CISO Talk by James Azar
CyberHub Podcast
Snowflake linked to Infostealer, Cylance Data Breach, 23andme Investigation, ARM & Veeam Exploit
0:00
-16:21

Snowflake linked to Infostealer, Cylance Data Breach, 23andme Investigation, ARM & Veeam Exploit

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioners breakdown the latest to bolster their cybersecurity programs
James Azar
Jun 11, 2024
Share
Transcript

Good Morning, Security Gang!

Welcome to the CyberHub Podcast for Tuesday, June 11, 2024. Hosted by our friends at Nudge Security, today's episode dives deep into recent cyber incidents and their implications.

Snowflake Incident

165 organizations were affected by an incident at Snowflake, attributed to InfoStealer malware attacks on customers rather than Snowflake's enterprise environment. These attacks started on April 14th, targeting accounts without proper MFA protections, often exploiting credentials compromised years ago.

Action Points:

  • Implement MFA: Ensure multi-factor authentication is enabled across all accounts.

  • Regularly Update Credentials: Rotate and update credentials periodically to avoid using long-exposed passwords.

Cylance Data Breach

A threat actor known as Sp1der is selling old marketing data from Cylance, including 34 million customer and employee emails and PII. While the data appears to be old, its potential misuse cannot be dismissed.

Action Points:

  • Verify and Update Security Protocols: Reassess your data protection strategies.

  • Monitor Data Breach Forums: Keep an eye on forums for any mentions of your organization’s data.

New York Times Source Code Leak

270 gigabytes of internal New York Times data, including source code for the Wordle game, internal communications, and authentication details, were leaked. This leak traces back to a compromised credential in January 2024.

Action Points:

  • Rotate Credentials Regularly: Change passwords frequently to prevent unauthorized access.

  • Improve Visibility: Ensure full visibility into all environments, including GitHub.

23andMe Data Breach Investigation

Privacy authorities in Canada and the UK are investigating the scope of the sensitive customer information exposed in the 23andMe data breach. The investigation aims to assess whether adequate safeguards were in place.

Action Points:

  • Enhance Customer Data Protection: Strengthen security measures to protect sensitive genetic information.

  • Conduct Regular Security Audits: Perform periodic audits to identify and mitigate potential vulnerabilities.

ARM and Veeam Vulnerabilities

ARM warned of a memory safety bug in the Mali GPU kernel drivers, being exploited in the wild. Veeam's Backup Enterprise Manager has an authentication bypass flaw that now has a publicly available exploit.

Action Points:

  • Patch Systems Promptly: Apply the latest security updates without delay.

  • Restrict Network Access: Limit access to only trusted IP addresses and use firewalls.

SAP Security Updates

SAP released security patches addressing cross-site scripting bugs in their financial consolidation software.

Action Points:

  • Update SAP Systems: Apply the latest security patches to SAP products.

  • Monitor for Exploits: Keep an eye on any exploits targeting SAP vulnerabilities.

American Privacy Rights Act

The American Privacy Rights Act faces challenges with various lobbyists aiming to modify its provisions. Key issues include state law preemption and data broker regulations.

Fortinet Acquires Lacework

Fortinet announced plans to acquire Lacework, a cloud security startup, signaling further consolidation in the cybersecurity industry.

Closing Remarks

Stay tuned for more updates and tomorrow's episode dedicated to Patch Tuesday updates. Subscribe and stay cyber safe!, and ensure you check out our sponsor, Nudge Security, for comprehensive SaaS security solutions. Stay cyber safe!

Join James Azar’s subscriber chat
Available in the Substack app and on web

👀 SHOW Supporters:

Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub

✅ Story Links: 

https://www.securityweek.com/snowflake-attacks-mandiant-links-data-breaches-to-infostealer-infections/

https://www.bleepingcomputer.com/news/security/cylance-confirms-data-breach-linked-to-third-party-platform/

https://www.darkreading.com/cloud-security/new-york-times-internal-data-nabbed-from-github

https://www.bleepingcomputer.com/news/security/23andme-data-breach-under-investigation-in-uk-and-canada/

https://www.securityweek.com/arm-warns-of-exploited-kernel-driver-vulnerability/

https://www.bleepingcomputer.com/news/security/exploit-for-critical-veeam-auth-bypass-available-patch-now/

https://www.securityweek.com/sap-patches-high-severity-vulnerabilities-in-financial-consolidation-netweaver/

https://www.securityweek.com/fortinet-expands-cloud-security-portfolio-with-lacework-acquisition/

https://therecord.media/apra-markup-nears-knives-out-data

✅ Important Links to Follow: 

👉Website: https://www.cyberhubpodcast.com

👉Substack:

CISO Talk by James Azar
The latest on Cybersecurity, Privacy, Technology & Geo-Politics and all from a practitioner and intel point of view

👉Listen here: https://linktr.ee/cyberhubpodcast   

Stay Connected With Us.

👉Rumble: https://rumble.com/c/c-1353861 

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.
Listen on
Substack App
RSS Feed
Appears in episode
James Azar
Recent Episodes
🚨 Cisco Confirms Data Breach, Internet Archive Hacked Again, Microsoft Losses Log Data, Wiper Attacks
  James Azar
From the Israeli Air Force to CISO Stardom: Esther Pinto on Building Security Culture at Startups
  James Azar
Anonymous Sudan Charged, Hacker USDoD Arrested, Ransomware Attacks Tripled, Nvidia GenAI Flaw
  James Azar
Cisco Investigates Breach, Chinese Researchers Break RSA Encryption, SolarWinds Helpdesk Exploit, Passkeys
  James Azar
🚨 National Public Data Files Chapter 11, Critical Fortinet Flaws, China Steps up Aggression, CMMC 2.0
  James Azar
Iran Exploits Windows Flaw & OpenAI, China’s Salt Typhoon Attack Fears, Ransomware Costs Soar
  James Azar
Internet Archive Data Breach, Marriott Fined over Data Breach, AI powered Cybercrime on the Rise
  James Azar
Ex Uber CISO asks for Fair Trial, Air Gapped Networks Breached, Patch Tuesday Recap, Microsoft ZeroDay
  James Azar