In the latest episode of the Cyber Hub Podcast, aired on December 27, 2023, host James Azar delves into a range of cybersecurity topics, offering insights into recent incidents and emerging trends in the industry.
Nissan Under Ransomware Attack: The episode kicks off with news of a ransomware attack on Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand. The Akira ransomware group claimed responsibility, threatening to leak 100 gigabytes of stolen data, including personal information of employees.
Integris Health Data Breach: The largest non-profit healthcare system in Oklahoma, Integris Health, reported a data breach affecting patient personal information. The breach, which occurred in November, exposed sensitive data, including social security numbers, raising concerns about the security measures in place.
Linux SSH Servers Targeted: The podcast also highlighted a security threat involving poorly secured Linux SSH servers. These servers are being exploited by threat actors to install malware for cryptocurrency mining and DDoS attacks. The attackers use dictionary attacks to guess SSH credentials and propagate the infection.
GitHub's MFA Deadline: GitHub users are reminded of the upcoming deadline for enabling Multi-Factor Authentication (MFA). Set for January 19, 2024, this requirement aims to enhance account security, with a recommendation to use authentication apps over text messages.
Barracuda Email Security Gateway Zero-Day Exploit: Chinese-linked attackers continue to exploit vulnerabilities in Barracuda Email Security Gateway appliances. A new zero-day vulnerability, CVE-2023-7102, was identified, allowing attackers to deliver malware through specially crafted Excel files.
Cloud Atlas Phishing Attacks: Russian research companies and enterprises are facing persistent phishing attacks from the Cloud Atlas group. These attacks often start with phishing emails exploiting an old Office vulnerability to install backdoors.
CMMC 2.0 Released: The Pentagon has released the proposed rules for the Cybersecurity Maturity Model Certification (CMMC) 2.0. This updated framework aims to enhance cybersecurity standards for Department of Defense contractors, with a focus on implementing cybersecurity measures before contract awards.
The episode concluded with a reminder of the next day's show, which will be the last for the year, and a thank you to the audience for their participation and support.
The CyberHub Podcast continues to provide valuable insights and updates on cybersecurity, keeping professionals and enthusiasts informed on the latest developments in the field.
Show Notes and Story Links:
https://www.securityweek.com/ransomware-group-claims-100-gb-of-data-stolen-from-nissan/
https://www.securityweek.com/integris-health-data-breach-could-impact-millions/
https://thehackernews.com/2023/12/warning-poorly-secured-linux-ssh.html
https://thehackernews.com/2023/12/cloud-atlas-spear-phishing-attacks.html
Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!
Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact
******
Listen here: https://linktr.ee/cyberhubpodcast
SubStack:
******
Website: https://www.cyberhubpodcast.com
Youtube: https://www.youtube.com/c/TheCyberHubPodcast
Rumble: https://rumble.com/c/c-1353861
Facebook: https://www.facebook.com/CyberHubpodcast/
Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
Twitter: https://twitter.com/cyberhubpodcast
Instagram: https://www.instagram.com/cyberhubpodcast
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Share this post