In the latest episode of the CyberHub Podcast, aired on January 22, 2024, host James Azar delves into a range of pressing cybersecurity issues. The episode kicks off with a reminder for listeners to check out the sub stack piece on ransomware and the feasibility of class action lawsuits in the private sector, along with a promotion for CyberHub Podcast supporters.
Key topics covered in the episode include:
1. CISA's Emergency Directive: CISA issued an emergency directive to federal civilian executive branch agencies to address two exploited vulnerabilities in Ivanti Connect and Ivanti Privacy. These vulnerabilities, CVE-2023-46805 and CVE-2024-21887, pose significant risks, allowing attackers to bypass authentication, inject commands, and potentially access sensitive data.
2. VMware vCenter Server Exploit: A critical out-of-bounds write issue (CVE-2023-34048) in VMware's vCenter server, patched in October 2023, is now being exploited in the wild. Notably, Chinese cyber espionage groups have been exploiting this vulnerability since 2021, showcasing the significant lapse in vulnerability reporting and patching.
3. Microsoft's Corporate Network Breach: Microsoft disclosed a breach by the Russian APT group Midnight Blizzard, where senior executives' emails were compromised. This breach emphasizes the ongoing threat posed by nation-state actors in cyberspace.
4. Apache ActiveMQ Vulnerability: A severe vulnerability in Apache ActiveMQ (CVE-2023-46604) has been actively exploited to deploy the Godzilla webshell, highlighting the need for robust security measures against such threats.
5. Payoneer's Account Hacks: Payoneer faced a security incident where several accounts were compromised, even with MFA enabled. The incident, attributed to phishing attacks, underscores the importance of comprehensive security protocols beyond just MFA.
6. VF Corp Data Breach: VF Corporation reported a ransomware attack that led to the theft of personal information of 35.5 million customers. The breach affected consumers who directly purchased from brands like Dickies, The North Face, and Vans.
7. FTC's Action Against Data Brokers: The FTC settled with InMarketMedia over the sale of Americans' precise location data. This case highlights the ongoing concerns regarding data privacy and the need for stricter regulatory measures.
The podcast concluded with a call to stay updated and cyber-safe, emphasizing the dynamic and challenging nature of cybersecurity in today's digital landscape.
Show Notes and Story Links:
https://www.securityweek.com/vmware-vcenter-server-vulnerability-exploited-in-wild/
https://www.securityweek.com/chinese-spies-exploited-vmware-vcenter-server-vulnerability-since-2021/
https://www.securityweek.com/microsoft-says-russian-gov-hackers-stole-email-data-from-senior-execs/
https://thehackernews.com/2024/01/apache-activemq-flaw-exploited-in-new.html
https://therecord.media/financial-platform-payoneer-account-hacks-phishing
Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!
Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact
******
Listen here: https://linktr.ee/cyberhubpodcast
SubStack:
******
Website: https://www.cyberhubpodcast.com
Youtube: https://www.youtube.com/c/TheCyberHubPodcast
Rumble: https://rumble.com/c/c-1353861
Facebook: https://www.facebook.com/CyberHubpodcast/
Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
Twitter: https://twitter.com/cyberhubpodcast
Instagram: https://www.instagram.com/cyberhubpodcast
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
🚨 Cyber News: VMware vCenter Exploit, Russia Hacks Microsoft Exec Emails, Apache Flaw Exploit, Payoneer MFA Hack Drains Accounts