CISO Talk by James Azar
CyberHub Podcast
🚨 AMD Investigating Breach Claims, Amtrak Security Woes, Manufacturing Ransomware data
1×
0:00
Current time: 0:00 / Total time: -15:39
-15:39

🚨 AMD Investigating Breach Claims, Amtrak Security Woes, Manufacturing Ransomware data

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioners breakdown the latest to bolster their cybersecurity

Good Morning, Security Gang!

Welcome to the CyberHub Podcast. Here are today's top cybersecurity stories:

AMD Data Breach Investigation

AMD is investigating claims by Intel Broker on Breach Forums about selling sensitive AMD data. This includes information on future products, customer and employee databases, and more. Screenshots were provided to back these claims. The breach allegedly occurred in June 2024.

Amtrak Data Breach

Amtrak disclosed a breach affecting guest rewards accounts between May 15-18, 2024. The breach involved unauthorized access due to reused usernames and passwords from previous breaches.

Action Items:

  • Update passwords regularly and avoid reusing passwords across multiple accounts.

  • Implement robust password policies and monitor for suspicious account activities.

Maxicare Security Incident

Maxicare reported unauthorized access to PII affecting around 13,000 members, less than 1% of its total population. The breach involved a third-party home care provider, with no sensitive medical information exposed.

Action Items:

  • Ensure third-party vendors comply with security protocols.

  • Monitor for any suspicious activity on personal accounts.

Panera Bread Ransomware Attack

Panera Bread likely paid a ransom following an attack that disrupted operations. A server not encrypted during the attack allowed the company to restore services.

Share

Medibank Breach Detailed

The Australia Information Commissioner detailed how misconfigurations and missed alerts led to the Medibank breach in October 2022, impacting 9.7 million people. The breach started with stolen credentials due to insecure browser practices by a contractor.

Action Items:

  • Enforce MFA and secure handling of credentials.

  • Use password managers and avoid storing sensitive information in browsers.

Rise in Ransomware Attacks in Manufacturing

Sophos reports a five-year high in ransomware attacks on manufacturing and production organizations, with increased ransom payments averaging $2.4 million last year.

Action Items:

For Manufacturing Firms: Strengthen cybersecurity defenses and response strategies.

For Executives: Budget for potential ransomware costs and recovery efforts.

FTC Complaint Against TikTok

The FTC has filed a complaint against TikTok for data privacy practices, referring the matter to the DOJ.

Burnout Costs in Cybersecurity

A study by Hack the Box reveals significant productivity losses due to cybersecurity staff burnout, costing enterprises in the US and UK up to $756 million annually.

Action Items:

For Managers: Implement measures to prevent employee burnout.

For Employees: Seek support and manage workloads to prevent burnout.

Vermont Privacy Bill Update

The Vermont landmark privacy bill failed to pass after the Senate was unable to override the veto.

Closing Notes:

Thank you for tuning in. Remember to subscribe, share, and follow us for the latest updates. Stay cyber safe, and check out Nudge Security for managing your SaaS infrastructure. Until next time, stay vigilant and secure!

Stay Cyber Safe!

👀 SHOW Supporters:

Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub

✅ Story Links: 

https://www.securityweek.com/amd-investigating-breach-claims-after-hacker-offers-to-sell-data/

https://www.darkreading.com/cyberattacks-data-breaches/hackers-amtrak-guest-rewards-accounts-breach

https://thecyberexpress.com/maxicare-data-breach-booking-info-expossed/

https://www.bleepingcomputer.com/news/security/panera-bread-likely-paid-a-ransom-in-march-ransomware-attack/

https://www.bleepingcomputer.com/news/security/scathing-report-on-medibank-cyberattack-highlights-unenforced-mfa/

https://www.cybersecuritydive.com/news/ransomware-manufacturing-sector/719020/

https://therecord.media/ftc-files-complaint-tiktok-data-privacy

https://www.infosecurity-magazine.com/news/cybersecurity-burnout-costing-700m/

https://therecord.media/vermont-landmark-privacy-bill-killed

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Website: https://www.cyberhubpodcast.com

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast   

✅ Stay Connected With Us.

👉Rumble: https://rumble.com/c/c-1353861 

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

✅ About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.