CISO Talk by James Azar
CyberHub Podcast
🚨 Cost per Breach Released by IBM, UK Electoral Breach, VMware ESXi Target to Ransomware, Apple Updates
1×
0:00
-17:59

🚨 Cost per Breach Released by IBM, UK Electoral Breach, VMware ESXi Target to Ransomware, Apple Updates

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioner’s breakdown the latest to bolster their cybersecurity programs

Today's CyberHub Podcast covered several significant cybersecurity topics, including the rising cost of data breaches, recent high-profile vulnerabilities, and international cyber incidents.

Below is a detailed summary of each topic, along with actionable items for businesses and individuals.

Cost of Data Breaches

IBM's report revealed that the global average cost of a data breach has risen to $4.88 million, with healthcare being the most affected sector. The U.S. continues to lead in breach costs, primarily due to stringent data breach notification requirements.

Action Items:

  • Ensure cyber insurance coverage exceeds $10 million to mitigate out-of-pocket expenses.

  • Strengthen data security measures, particularly around customer personal data and intellectual property.

UK Electoral Commission Breach

The UK Electoral Commission was breached due to unpatched Microsoft Exchange vulnerabilities (ProxyShell). Sensitive voter data was exfiltrated.

VMware ESXi Vulnerability

Microsoft reported active exploitation of VMware ESXi vulnerabilities by ransomware groups.

Action Items:

  • Apply patches for ESXi 8.0 and Cloud Foundation 5.x immediately.

  • Monitor for signs of exploitation and review security configurations.

CrowdStrike Falcon Outage

Microsoft suggested that the impact of the CrowdStrike Falcon outage might have been underestimated, affecting more than the previously estimated 8.5 million machines.

Action Items:

  • Review dependencies on third-party security vendors and develop contingency plans for potential outages.

Olympics Cyber and Physical Security

Sabotage of French telecom networks and the doxxing of Israeli athletes’ data on Telegram highlight heightened cyber risks around the Olympics.

Apple Security Updates

Apple released updates for iOS and MacOS, addressing 35 security vulnerabilities, including those affecting authentication and data integrity.

Action Items:

  • Update all Apple devices to the latest software versions to protect against these vulnerabilities.

Proofpoint Misconfiguration Exploited

A misconfiguration in Proofpoint's email protection service was exploited to send phishing messages, leveraging the service's legitimacy.

Action Items:

  • Regularly review and audit security configurations and permissions.

  • Implement continuous improvement processes for security tools and practices.

Software Piracy Case Sentencing

Three individuals were sentenced for a massive software pirating operation involving Avaya licenses worth over $88 million.

TikTok Legal Battle

The U.S. DOJ is challenging ByteDance, TikTok's parent company, to divest U.S. assets by January 19, 2025, or face a ban.

Conclusion

Today's podcast emphasized the growing complexities and costs of cybersecurity incidents. Businesses and individuals alike must prioritize security measures, stay updated on vulnerabilities, and advocate for stronger regulatory frameworks.

Stay tuned for more updates and subscribe to our podcast for the latest cybersecurity news.

Share

For more information, please visit our website: 

https://www.cyberhubpodcast.com/

Leave a comment

👀 SHOW Supporters:

Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub

✅ Story Links: 

https://therecord.media/ibm-breach-report-cost-rise-to-5-million

https://www.bleepingcomputer.com/news/security/uk-govt-links-2021-electoral-commission-breach-to-exchange-server/

https://www.securityweek.com/microsoft-says-ransomware-gangs-exploiting-just-patched-vmware-esxi-flaw/

https://www.darkreading.com/application-security/microsoft-lowballs-crowdstrike-outage-impact

https://therecord.media/french-telecom-infrastructure-sabotage

https://www.securityweek.com/apple-rolls-out-security-updates-for-ios-macos/

https://www.securityweek.com/phishing-campaign-exploited-proofpoint-email-protections-for-spoofing/

https://www.darkreading.com/threat-intelligence/zeus-hacker-group-strikes-israeli-olympic-athletes-data-leak

https://www.bleepingcomputer.com/news/legal/former-avaya-employee-gets-4-years-for-88m-license-piracy-scheme/

https://thecyberexpress.com/us-department-of-justice-court-reject-tiktok/

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast   

✅ Stay Connected With Us.

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

✅ About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.

For Collaboration and Business inquiries, please use the contact information below:

📩 Email:  info@cyberhubpodcast.com 

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.