Good Morning, Security Enthusiasts!
On the January 10th, 2024 edition of the Cyberhub Podcast, host James Azar led a densely packed episode, navigating through an unprecedented 15 stories, significantly more than the average five to seven usually discussed. The episode kicked off with a humorous yet concerning story about the SEC Chair's X account being hacked, mistakenly announcing the approval of a Bitcoin ETF, which temporarily spiked Bitcoin's value.
Turkish Cyber Threats and Microsoft SQL Server Attacks
A major focus was on the surge of cyber activities from Turkey. A group of Turkish attackers, driven by financial motives, have been targeting Microsoft SQL Servers globally, deploying Mimic ransomware. These attacks, known as Returgeons, are prominent in the EU, U.S., and Latin America, and end either in ransomware deployment or selling access to compromised hosts.
China's Breakthrough in AirDrop Security
In a startling development, China claimed to have cracked Apple's AirDrop, potentially exposing users' phone numbers and email addresses. This discovery is significant, given the use of AirDrop in circumventing Chinese censorship, especially during the 2019 Hong Kong pro-democracy protests.
Patch Tuesday Highlights: Microsoft and Android Updates
The podcast covered the first Patch Tuesday of 2024, with Microsoft releasing updates for 49 flaws, including 12 remote code execution vulnerabilities. Android's update was also significant, addressing 58 vulnerabilities, including three critical security bugs in Pixel devices.
Critical Updates from Schneider Electric and Siemens
In the utilities sector, Schneider Electric and Siemens released important updates. Siemens published advisories covering 21 different vulnerabilities, the most severe being in the Symantec IPCs. Schneider Electric informed customers about a high-severity flaw.
FTC Cracks Down on Data Brokers
A key regulatory update involved the FTC's action against Logic, a data broker. The FTC mandated the deletion of all unlawfully collected sensitive location data, highlighting the importance of consumer privacy and the need for comprehensive federal privacy regulation.
Significant Market Movements: HPE Acquires Juniper Networks
The episode also covered notable market consolidations, including Hewlett Packard Enterprise's acquisition of Juniper Networks for $14 billion, and Delaina's acquisition of Israeli startup Optimize, marking significant shifts in the networking and identity threat detection sectors.
In conclusion, this episode of the Cyberhub Podcast offered a whirlwind tour of the current state of cybersecurity, from regulatory changes and market consolidations to emerging threats and critical updates, reflecting the dynamic and evolving nature of the digital security landscape.
Show Notes and Story Links:
https://www.securityweek.com/sec-chair-says-account-on-x-was-hacked/
https://www.securityweek.com/androids-january-2024-security-update-patches-58-vulnerabilities/
https://www.securityweek.com/hewlett-packard-enterprise-to-acquire-juniper-networks-for-14-billion/
https://www.securityweek.com/delinea-acquires-authomize-to-tackle-identity-based-threats/
Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!
Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact
******
Listen here: https://linktr.ee/cyberhubpodcast
SubStack:
******
Website: https://www.cyberhubpodcast.com
Youtube: https://www.youtube.com/c/TheCyberHubPodcast
Rumble: https://rumble.com/c/c-1353861
Facebook: https://www.facebook.com/CyberHubpodcast/
Linkedin: https://www.linkedin.com/company/cyberhubpodcast/
Twitter: https://twitter.com/cyberhubpodcast
Instagram: https://www.instagram.com/cyberhubpodcast
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Share this post