Good Morning, Security Gang!
Happy Fourth of July Eve!
Today's CyberHub Podcast covers several major cybersecurity incidents and discoveries. Here are the highlights and recommended actions:
Evolve Bank and Trust Data Breach
Evolve Bank and Trust, a key service provider for fintech companies like Wise and Affirm, experienced a significant data breach by the LockBit ransomware group. This breach exposed sensitive customer and financial information. Evolve provides banking services to fintech firms, making it an attractive target. The breach was revealed during a Federal Reserve audit. Information exposed includes names, addresses, dates of birth, SSNs, and other identifying details.
Actions:
1. Review Data Retention Policies: Ensure your organization’s data retention policies comply with legal requirements while minimizing unnecessary data storage.
2. Implement Employee Training: Regularly train employees on recognizing phishing attempts and other malicious activities.
Croatia's Largest Hospital Attack
LockBit also targeted the University Hospital Center in Zagreb, Croatia, causing significant disruption by shutting down IT systems and reverting to manual operations. The attack compromised patient and employee information, medical records, and more. Emergency services were severely affected, and patient care was delayed.
Actions:
1. Enhance Incident Response Plans: Hospitals and critical infrastructure should strengthen their incident response plans to ensure rapid recovery from cyberattacks.
2. Invest in Cybersecurity Tools: Implement robust cybersecurity tools to detect and prevent ransomware attacks.
Patelco Credit Union Ransomware Attack
California-based Patelco Credit Union suffered a ransomware attack, impacting online banking services and mobile applications. Services like Zelle and direct deposits were unavailable. The attack revealed a lack of redundancy in their systems.
Actions:
1. Ensure Redundancy: Financial institutions should have redundant systems to maintain operations during an attack.
2. Regularly Update Systems: Keep all software and systems updated to protect against known vulnerabilities.
Florida Community Health Center Data Breach
Nearly 300,000 individuals were notified about a data breach at the Florida Community Health Center, compromising personal health information. The breach affected current and former patients, exposing sensitive information. Victims are offered 12 months of free credit monitoring and identity theft protection.
Vulnerabilities in Rockwell Automation Devices
Microsoft discovered two significant vulnerabilities in Rockwell Automation’s PanelView Plus devices, potentially allowing remote code execution and denial of service attacks. These vulnerabilities highlight critical security gaps in industrial control systems.
Actions:
1. Patch Systems Promptly: Apply patches and updates as soon as they are available.
2. Conduct Regular Security Audits: Regularly audit industrial control systems to identify and mitigate vulnerabilities.
Meta Banned from Using Brazilian Data for AI Training
Brazil’s data protection authority banned Meta from using data from Brazilian users to train its AI models, citing potential risks to privacy and data protection. Meta, which owns Facebook and Instagram, argued that this decision hampers innovation.
Stay Cyber Safe!
Subscribe, follow, and share the CyberHub Podcast for more cybersecurity news and updates. Happy Fourth of July!
✅ Story Links:
https://therecord.media/lockbit-claims-cyberattack-croatia-hospital
https://thecyberexpress.com/fakebat-loader/
https://thecyberexpress.com/microsoft-rce-dos-exploits-found-in-rockwell/
https://thehackernews.com/2024/07/israeli-entities-targeted-by.html
https://www.securityweek.com/brazil-data-regulator-bans-meta-from-mining-data-to-train-ai-models/
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
✅ Important Links to Follow:
👉Website: https://www.cyberhubpodcast.com
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Rumble: https://rumble.com/c/c-1353861
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Evolve Bank Disclosed Data Breach, LockBit Remains Active, Passkey AitM Attacks, Cyber News