Cyber Weekly Newsletter

The weekly Security, Tech and Cybercrime newsletter from Riskigy's vCISO Cybersecurity team

Cybersecurity awareness tips and alerts from Riskigy to empower your team to #BeCyberSmart #CyberAware

This Weeks Need-to-Know News and Alerts

?? Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability. Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. https://thehackernews.com/2024/05/google-patches-yet-another-actively.html

?? Microsoft May Patch Tuesday fixes 3 zero-days, 61 flaws. The total of 61 flaws does not include 2 Microsoft Edge flaws fixed on May 2nd and four fixed on May 10th. Adobe released security updates for After Effects, Photoshop, Commerce, InDesign, and more. https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2024-patch-tuesday-fixes-3-zero-days-61-flaws

?? Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS) condition, and execute code under certain circumstances. https://thehackernews.com/2024/05/vmware-patches-severe-security-flaws-in.html

?? Citrix notified customers to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key. Citrix Hypervisor 8.2 CU1 LTSR, which uses PuTTY to make SSH connections from XenCenter to guest VMs. https://www.bleepingcomputer.com/news/security/citrix-warns-admins-to-manually-mitigate-putty-ssh-client-bug

?? Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks. Apple has provided no information on the zero-day or nature of the attacks being exploiting it in the wild. https://www.bleepingcomputer.com/news/apple/apple-backports-fix-for-rtkit-ios-zero-day-to-older-iphones

?? New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks. The SSID Confusion attack impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on WEP, WPA3, 802.11X/EAP, and AMPE protocols. https://thehackernews.com/2024/05/new-wi-fi-vulnerability-enabling.html

?? Norway recommends replacing SSL VPN to prevent breaches. The NCSC recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks. https://www.bleepingcomputer.com/news/security/norway-recommends-replacing-ssl-vpn-to-prevent-breaches

?? Microsoft shares temp fix for Outlook encrypted email reply issues. Microsoft has shared a temporary fix for a known issue preventing Microsoft 365 customers from replying to encrypted emails using the Outlook Desktop client. https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-temp-fix-for-outlook-encrypted-email-reply-issues

?? Apple blocked $7 billion in fraudulent App Store purchases in 4 years. From 2020 through 2023, the company also detected more than 14 million stolen cards and blocked them from transacting on its platform along with 3.3 million accounts. https://www.bleepingcomputer.com/news/security/apple-blocked-7-billion-in-fraudulent-app-store-purchases-in-4-years

?? Cybercriminals Exploiting Microsoft's Quick Assist Feature in Ransomware Attacks. The attack chain involves the use of impersonation through voice phishing to trick unsuspecting victims into installing remote monitoring and management (RMM) tools. https://thehackernews.com/2024/05/cybercriminals-exploiting-microsofts.html

?? Microsoft fixes VPN failures caused by April Windows updates. Microsoft fixed a known issue breaking VPN connections. The list of impacted Windows versions includes Windows 11, Windows 10, and Windows Server 2008 and later. https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-vpn-failures-caused-by-april-windows-updates

?? Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices. The companies said in a joint statement, adding it aims to address "potential risks to user privacy and safety." https://thehackernews.com/2024/05/apple-and-google-launch-cross-platform.html

From Our Blog

Insights from the 2024 Verizon DBIR

The 2024 Verizon DBIR highlights a nuanced and complex picture of the global cybersecurity threat landscape. Among the most striking findings is the continued rise in sophistication and frequency of cyberattacks, driven largely by a combination of global political tensions, advancements in technology, and the persistent value of data…Read more at https://riskigy.com/blog/f/insights-from-the-2024-verizon-dbir

5 Ways to Prepare for Synthetic Media Threats

The field of synthetic media has rapidly advanced with the development of generative adversarial networks, leading to the rise of deepfakes. One of the most well-known applications of synthetic media is deep fakes, which involve overlaying one person's face onto another's in videos or images using deep-learning technology like generative…Read more at https://riskigy.com/blog/f/5-ways-to-prepare-for-synthetic-media-threats

Get AI Ready with 10 Key Points on Secure AI Deployment

The Cybersecurity and Infrastructure Security Agency (CISA) has issued best practices for Deploying Secure and Resilient AI systems, expanding on the secure deployment and secure operation and maintenance sections of the Guidelines for secure AI system development. These best practices also incorporate mitigation considerations from Engaging with Artificial Intelligence (AI)…Read more at https://riskigy.com/blog/f/get-ai-ready-with-10-key-points-on-secure-ai-deployment

What You Need to Know About the IRS Dirty Dozen

Every year, taxpayers are bombarded with new schemes and tricks that unscrupulous individuals employ to defraud not only the government but often innocent individuals as well. Staying ahead of these deceptive practices...Read more at https://riskigy.com/blog/f/what-you-need-to-know-about-the-irs-dirty-dozen

Recent Data Breach News

?? MediSecure e-script firm hit by ‘large-scale’ ransomware data breach. Electronic prescription provider MediSecure in Australia has shut down its website and phone lines following a ransomware attack believed to originate from a third-party vendor. https://www.bleepingcomputer.com/news/security/medisecure-e-script-firm-hit-by-large-scale-ransomware-data-breach

?? Two backdoors dubbed LunarWeb and LunarMail were used to compromise a European government's diplomatic institutions abroad. The malware have been used to breach the Ministry of Foreign Affairs of a European country with diplomatic missions in the Middle East https://www.bleepingcomputer.com/news/security/russian-hackers-use-new-lunar-malware-to-breach-a-european-govts-agencies

?? Banco Santander warns of a data breach exposing customer info. With a strong presence in Spain, the United Kingdom, Brazil, Mexico, and the United States, Banco Santander is one of the largest in the world serving over 140 million customers. https://www.bleepingcomputer.com/news/security/banco-santander-warns-of-a-data-breach-exposing-customer-info/

?? Nissan North America (Nissan) suffered a data breach last year when a threat actor targeted the company's external VPN and shut down systems to receive a ransom. The incident exposed personal data belonging to more than 53,000 current and former employees. https://www.bleepingcomputer.com/news/security/nissan-north-america-data-breach-impacts-over-53-000-employees

?? The Singing River Health System is warning that it is now estimating that 895,204 people are impacted by a ransomware attack it suffered in August 2023. Singing River Health System is a major healthcare provider located in Mississippi. https://www.bleepingcomputer.com/news/security/singing-river-health-system-data-of-895-000-stolen-in-ransomware-attack

?? Helsinki suffers data breach after hackers exploit unpatched flaw. The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel. https://www.bleepingcomputer.com/news/security/helsinki-suffers-data-breach-after-hackers-exploit-unpatched-flaw

?? British Columbia is investigating multiple "cybersecurity incidents" that have impacted the Canadian province's government networks. "Recently, the Government of B.C. has identified sophisticated cybersecurity incidents involving government networks" https://www.bleepingcomputer.com/news/security/british-columbia-investigating-cyberattacks-on-government-networks

?? Ascension, one of the largest healthcare providers has taken some of its systems offline to investigate a "cyber security event." Ascension operates 140 hospitals and 40 senior care facilities across 19 states and the District of Columbia. https://www.bleepingcomputer.com/news/security/ascension-healthcare-takes-systems-offline-after-cyberattack

Cybersecurity Humor

Cybersecurity awareness is paramount in today's digital landscape because it involves being mindful of cybersecurity risks and best practices in day-to-day situations. It empowers individuals and organizations to understand and mitigate the dangers associated with browsing the web, checking email, and other online interactions.

The importance of cybersecurity awareness extends beyond individual safety, impacting organizations globally. By enforcing cybersecurity awareness training, companies can significantly enhance their cybersecurity posture.

Comprehensive training equips employees with the necessary skills and knowledge to identify potential cyber threats, understand the consequences of their online actions, and implement security measures to protect organizational assets.

Cybersecurity Resources

Adopting the updated NIST Cybersecurity Framework (CSF) offers numerous benefits for organizations of all sizes.?

NIST CSF 2.0 emphasizes enabling small and midsize businesses to effectively ?utilize the framework and provides a navigational guide for organizations to understand, assess, prioritize, and communicate cybersecurity risks internally and externally.

The move from NIST CSF 1.x to the updated version, NIST CSF 2.0, is significant for small businesses for several reasons, enhancing their approach to cybersecurity in an ever-evolving threat landscape. It is essential for small businesses to stay informed about the release of NIST CSF 2.0 and consider how its adoption could fortify their cybersecurity posture amid growing digital threats.

Cybersecurity Is Complex! We Are Here To Help

Riskigy provides a range of tailored services to support organizations on World Password Day 2024 and every other day!

Cyberthreats are everywhere, you don’t have to face them alone. Get Cybersecurity & Tech help from Riskigy!?