Good Morning, Security Gang!
Today's episode of the CyberHub Podcast, recorded from a hotel due to flight delays, dives into some of the most pressing issues in cybersecurity.
LockBit Ransomware Group Claims Attack on Federal Reserve
The LockBit ransomware group claims to have hacked the U.S. Federal Reserve, but the data they have released seems to come from Evolve Bank and Trust, not the Federal Reserve. The breach includes personal information like names, Social Security numbers, and account details. Evolve Bank is investigating and assures customers that online banking and debit card information are not affected.
Action Items:
1. Monitor Account Activity: Customers should check their bank statements and report any suspicious activity immediately.
2. Enhance Personal Security: Consider changing passwords and enabling two-factor authentication on financial accounts.
Progress's MoveIt File Transfer Tool Vulnerability
A critical vulnerability has been found in Progress's MoveIt file transfer tool, similar to one that was exploited in a major data theft campaign. Progress released a patch on June 11th, but a newly identified third-party component vulnerability increases the risk.
Action Items:
1. Apply Patches Immediately: Ensure that the latest patches from Progress are applied to mitigate the risk.
2. Review Internal Processes: Reevaluate how your organization handles critical vulnerabilities and streamline the patching process.
CDK Global System Breach
The CDK Global system, used by over 15,000 car dealers, has been compromised by the Black Suit group, causing significant disruption. CDK warns that they might not restore all dealer systems by the end of the month, which could affect financial reporting and operations.
Action Items:
1. Plan for Financial Close: Dealerships should make alternative plans for month-end financial close processes.
2. Use Available Resources: Utilize the Dealer Resource Center provided by CDK for essential documents and forms.
Cloudflare vs. Polyfill Feud
Cloudflare has accused Polyfill.io of using its name and logo without authorization, potentially misleading users. Polyfill, recently acquired by a Chinese company, has been found injecting malware into mobile devices via its CDN.
Action Items:
1. Avoid Polyfill.io: Refrain from using Polyfill services until the issue is resolved.
2. Check for Malware: If you have used Polyfill, scan your systems for any potential malware.
Git-Based Source Code Management Vulnerability
Aqua Security has found that secrets hard-coded in Git-based source code management systems can remain accessible even after deletion. This poses a significant risk as these "phantom secrets" can be exploited by attackers.
Action Items:
1. Remove Hard-Coded Secrets: Ensure that no secrets are hard-coded in your repositories.
2. Implement Secret Management: Use dedicated secret management tools to store sensitive information securely.
Vanna AI Library Security Flaw
A high-severity flaw in the Vanna AI library could allow remote code execution via prompt injection. This vulnerability has a CVSS score of 8.1 and affects the library's ask function.
Action Items:
1. Update Vanna Library: Apply the latest security patches to the Vanna AI library.
2. Review AI Implementations: Assess your AI and machine learning implementations for similar vulnerabilities.
Quick Updates:
1. Apple AirPods Vulnerability: Firmware updates have been released to fix a Bluetooth spoofing issue affecting multiple models.
2. Google vs. Dragon Bridge: Google has disrupted over 65,000 instances linked to China's Dragon Bridge influence operation.
3. GitHub Phantom Secrets: Aqua Security found significant secrets in GitHub repositories that could lead to major security breaches.
Stay Cyber Safe!
That's it for today's show. Join us again on Monday at 9 a.m. Eastern for more updates. Remember to stay cyber safe and connect with us on social media!
👀 SHOW Supporters:
Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub
✅ Story Links:
https://www.securityweek.com/evolve-bank-data-leaked-after-lockbits-federal-reserve-hack/
https://therecord.media/progress-software-elevates-severity-bug
https://therecord.media/cdk-global-ransomware-incident-restoring-services
https://www.securityweek.com/phantom-source-code-secrets-haunt-major-organizations/
https://thehackernews.com/2024/06/prompt-injection-flaw-in-vanna-ai.html
https://www.darkreading.com/vulnerabilities-threats/apple-airpods-bug-allows-eavesdropping
https://www.securityweek.com/google-disrupts-more-china-linked-dragonbridge-influence-operations/
✅ Important Links to Follow:
👉Website: https://www.cyberhubpodcast.com
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Rumble: https://rumble.com/c/c-1353861
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Evolve Bank Data Leak, CDK Ransomware Update, Another Progress MoveIT Security Bug