ServiceNow Vulnerabilities
Critical vulnerabilities (CVE-2024-4879, CVE-2024-5217, and CVE-2024-5178) in ServiceNow's platform have been exploited by threat actors. Apply the released patches and hotfixes for Utah, Vancouver, and Washington DC versions immediately. Implement temporary mitigations, such as limiting access and enhancing MFA, until patches are fully applied.
CrowdStrike Outage Impact
The CrowdStrike outage has resulted in an estimated $5.4 billion loss for Fortune 500 companies, with cyber insurance expected to cover only a fraction. Companies affected should review their cyber insurance policies and prepare for potential legal disputes regarding coverage. They should also assess the impact on their operations and plan for business continuity.
Acronis Cyber Infrastructure Vulnerability
A critical vulnerability (CVE-2023-45249) in Acronis Cyber Infrastructure due to a default password has been exploited. Update to the latest ACI versions immediately and ensure default passwords are changed in all systems.
South Korea Defense Intelligence Data Breach
Sensitive data, including personal information about agents, was leaked from the Korea Defense Intelligence Command, possibly to North Korea.
Action Item:
South Korean authorities need to enhance data security protocols, especially for sensitive intelligence information, ensuring it is stored in secure, restricted access environments.
Gemini Cryptocurrency Data Breach
A third-party breach exposed Gemini's customer banking information.
Action Item:
Affected users should monitor their bank accounts for suspicious activity and update their banking details. Gemini should strengthen vendor security measures.
HealthEquity Data Breach
A third-party breach affected 4.3 million individuals, exposing personal and health information.
Action Item:
Affected individuals should monitor their accounts and consider identity theft protection. HealthEquity should review vendor security practices and improve breach response protocols.
Ghost RAT Malware via Ghost Gambit Dropper
Ghost RAT malware is being distributed through fake websites targeting Chinese-speaking users. Users should avoid downloading software from untrusted sources and verify the legitimacy of websites before downloading. Organizations should enhance web filtering and endpoint protection.
Cross-Site Scripting Vulnerability in OAuth
A vulnerability in OAuth implementations could expose websites to cross-site scripting attacks. Developers should review OAuth integrations and implement necessary security measures to prevent exploitation.
Smishing Attacks in India
Chinese hackers are using smishing attacks to target Indian citizens, posing as the India Post. Indian users should be cautious of unsolicited messages and verify any claims through official channels. Authorities should enhance public awareness about phishing threats.
France's Cybersecurity Measures for the Olympics
France is launching a large-scale operation to counter cyber espionage ahead of the Olympics.
Closing Notes
The CyberHub Podcast team emphasizes the importance of staying informed and proactive in addressing cybersecurity threats. Subscribe, follow, and engage with the podcast for the latest updates and expert insights.
Stay cyber safe!
For more information, please visit our website:
https://www.cyberhubpodcast.com/
👀 SHOW Supporters:
Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub
✅ Story Links:
https://www.securityweek.com/threat-actors-exploit-fresh-servicenow-vulnerabilities-in-attacks/
https://www.cybersecuritydive.com/news/crowdstrike-cost-fortune-500-losses-cyber-insurance/722396/
https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/
https://thecyberexpress.com/south-korea-data-breach/
https://thehackernews.com/2024/07/gh0st-rat-trojan-targets-chinese.html
https://www.securityweek.com/4-3-million-impacted-by-healthequity-data-breach/
https://therecord.media/france-combat-cyber-spying-operation-olympics
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
✅ Important Links to Follow:
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
For Collaboration and Business inquiries, please use the contact information below:
📩 Email: info@cyberhubpodcast.com
Share this post