🚨 Cyber News: Mr. Cooper Cyberattack, American Airlines Ransomware, Android Patches Bugs, Veeam Patch Now

CyberHub Podcast

1×

0:00

Current time: 0:00 / Total time: -10:40

-10:40

🚨 Cyber News: Mr. Cooper Cyberattack, American Airlines Ransomware, Android Patches Bugs, Veeam Patch Now

The latest cybersecurity news and highlights for the cybersecurity practitioners, Mr. Cooper and American Airlines show what resiliency when experiencing cybersecurity events, so many patches & bugs

James Azar

Nov 07, 2023

Transcript

The CyberHub Podcast episode hosted by James Azar starts with a casual greeting. The podcast is broadcast live across multiple social media platforms, including Facebook, LinkedIn, YouTube, Twitter, Twitch, and Rumble.

James discusses a cyber attack on Mr. Cooper, a major mortgage servicing company, which occurred on Halloween. Despite the attack, Mr. Cooper has provided alternative payment options for its customers, such as phone, mail, Western Union, MoneyGram, and a one-time web payment. James praises Mr. Cooper's business continuity planning, emphasizing the importance of maintaining revenue generation during a cyber incident.

He then mentions the Allied Pilots Association, which represents American Airlines pilots, and its progress in recovering from a ransomware attack. The focus of their recovery efforts is on restoring systems critical for pilots, highlighting the importance of prioritizing business-critical functions during incident response.

The podcast also covers a novel Google Cloud-based Remote Access Trojan (RAT) that uses Google Calendar events for command and control, which, while not yet observed in the wild, has been discussed on cybercriminal forums.

James then talks about a new variant of the GOOT loader malware, called GOOTBOT, which is designed for lateral movement and evasion of detection, marking a shift in tactics and tools used by cybercriminals.

The episode continues with security updates, including Google's patching of 37 vulnerabilities in the Android security update and additional fixes for Pixel devices. Cisco has also released patches for various products, and CISA has issued an alert urging administrators to apply these patches due to the risk of exploitation.

Lastly, James mentions a critical flaw in the Veeam One IT monitoring tool, with an urgent patch released to address several vulnerabilities that could be exploited by unauthorized users.

The episode concludes with James encouraging listeners to follow the podcast on social media, subscribe to their substack, and the offer of an espresso travel mug for yearly subscribers. He signs off by reminding everyone to stay cyber safe and announces the podcast's return the following day.

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Mortgage giant Mr. Cooper using alternative payment options after cyberattack

American Airlines Pilot Union Recovering After Ransomware Attack

Novel Google Cloud RAT Uses Calendar Events for C2

New GootLoader Malware Variant Evades Detection and Spreads Rapidly

37 Vulnerabilities Patched in Android With November 2023 Security Updates

Cisco patches serious flaws in Firepower and Identity Services Engine

Critical Flaws Discovered in Veeam ONE IT Monitoring Software

Discussion about this podcast

CyberHub Podcast

Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.

Listen on