Cyber Weekly Digest #49
Cyber Vigilance
Security for an intelligent future... Protecting organisations through technical excellence and disruptive technology.
?? Welcome to the 49th edition Cyber Weekly Digest?of 2024
Typical first week of December... I am already 80% Quality Street and 20% Baileys.
Big thanks to CultureAI & Ignition Technology for the warm hosting at their partner event this week. Fantastic team, great opportunity to meet some new faces and enjoy some interesting conversation.
Agents Maxted & Butler also enjoyed eating with Wolves this week. Thanks to the Arctic Wolf team for the hospitality!
Via LinkedIn we shared a detailed overview of our Unified External Security platform with ZeroFox delivering Protection, Intelligence, Disruption and Response. Let us show you how we can shut down threats to your brand, domains and people the moment they hit your external attack surface!
And... Team CV joined Bugcrowd and guests at Mercedes-Benz World in Brooklands. A team of cyber security professionals discussing the greatest cybersecurity myth ever told. What a day!
?? “The first time I met my wife, I knew she was a keeper. She was wearing massive gloves.” – Alun Cochrane
Anyway, hope you're ravenous this week as we've got a lot of food for thought...
New?and noteworthy?from our Technology Community this week:
?
?? Ransomware is a booming business, but #ZeroTrust can stop cybercriminals from cashing in. This week on Illumio 's The Zero Trust Hub, Christer Swartz explores how #ZeroTrust locks down lateral movement, ensuring breaches don’t turn into paydays for attackers.
?
?? Cyber pros working in #FinancialServices listen up! We've got the scoop on the financial cyber threat landscape in Europe and we're sharing it with YOU.
TLDR? Advances in technology, such as generative AI, have enabled the expansion of #SocialEngineering tactics, ransomware, malware and more. Get the full details on malware to look out for (hello, Redline) and other growing threats in this blog from our pals at ZeroFox ?
?? Threat hunting articles and how-to guides are great starting points for learning about the discipline of threat hunting. However, sometimes to really turn theory into practice, you need to see concepts in action.
That’s where Censys webinars come in! To help you enhance your threat hunting skills and fortify your defenses, they've recently hosted a number of webinars focused on threat hunting, led by their own experts and those in the field.
?
?? Need to secure your Entra apps and eliminate hidden risks? Check out CoreView 's Entra App Management, the simplest way to identify and remediate Entra app registrations with dangerous permissions.
Discover, secure and manage these apps with ease.
??? Lock down your Entra apps with complete visibility across your Microsoft 365 tenants
?? Find and fix unused enterprise apps and apps without owners to prevent app sprawl
?? Report on everything—from apps with unverified publishers and expiring certificates to service principles
?
领英推荐
Last?but not least... ?
?? How are you preparing your cybersecurity strategy for 2025? As we race towards New Year the time to rethink and redefine your cybersecurity strategy is NOW!
The right metrics will be the key to navigating the ever-evolving threat landscape and ensuring your organisation's success so join Axonius ' upcoming webinar on Thursday, December 19th to discover how to pinpoint the most impactful metrics, align leadership and leverage cutting-edge technology for a stronger, data-driven cybersecurity future.
?
Now, let's take a look at our top Cyber Security News picks of the week
?
Three more hospitals in Merseyside have been targeted by cyber attackers. Alder Hey Children's NHS Foundation Trust said itself, the Liverpool Heart and Chest Hospital and Royal Liverpool University Hospital had been affected by the incident on Thursday. The hospital warned the hackers could release the data before it had had time to investigate. The incident came after Wirral's Arrowe Park hospital was targeted.
?
As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring," Cleafy researchers Simone Mattia, Alessandro Strino, and Federico Valentini said. "Moreover, it leverages dual-channel communication, transmitting outbound data through MQTT and receiving inbound commands via HTTPS, providing enhanced operation flexibility and resilience."
?
Cybersecurity firms and MSSPs were busy over the past couple of months tracking the myriad online scams aimed at businesses and consumers who were getting ready for the Black Friday and Cyber Monday sales that mark the beginning of the hectic month-long holiday shopping sprint. It’s an ideal environment for cybercriminals, according to Nathaniel Jones, vice president of threat research at security vendor Darktrace, noting that “consumers are inundated with time-sensitive deals, while retailers handle record-breaking transaction volumes at speed. This environment makes it harder than ever to identify suspicious activity.”
?
Microsoft customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks. Once again, nation-state affiliated threat actors demonstrated that cyber operations—whether for espionage, destruction, or influence—play a persistent supporting role in broader geopolitical conflicts. Also fueling the escalation in cyberattacks, we are seeing increasing evidence of the collusion of cybercrime gangs with nation-state groups sharing tools and techniques.??
?
A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country. According to a news report from Russian media outlet RIA Novosti, Mikhail Pavlovich Matveev has been accused of developing a malicious program designed to encrypt files and seek ransom in return for a decryption key. "At present, the investigator has collected sufficient evidence, the criminal case with the indictment signed by the prosecutor has been sent to the Central District Court of the city of Kaliningrad for consideration on the merits," the Russian Ministry of Internal Affairs said in a statement.
?
That's it for this weeks tasty morsels...
Have a great weekend all,
Much ?? Stay Safe
The CV Team
?
Security for an intelligent future...
Founder & CEO at Cyber Vigilance
3 个月Another great write up, another very busy week for team Cyber Vigilance!