The episode opens with a heartfelt tribute to Memorial Day, emphasizing the significance of remembering the brave men and women who made the ultimate sacrifice for the United States. The host reflects on the somber nature of the day and its importance in honoring fallen service members, differentiating it from Veterans Day.
Consumer-Grade Spyware at Wyndham Hotels
A consumer-grade spyware app, PC Tattletail, was found on check-in systems at three Wyndham hotels, capturing and exposing guest details and partial payment information due to a security flaw. The app, often referred to as stalkerware, periodically takes screenshots of the device it's installed on, making sensitive data accessible to anyone on the internet.
Action Points:
1. Implement Secure by Design Practices: Organizations should follow guidelines from CISA to ensure their systems are secure by design, minimizing the risk of such spyware being installed.
2. Regular Security Audits: Conduct frequent audits of IT systems to detect and remove unauthorized software and vulnerabilities.
Google Patches Fourth Zero-Day Vulnerability in Chrome
Google has patched its fourth zero-day vulnerability in Chrome this year, CVE-2024-5274, which is a type confusion flaw in the V8 JavaScript engine. The company urges users to update their browsers immediately to protect against potential exploits.
Action Points:
1. Keep Software Updated: Regularly update all software, including web browsers, to the latest versions to ensure vulnerabilities are patched promptly.
2. Monitor for Exploits: Stay informed about newly discovered vulnerabilities and exploits in the wild to take immediate action when necessary.
MITRE's Incident Response to Advanced Persistent Threats
MITRE Corporation revealed details of a cyber attack that exploited an Ivanti Zero-Day flaw, where adversaries created rogue virtual machines (VMs) within its VMware environment. The attackers used sophisticated methods to maintain persistent access and avoid detection.
Action Points:
1. Strengthen Monitoring and Response: Implement advanced monitoring tools to detect unusual activities in virtual environments and enhance incident response capabilities.
2. Regular Security Training: Provide continuous training for IT staff on identifying and responding to advanced threats.
Ascension Healthcare Network's Ransomware Recovery
Ascension, a large Catholic healthcare network, is recovering from a ransomware attack by the Black Basta gang, affecting over 140 hospitals and senior care centers. The attack disrupted medical services, but the network is making progress in restoring systems.
Action Points:
1. Enhance Ransomware Defenses: Invest in robust ransomware protection measures, including regular backups and advanced threat detection systems.
2. Develop Comprehensive Recovery Plans: Create and regularly test incident response and disaster recovery plans to ensure quick restoration of services after an attack.
New Ransomware Strain ShrinkLocker
A new ransomware strain called ShrinkLocker targets corporate systems by creating a new boot partition to encrypt data using Windows BitLocker. The ransomware has been used against government entities and companies in the vaccine and manufacturing sectors.
Action Points:
1. Regular Security Patching: Ensure all systems are up-to-date with the latest security patches to prevent exploitation by ransomware.
2. Implement Strong Access Controls: Use robust access controls and monitor for unauthorized changes to system partitions.
Indian National Pleads Guilty to Wire Fraud in Coinbase Scam
Chirag Tomar, an Indian national, pleaded guilty to wire fraud conspiracy for operating a fake Coinbase website that stole over $37 million from users by tricking them into entering their login credentials. The stolen funds were used to support a lavish lifestyle.
Action Points:
1. Educate Users on Phishing: Provide regular training on recognizing and avoiding phishing scams, especially those targeting financial accounts.
2. Strengthen Authentication Measures: Implement advanced authentication measures, such as multi-factor authentication, to protect user accounts.
Moroccan Cybercriminals Exploiting Gift Card Systems
A Moroccan cybercriminal group, Storm0539, is breaching large retailers to fraudulently issue gift card codes to themselves, essentially creating their own money. The group remains in the systems for repeated cash-outs, increasing their illicit gains.
Action Points:
1. Secure Gift Card Issuance Systems: Implement strong security measures to protect gift card issuance systems from unauthorized access and fraud.
2.Monitor for Suspicious Activity: Regularly monitor transaction logs and system access for signs of unusual or unauthorized activities.
ICQ Messaging App Shutdown
The episode concludes with the announcement of the official shutdown of the ICQ messaging app on June 26th, marking the end of an era for one of the first internet messaging platforms.
Episode Conclusion
The host closes by thanking listeners for tuning in and reminding them to stay cyber safe. They emphasize the importance of remembering those who sacrificed their lives on Memorial Day and encourage listeners to stay vigilant against cyber threats.
👀 SHOW Supporters:
Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub
✅ Story Links:Â
https://techcrunch.com/2024/05/22/spyware-found-on-hotel-check-in-computers/
https://www.securityweek.com/google-patches-fourth-chrome-zero-day-in-two-weeks/
https://thehackernews.com/2024/05/hackers-created-rogue-vms-to-evade.html
https://therecord.media/ascension-restoring-network-after-cyberattack
https://therecord.media/morocco-cybercriminals-cashing-in-gift-cards
https://www.bleepingcomputer.com/news/software/icq-messenger-shuts-down-after-almost-28-years/
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1 Â
✅ Important Links to Follow:Â
👉Website:
https://www.cyberhubpodcast.com
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast  Â
✅ Stay Connected With Us.
👉Website: https://www.cyberhubpodcast.com
👉Rumble: https://rumble.com/c/c-1353861Â
👉Facebook: https://www.facebook.com/CyberHubpodcast/Â
👉Linkedin: https://www.linkedin.com/company/cyberhubpodcast/Â
👉Twitter (X): https://twitter.com/cyberhubpodcastÂ
👉Instagram: https://www.instagram.com/cyberhubpodcastÂ
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ Other Videos You Might Be Interested In Watching:Â
👉 My thoughts on Israel from this morning's episode and the current state of cybersecurity attacks Â
 👉 A Deep Dive into the MGM Resorts Ransomware - An Inside look into the current FACTS Â
 👉 The Latest on the MGM Resorts Ransomware Attack & its impact on Vegas and Cybersecurity overall Â
 👉 What Does Omer Adam & Tel Aviv have to do with Cybersecurity? Find out on CISO Talk Â
 👉 Iran is targeting Israel using its proxies that are Hamas & Hizballah & using cyber-warfare Â
 =============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.Â
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.Â
Tune in to our series of podcasts that provide everything from highlighting CISO in our CISOTalk Podcast or our signature CyberHub Podcast giving you the latest news live daily.
Share this post