🚨 Cyber News: US & UK Water Companies Ransomware, CISA Pre-Ransomware Alert, Trello API Abuse, Fortra POC Exploit

CyberHub Podcast

1×

0:00

Current time: 0:00 / Total time: -15:26

-15:26

🚨 Cyber News: US & UK Water Companies Ransomware, CISA Pre-Ransomware Alert, Trello API Abuse, Fortra POC Exploit

Navigating Complex Cybersecurity Terrain: Ransomware Attacks, Data Breaches, and API Vulnerabilities, insights from the Frontlines of Cybersecurity – Unpacking Ransomware Trends

James Azar

Jan 24, 2024

Transcript

The latest episode of the CyberHub Podcast, hosted by security practitioner & CISO James Azar, delves into a range of pressing cybersecurity issues facing today's digital landscape.

The episode kicks off with a discussion on the evolving nature of ransomware attacks, emphasizing the slow and process-driven nature of cybersecurity responses contrary to the immediate gratification desired by many in the modern era.

Key highlights of the podcast include:

1. Ransomware Attacks on Water Companies: The episode reports on ransomware attacks targeting Viola North America and Southern Water in the UK. Viola, a significant player in the water sector, faced an IT ransomware attack impacting their backend systems but not their water treatment operations. Southern Water, serving millions in England, was listed on the Black Basta ransomware group's leak site, with a threat to release 750 gigabytes of data including personal and corporate information.

2. CISA's Proactive Measures: The Cybersecurity and Infrastructure Security Agency (CISA) was spotlighted for its proactive stance in combating ransomware. The agency notified nearly 60 entities across various sectors about potential pre-ransomware intrusions, significantly ramping up its notification activities.

3. Trello API Data Leak: Trello, a popular project management tool, faced a data leak due to a publicly accessible API, enabling a threat actor to link private email addresses with Trello accounts and create profiles containing public and private information.

4. SolarWinds and Microsoft Breach: The podcast sheds light on the Microsoft breach attributed to the Russian group behind the SolarWinds hack. Despite no vulnerabilities found in Microsoft products, the incident underscored the ongoing threats from sophisticated nation-state actors.

5. Chrome Vulnerabilities and Updates: Google Chrome's recent update addressed 17 vulnerabilities, with significant bug bounties paid out to researchers who identified high-severity issues.

6. Fortress Go Anywhere Vulnerability: A critical vulnerability in the Fortress Go Anywhere managed file transfer product, with a CVSS score of 9.8, was discussed, highlighting the risks of authentication bypass flaws.

7. Ivanti's Challenges and Moody's Downgrade: Ivanti faced a downgrade in its credit rating by Moody's due to multiple zero-day vulnerabilities, reflecting the broader financial and reputational impacts of cybersecurity incidents.

8. UN Cybercrime Treaty Critique: The podcast concludes with a critique of the UN's cybercrime treaty, noting concerns from various stakeholders about its potential to criminalize cybersecurity research and erode data privacy.

The episode underscores the multifaceted challenges in cybersecurity, from infrastructure threats to regulatory issues, and emphasizes the importance of staying informed and proactive in this ever-evolving field.

Discussion about this podcast

CyberHub Podcast

Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.

Listen on