Cyber Weekly Newsletter
Riskigy Cybersecurity & Tech Advisors
Fractional Cybersecurity and Tech compliance leadership and consulting for start-up, emerging and beyond!
Cyber Weekly Newsletter for February 9th 2024
The weekly Security, Tech and Cybercrime newsletter from Riskigy's vCISO Cybersecurity team
Cybersecurity awareness tips and alerts from Riskigy Cybersecurity & Tech Advisors to empower your team to #BeCyberSmart #CyberAware
This Weeks Need-to-Know News and Alerts
???Super Bowl LVIII Presents a Vast Attack Surface for Threat Actors. The NFL's digitization of almost all aspects of the event means it has a lot more turf to protect for itself, and for the game's tens of millions of fans.?https://www.darkreading.com/ics-ot-security/super-bowl-lviii-vast-attack-surface-threat-actors
???Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation. Ivanti first warned about the flaw in the gateway's SAML on January 31, 2024.?https://www.bleepingcomputer.com/news/security/newest-ivanti-ssrf-zero-day-now-under-mass-exploitati...
???LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials. The fake app uses a similar name to the genuine app, a similar icon.?https://www.bleepingcomputer.com/news/security/fake-lastpass-password-manager-spotted-on-apples-app-...
???Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. The flaw received a 9.6 severity for FortiOS?https://www.bleepingcomputer.com/news/security/new-fortinet-rce-flaw-in-ssl-vpn-likely-exploited-in-...
???Remote desktop software maker AnyDesk disclosed last week that it suffered a cyber attack that led to a compromise of its production systems.?https://thehackernews.com/2024/02/anydesk-hacked-popular-remote-desktop.html
???Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution.?https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-fortisiem-rce-bugs-in-confusing...
???The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account.?https://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html
???Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen in 2022, marking the year as an exceptionally profitable period for ransomware gangs.?https://www.bleepingcomputer.com/news/security/ransomware-payments-reached-record-11-billion-in-2023...
???A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting (XSS) attacks.?https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-2-million-in-sql-injection-xss-...
???Hackers can Use Gen AI to Manipulate Live audio-jacking techniques to Steal Billions, Reroute Airplanes or Modify Live News.?https://www.govinfosecurity.com/hackers-use-gen-ai-to-manipulate-live-conversations-a-24283
???JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances.?https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html ?@riskigy
???New Banking Trojan Exploits Patched Windows SmartScreen Flaw. Mispadu Trojan Is Compromising Windows Security, Posing Threat to Banking Systems?https://www.govinfosecurity.com/new-banking-trojan-exploits-patched-windows-smartscreen-flaw-a-24291
???Teens Committing Scary Cybercrimes: What's Behind the Trend? Crypto theft, sextortion tactics, swattings, and ransomware: teenagers are increasingly taking up cybercrime for fun and profit.?https://www.darkreading.com/threat-intelligence/teens-committing-scary-cybercrimes-trend
From Our Blog
? Cybersecurity Lessons Learned from WWS Cyber Attacks?
To address the recent cyber attacks against the Water and Wastewater Systems (WWS) sector, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Environmental Protection Agency (EPA) published a guide providing best practices for cyber incident response and information on federal resources to owners and operators in the sector. Although the guide was written for the WWS sector, it is a useful resource for organizations in all sectors to improve their incident response plans and procedures. Read more now at?https://riskigy.com/blog/f/cybersecurity-lessons-learned-from-wws-cyber-attacks
? Ransomware Extortion Gets Personal
Ransomware attacks have become increasingly widespread and sophisticated, targeting individuals, businesses, and now even the healthcare sector. Along with ransomware, attackers added ruthless extortion tactics to their arsenal to pressure organizations into paying ransom. One especially egregious tactic currently used against healthcare providers is “swatting,” leaving them with the difficult choice of paying up or witnessing patients suffer the consequences. Read more now at?https://riskigy.com/blog/f/ransomware-extortion-gets-personal
领英推荐
? FINRA Annual Report Takeaways?
The 2024 FINRA Annual Regulatory Oversight Report (the Report) provides member firms with insight into findings from FINRA’s Member Supervision, Market Regulation and Enforcement programs (collectively, “regulatory operations programs”). The Report for member firms as an information source they can use to strengthen their compliance programs. A Fractional Chief Information Security Officer (CISO) can play a significant role in assisting with FINRA cybersecurity and technology recommendations. Read more now at?https://riskigy.com/blog/f/finra-annual-report-takeaways ?
? The Real Estate Industry is the latest Hacker Target?
In the last few months, the real estate industry has become a target of an onslaught of cyberattacks. Real estate services carry a wealth of sensitive customer data that can be used for identity theft and fraud, such as financial records, Social Security numbers, contact details, and property details, making them a lucrative target for cybercriminals. By prioritizing staff training, vendor risk management, and cybersecurity leadership, organizations can build up their cybersecurity posture and minimize the risk and impact of cyberattacks. Read more now at?https://riskigy.com/blog/f/the-real-estate-industry-is-the-latest-hacker-target ?
Recent?Data Breach News
???Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information.?https://www.bleepingcomputer.com/news/security/hpe-investigates-new-breach-after-data-for-sale-on-ha...
???Verizon Communications is warning that an insider data breach impacts almost half its workforce, exposing sensitive employee information. However, this incident does not appear to impact customer information.?https://www.bleepingcomputer.com/news/security/verizon-insider-data-breach-hits-over-63-000-employee...
???A Hong Kong-based finance professional at a multinational was reportedly swindled out of $25 million (HK$200 million) of company money when scammers created a deepfake of his London-based chief financial officer in a video conference call.?https://www.theregister.com/2024/02/05/hong_kong_deepfaked_cfo/
???Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data.?https://www.bleepingcomputer.com/news/security/hyundai-motor-europe-hit-by-black-basta-ransomware-at...
???Fulton County Court System Still Hobbled by Cyberattack at the end of January, leading to malfunctions in court filings, tax processing, and the court system website, there are concerns of the future of Fulton County court cases and its overall system.?https://www.darkreading.com/cyberattacks-data-breaches/fulton-county-court-system-damage-unresolved-...
???The ransomware group ALPHV is threatening to leak data obtained from a Virginia IT services company that contracts with the U.S. military.?https://cyberscoop.com/technica-pentagon-alphv-ransomware/
???Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led to a data breach after hackers stole corporate data.?https://www.bleepingcomputer.com/news/security/johnson-controls-says-ransomware-attack-cost-27-milli...
Cybersecurity Resources
Looking for Cybersecurity Policy templates??
See our latest Policy - ChatGPT Generative AI Use Policy Template:
Generative Ai and large language model (LLM) platforms already have millions of users. While most people were initially using the publicly available version of ChatGPT (and others) for personal tasks, many have started to use it for work-related projects without understanding the associated risks and what policies companies should consider implementing to reduce those risks.
The Riskigy Cyber Weekly Newsletter first launched in 2019 and as we approach the 5 year anniversary of the Cyber Weekly Newsletter we are moving the newsletter exclusively to our LinkedIn company homepage.
The move has several benefits including
Follow the link below to subscribe or use the button