Infosec K2K Cyber News Of The Week - Friday 5th July

Welcome to Infosec K2K’s Weekly News Update! As technology continues to advance, so do the risks associated with it. Every week, we gather the latest news and insights on cyber threats, data breaches, and other essential topics in the world of cyber security.

In The News This Week

思科 patched a zero-day vulnerability in its NX-OS software earlier this week The vulnerability, classed as CVE-2024-20399, had been exploited by Chinese state-backed hackers, Velvet Ant Group in an attack that was discovered in April. The flaw allowed local authenticated attackers to execute root commands via crafted CLI inputs. Velvet Ant’s attack was uncovered by the cyber security vendor Sygnia - they had used it to deploy custom malware on compromised Cisco Nexus switches, enabling remote access and code execution.?

Find out more on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/cisco-patches-zeroday-bug-chinese/

An Australian man has been charged with running a fake Wi-Fi scam on domestic flights in order to steal user credentials and data. The 42-year-old allegedly set up fake free Wi-Fi networks to capture personal information from unsuspecting passengers. The @Australian Federal Police (AFP) launched an investigation after an airline reported a suspicious Wi-Fi network. The suspect used a portable wireless device, laptop, and mobile phone to stage ‘evil twin’ Wi-Fi attacks in various locations, and he faces up to 23 years in prison if convicted.

Find out more on @TheHackerNews : https://thehackernews.com/2024/07/australian-man-charged-for-fake-wi-fi.html

In the first half of 2024, the average ransom demand reached $5.2 million, according to research by Comparitech . The highest demand was $100 million, after an attack on India’s Regional Cancer Center, followed by a $50 million demand issued to UK pathology provider Synnovis. Over 421 ransomware attacks were confirmed, affecting around 35.3 million records. Private businesses experienced the most incidents, with healthcare and government also significantly impacted. LockBit was the most active ransomware group, and was responsible for 48 attacks.

Find out more on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/ransomware-demands-staggering-5m/ ?

Half of employees fear punishment if they were to report a security mistake, according to a Think Cyber Security Ltd Security Ltd report. Only 51% of respondents believe that most of their colleagues are focused on security. The behaviours that cyber security professionals are concerned about are clicking malicious links (53%) and sharing data (53%) or passwords (51%). The report also highlights doubts about the effectiveness of current security awareness training, with 42% unable to prove behaviour changes and 60% saying they are given infrequent training.

Find out more on Infosecurity Magazine : https://www.infosecurity-magazine.com/news/employees-fear-punishment-reporting/

The Stats This Week

40%

A new report by @BlackBerry has revealed a 40% rise in novel malware use in Q1 of 2024 compared to the previous quarter, which is also five times higher than a year ago. Critical infrastructure was the prime target, with 60% of attacks aimed at the sector. The report also highlights an increase in the exploitation of common vulnerabilities, and blamed major ransomware groups like Hunters International and LockBit. Blackberry warned of the growing threat from novel malware and the need for enhanced security measures.

Find out more on Tech Monitor : https://www.infosecurity-magazine.com/news/cloud-breaches-half-organizations/ ?

1 million

A data leak at Quoality - Hospitality Guest Experience Platform, an Indian hotel management services company, has exposed the data of one million guests, including addresses, phone numbers, and credit card details. Quolity have developed a guest management platform called Guest Experience (GX), which is used throughout the hospitality industry. The breach was caused by a misconfigured Elastic cluster - an open-source search and analytics engine. Cybernews researchers discovered the vulnerability, and Quoality has since secured their data, but they haven’t yet responded to requests for comment.

Find out more on Cybernews : https://cybernews.com/security/quoality-data-leak/ ?

91%

91% of CISOs believe that AI will outperform security professionals. Cyber security leaders are conflicted about AI's role in security, according to a report by @Bugcrowd. While 89% of the 209 CISOs surveyed believe that cyber threats are increasing in severity, 70% plan to reduce their security team headcount over the next five years because of AI adoption. Despite 88% acknowledging the growing difficulty of security roles, 58% believe AI's risks outweigh its potential, highlighting the uncertainty surrounding AI in the face of evolving threats and the cyber security skills gap.

Find out more on DIGIT.FYI : https://www.digit.fyi/cisos-are-conflicted-on-ai-in-cybersecurity/ ?

Thoughts from Infosec K2K

Not only did BlackBerry’s recent Global Threat Intelligence report show a 40% increase in the use of novel malware in Q1 of 2024, but it also showed that critical infrastructure is a prime target, with 60% of cyber attacks targeting the sector. Novel malware, which is characterised by new and unknown hacking methods, presents a significant challenge due to its difficulty to detect and combat. This kind of malware results in longer response and defence times, which makes critical infrastructure businesses especially vulnerable - underscoring the urgent need for robust OT security.

The report also showed that the financial sector suffered the most (40% of the attacks on critical infrastructure were on finance businesses), followed by healthcare, utilities, and government. The surge in novel malware attacks highlights the adaptability of threat actors. Critical infrastructure entities, being integral to national security and daily operations, can’t afford the downtime and data breaches that are caused by such attacks. Implementing specialised OT security solutions, such as the kind that we offer at Infosec K2K, is essential to protect these vital systems.

What’s more, the increasing exploitation of common vulnerabilities by cybercriminals adds yet another layer of risk. The report found a rise in the number and severity of these vulnerabilities, with 56% scoring seven out of ten on the severity scale. Traditional cyber security defences are clearly no longer sufficient. Businesses in the critical infrastructure sector must turn to advanced OT security solutions that provide continuous monitoring, timely vulnerability assessments, and proactive threat mitigation if they want to stay one step ahead of evolving cyber threats.

Read more on Blackberry : https://www.blackberry.com/us/en/solutions/threat-intelligence/threat-report ?

—

Got questions about this week’s news? We’re here to help! Learn how best to bolster your cyber security defences by getting in touch with our expert team at Infosec K2K.?

Stay updated on all things #CyberSecurityNews when you subscribe to our weekly newsletter by clicking 'Subscribe' at the top of this page!