening a bank account, applying for a loan, or making a substantial purchase. If you’re not planning on needing a credit report, it’s a great practice to freeze your credit. 

Reactive measures

When you first hear of a company’s data leak with which you have an account, the first step you should take is to change your account password. Login and password combinations are often compromised in a data breach. Make sure your new password is strong and is not a duplicate of a password you use elsewhere. 

Next, consider running a Personal Data Cleanup scan. Personal Data Cleanup checks risky data broker sites and alerts you if your information appears on any of them. From there, you can take steps to remove your information. 

Finally, for the next few weeks, keep close tabs on your financial, online, and email accounts. Watch for suspicious activities like purchases you didn’t make, electronic receipts, notifications, or mailing lists that you didn’t sign up for. McAfee+ Ultimate can help you here with its identity monitoring and full-service Personal Data Cleanup. McAfee+ gives you a partner to alert you and help you recover if your digital privacy is compromised. 

Constant Vigilance and Digital Confidence-Boosting Assets

Protecting your identity and digital privacy is a two-way street. While identity and privacy protection tools go a long way, individuals also have a responsibility to remain vigilant and take quick action if they suspect their information is compromised. And the ultimate responsibility lies with companies to alert the authorities and their customers after a data leak and to take serious steps to shore up their security to make sure it never happens again. 

1The Verge, “Former Uber security chief found guilty of covering up massive 2016 data breach” 

The post 57 Million Users Compromised in Uber Leak: Protect Your Digital Privacy and Identity appeared first on McAfee Blog.

Read More

Trend Micro found evidence of new PayPal scammers impersonating crypto-related businesses

Read More