CISO Talk by James Azar
CyberHub Podcast
🚨 Crowdstrike Fallout Begins, Frostygoop ICS Malware Targets Ukraine, LA Superior Court Ransomware Attack
0:00
Current time: 0:00 / Total time: -16:23
-16:23

🚨 Crowdstrike Fallout Begins, Frostygoop ICS Malware Targets Ukraine, LA Superior Court Ransomware Attack

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioner’s breakdown the latest to bolster their cybersecurity programs

Good morning, security gang!

Here are the top stories from today’s episode of the CyberHub Podcast, hosted by James Azar.

CrowdStrike Outage Fallout

The recent CrowdStrike outage continues to impact critical infrastructure, with significant analysis emerging on the causes and potential repercussions. Technical Analysis by Zach Vorhies (@perpetualmaniac) attributed the issue to a null pointer error in C++ code, indicating a programmer error rather than a Microsoft update issue.

CrowdStrike's end-user license agreement (EULA) may shield them from liability, though a clause requiring industry best practices could be contested in court. Delta Airlines, among others, has faced substantial operational disruptions due to the outage.

CrowdStrike reports that many affected systems are back online, but the incident highlights vulnerabilities and potential legal battles over industry standards.

Action Item: Organizations should review their contracts and SLAs with cybersecurity providers to ensure clarity on accountability and response protocols for outages.

Frosty Goop Malware Targets Ukrainian ICS Systems

Dragos has detailed the Frosty Goop malware, which targeted industrial control systems (ICS) in Ukraine, leading to significant disruptions. The malware exploited a vulnerability in an internet-exposed router to access the systems of the Municipal District Energy Company in Lviv, resulting in a loss of heating during one of the coldest months. The attackers manipulated controllers to send false temperature readings, causing cold water to be pumped to residential buildings.

Action Item: Critical infrastructure providers must implement robust network segmentation and regular security audits to prevent similar attacks.

Ransomware Attack on LA Superior Court

The largest trial court in the U.S. faced a significant ransomware attack, affecting all 36 courthouse locations. The court is partially operational, focusing on restoring essential network systems. Case management and other critical systems remain disrupted, delaying legal proceedings.

Telegram Android Vulnerability: EvilVideo

ESET has discovered a vulnerability in Telegram for Android that allows malicious files to be disguised as videos. The vulnerability, termed "Evil Video," allows attackers to deliver payloads automatically fetched and executed on users' devices. Versions 10.14.4 and earlier are impacted, with users advised to update to version 10.14.5 or later.

Action Item: Telegram users should immediately update their apps and remain cautious about opening unexpected multimedia files.

DDoS for Hire Services Shutdown

UK's National Crime Agency and the Police Service of Northern Ireland have disrupted the DDoS for hire service "Digital Stress," arresting its suspected owner. Data collected from the service will aid in prosecuting its operators and users.

Sanctions on Russian Cyber Criminals

The U.S. Treasury has sanctioned two Russian individuals for cyberattacks targeting critical infrastructure. Yulia Vladimirova Pankratova and Denis Olivakis Doradchenko of the cyber group Cyber Army of Russia Reborn.

Chinese Crime Syndicate’s Illegal Gambling Operations

A Chinese crime syndicate is running a vast illegal gambling network with ties to top-tier European soccer clubs. The network is implicated in forced labor and debt-fueled schemes, leveraging relationships with clubs like Manchester United and Bayern Munich.

Action Item: Law enforcement and regulatory bodies should intensify efforts to dismantle such illegal operations and protect vulnerable individuals.

Wiz Rejects $23 Billion Google Acquisition Offer

Cloud security firm Wiz has decided to pursue an IPO instead of accepting a $23 billion acquisition offer from Google: Wiz aims to reach $1 billion in annual recurring revenue (ARR) and establish itself as a major player in the cloud security space.

Stay Updated: For more details on these stories, visit CyberHub Podcast on Substack and follow us on social media. Stay cyber safe!

Share

✅ Story Links: 

https://www.securityweek.com/crowdstrike-says-logic-error-caused-windows-bsod-chaos/

https://x.com/Perpetualmaniac/status/1814376668095754753

https://therecord.media/crowdstrike-significant-number-of-downed-devices-back-online

https://www.securityweek.com/frostygoop-ics-malware-left-ukrainian-citys-residents-without-heating/

https://www.bleepingcomputer.com/news/security/los-angeles-superior-court-shuts-down-after-ransomware-attack/

https://www.securityweek.com/telegram-zero-day-enabled-malware-delivery/

https://www.bleepingcomputer.com/news/security/police-infiltrates-takes-down-digitalstress-ddos-for-hire-service/

https://www.bleepingcomputer.com/news/security/us-sanctions-russian-hacktivists-who-breached-water-facilities/

https://www.darkreading.com/threat-intelligence/chinese-forced-labor-ring-sponsors-football-clubs-hides-behind-stealth-tech

https://thecyberexpress.com/wiz-rejects-google-opts-for-ipo/

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Website: https://www.cyberhubpodcast.com

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast   

Stay Connected With Us.

👉Rumble: https://rumble.com/c/c-1353861 

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.