Cyber Weekly Newsletter
Riskigy Cybersecurity & Tech Advisors
Fractional Cybersecurity and Tech compliance leadership and consulting for start-up, emerging and beyond!
Cyber Weekly Newsletter for Friday September 20th, 2024
The weekly Security, Tech and Cybercrime newsletter from Riskigy's vCISO Cybersecurity team
Cybersecurity awareness tips and alerts from Riskigy to empower your team to #BeCyberSmart #CyberAware
This Weeks Need-to-Know News and Alerts
?? Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors. https://www.bleepingcomputer.com/news/security/over-1-000-servicenow-instances-found-leaking-corporate-kb-data/ ?
?? Apple pulls iPadOS 18 update bricking M4 iPad Pro devices. Apple has paused the rollout of iPadOS 18 on iPad Pro tablets with the M4 chip after numerous owners reported "bricking" their devices, with no way to turn them on after performing the update. https://www.bleepingcomputer.com/news/apple/apple-pulls-ipados-18-update-bricking-m4-ipad-pro-devices/
?? Windows Zero-Day Actively Exploited! CISA Warns of Infostealer Attacks. CISA is warning of a Windows MSHTML vulnerability identified as CVE-2024-43461, exploited in malware attacks by the Void Banshee APT group. https://www.bleepingcomputer.com/news/security/cisa-warns-of-windows-flaw-used-in-infostealer-malware-attacks ?
?? Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing. The improvements to Safety Check allow it to run automatically in the background, notifying users of the actions it has taken, such as revoking permissions for websites. https://thehackernews.com/2024/09/chrome-introduces-one-time-permissions.html ?
?? Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector. Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. https://thehackernews.com/2024/09/microsoft-warns-of-new-inc-ransomware.html ?
?? Ivanti warns of another critical CSA flaw exploited in attacks. Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. https://www.bleepingcomputer.com/news/security/ivanti-warns-of-another-critical-csa-flaw-exploited-in-attacks/ ?
?? FTC exposes massive surveillance of kids, teens by social media giants. A Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children. https://www.bleepingcomputer.com/news/technology/ftc-exposes-massive-surveillance-of-kids-teens-by-social-media-giants/ ?
?? Ransomware incidents with demands as high as $80 million being the highest amount paid in response to an attack are the leading cause of cyber claims for small to medium-sized enterprises, NetDiligence said in its 14th annual Cyber Claims Study. https://www.businessinsurance.com/ransomware-leading-cause-of-sme-cyber-claims-study/ ?
?? Concerns Over Supply Chain Attacks on US Seaports Grow. US ports rely on cranes manufactured by a Chinese state-owned company, many with unmonitored cellular connections, causing cybersecurity concerns. https://www.darkreading.com/ics-ot-security/concerns-supply-chain-attacks-us-seaports-grow ?
?? Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet. vCenter Server is the central management hub for VMware's vSphere suite. https://www.bleepingcomputer.com/news/security/broadcom-fixes-critical-rce-bug-in-vmware-vcenter-server ?
?? D-Link has recently addressed three critical and two high-severity vulnerabilities in three widely used wireless router models, allowing remote attackers to execute arbitrary code or gain access using hardcoded credentials. https://www.bleepingcomputer.com/news/security/d-link-fixes-critical-rce-hardcoded-password-flaws-in-wifi-6-routers ?
?? NFL Teams Block & Tackle Cyberattacks in a Digital World. As the 104th season of the National Football League kicks off, expect cyberattacks aimed at its customers, players, and arenas. https://www.darkreading.com/cybersecurity-operations/nfl-block-tackle-cyberattacks-digital-world ?
From Our Blog
? FINRA Warns Third-Party Risks on the Rise
As the financial industry continues to embrace external services to optimize operations, the risks associated with third-party providers have become increasingly significant. FINRA's Cybersecurity Advisory sheds light on the escalating cybersecurity risks that come with the growing reliance on third-party vendors. …Read more at https://riskigy.com/f/finra-warns-third-party-risks-on-the-rise ?
? 'Take A Beat' with the FBI's new Campaign Targeting Scammers
'Take A Beat' with the FBI's new Campaign Targeting Scammers. In response to the growing threat, the FBI has launched a nationwide campaign called “Take A Beat” to raise awareness and enhance defenses against fraudulent activities. Learn more now at https://riskigy.com/f/take-a-beat-with-the-fbis-new-campaign-targeting-scammers ?
? Preparing for National Cybersecurity Awareness Month October 2024
October is a time for Football, Halloween and Cybersecurity Awareness. Since 2004, the President of the United States and Congress have declared October Cybersecurity Awareness Month, dedicated to raising awareness about the importance of cybersecurity in both the public and private sectors.…Read more https://riskigy.com/blog/f/preparing-for-national-cybersecurity-awareness-month-october-2024 ?
? Mitigating Data Breach Costs in 2024
Recently, IBM released its 19th annual Cost of a Data Breach Report, highlighting the increasing costs and disruptions caused by data breaches, with the global average cost reaching $4.88 million in 2024. Among the report's key findings are the impact of staff shortages and data visibility gaps on breach costs… Read more at https://riskigy.com/blog/f/mitigating-data-breach-costs-in-2024
? New Guidance Amid Recent High Profile Insider Threats
Organizations across various sizes and industries face the risk of insider threats, both intentional and unintentional. To address this, the Cybersecurity and Infrastructure Security Agency (CISA) has published the "Resources for Onboarding and Employment Screening Fact Sheet." AI is increasingly being leveraged to create fake workers and scam employers in various ways...Read more at https://riskigy.com/blog/f/new-guidance-amid-recent-high-profile-insider-threats
Recent Data Breach News
?? Fortinet confirms data breach after hacker claims to steal 440GB of files. Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from a Microsoft Sharepoint server. https://www.bleepingcomputer.com/news/security/fortinet-confirms-data-breach-after-hacker-claims-to-steal-440gb-of-files ?
?? Transport for London (TfL) says that all staff (roughly 30,000 employees) must attend in-person appointments to verify their identities and reset passwords. https://www.bleepingcomputer.com/news/security/tfl-requires-in-person-password-resets-for-30-000-employees-after-hack ?
领英推荐
?? Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms. Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product's default credentials. https://thehackernews.com/2024/09/hackers-exploit-default-credentials-in.html ???
?? Temu denies it was hacked or suffered a data breach after a threat actor claimed to be selling a stolen database containing 87 million records of customer information. The threat actor put the alleged data up for sale on the BreachForums hacking forum. https://www.bleepingcomputer.com/news/security/temu-denies-breach-after-hacker-claims-theft-of-87-million-data-records/ ????
?? Kawasaki Motors Europe has announced that it's recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data. https://www.bleepingcomputer.com/news/security/ransomhub-claims-kawasaki-cyberattack-threatens-to-leak-stolen-data ?
?? Port of Seattle shares ransomware attack details. The Port (which also operates the Seattle-Tacoma International Airport) saying it had “experienced certain system outages indicating a possible cyberattack. https://techcrunch.com/2024/09/15/port-of-seattle-shares-ransomware-attack-details ?
Prepare now for National Cybersecurity Awareness Month 2024
October marks the annual Cybersecurity Awareness Month, a collaborative effort ?between government and industry to increase the understanding of cyber ?threats and promote the importance of cybersecurity practices. Launched ?in 2004, this initiative encourages everyone to ensure their digital ?lives are secure.
During Cybersecurity Awareness Month, businesses can take several proactive ?steps to improve their cybersecurity posture and engage their employees. ?Here are some recommended actions:
1. Conduct Cybersecurity Training and Awareness Programs
2. Review and Update Cybersecurity Policies
3. Engage in Community Initiatives
By implementing these activities ?and emphasizing the importance of cybersecurity, businesses can ?significantly reduce their risk of cyber attacks and create a safer ?digital environment.
Cybersecurity Is Complex! We Are Here To Help
Cyberthreats are everywhere, you don’t have to face them alone. Get Cybersecurity & Tech help from Riskigy!
? Looking for an expert to assist your firm or clients??
? Need a pro to explain Tech or Cyber to your management??
? Vetting a new investment or acquisition??
? Want to build a cyber aware staff??
? Need immediate assistance with an incident??
? Considering adding a vCISO or vCTO to your team?
? Seeking help with SOC2, FINRA/SEC, or Cyber Insurance readiness?