Cyber Weekly Newsletter
Riskigy Cybersecurity & Tech Advisors
Fractional Cybersecurity and Tech compliance leadership and consulting for start-up, emerging and beyond!
The weekly Security, Tech and Cybercrime newsletter from Riskigy's vCISO Cybersecurity team
Cybersecurity awareness tips and alerts from Riskigy to empower your team to #BeCyberSmart #CyberAware
This Weeks Need-to-Know News and Alerts
???Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. https://thehackernews.com/2024/02/microsoft-rolls-out-patches-for-73.html
?? The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. https://thehackernews.com/2024/02/bumblebee-malware-returns-with-new.html
?? Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the vendor gradually patched. https://www.bleepingcomputer.com/news/security/over-13-000-ivanti-gateways-vulnerable-to-actively-ex...
?? Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations. https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html
?? The US Department of State is offering $10 million for information that can lead to identifying key leadership members of the Hive ransomware crime group, in tandem with the takedown of the group's infrastructure. https://www.darkreading.com/cybersecurity-operations/us-department-of-state-offers-millions-to-find-...
?? Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT). https://www.bleepingcomputer.com/news/security/hackers-used-new-windows-defender-zero-day-to-drop-da...
?? Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. https://www.bleepingcomputer.com/news/security/fcc-orders-telecom-carriers-to-report-pii-data-breach...
?? Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps. Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come. https://www.darkreading.com/cloud-security/senior-executives-targeted-ongoing-azure-account-takeover
?? CISA announced that it's partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories. https://thehackernews.com/2024/02/cisa-and-openssf-release-framework-for.html
?? FBI warns of romance scams to watch out for ahead of Valentine's Day. The FBI said that in 2022 alone, it received thousands of complaints about scams — with victims losing nearly $740 million. https://www.nbcnewyork.com/better-get-baquero/fbi-warns-of-romance-scams-to-watch-out-for-ahead-of-v...
?? Microsoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update. https://www.bleepingcomputer.com/news/microsoft/microsoft-outlook-clients-not-syncing-over-exchange-...
?? ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers. https://www.bleepingcomputer.com/news/security/expressvpn-bug-has-been-leaking-some-dns-requests-for...
?? The RansomHouse ransomware operation has created a new tool named 'MrAgent' that automates the deployment of its data encrypter across multiple VMware ESXi hypervisors. https://www.bleepingcomputer.com/news/security/ransomhouse-gang-automates-vmware-esxi-attacks-with-n...
?? A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. https://thehackernews.com/2024/02/ivanti-pulse-secure-found-using-11-year.html
From Our Blog
? Cybersecurity Lessons Learned from WWS Cyber Attacks?
To address the recent cyber attacks against the Water and Wastewater Systems (WWS) sector, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Environmental Protection Agency (EPA) published a guide providing best practices for cyber incident response and information on federal resources to owners and operators in the sector. Although the guide was written for the WWS sector, it is a useful resource for organizations in all sectors to improve their incident response plans and procedures. Read more now at https://riskigy.com/blog/f/cybersecurity-lessons-learned-from-wws-cyber-attacks
? Ransomware Extortion Gets Personal
Ransomware attacks have become increasingly widespread and sophisticated, targeting individuals, businesses, and now even the healthcare sector. Along with ransomware, attackers added ruthless extortion tactics to their arsenal to pressure organizations into paying ransom. One especially egregious tactic currently used against healthcare providers is “swatting,” leaving them with the difficult choice of paying up or witnessing patients suffer the consequences. Read more now at https://riskigy.com/blog/f/ransomware-extortion-gets-personal
领英推荐
? FINRA Annual Report Takeaways?
The 2024 FINRA Annual Regulatory Oversight Report (the Report) provides member firms with insight into findings from FINRA’s Member Supervision, Market Regulation and Enforcement programs (collectively, “regulatory operations programs”). The Report for member firms as an information source they can use to strengthen their compliance programs. A Fractional Chief Information Security Officer (CISO) can play a significant role in assisting with FINRA cybersecurity and technology recommendations. Read more now at https://riskigy.com/blog/f/finra-annual-report-takeaways?
? Prepare for Living Off the Land Attacks
In response to the rise of threat actors linked to China and Russia, including the advanced persistent threat group Volt Typhoon, leveraging living off the land (LOTL) attacks, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other agencies released a joint guide to provide information on common LOTL techniques and gaps in cyber defense capabilities.?Read more now at https://riskigy.com/f/prepare-for-living-off-the-land-attacks
Recent?Data Breach News
???A misconfigured cloud storage server belonging to automotive giant BMW exposed sensitive company information, including private keys and internal data https://techcrunch.com/2024/02/14/bmw-security-lapse-exposed-sensitive-company-information-researche...
?? Prudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later. https://www.bleepingcomputer.com/news/security/prudential-financial-breached-in-data-theft-cyberatta...
?? A threat actor leaked 200,000 records on a hacker forum, claiming they contained the mobile phone numbers, email addresses, and other personal information of Facebook Marketplace users. https://www.bleepingcomputer.com/news/security/200-000-facebook-marketplace-user-records-leaked-on-h...
?? Bank of America is warning customers of a data breach exposing their personal information after Infosys McCamish Systems (IMS), one of its service providers, was hacked last year. https://www.bleepingcomputer.com/news/security/bank-of-america-warns-customers-of-data-breach-after-...
?? The prolific ransomware gang LockBit has claimed responsibility for hacking one of India’s top brokerage firms, Motilal Oswal. Indian authorities say they are aware and investigating the incident. https://techcrunch.com/2024/02/15/lockbit-ransomware-cyberattack-india-brokerage-firm-motilal-oswal/
?? The startup that develops the phone app for casino resort giant WinStar has secured an exposed database that was spilling customers’ private information to the open web. https://techcrunch.com/2024/02/09/winstar-hotel-casino-app-exposed-customer-personal-data/
Cybersecurity Resources
Looking for Cybersecurity Policy templates??
See our latest Policy - ChatGPT Generative AI Use Policy Template: Generative Ai and large language model (LLM) platforms already have millions of users. While most people were initially using the publicly available version of ChatGPT (and others) for personal tasks, many have started to use it for work-related projects without understanding the associated risks and what policies companies should consider implementing to reduce those risks.
The Riskigy Cyber Weekly Newsletter first launched in 2019 and as we approach the 5 year anniversary of the Cyber Weekly Newsletter we are moving the newsletter exclusively to our LinkedIn company homepage.
The move has several benefits including
Follow the link below to subscribe or use the button