Neiman Marcus Snowflake Breach, VR Vulnerable to Ransomware, Polyfill Attack impacts 100K Websites

James welcomes listeners to the CyberHub Podcast and emphasizes the importance of subscribing and following on various platforms.

He appreciates viewer feedback and mentions that some stories today are brought by the audience. He also plugs the CyberHub Podcast Substack for exclusive content and merchandise.

Neiman Marcus Breach

Luxury retailer Neiman Marcus disclosed a data breach related to their Snowflake account. Attackers accessed names, contact information, dates of birth, and gift card numbers. 64,472 people were affected. Identity theft protection services were not offered as no sensitive data like Social Security numbers were compromised.

Action Items:

1. Review and enhance security measures around third-party platforms.

2. Monitor gift card balances and personal information for any unusual activity.

VR Headset Malware Attacks

Apple’s Vision Pro and Meta’s Quest 3 VR headsets have been targeted. Harish Gansanan demonstrated how to install malware on the Quest 3 without developer mode. He installed COVID Lock ransomware, highlighting the potential for more severe attacks.

Action Items:

1. Stay updated with the latest security patches and avoid installing unverified apps.

BTC Turk Cryptocurrency Exchange Hack

Turkey’s largest cryptocurrency exchange, BTC Turk, suffered a hack losing 51 million euros worth of crypto. Only hot wallets of 10 cryptocurrencies were affected.

Action Items:

1. Use cold wallets for storing significant amounts of cryptocurrency.

Polyfill CDN Domain Attack

Over 100,000 websites using the Polyfill CDN domain were compromised. Attackers injected malicious code redirecting users to sports betting and adult sites.

Action Items:

1. Immediately remove the Polyfill domain and switch to alternatives like Cloudflare.

2. Regularly audit third-party dependencies for security issues.

Zyxel NAS Devices Vulnerability

A critical severity vulnerability in Zyxel’s NAS devices is being exploited by botnets. Vulnerability (CVE-2024-2973) allows remote code execution via a crafted HTTP POST request.

Action Items:

1. Apply the latest patches immediately.

2. Monitor devices for unusual activity and reinforce network security.

Siemens Vulnerabilities

Siemens patched vulnerabilities in their SICAM products affecting the energy sector. The vulnerabilities could lead to unauthorized code execution and data theft.

Action Items:

1. Apply Siemens’ security patches and implement multi-factor authentication.

2. Regularly update and review security protocols for critical infrastructure systems.

Snail Load Attack

Researchers at Graz University discovered a side-channel attack called Snail Load. The attack allows inference of viewed websites and content without direct traffic access.

Action Items:

1. Study the Snail Load method and develop mitigation strategies.

Cyber Attacks by Suspected China and North Korea Group

A cluster of attacks linked to China and North Korea targeting government and critical infrastructure sectors. Known as ChamelGang, they used ransomware like CatB to compromise systems.

Action Items:

1. Enhance cybersecurity measures and conduct regular threat assessments.

2. Implement comprehensive incident response plans and train staff on cybersecurity best practices.

Closing Remarks

James wraps up by urging listeners to stay cyber safe and connect with the CyberHub Podcast on social media. He thanks the audience and reminds them to share any interesting stories for future episodes.

Remember: Stay informed, stay secure, and always be prepared for emerging cyber threats.

👀 SHOW Supporters:

Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub

✅ Story Links: 

https://therecord.media/neiman-marcus-snowflake-breach-thousands

https://www.securityweek.com/metas-virtual-reality-headset-vulnerable-to-ransomware-attacks-researcher/

https://www.euronews.com/next/2024/06/22/turkeys-biggest-crypto-exchange-btcturk-hacked

https://www.securityweek.com/polyfill-supply-chain-attack-hits-over-100k-websites/

https://www.securityweek.com/recent-zyxel-nas-vulnerability-exploited-by-botnet/

https://www.securityweek.com/siemens-sicam-vulnerabilities-could-facilitate-attacks-on-energy-sector/

https://www.securityweek.com/new-snailload-attack-relies-on-network-latency-variations-to-infer-user-activity/

https://thehackernews.com/2024/06/chinese-and-n-korean-hackers-target.html

https://securityintelligence.com/news/poland-cybersecurity-spending-increases/

https://therecord.media/honey-trap-whatsapp-messages-uk-politicians-arrest

https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-law-firms-targeting-crypto-scam-victims/

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Website: https://www.cyberhubpodcast.com

👉Substack:

CISO Talk by James Azar

The latest on Cybersecurity, Privacy, Technology & Geo-Politics and all from a practitioner and intel point of view

👉Listen here: https://linktr.ee/cyberhubpodcast   

✅ Stay Connected With Us.

👉Rumble: https://rumble.com/c/c-1353861 

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

✅ About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.