Cyber Weekly Newsletter

The weekly Security, Tech and Cybercrime newsletter from Riskigy's vCISO Cybersecurity team

Cybersecurity awareness tips and alerts from Riskigy to empower your team to #BeCyberSmart #CyberAware

This Weeks Need-to-Know News and Alerts

?? TeamViewer on Thursday disclosed it detected an "irregularity" in its internal corporate IT environment. It's currently unclear at this stage whether this means attackers are abusing shortcomings in TeamViewer to breach customer networks. https://thehackernews.com/2024/06/teamviewer-detects-security-breach-in.html?

?? A high-severity security vulnerability in Progress Software's MOVEit Transfer software could allow cyberattackers to get around the platform's authentication mechanisms — and it's being actively exploited in the wild just hours after it was made public. https://www.darkreading.com/remote-workforce/fresh-moveit-bug-under-attack-disclosure?

?? Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro. https://thehackernews.com/2024/06/apple-patches-airpods-bluetooth.html?

?? A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is very popular and estimated to have over one million active license users. https://www.bleepingcomputer.com/news/security/critical-gitlab-bug-lets-attackers-run-pipelines-as-any-user?

?? The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. https://www.bleepingcomputer.com/news/security/exploit-for-critical-fortra-filecatalyst-workflow-sqli-flaw-released?

?? Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts. Users of the aforementioned plugins are advised to inspect their sites for suspicious administrator accounts and delete them, in addition to removing any malicious code. https://thehackernews.com/2024/06/multiple-wordpress-plugins-compromised.html?

?? Former IT employee accessed data of over 1 million US patients. Geisinger, a prominent healthcare system in Pennsylvania, has announced a data breach involving a former employee of Nuance, an IT services provider contracted by the organization. https://www.bleepingcomputer.com/news/security/former-it-employee-accessed-data-of-over-1-million-us-patients?

?? Google Gemini is officially part of Gmail, Google Drive, Docs, Sheets, and Slides. Google officially rolls out its Gemini AI tools across the Workspace suite. Only paying Google Workspace customers will be able to access it for the time being. https://techradar.com/pro/you-cant-escape-it-now-gemini-is-officially-part-of-gmail-google-drive-docs-sheets-and-slides?

?? FBI is warning of cybercriminals posing as law firms and lawyers that offer cryptocurrency recovery services to victims of investment scams and steal funds and personal information. Cryptocurrency recovery scams paid over $9 million to fraudsters in 2023. https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-law-firms-targeting-crypto-scam-victims?

?? Car Dealerships across the U.S have been impacted by this cyberattack. The BlackSuit ransomware gang is behind CDK Global's massive IT outage and disruption to car dealerships across North America, according to multiple sources familiar with the matter. https://www.bleepingcomputer.com/news/security/cdk-global-outage-caused-by-blacksuit-ransomware-attack?

From Our Blog

Apple and Microsoft's AI Innovations Spark Security Concerns

Amidst the rapidly growing development of artificial intelligence (AI) capabilities, two tech giants, Apple and Microsoft, have recently appeared in the headlines for introducing their new AI-powered capabilities. However, these capabilities attracted many concerns and even major backlash due to privacy and security risks…Read more at https://riskigy.com/blog/f/apple-and-microsofts-ai-innovations-spark-security-concerns?

Recent FINRA Actions Highlight the Need for Robust Cybersecurity

Broker-dealers are increasingly susceptible to various forms of cyber-attacks, including but not limited to phishing, ransomware, and data breaches. FINRA’s continued focus on cybersecurity can be evidenced with three recent cybersecurity-related enforcement actions reported over the first six months 2024…Read more at https://riskigy.com/blog/f/recent-finra-actions-highlight-the-need-for-robust-cybersecurity?

FHA Mandates Immediate Cybersecurity Incident Reporting

In response to a pattern of high-profile breaches at major mortgage lenders, the Federal Housing Administration (FHA) has published the Mortgagee Letter (ML) 2024-10. It outlines new reporting requirements for mortgage lenders in the event of a cybersecurity intrusion, including mandatory reporting of any potential or actual significant cybersecurity incidents to the FHA within 12 hours of detection…Read more at https://riskigy.com/blog/f/fha-mandates-immediate-cybersecurity-incident-reporting?

The SEC Amends Reg S-P to Enhance Cybersecurity Measures

In an era where cyber threats loom larger than ever, the U.S. Securities and Exchange Commission (SEC) has taken a decisive step to safeguard the financial industry and its clients against digital risks. The SEC's amend...Read more at https://riskigy.com/blog/f/the-sec-amends-reg-s-p-to-enhance-cybersecurity-measures?

Insights from the 2024 Verizon DBIR

The 2024 Verizon DBIR highlights a nuanced and complex picture of the global cybersecurity threat landscape. Among the most striking findings is the continued rise in sophistication and frequency of cyberattacks, driven largely by a combination of global political tensions, advancements in technology, and the persistent value of data…Read more at https://riskigy.com/blog/f/insights-from-the-2024-verizon-dbir

Recent Data Breach News

?? Evolve Bank & Trust data breach adds to woes of Synapse partner. Customer data and personal information of some Evolve customers was released to the dark web, two weeks after the Fed handed Evolve an enforcement action regarding its partnerships. https://www.bankingdive.com/news/evolve-bank-hack-dark-web-customer-data-fed-order-synapse-partnership-mcwilliams/719989

?? At least six companies have alerted the Securities and Exchange Commission that the fallout from the ransomware attack on automotive industry software provider CDK Global has had a negative impact on their operations, according to filings with the agency. https://cyberscoop.com/cdk-ransomware-car-dealers?

?? CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans. https://www.bleepingcomputer.com/news/security/chemical-facilities-warned-of-possible-data-theft-in-cisa-csat-breach?

?? Neiman Marcus confirms data breach after Snowflake account hack. Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company's database stolen in recent Snowflake data theft attacks. https://www.bleepingcomputer.com/news/security/neiman-marcus-confirms-data-breach-after-snowflake-account-hack?

?? For the first time UnitedHealth Change Healthcare lists the medical data stolen in ransomware attack. The stole data includes personal information such as Social Security numbers, driver’s licenses or state ID numbers, or passport numbers and much more. https://www.bleepingcomputer.com/news/security/change-healthcare-lists-the-medical-data-stolen-in-ransomware-attack?

?? The Los Angeles Unified School District has confirmed a data breach after threat actors stole student and employee data by breaching the company's Snowflake account. The platform is used by some of the largest companies worldwide to store their data. https://www.bleepingcomputer.com/news/security/los-angeles-unified-confirms-student-data-stolen-in-snowflake-account-hack?

Cybersecurity Humor

CISOs typically leave organizations for various reasons, many of which relate to the challenges and expectations of the role. According to a survey mentioned in one of the articles, 31% of respondents indicated that CISOs leave when the organization does not have a culture that emphasizes cybersecurity.?

Additionally, dissatisfaction and burnout are common among CISOs; a report found that job satisfaction among these security leaders experienced a significant drop, which can contribute to their decision to leave an organization.?

The strains of the job, including the high responsibility and the need for constant vigilance in protecting the organization against cyber threats, can be taxing. Additionally, if CISOs do not feel they have the support of executive management or the board of directors, this lack of active participation in decision-making can drive them to resign.

Cybersecurity Is Complex! We Are Here To Help

Cyberthreats are everywhere, you don’t have to face them alone. Get Cybersecurity & Tech help from Riskigy!

? Looking for an expert to assist your firm or clients??

? Need a pro to explain Tech or Cyber to your management??

? Vetting a new investment or acquisition??

? Want to build a cyber aware staff??

? Need immediate assistance with an incident??

? Considering adding a vCISO or vCTO to your team?

? Seeking help with SOC2, FINRA/SEC, or Cyber Insurance readiness?

Contact us to discuss how we can assist!