In the latest episode of the Cyber Hub podcast, aired on December 5, 2023, host James Azar delved into a range of pressing cybersecurity issues affecting the United States and other countries. The episode, rich in content and insights, covered various topics, including:
1. Proxy Wars and Cyber Attacks: The discussion opened with an overview of the ongoing proxy wars and their impact on Western targets. This included the mention of recent Hamas attacks in Israel and threats to U.S. bases in Syria.
2. Russian Hackers Exploiting Outlook Vulnerabilities: The episode highlighted the discovery by Microsoft's Threat Intelligence team of Fancy Bear, a group exploiting an Outlook flaw (CVE-2023-23397) to hijack Microsoft Exchange accounts. This attack has primarily targeted government, energy, and transportation sectors in the U.S., Europe, and the Middle East.
3. Iranian Cyber Attacks on Water Organizations: Azar discussed the cyber attacks by Iranian nation-state attackers on various U.S. water facilities, including the St. John River Water Management District, emphasizing their focus on water conservation and security.
4. Cyber Espionage Campaign 'Aeroblade': A new threat actor named Aeroblade was reported to have conducted a year-long espionage campaign against a U.S. aerospace company. The campaign was characterized by phishing, bait and switch tactics, and sophisticated anti-analysis protections.
5. Rising Cyber Attacks in Israel: The podcast also touched on increasing cyber attacks in Israel, including attacks on Ziv Medical Center and other Israeli institutions. The discussion highlighted the psychological impact of these attacks on the Israeli public.
6. Linux Targeting Ransomware: A new form of ransomware targeting Linux servers, particularly those using VMware ESXi, was analyzed. This development was noted as significant due to the widespread adoption of VMware ESXi.
7. Android Security Updates: Google's release of the December 2023 Android security update was mentioned, addressing 94 vulnerabilities, including critical ones in the Android framework and system components.
8. Fake WordPress Security Advisory: A deceptive campaign targeting WordPress users with a backdoor plugin disguised as a security advisory was discussed.
9. North Korean Cyber Activities: The episode concluded with a mention of North Korea's APT-43 (also known as Comiskey or Black Banshee) and its ongoing cyber activities, highlighting the need for stronger cyber defenses.
In summary, the podcast underscored the escalating cyber threats worldwide, emphasizing the need for heightened vigilance and robust cybersecurity measures across all sectors.
Story Links:
https://therecord.media/florida-water-agency-ransomware-cisa-warning-utilities
https://therecord.media/ziv-hospital-israel-hackers-claim-to-leak-data
https://cyberscoop.com/u-s-government-sanctions-prolific-north-korean-cyber-espionage-unit/
Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!
Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact
******
Listen here: https://linktr.ee/cyberhubpodcast
SubStack:
******
Website: https://www.cyberhubpodcast.com
Youtube: https://www.youtube.com/c/TheCyberHubPodcast
Rumble: https://rumble.com/c/c-1353861
Facebook: https://www.facebook.com/CyberHubpodcast/
Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
Twitter: https://twitter.com/cyberhubpodcast
Instagram: https://www.instagram.com/cyberhubpodcast
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Share this post