CISO Talk by James Azar
CyberHub Podcast
Cyber-attacks haunt CDK, Advance Auto Parts, Crown Equipment, Kraken Blackmail attempt, Euro 2024 News
0:00
Current time: 0:00 / Total time: -17:52
-17:52

Cyber-attacks haunt CDK, Advance Auto Parts, Crown Equipment, Kraken Blackmail attempt, Euro 2024 News

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioners breakdown the latest to bolster their cybersecurity programs

Welcome to another episode of the CyberHub Podcast, where we bring you the latest in cybersecurity news and analysis. This episode is packed with updates on data breaches, vulnerabilities, and geopolitical cyber activities.

Sponsored Message from Nudge Security

Nudge Security offers solutions to track SaaS app usage within organizations, ensuring immediate action during breaches by providing comprehensive SaaS account inventories and automated user notifications.

https://www.nudgesecurity.com/cyberhub

CDK Global Cyber Attack

CDK Global, a software provider for auto dealerships, suffered a cyber attack, impacting 15,000 dealerships across the U.S. Major clients like General Motors and Group One Automotive experienced disruptions. CDK is working to restore core systems.

Action Items:

  • Ensure incident management plans prioritize mission-critical systems.

  • Regularly test backups and restoration processes.

Crown Equipment Cyber Attack

Crown Equipment, a leading forklift manufacturer, reported a cyber attack disrupting operations in its plants. Employees were instructed to avoid MFA requests and phishing emails. Internal communication has been criticized for lack of transparency.

Action Items:

  • Emphasize communication protocols during cyber incidents.

  • Conduct regular tabletop exercises to train staff on incident response.

Advanced Auto Parts Data Breach

Advanced Auto Parts reported unauthorized activity in their database, linked to the breach of a Snowflake account. Personal data of customers and employees were potentially exposed, with a $3 million estimated damage.

Action Items:

  • Implement robust security measures for cloud storage.

  • Offer credit monitoring services to affected individuals.

T-Mobile Source Code Leak

T-Mobile denied a breach after a threat actor claimed to have stolen source code and other data. Potential exposure of telecom network blueprints, critical for national security.

Action Items:

  • Strengthen third-party security assessments.

  • Monitor and mitigate threats from insider activities.

    Share

Kraken Exchange Extortion Attempt

Security researchers attempted to extort Kraken after discovering a vulnerability. Law enforcement involvement following refusal to return exploited funds.

Phishing-as-a-Service Targeting Microsoft 365

Financial firms were targeted through phishing campaigns using QR codes and advanced evasion techniques. Compromised Microsoft 365 accounts facilitated business email compromise attacks.

Action Items:

  • Implement anti-phishing training and awareness programs.

  • Utilize advanced threat detection tools for email security.

Atlassian Vulnerability Updates

Atlassian released updates for high-severity vulnerabilities in Confluence, Crucible, and Jira. Potential unauthorized access due to broken access control and server-side request forgery vulnerabilities.

Action Items:

  • Apply software updates and patches promptly.

  • Conduct regular security assessments of critical software.

Euro 2024 DDoS Attack on Polish TVP

TVP in Poland experienced a DDoS attack disrupting the broadcast of a Euro 2024 game, attributed to Russian actors. Viewers were unable to stream the match online.

French Government's Bid for Atos Cybersecurity Division

France aims to acquire Atos' cybersecurity division for $750 million to safeguard national security interests. Ensures critical cybersecurity capabilities remain under national control, especially with upcoming Olympic Games.

Conclusion

Stay tuned for more updates on cybersecurity news. Subscribe to our podcast and follow us on social media to stay informed and cyber safe.

👀 SHOW Supporters:

Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub

✅ Story Links: 

https://thecyberexpress.com/cdk-global-cyberattack/

https://www.bleepingcomputer.com/news/security/crown-equipment-confirms-a-cyberattack-disrupted-manufacturing/

https://thecyberexpress.com/advance-auto-parts-sec-filing/

https://www.bleepingcomputer.com/news/security/t-mobile-denies-it-was-hacked-links-leaked-data-to-vendor-breach/

https://www.infosecurity-magazine.com/news/crypto-firm-kraken-cops/

https://www.securityweek.com/atlassian-patches-high-severity-vulnerabilities-in-confluence-crucible-jira/

https://www.darkreading.com/remote-workforce/onnx-microsoft-365-accounts-mfa-bypass

https://therecord.media/poland-blames-russia-ddos-euro-2024-online-broadcast

https://www.darkreading.com/cyber-risk/france-national-interests-bid-atos-cybersec

✅ Important Links to Follow: 

👉Website: https://www.cyberhubpodcast.com

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast   

Stay Connected With Us.

👉Rumble: https://rumble.com/c/c-1353861 

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.