Access Point Consulting

???????? ???????? ???? ???????????????????? MacOS Faces New Security Threats Apple users should be on alert for "Shadysider," a vulnerability targeting MacOS and iOS systems with M-series CPUs, causing system crashes through GPU overload. In addition, a new ransomware variant called "NotLockBit" is targeting macOS devices, exfiltrating data before encryption and using hardcoded AWS credentials. Companies using macOS are encouraged to update their software and conduct anti-malware training. Cybercrime’s Growing Toolkit: Red Page Evasion and WarmCookie Malware Cyber criminals now have tools like Red Page evasion services to bypass Google’s security warnings, making it easier for attackers to launch malware campaigns. One such malware, WarmCookie, allows criminals long-term access to compromised systems, with functions like command execution, data exfiltration, and persistence. Supply Chain Breaches at Cisco and Internet Archive Cisco and the Internet Archive both suffered significant breaches. Cisco’s DevHub environment was accessed, leaking source code, credentials, and confidential documents. Similarly, the Internet Archive was compromised twice, exposing 7TB of sensitive data, including Zendesk API tokens and user databases. These breaches highlight the need for thorough configuration and access management. Cybersecurity Awareness Month Tip: Check Configuration Settings This week’s tip emphasizes reviewing configuration settings to prevent security breaches. Misconfigurations, such as those that allow unintended access, are common causes of data exposure. Always log and review settings to avoid creating vulnerabilities. Listen now on Spotify, Apple Podcasts, or watch on YouTube. #CyberWatch #MacOSVulnerabilities #CybercrimeTools #CiscoBreach #InternetArchiveBreach #CybersecurityAwarenessMonth #TechNews

When a company experiences a cyber breach, the way they communicate the incident can make all the difference. Too often, we see organizations sweep the technical issue under the rug, trying to reassure everyone with: “Don’t worry, everything’s fine!” But the truth is, customers want more than vague reassurances. The companies that get it right offer clear, actionable updates. They may not disclose every technical detail, but they focus on the business impact, communicate workarounds, and provide a roadmap for how they’ll succeed going forward. One approach we’ve seen too often: “We’re considering paying the $56 million ransomware demand and are consulting with the FBI or DHS.” That kind of public messaging can erode trust. Transparency is essential—but publicizing ransom negotiations isn't the solution. ?? Here's a pro tip for CISOs and executives— When the unthinkable happens, own the narrative. Communicate openly about what’s being done, how customers will be impacted, and what steps will ensure future success. Silence or vague statements only breed mistrust. How you respond to a breach is just as critical as how you prepare for it. Listen to the State of Security podcast on Spotify, Apple Podcasts, or watch on YouTube. #cybersecurity #incidentresponse #ransomware #CISO #breachresponse

???????? ???????? ???? ???????????????????? Ransomware Hits Casio and Nidec with Devastating Impact Casio’s operations in Japan have been crippled by a ransomware attack that began on October 5, forcing the company to pull servers offline to prevent further damage. Meanwhile, Nidec's division in Vietnam fell victim to ransomware by the 8BASE group, which released stolen data on the dark web after a ransom demand was refused. Both attacks highlight the growing sophistication of ransomware groups linked to Russia. Supply Chain Attacks: ESET and Google Targeted ESET’s distributor in Israel was compromised, delivering phishing emails disguised as antivirus software. Meanwhile, fake Google Meet pages are being used to trick users into running malicious scripts on their devices. These incidents emphasize the need for architectural defenses like micro-segmentation and ongoing employee training to mitigate risks. Nation-State Threats: APT34 Targets the Gulf Region Iran-backed APT34 has launched attacks against UAE organizations, targeting Microsoft Exchange servers and exploiting the CVE-2024-30088 vulnerability. Their strategy involves deploying ‘ngrok’ for covert communications, underlining the importance of proactive patching and updates to stay ahead of such threats. Listen now on Spotify, Apple Podcasts, or watch on YouTube. #CyberWatch #Ransomware #APT34 #SupplyChainAttacks #CybersecurityAwarenessMonth #TechNews #BestPractices

As Cybersecurity Awareness Month winds down, we're pleased to share one last feature from Pierre Reed, our Chief of Staff. In this article, he explores the importance of fostering a security awareness culture within organizations. Discover how building this culture can empower your team to better protect against cyber threats. Dr. Pierre Reed, Chief of Staff at Access Point

This week's Cybersecurity Awareness Month article features insights from Michael Caruso, Access Point's Director of Supply Chain Risk Management, on the recent pager and two-way radio attacks targeting Hezbollah. Michael provides his perspective on these incidents, highlighting the importance of securing communication channels against such threats. By Shubham Agarwal, Contributing Writer, with Michael Caruso, Director, Supply Chain Risk Management at Access Point Consulting #SupplyChainAttacks #CyberThreats #ThirdPartyRisk #SecurityVulnerabilities #CyberWatch

???????? ???????? ???? ???????????????????? ?? Kia Vulnerability Exposes Vehicle Control to Hackers Security researchers discovered a critical flaw in Kia vehicles that allowed hackers to remotely control car functions using just a license plate number and four HTTP requests. By registering fake Kia accounts, criminals could unlock cars, track locations, and access cameras. Kia issued a patch, but the incident highlights the risks of increasingly connected infrastructure. ?? Maximizing Impact: Trends in Cybercrime Cybercriminals are exploiting vulnerabilities in supply chains to maximize the impact of their attacks. From healthcare ransomware to cloud service breaches, these attacks show how hackers can target a single weak point and compromise thousands of users. IT professionals are urged to ensure cloud configurations and credentials follow best practices to reduce these risks. ?? Cybersecurity Awareness Month Tip: Think Like a Zebra This week’s cybersecurity tip is inspired by zebras: you don’t have to be the fastest, just not the slowest. Criminals often seek the easiest targets, so focus on making your systems harder to breach. Strengthen defenses to force attackers to move on to weaker targets. Listen now on Spotify, Apple Podcasts, or watch on YouTube. #CyberWatch #KiaVulnerability #CyberCrime #SupplyChainSecurity #CybersecurityAwarenessMonth #TechNews #CyberTips

That's a wrap on All Access 2024. Three years ago, after our first company all-hands in Ocean City, New Jersey, Access Point Consulting made the committment to gather our team once every year for a chance to socialize, strategize, and convene as one. With the third iteration of this event now under our belts, I'm as confident as ever in the future of this company. For me, it really comes down to three crucial things: Our people. Our culture. Our vision for the future. When these three stars align, it's green lights all the way. Huge thank you to Samantha Wentz, CMP, M.S. and the rest of the team for getting us through this week in one piece. P.S. Keep an eye out for more highlights from the event over the next few weeks ??

This week's story for Cybersecurity Awareness Month is by Access Point CIO Anthony Rivera on the topic of patch management. Enjoy, and learn something new.

As we conclude our 'ransomware readiness week' of this Cybersecurity Awareness Month, it's time to take a critical look at your organization's defenses. Ransomware attacks are becoming more sophisticated, and no business is immune. In our latest article, we explore essential strategies to bolster your ransomware preparedness. Don't miss this vital information to help protect your business from emerging threats. By Rick Leib, VP of Advisory Services

???????? ???????? ???? ???????????????????? ?? NVIDIA Container Toolkit Vulnerability A critical flaw in the NVIDIA Container Toolkit allows specially crafted container images to access the host file system, affecting most AI applications using NVIDIA GPUs. The vulnerability, with a CVSS score of 9.0, could lead to code execution, data tampering, and privilege escalation. Users should upgrade to version 1.16.2 or later and implement the Container Device Interface (CDI) to reduce risk. ?? SolarWinds Serv-U Vulnerability Exploited SolarWinds' Serv-U Managed File Transfer Server has a zero-day vulnerability that enables unauthorized file access via a path traversal flaw. The vulnerability, which is actively exploited, can cause data leaks and system compromise. Applying the SolarWinds hotfix is crucial, although it may require manual adjustments depending on the server configuration. ?? Cybersecurity Awareness Month Tip: Take a Moment to Verify For Cybersecurity Awareness Month, remember to verify email links, unexpected attachments, and requests for data or money transfers. Hover over links to check for suspicious addresses, and confirm unusual requests with your cybersecurity or IT team. It’s a small step that can prevent significant damage. Listen now on Spotify, Apple Podcasts, or watch on YouTube. #CyberWatch #NVIDIA #SolarWinds #CybersecurityAwarenessMonth #PathTraversal #AI #CyberTips #TechNews