The January 8th, 2024 episode of the Cyberhub Podcast, hosted by James Azar, delved into a variety of pressing cybersecurity topics. The episode began with a cheerful morning greeting and a reminder for listeners to subscribe and support the show on Substack. If you haven’t subscribed yet, please make do so now.
Loan Depot Cyberattack: A Major Concern
One of the significant topics discussed was the cyberattack on Loan Depot, a leading non-bank retail mortgage lender in the U.S. The company had to take its IT systems offline, disrupting mortgage payments and customer service. Loan Depot confirmed the incident and is collaborating with law enforcement and forensic experts to resolve the issue. They set up a temporary contact center for customer payments, highlighting the seriousness of the attack.
23andMe Data Breach: A Controversial Response
Another major discussion point was the data breach at 23andMe. The company faced criticism for blaming customers for using common passwords and thus contributing to the breach. This stance attracted widespread condemnation, with the podcast host expressing disappointment in 23andMe's approach to handling the breach.
Async RAT Malware Campaign
A sophisticated cyber attack targeting critical infrastructure was uncovered. The campaign involved unique loader samples and over 100 domains, indicating the involvement of skilled attackers. Microsoft researchers and AT&T's Alien Labs played key roles in identifying this threat.
Merck's NotPetya Claim Settlement
Pharmaceutical giant Merck settled a long-standing dispute with its insurers over a $700 million claim related to the NotPetya cyberattack in 2017. This settlement is significant for the cybersecurity and insurance industries, particularly regarding the interpretation of "act of war" clauses in cyber insurance.
Ivanti’s Endpoint Manager Vulnerability
Ivanti issued a warning about a critical severity vulnerability in its Endpoint Manager product, which could lead to remote code execution. The vulnerability has since been patched, emphasizing the importance of timely software updates.
Geopolitical Cyber Incidents
The episode touched on several geopolitical cyber incidents, including a hack of Beirut airport systems by a group called Soldiers of God and Russian hacking of surveillance cameras in Ukraine for military intelligence.
Major General Lorna Mollack's New Role: Major General Lorna Mollack will assume command of the Cyber National Mission Force at Fort Meade, Maryland. Mollack, an immigrant from Jamaica and a trailblazer in the Marine Corps, will bring her extensive experience to this critical cybersecurity role.
Conclusion: Stay Cyber Safe
The show concluded with a reminder to listeners to stay vigilant and cyber safe, reinforcing the importance of cybersecurity in the modern world. The next episode promises more updates and insights into the ever-evolving realm of cybersecurity.
Show Notes and Story Links:
https://therecord.media/merck-insurance-settlement-notpetya
https://www.securityweek.com/ivanti-patches-critical-vulnerability-in-endpoint-manager/
https://therecord.media/cyber-national-mission-force-lorna-mahlock
Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!
Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact
******
Listen here: https://linktr.ee/cyberhubpodcast
SubStack:
******
Website: https://www.cyberhubpodcast.com
Youtube: https://www.youtube.com/c/TheCyberHubPodcast
Rumble: https://rumble.com/c/c-1353861
Facebook: https://www.facebook.com/CyberHubpodcast/
Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
Twitter: https://twitter.com/cyberhubpodcast
Instagram: https://www.instagram.com/cyberhubpodcast
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Share this post