In today's CyberHub podcast, host James Azar provided a detailed breakdown of the latest cybersecurity news, sharing multiple significant updates that IT and cybersecurity professionals need to be aware of.
Below are key stories covered in the episode, each followed by a relevant action item.
National Public Data Files for Bankruptcy Following Cyberattack
National Public Data, a major background check company, filed for Chapter 11 bankruptcy after a December 2023 data breach leaked 2.9 billion records. The fallout has led to multiple class-action lawsuits and federal investigations. The breach significantly impacted healthcare clients and exposed sensitive personal data, including Social Security numbers, addresses, and phone numbers. The company has since lost its customer base and cannot manage its liabilities.
Action Item: Focus on Vendor Risk Management. CISOs should prioritize evaluating third-party vendors, especially those managing sensitive data. Supply chain security needs to be thoroughly assessed to avoid similar risks.
Fortinet Vulnerabilities Under Active Exploit
Several critical vulnerabilities in Fortinet products, including FortiOS and FortiProxy, are being actively exploited by cybercriminals. The most severe vulnerability, CVE-2024-23113, has a CVSS score of 9.8. These exploits allow attackers to execute arbitrary code remotely. CISA and federal authorities have urged companies to address these vulnerabilities immediately.
Action Item: Patch and Update Fortinet Systems. IT teams must urgently update vulnerable Fortinet systems to the latest versions and apply necessary workarounds to mitigate the risks of ongoing exploitation.
Ivanti's Zero-Day Exploit
Cybercriminals are exploiting a zero-day vulnerability (CVE-2024-8190) in Ivanti products to compromise systems. These attacks involve lateral movement and deploying web shells and rootkits to maintain persistence. The vulnerability is currently being leveraged by state-sponsored threat actors, including those from China.
Action Item: Review and Replace Ivanti Products. Organizations using Ivanti systems should consider replacing them and implementing stronger endpoint detection mechanisms to mitigate advanced persistent threats (APTs).
CMMC 2.0 Implementation by the DoD
The U.S. Department of Defense (DoD) has finalized the Cybersecurity Maturity Model Certification (CMMC) 2.0, which outlines different levels of security maturity for defense contractors. This certification framework requires contractors to achieve certain cybersecurity benchmarks, with more stringent assessments at higher levels.
Action Item: Prepare for CMMC Compliance. Companies working with the DoD or its supply chain must start preparing for CMMC assessments. It’s crucial to understand the NIST 800-171 and 800-172 requirements and implement them to achieve compliance.
Data Breach at Gryphon Healthcare and Tri-City Medical Center
Gryphon Healthcare and Tri-City Medical Center reported a data breach impacting more than 500,000 individuals. Compromised information includes names, Social Security numbers, medical records, and treatment details. The breach occurred due to a third-party vendor’s failure.
Action Item: Review Third-Party Security Practices. Healthcare institutions should reassess vendor agreements and ensure that all third-party providers have robust data security measures in place to prevent future breaches.
Google's Nuclear Power Initiative for AI Data Centers
Google is supporting the development of seven micro-nuclear reactors to power AI data centers across the U.S. These reactors are expected to deliver between 275 and 375 megawatts of power. This move is aimed at addressing the increasing power demands of AI technology.
Action Item: Monitor Energy Supply Chain Risks. As nuclear energy enters the supply chain for data centers, cybersecurity professionals must consider the potential risks these systems introduce, particularly with state-sponsored attacks targeting critical infrastructure.
Firefox Patch for Tor Browser Users
Firefox has released a security patch addressing a vulnerability (CVE-2024-9680) being exploited against Tor browser users. This bug allowed attackers to execute malicious code within the browser’s content process.
Action Item: Update Browsers. IT teams should ensure that Firefox and other critical software used within their organizations are updated to the latest versions to close potential vulnerabilities.
Venture Capital Funding in Cybersecurity Declines by 51%
Cybersecurity funding has seen a steep drop of 51% in Q3 2024, with investments focusing more on AI technologies. Only a few cybersecurity startups secured rounds of more than $100 million during the last quarter.
Action Item: Innovate Within Existing Budgets. With less venture capital funding available, cybersecurity professionals should focus on maximizing the value of existing tools and resources, prioritizing innovation within budget constraints.
Conclusion
The podcast wrapped up by emphasizing the need for vigilance and timely action in addressing these issues, particularly in third-party vendor management, patching vulnerabilities, and preparing for regulatory changes. James also encouraged listeners to stay informed through CyberHub’s Substack newsletter and join future podcasts for more updates.
Cybersecurity professionals should prioritize:
vendor risk management
system updates compliance with evolving security regulations
✅ Story Links:
https://therecord.media/national-public-data-bankruptcy-cyberattack
https://www.cybersecuritydive.com/news/critical-cve-fortinet-exploited/729736/
https://www.securityweek.com/ivanti-csa-zero-day-exploitation-attributed-to-state-sponsored-hackers/
https://www.infosecurity-magazine.com/news/dod-cybersecurity-standards/
https://therecord.media/recently-patched-firefox-bug-being-used-against-tor-browser-users
https://www.cybersecuritydive.com/news/funding-slides-q3/729550/
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
✅ Important Links to Follow:
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
Share this post