Highlights from today’s episode from James Azar, CISO and cybersecurity practitioner.
1. Focus on Water Systems:
- The episode discusses the vulnerability of water systems to cyber attacks. These are considered significant due to their potential for mass casualties and health issues. Recent threats to water systems, including a breach in Pennsylvania, are highlighted.
2. Iranian Cyber Avengers:
- The deputy national security advisor, Neuberger, discusses attacks by the Iranian group Cyber Avengers. Though considered unsophisticated, these attacks on critical infrastructure, including a small municipal water authority in Pennsylvania, raise concerns about persistent threats from hostile countries.
3. Impact of Cyber Attacks on Infrastructure:
- The podcast touches on various incidents, including attacks on Israeli-made PLCs and the involvement of the Tehran's Islamic Revolutionary Guard. The geopolitical implications of such attacks and their broader impacts are discussed.
4. Vulnerability of Critical Systems:
- The episode addresses vulnerabilities in Delta Electronics OT monitoring products, which could allow attackers to conceal destructive activities. It emphasizes the need for robust cybersecurity measures in critical infrastructure sectors.
5. Black Cat Ransomware Group:
- Discussion on the inaccessibility of the Black Cat (or Alpha 5) ransomware group's leak site, speculated to be due to law enforcement action. The group's connections to other ransomware operations are mentioned.
6. North Korean Lazarus Group Activities:
- The podcast covers the North Korean Lazarus Group's continued exploitation of vulnerabilities, including Lock4J, to deploy RATs and other malware. The importance of patching known vulnerabilities is stressed.
7. Other Cybersecurity Updates:
- Topics include a critical file upload vulnerability in the Apache Struts 2 framework, and an issue with a desktop drive app that affected a subset of users.
8. Cybersecurity Practices and Awareness:
- The episode emphasizes the importance of continuous testing and being proactive in cybersecurity, with a call for greater awareness and preparedness in the face of evolving cyber threats.
Conclusion:
The episode of CyberHub Podcast delves into various aspects of cybersecurity, particularly focusing on the vulnerabilities of critical infrastructures like water systems and the global landscape of cyber threats. It highlights the need for robust cybersecurity measures and continuous vigilance against evolving cyber threats.
Story Links:
https://www.securityweek.com/cyberattack-on-irish-utility-cuts-off-water-supply-for-two-days/
https://thehackernews.com/2023/12/lazarus-group-using-log4j-exploits-to.html
https://www.securityweek.com/apache-patches-critical-rce-vulnerability-in-struts-2/
https://www.bleepingcomputer.com/news/google/google-shares-fix-for-deleted-google-drive-files/
Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!
Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact
******
Listen here: https://linktr.ee/cyberhubpodcast
SubStack:
******
Website: https://www.cyberhubpodcast.com
Youtube: https://www.youtube.com/c/TheCyberHubPodcast
Rumble: https://rumble.com/c/c-1353861
Facebook: https://www.facebook.com/CyberHubpodcast/
Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
Twitter: https://twitter.com/cyberhubpodcast
Instagram: https://www.instagram.com/cyberhubpodcast
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Share this post