CISO Talk by James Azar
CyberHub Podcast
🚨 Cyber News: Microsoft Exchange Zero-Day, Trans-Northern Pipelines Cyberattack, Nation-States Weaponize AI, U.S. Internet Leak
1×
0:00
Current time: 0:00 / Total time: -15:41
-15:41

🚨 Cyber News: Microsoft Exchange Zero-Day, Trans-Northern Pipelines Cyberattack, Nation-States Weaponize AI, U.S. Internet Leak

Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines

Welcome to another engaging episode of the CyberHub Podcast, aired on February 15, 2024. Post-Valentine's cheer and with a cup of double espresso in hand, we dive into the pressing cybersecurity narratives shaping our digital world.

LinkedIn's Shadow Ban Puzzle

James Azar discusses an intriguing issue where support for Israel on LinkedIn appears to trigger shadow bans, affecting notifications and visibility. Despite reaching out to nearly 100 followers facing this issue, a resolution remains elusive. Azar advises his audience to pivot to alternative platforms like YouTube and Substack for uninterrupted access to content.

Microsoft Exchange ZeroDay

Microsoft has fixed significant vulnerabilities in Exchange Server 2019 and Outlook, including a critical flaw allowing attackers to bypass security measures. These updates are particularly vital as they thwart potential exploits by Russia-based threat actors.

Canadian Pipeline Cyber Intrusion

Black Cat Ransomware Group's Heist. The trans-northern pipelines in Canada fell victim to the Black Cat Ransomware Group, jeopardizing over 730 miles of infrastructure. The attackers claim to have stolen 183 gigabytes of sensitive data, threatening its release unless a ransom is paid.

Wi-Fi Security Flaw Exposed

A new Wi-Fi authentication bypass vulnerability discovered by researchers could leave countless enterprise and home networks vulnerable to attacks. This flaw, found in widely used open-source software, underscores the necessity for rigorous network security measures.

Ransomware Paralyzes Fulton County

LockBit Claims Responsibility of the ransomware attack on Fulton County, Georgia, reels from a ransomware attack, with LockBit asserting its involvement. The county struggles to restore full governmental functionality, highlighting the disruptive power of digital extortion schemes.

AI's Role in Cyber Espionage

Nation-States Leverage Advanced Technologies. APT groups from China, Iran, North Korea, and Russia are now harnessing the power of AI to augment their cyber operations. From phishing material creation to intelligence gathering, the integration of AI into cyber warfare tactics signifies a new era of digital espionage.

Gold Factory's Malware Menace

Sophisticated Banking Trojans Unleashed. The Chinese-speaking cybercrime group, Gold Factory, has been identified as the mastermind behind advanced banking Trojans, including an iOS malware dubbed Gold Pickaxe. This development signals a significant threat to financial security, exploiting both Android and iOS platforms.

Securence's Data Blunder

U.S. Internet Corp.'s Securence division faced a severe data exposure, inadvertently publishing over a decade's worth of emails online. This incident, affecting numerous clients including governmental entities, underscores the critical importance of stringent data protection practices.

Cisco's Restructuring Woes

Global Workforce ReductionCisco announces a layoff affecting 5% of its global workforce as part of a broader restructuring plan. This move reflects the ongoing challenges within the tech industry, impacting many professionals.

Conclusion

Today's episode underscores the multifaceted nature of cybersecurity, from social media anomalies and critical software patches to the ominous rise of AI in cyber warfare. As the digital landscape evolves, staying informed and vigilant remains paramount. Join us next time for more insights into the ever-changing world of cybersecurity. Stay cyber safe!

Share

Show Notes and Story Links:

https://www.securityweek.com/microsoft-warns-of-exploited-exchange-server-zero-day/

https://www.bleepingcomputer.com/news/security/trans-northern-pipelines-investigating-alphv-ransomware-attack-claims/

https://www.securityweek.com/new-wi-fi-authentication-bypass-flaws-expose-home-enterprise-networks/

https://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-fulton-county-georgia/

https://www.darkreading.com/threat-intelligence/microsoft-openai-nation-states-are-weaponizing-ai-in-cyberattacks

https://thehackernews.com/2024/02/chinese-hackers-using-deepfakes-in.html

https://krebsonsecurity.com/2024/02/u-s-internet-leaked-years-of-internal-customer-emails/#more-66376

https://www.securityweek.com/cisco-announces-it-is-laying-off-thousands-of-workers/

Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!

Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact

******

Listen here: https://linktr.ee/cyberhubpodcast

SubStack:

******

Website: https://www.cyberhubpodcast.com

Youtube: https://www.youtube.com/c/TheCyberHubPodcast

Rumble: https://rumble.com/c/c-1353861

Facebook: https://www.facebook.com/CyberHubpodcast/

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast

Instagram: https://www.instagram.com/cyberhubpodcast

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.