Cyble Chronicles -August 23rd: Latest Findings & Recommendations for the Cybersecurity Community
Cyble's newsletter covers the discovery of Cheana Stealer malware targeting VPN users, critical vulnerabilities in Atlassian products, and the surge in software supply chain attacks. Cyble is also recognized in Gartner's 2024 Hype Cycle Report and is launching a new Industry Workshop Series in Australia on cyber readiness. Stay updated with the latest insights!?
New Cheana Stealer Targets VPN Users Across Multiple Operating Systems?
Cyble Research and Intelligence Lab (CRIL) uncovered a phishing site masquerading as a VPN provider, targeting Windows, Linux, and macOS users. The site distributes stealer malware across these platforms, focusing on cryptocurrency data, browser credentials, and SSH keys. Linked to a Telegram channel with over 54,000 subscribers, the site shifted from offering legitimate VPN services to malware distribution, with recent registrar changes.??
Read the complete CRIL analysis here.??
Comprehensive Analysis of Critical Vulnerabilities in Atlassian Products?
CERT-In’s August 2024 bulletin urges immediate updates for Atlassian products due to critical vulnerabilities, including code execution and privilege escalation. Affected products include Bamboo, Confluence, Jira, and Crowd. Key issues involve CVE-2024-21689 in Bamboo and CVE-2024-37768 in Jira. Regular updates and diligent security monitoring are essential to prevent data breaches and service disruptions.?
Analyze the complete incident here.?
Surge in Software Supply Chain Attacks Demands Heightened Third-Party Vigilance?
In 2024, software supply chain attacks occur every two days, with U.S. companies and IT providers being the most frequent targets. Other heavily targeted regions include the UK, Australia, Germany, India, and Japan, with sectors like aerospace and healthcare particularly vulnerable. These attacks are highly damaging due to their extensive reach and exploitation of customer data. A defense-in-depth strategy with zero trust and secure coding practices is critical for mitigating these risks. ??
领英推荐
Explore the full Cyble Research and Intelligence Labs (CRIL) analysis here.??
Cyble Recognized in Gartner’s Report on Digital Risk Protection Services: Hype Cycle for Cyber-Risk Management, 2024?
On July 22, 2024, Gartner Hype Cycle Report recognized Cyble as a sample vendor in Digital Risk Protection Services for Cyber Risk Management. The report highlights the growing importance of cyber-risk management for executives and regulators and reviews various techniques for effective governance, risk management, and compliance. Cyble is noted for setting new standards in Digital Risk Protection Services. To know more, click here.??
?Cyble Launches Industry Workshop Series in Australia: Tackling Cyber Readiness?
Cyble is excited to announce the launch of its Industry Workshop Series in Australia, beginning with a session on "Australian Cyber Readiness: Gaps and Solutions" by Prakash Krishnan from EY's APAC Cybersecurity Managed Service. The event will take place on August 28, 2024, at Western Sydney University, offering attendees the chance to engage with experts and gain valuable insights.?
Check your Cyber Risk Today!??
Start a 14-day trial with our experts and experience firsthand how Cyble’s advanced AI-powered Cyber Threat Intelligence can strengthen your cybersecurity posture.?