GitHub Enterprise Vulnerability: Critical Patch Required
GitHub has released patches for a critical vulnerability (CVE-2024-4985) in its Enterprise Server, which could allow unauthenticated attackers to gain admin privileges. This issue affects servers using SAML SSO authentication with the optional encrypted assertion feature enabled.
Action Points:
1. Check Vulnerability: Verify if your GitHub Enterprise Server is using SAML SSO and has the encrypted assertion feature enabled.
2. Apply Patches: Update all affected GitHub Enterprise Servers to version 3.13.0 or later to mitigate the vulnerability.
Ivanti Endpoint Manager: Critical Security Updates
Ivanti has issued multiple patches addressing critical vulnerabilities in their Endpoint Manager (EPM), including severe SQL injection bugs that allow unauthenticated attackers to execute arbitrary code.
Action Points:
1. Update Software: Apply the latest hotfixes and updates provided by Ivanti for EPM 2022 SU5 and earlier versions.
2. Follow Instructions: Ensure you follow the detailed update instructions provided by Ivanti to secure your systems fully.
Microsoft to Deprecate VBScript: Transition to Modern Languages
Microsoft announced the deprecation of Visual Basic Script (VBScript), phasing it out in favor of more advanced alternatives like JavaScript and PowerShell. This transition will occur in stages, starting with Windows 11 in the second half of 2024.
Action Points:
1. Plan Transition: Begin planning to transition scripts from VBScript to JavaScript or PowerShell.
2. Update Systems: Monitor and apply updates as VBScript phases out to ensure compatibility with new scripting environments.
Chatbots and Security Risks: A Growing Concern
New research highlights the security risks associated with customer chatbots built on general-purpose AI engines. Studies show that many chatbots are vulnerable to prompt engineering attacks, leading to unauthorized data access.
Action Points:
1. Evaluate Chatbots: Assess the security of your customer chatbots and consider implementing stricter guardrails.
2. Enhance Security: Regularly update and test chatbots to ensure they are secure against emerging threats.
China-Linked Espionage Networks: Growing Threat
Security researchers have identified China-linked state-backed attackers using vast proxy server networks for espionage. These networks, known as Operational Relay Boxes (ORBs), involve compromised devices and commercially leased VPS services.
Action Points:
1. Strengthen Defenses: Implement advanced monitoring and detection systems to identify and block traffic from suspected ORBs.
2. Educate Staff: Train IT staff on recognizing and responding to sophisticated espionage techniques.
ARPA-H Initiative: Enhancing Hospital Cybersecurity
The Advanced Research Project Agency for Health (ARPA-H) has pledged $50 million to develop software that helps hospitals become cyber-resilient. The initiative aims to automate threat solutions and adapt to various hospital environments.
Action Points:
1. Participate in Programs: Engage with ARPA-H initiatives to stay ahead in cybersecurity advancements.
2. Invest in Security: Allocate resources to enhance hospital IT infrastructure and cybersecurity measures.
ICE Faces SEC Penalty: Reporting Breach Failures
The Intercontinental Exchange (ICE) will pay a $10 million penalty for failing to promptly report a VPN security breach to the SEC. This breach and subsequent reporting delay violated regulatory requirements.
Action Points:
1. Review Compliance: Ensure your organization adheres to all regulatory requirements for reporting security incidents.
2. Improve Response: Develop and implement a robust incident response plan to handle and report breaches swiftly.
Microsoft President to Testify on Security Shortcomings
Microsoft President Brad Smith will testify before the Committee of Homeland Security on June 13th regarding the company's security practices and shortcomings.
Stay Informed:
Tune in next week for the latest in cybersecurity news and updates. Don't forget to follow us on social media and subscribe to our podcast on your favorite platform. Stay cyber safe!
👀 SHOW Supporters:
Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub
✅ Story Links:
https://www.securityweek.com/critical-authentication-bypass-resolved-in-github-enterprise-server/
https://thehackernews.com/2024/05/the-end-of-era-microsoft-phases-out.html
https://www.securityweek.com/beware-your-customer-chatbot-is-almost-certainly-insecure-report/
https://www.cybersecuritydive.com/news/microsoft-president-congressional-hearing/716847/
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
✅ Important Links to Follow:
👉Website:
https://www.cyberhubpodcast.com
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Website: https://www.cyberhubpodcast.com
👉Rumble: https://rumble.com/c/c-1353861
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ Other Videos You Might Be Interested In Watching:
👉 My thoughts on Israel from this morning's episode and the current state of cybersecurity attacks
👉 A Deep Dive into the MGM Resorts Ransomware - An Inside look into the current FACTS
👉 The Latest on the MGM Resorts Ransomware Attack & its impact on Vegas and Cybersecurity overall
👉 What Does Omer Adam & Tel Aviv have to do with Cybersecurity? Find out on CISO Talk
👉 Iran is targeting Israel using its proxies that are Hamas & Hizballah & using cyber-warfare
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our series of podcasts that provide everything from highlighting CISO in our CISOTalk Podcast or our signature CyberHub Podcast giving you the latest news live daily.
Share this post