Cyber Weekly Newsletter

The weekly Security, Tech and Cybercrime newsletter from Riskigy's vCISO Cybersecurity team

Cybersecurity awareness tips and alerts from Riskigy to empower your team to #BeCyberSmart #CyberAware

This Weeks Need-to-Know News and Alerts

??Palo Alto Networks disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices. The flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), impacts PAN-OS versions 10.X and 11.X. https://thehackernews.com/2024/12/palo-alto-releases-patch-for-pan-os-dos.html?

??SEC Disclosures Up, But Not Enough Details Provided. While companies have responded to the new SEC rules by disclosing incidents promptly, many reports don't meet the SEC's "material" standard, most reports do not include the material impact of incidents https://www.darkreading.com/cyber-risk/sec-disclosures-up-but-not-enough-details?

??The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database. https://thehackernews.com/2024/12/critical-sql-injection-vulnerability-in.html ?

??Adobe released out-of-band security updates to address a critical ColdFusion vulnerability with proof-of-concept (PoC) exploit code. An advisory released Monday, the company says the flaw (tracked as CVE-2024-53961) is caused by a path traversal weakness. https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-coldfusion-bug-with-poc-exploit-code ?

??New botnet exploits vulnerabilities in NVRs, TP-Link routers. The campaign started in October and targets multiple network video recorders and TP-Link routers with outdated firmware to conduct distributed denial of service (DDoS) attacks. https://www.bleepingcomputer.com/news/security/new-botnet-exploits-vulnerabilities-in-nvrs-tp-link-routers ?

??FTC orders Marriott International and Starwood Hotels to implement a customer data security scheme following failures that led to massive data breaches. In 2014, Starwood’s systems were hacked, exposing customer data, with disclosure delayed by 14 months. https://www.bleepingcomputer.com/news/security/ftc-orders-marriott-and-starwood-to-implement-strict-data-security?

??Microsoft has rolled out a fix for a known issue that causes random "Product Deactivated" errors for customers using Microsoft 365 Office apps. The errors are triggered by licensing changes initiated by administrators. https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-behind-random-office-365-deactivation-errors?

??Synology patches critical vulnerabilities, urges users to update devices against zero-click attacks. By addressing these flaws, Synology has ensured users who apply the updates can better protect their devices from potential attacks. https://www.techradar.com/pro/synology-patches-critical-vulnerabilities-urges-users-to-update-devices-against-zero-click-attacks ?

??US authorities are investigating whether TP-Link poses a national-security risk and are considering banning the devices as hijacked routers fuel Chinese attacks. Founded in China, TP-Link makes routers popular in US homes and businesses. https://arstechnica.com/tech-policy/2024/12/report-us-considers-banning-tp-link-routers-over-security-flaws-ties-to-china/ ?

??Botnets Exploit Old D-Link Vulnerabilities for Global Attacks. Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten. https://thehackernews.com/2024/12/ficora-and-kaiten-botnets-exploit-old-d.html?

??Wave of high-profile cyberattacks on US water utilities over the past year has just kept flowing. The US water sector suffered a stream of cyberattacks over the past year and half, from cybercriminals, hacktivists, and nation-state hacking teams. https://www.darkreading.com/ics-ot-security/hackers-hot-water-utilities ??

From Our Blog

? Top Cybersecurity Threats to Businesses During the Holiday Season

The December holiday season is a time of increased online activity, making it a prime target for cybercriminals. The season is characterized by increased online transactions, distracted employees, and often, reduced staff…Read more at https://riskigy.com/blog/f/ai-has-changed-phishing-attacks-from-bad-to-worse?

? FBI Issues warning about Fraudulent Emergency Data Requests

The Federal Bureau of Investigation (FBI) has released a notification to highlight a trend of compromised US and foreign government email addresses used to conduct fraudulent emergency data requests. Fraudulent Emergency Data Requests (EDRs) are a growing cybersecurity threat where hackers impersonate law enforcement officials to obtain sensitive user data from technology companies and service providers....Read more at https://riskigy.com/blog/f/fbi-issues-warning-about-fraudulent-emergency-data-requests?

? How to Avoid Common Password Mistakes

Passwords play a critical role in business security, making proper management essential. At the forefront of this topic is the National Institute of Standards and Technology (NIST), which recently released updated guidelines outlining technical requirements and recommendations for password management and authentication…Read more at https://riskigy.com/blog/f/how-to-avoid-common-password-mistakes

? AI is the new Boogeyman: Outspooking Freddy, Jason, and Michael

Horror movies? Pfft. Child's play! We've all been at the edge of our seats watching Freddy Krueger show up in dreams with those fashionable knives-for-fingers gloves, Jason Voorhees make camping the worst idea ever, and Michael Myers basically ruin Halloween for everyone in Haddonfield. Learn more now at https://riskigy.com/blog/f/ai-is-the-new-boogeyman-outspooking-freddy-jason-and-michael?

? Defending the Human Element in Cyber Attacks

The human element in cybersecurity refers to the behaviors, interactions, and decisions made by people that impact the security of information technology systems. These can include actions as simple as choosing a password, clicking a link in an email, or sharing sensitive information… Read more at https://riskigy.com/blog/f/defending-the-human-element-in-cyber-attacks

Recent Data Breach News

??European Space Agency's official web shop was hacked as it started to load a piece of JavaScript code that generates a fake Stripe payment page at checkout. The web store is now showing a message that it is “temporarily out of orbit.” https://www.bleepingcomputer.com/news/security/european-space-agencys-official-store-hacked-to-steal-payment-cards/ ?

??Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to respond to the demands. Clop leveraged a zero-day vulnerability in Cleo LexiCom, VLTransfer, and Harmony. https://www.bleepingcomputer.com/news/security/clop-ransomware-is-now-extorting-66-cleo-data-theft-victims?

??BeyondTrust says hackers breached Remote Support SaaS instances. BeyondTrust customers hit by wave of attacks linked to compromised API key. The cybersecurity vendor said an attacker compromised its access-management tool and reset customer passwords. https://www.cybersecuritydive.com/news/beyondtrust-customers-attacks/736203/ ???????????

??ConnectOnCall has disclosed a data breach impacting the personal information of more than 900,000 individuals. A digital, on-call answering solution, ConnectOnCall enables healthcare providers to manage after-hour calls, patient communication and care. https://www.securityweek.com/900000-people-impacted-by-connectoncall-data-breach ???

?? Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents' personal information after the Brain Cipher ransomware gang hacked its systems. The incident was discovered on December 5, 2024. https://www.bleepingcomputer.com/news/security/rhode-island-confirms-data-breach-after-brain-cipher-ransomware-attack ?

??The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November. As of December 2023, it employed 22,800 people in 40 countries. https://www.bleepingcomputer.com/news/security/krispy-kreme-breach-data-theft-claimed-by-play-ransomware-gang/?

Blog Post Spotlight

Defending the Human Element in Cyber Attacks

In the dynamic world of cybersecurity, technology often takes center stage, with discussions typically revolving around firewalls, encryption, and the latest in intrusion detection systems. However, the human element remains the most critical vulnerability in any organization's security protocol. Cyber attackers frequently exploit human behaviors, from poor password practices to susceptibility to phishing scams, making it essential to bolster this weak link.?

Here’s how organizations can enhance their defenses by focusing on the human aspect of cybersecurity.

Understanding the Human Element

The human element in cybersecurity refers to the behaviors, interactions, and decisions made by people that impact the security of information technology systems. These can include actions as simple as choosing a password, clicking a link in an email, or sharing sensitive information over insecure channels. The fact is, even the most robust technological defenses can be undermined by a single careless act.

1. Continuous Education and Training

The first line of defense against cyber threats targeting the human element is ongoing education and training. Organizations must implement comprehensive cybersecurity awareness programs that are engaging and accessible. Training modules should be updated regularly to cover recent threats, and they should be mandatory for all employees, regardless of their role.

Key strategies include:

• Simulated Phishing Exercises: Conduct regular simulations to teach employees how to spot phishing attempts, helping them identify the signs of a malicious email or message.
• Security Workshops: Host workshops that discuss common security threats and the importance of following best practices.

2. Establishing a Security-Focused Culture

Creating a culture that prioritizes cybersecurity can significantly enhance collective vigilance. In a security-focused culture, every member of the organization is encouraged to take ownership of their role in protecting the company's assets.

Effective tactics involve:

• Open Communication Channels: Encourage employees to report suspicious activities without fear of reprisal.
• Reward Systems: Implement a reward system for employees who proactively strengthen cybersecurity, such as identifying potential threats or enhancing existing protocols.

3. Implementing Strict Access Controls

Limiting access to sensitive information on a "need-to-know" basis is crucial. Access controls should be stringent and regularly reviewed to ensure that privileges are aligned with job requirements.

Considerations include:

• Role-Based Access Control (RBAC): Assign access rights based on the roles within the organization.
• Regular Access Reviews: Periodically review access rights to ensure they are still appropriate, especially following role changes.

4. Enhancing Authentication Processes

Strong authentication processes reduce the risk of unauthorized access. Multi-factor authentication (MFA) should be mandatory, particularly for accessing critical systems.

Recommendations for MFA include:

• Biometric Verification: Incorporate biometric verification methods such as fingerprint or facial recognition.
• Hardware Authentication Tokens: Use physical devices that generate time-based, one-time passcodes.

5. Fostering Psychological Security

The psychological aspect of cybersecurity, such as the stress associated with maintaining security or fear of reporting mistakes, often goes overlooked. Addressing these can reduce the likelihood of human errors.

Strategies to consider:

• Regular Feedback and Support: Provide regular feedback and support to employees on cybersecurity matters.
• Encourage Reporting of Mistakes: Foster an environment where employees can report mistakes without fear of negative consequences.

Takeaways

Defending the human element in cybersecurity requires a holistic approach that integrates continuous education, culture change, and enhanced security measures. By focusing on human behavior alongside technological defenses, organizations can build a more resilient security posture. As cyber threats continue to evolve, the human element will remain both a vulnerability and a critical line of defense. Prioritizing human-centered strategies is not just about preventing attacks; it’s about building a stronger, more aware workforce capable of tackling the complex challenges of tomorrow’s cyber landscape.

Cybersecurity Is Complex! We Are Here To Help

Cyberthreats are everywhere, you don’t have to face them alone. Get Cybersecurity & Tech help from Riskigy!

?Looking for an expert to assist your firm or clients??

?Need a pro to explain Tech or Cyber to your management??

?Vetting a new investment or acquisition??

?Want to build a cyber aware staff??

?Need immediate assistance with an incident??

?Considering adding a vCISO or vCTO to your team?

?Seeking help with SOC-2, SEC/FINRA, or FTC readiness?

Contact us to discuss how we can assist!