CISO Talk by James Azar
CyberHub Podcast
🚨 Crowdstrike cause identified, FBI struggles with Encrypted Apps, China Selling .TOP domains, 6-Day DDoS
0:00
Current time: 0:00 / Total time: -17:23
-17:23

🚨 Crowdstrike cause identified, FBI struggles with Encrypted Apps, China Selling .TOP domains, 6-Day DDoS

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioner’s breakdown the latest to bolster their cybersecurity programs

CrowdStrike Incident Overview

CrowdStrike recently released a preliminary post-incident review concerning a faulty Falcon update. A bug allowed harmful data to bypass the content validator, leading to the crash of millions of Windows systems on July 19th. The root cause was inadequate testing and over-reliance on prior deployments. This oversight resulted in significant disruption, including major impacts on Delta Airlines.

Actions:

  • Review and reinforce zero trust validation protocols in software updates.

  • Ensure comprehensive testing, including stress testing and rollback procedures, is conducted before deployment.

DDoS Attack on UAE Financial Institution

An unnamed financial institution in the UAE faced a six-day DDoS attack, orchestrated by the group SN Black Meta, identified as pro-Palestinian hacktivists. The attack peaked at 14.7 million requests per second, severely disrupting services.

Actions:

  • Implement robust DDoS mitigation strategies and monitor traffic for abnormal patterns.

  • Collaborate with cybersecurity firms to assess and enhance defensive measures against large-scale attacks.

North Korean Hacking Operations

A new report highlights the activities of North Korean group APT-45, known for cyber espionage and data extortion. Their operations target sensitive information, including defense and R&D intelligence, often in collaboration with China.

Actions:

  • Strengthen cybersecurity protocols, particularly in sectors handling sensitive data.

  • Increase international cooperation and sanctions to deter state-sponsored cyber activities.

Internet Blackout in Bangladesh

Bangladesh is recovering from a five-day internet blackout amid deadly protests against government job quotas. The restoration is gradual, starting with essential services like hospitals and utilities.

.TOP Domain and Phishing Concerns

The .TOP domain, managed by a Chinese company, has been identified as a major source of phishing sites. ICANN has given the company until mid-August to implement anti-phishing measures or risk losing their license.

Actions:

  • Block or closely monitor .TOP domains in email filters and cybersecurity systems.

  • Be cautious of .TOP domains and avoid clicking on suspicious links.

  • GitHub Accounts and Malware Distribution

Checkpoint has uncovered a network of over 3,000 GitHub accounts distributing malware through phishing schemes. The group, known as Stargaze, has been operating since August 2022.

Actions:

  • Regularly audit GitHub repositories for malicious content.

  • Verify the authenticity of GitHub repositories before downloading any content.

Security Patches from Nvidia and Docker

Nvidia and Docker have released critical patches addressing vulnerabilities in their products. Nvidia's patches affect Jetson AI products and Mellanox networking systems, while Docker's fix addresses a critical authorization bypass vulnerability.

Actions:

  • Immediately apply the latest security patches from Nvidia and Docker to protect systems from potential exploits.

  • Stay informed about security updates and apply them promptly.

FBI's Encryption Challenges

The FBI is facing difficulties accessing encrypted data related to an assassination attempt on former President Trump. The agency has encountered challenges with decrypting communications on secure messaging apps.

For more in-depth coverage and updates, follow CyberHub Podcast on Instagram, X, and YouTube.

Stay tuned for future episodes, including a special on the cyber policies of U.S. presidential candidates. Stay cyber safe!

Share

For more information, please visit our website:  https://www.cyberhubpodcast.com/

👀 SHOW Supporters:

Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub

✅ Story Links: 

https://www.bleepingcomputer.com/news/security/crowdstrike-content-validator-bug-let-faulty-update-pass-checks/

https://therecord.media/middle-east-financial-institution-6-day-ddos-attack

https://www.securityweek.com/mandiant-shines-spotlight-on-apt45-behind-north-koreas-digital-military-machine/

https://therecord.media/bangladesh-internet-outages-ending-after-protests

https://krebsonsecurity.com/2024/07/phish-friendly-domain-registry-top-put-on-notice/

https://www.securityweek.com/network-of-3000-github-accounts-used-for-malware-distribution/

https://www.securityweek.com/nvidia-patches-high-severity-vulnerabilities-in-ai-networking-products/

https://www.securityweek.com/docker-patches-critical-authz-plugin-bypass-vulnerability-dating-back-to-2018/

https://therecord.media/encrypted-apps-a-challenge-trump-assassination-attempt-wray-fbi

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast   

Stay Connected With Us.

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.