Cencora Data Breach: Immediate Action and Transparency
Cencora reported a cyber attack on February 21, resulting in the theft of personal data. As standard practice, they've engaged third-party experts and are investigating the breach, adhering to SEC guidelines for material breaches. **Action Points:** Ensure data protection measures are up-to-date and transparently communicate with affected parties.
Healthcare Sector Under Ransomware Siege
The FBI, CISA, and HHS have issued warnings about Alpha 5 Black Cat ransomware targeting US healthcare organizations. This follows significant disruptions in the healthcare industry, including impacts on Optum and United Healthcare. **Action Points:** Healthcare entities should engage with security partners to assess vulnerabilities and establish contact with CISA for detailed threat intelligence.
ScreenConnect Vulnerability Exploited by Ransomware Gangs
Black Basta and Bloody Ransomware gangs are exploiting a ScreenConnect vulnerability (CVE-2024-1709) to hijack internet-exposed servers. This issue has been under active attack since its discovery, with proof-of-concept exploits circulating. **Action Points:** Urgently patch the vulnerability or disconnect affected systems to prevent unauthorized access.
Intel's Security Innovations
Intel announced new security features in its vPro platform and 14th generation core processors, including a silicon security engine for hardware-based authentication and Device Health for identifying platform-level vulnerabilities. **Action Points:** Consider Intel's latest offerings for enhanced security in computing environments.
Global Cyber Campaigns by Russia, China, and Iran
- Russia: Following the dismantling of the Ubiquiti botnet, the FBI urges consumers with Ubiquiti routers to clean their devices to counter resurgence efforts by Russian APTs.
- China: Chinese cyber spies are exploiting Ivanti Connect secure VPN vulnerabilities, deploying new malware for persistent access. This continues China's pattern of intellectual property theft and cyber espionage.
- Iran: The Iranian Revolutionary Guard is targeting aerospace and defense firms in Israel, the UAE, and other regions through sophisticated cyber campaigns, utilizing employment-focused spear phishing and cloud infrastructure for attacks.
Action Points: Stay vigilant against geopolitical cyber threats by regularly updating security measures, educating staff on spear phishing, and monitoring for unusual network activity.
In summary, this episode of the CyberHub Podcast, hosted by James Azar, emphasizes the intricate connection between cyber security and geopolitical dynamics. The stories underscore the urgency for robust security measures, proactive threat intelligence, and collaboration within the cybersecurity community to mitigate the risks posed by nation-state actors and cybercriminals.
Show Notes and Story Links:
https://www.securityweek.com/us-government-urges-cleanup-of-routers-infected-by-russias-apt28/
https://www.securityweek.com/intel-core-ultra-vpro-platform-brings-new-security-features/
https://www.securityweek.com/chinese-cyberspies-use-new-malware-in-ivanti-vpn-attacks/
https://cyberscoop.com/iran-hostages-boeing-dji/
Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!
Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact
******
Listen here: https://linktr.ee/cyberhubpodcast
SubStack:
******
Website: https://www.cyberhubpodcast.com
Youtube: https://www.youtube.com/c/TheCyberHubPodcast
Rumble: https://rumble.com/c/c-1353861
Facebook: https://www.facebook.com/CyberHubpodcast/
Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
Twitter: https://twitter.com/cyberhubpodcast
Instagram: https://www.instagram.com/cyberhubpodcast
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Share this post