🚨 Microsoft Zeroday Exploited Now, Linux Botnet, Data Breach News, Patch Tuesday Release

Microsoft’s Patch Tuesday: Urgent Vulnerabilities Addressed

On this week’s CyberHub Podcast, host James Azar delves into Microsoft's latest Patch Tuesday updates, which include 60 different vulnerability fixes. Notably, the zero-day bug CVE-2024-30051, a heat-based buffer overflow in Windows Desktop Windows Manager, has been actively exploited in malware attacks.

Action Points:

1. Update Systems: Ensure all systems are updated with the latest patches from Microsoft to mitigate vulnerabilities.

2. Monitor for IOCs: Security teams should look out for indicators of compromise related to CVE-2024-30051 and CVE-2024-30040.

Critical Infrastructure Patches and DOJ Investigation into Rockwell Automation

Several critical infrastructure advisories were issued, including 15 advisories from Siemens and high-severity vulnerabilities reported by Rockwell Automation. Rockwell remains under DOJ investigation over concerns of code being written in China.

**Action Points:**

1. Apply Critical Patches: Patch all Siemens and Rockwell Automation products as advised to prevent remote code execution and privilege escalation.

2. Review Source Code Practices: Organizations should review their source code management and verification processes, especially if involving overseas development.

VMware Vulnerabilities and Pwn2Own Vancouver Results

VMware released fixes for four security vulnerabilities in their Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver contest. Researchers earned significant rewards for their discoveries.

Action Points:

1. Update VMware Products: Apply the latest VMware updates to mitigate the vulnerabilities.

2. Implement Workarounds: Follow VMware’s provided workarounds to protect systems until patches are fully applied.

Growing Iberi Linux Botnet Threat

ESET reports a significant expansion of the Iberi Linux botnet, which now includes over 400,000 infected systems. The botnet primarily targets servers, intercepting SSH traffic to capture credentials.

Action Points:

1. Strengthen Server Security: Implement robust security measures on servers, including regular updates and monitoring for unusual SSH traffic.

2. Educate IT Staff: Ensure IT staff are aware of the threat and trained on best practices to prevent server compromises.

Major Data Breach at Singing River Health System

The August 2023 ransomware attack on Singing River Health System has impacted nearly 900,000 individuals. The breach compromised sensitive personal and medical information.

Action Points:

1. Enhance Data Security: Healthcare providers should strengthen their cybersecurity measures to protect sensitive data.

2. Notify Affected Individuals: Ensure all affected individuals are notified and provided with resources to protect their personal information.

Singapore Updates Cybersecurity Regulations

Singapore has updated its cybersecurity regulations to include cloud infrastructure under its critical information infrastructure (CII) protections. This move aims to improve the nation’s cybersecurity resilience.

Action Points:

1. Comply with New Regulations: Organizations operating in Singapore must comply with the updated Cybersecurity Act.

2. Report Incidents: Ensure that any cybersecurity incidents are promptly reported to the relevant authorities as required.

Cyber Insurance Market Stabilization

S&P Global reports that the cyber insurance market is stabilizing due to increased competition. This is encouraging more municipalities and smaller governments to incorporate cyber risk coverage.

Action Points:

1. Evaluate Cyber Insurance: Organizations should evaluate their cyber insurance needs and consider incorporating coverage if not already done.

2. Leverage Cyber Risk Pools: Smaller entities should consider joining cyber risk pools to manage their cybersecurity risks effectively.

Rising Cybersecurity Voice in Congress: Zach Nunn

House Republican Zach Nunn is emerging as a leading voice on cybersecurity policy in Congress. His initiatives focus on addressing the security implications of AI and cyber threats to critical infrastructure.

Action Points:

1. Support Cyber Legislation: Engage with and support cybersecurity legislation that addresses both defensive and deterrent measures.

2. Stay Informed: Keep up with legislative developments to understand how they might impact your organization.

Stay tuned for more updates and ensure to follow CyberHub Podcast on your favorite platforms. Stay cyber safe!

✅ Story Links: 

https://www.securityweek.com/microsoft-patches-60-windows-vulns-warns-of-active-zero-day-exploitation/

https://www.securityweek.com/ics-patch-tuesday-advisories-published-by-siemens-rockwell-mitsubishi-electric/

https://www.bleepingcomputer.com/news/security/vmware-fixes-three-zero-day-bugs-exploited-at-pwn2own-2024/

https://www.securityweek.com/400000-linux-servers-hit-by-ebury-botnet/

https://www.bleepingcomputer.com/news/security/singing-river-health-system-data-of-895-000-stolen-in-ransomware-attack/

https://www.securityweek.com/900k-impacted-by-data-breach-at-mississippi-healthcare-provider/

https://www.darkreading.com/cyber-risk/singapore-cybersecurity-update-puts-cloud-providers-on-notice

https://www.cybersecuritydive.com/news/cyber-insurance-costs-market-grows/716040/

https://therecord.media/zach-nunn-house-republicans-cybersecurity

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Website:

https://www.cyberhubpodcast.com

👉Substack:

CISO Talk by James Azar

The latest on Cybersecurity, Privacy, Technology & Geo-Politics and all from a practitioner and intel point of view

👉Listen here: https://linktr.ee/cyberhubpodcast   

✅  Stay Connected With Us.

👉Website: https://www.cyberhubpodcast.com

👉Rumble: https://rumble.com/c/c-1353861 

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

✅ Other Videos You Might Be Interested In Watching: 

👉 My thoughts on Israel from this morning's episode and the current state of cybersecurity attacks  

 👉 A Deep Dive into the MGM Resorts Ransomware - An Inside look into the current FACTS  

 👉 The Latest on the MGM Resorts Ransomware Attack & its impact on Vegas and Cybersecurity overall  

 👉 What Does Omer Adam & Tel Aviv have to do with Cybersecurity? Find out on CISO Talk  

 👉 Iran is targeting Israel using its proxies that are Hamas & Hizballah & using cyber-warfare  

 =============================

✅ About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Tune in to our series of podcasts that provide everything from highlighting CISO in our CISOTalk Podcast or our signature CyberHub Podcast giving you the latest news live daily.

For Collaboration and Business inquiries, please use the contact information below:

📩 Email:  info@cyberhubpodcast.com 

🔔 Make sure to subscribe and follow us on your favorite podcast-listening platform.

https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1