CISO Talk by James Azar
CyberHub Podcast
🚨 The Facts Behind the Crowdstrike Outage, WazirX Crypto Theft, SolarWinds SEC Case News
0:00
Current time: 0:00 / Total time: -17:52
-17:52

🚨 The Facts Behind the Crowdstrike Outage, WazirX Crypto Theft, SolarWinds SEC Case News

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioner’s breakdown the latest to bolster their cybersecurity programs

Good morning, Security Gang!

Welcome to the Cyber Help Podcast. Today, we delve into the aftermath of the CrowdStrike outage, the WazirX crypto theft, and a significant SolarWinds update. Let's dive in!🚨 The Facts Behind the Crowdstrike Outage, WazirX Crypto Theft, SolarWinds SEC Case News   

CrowdStrike Outage

On Friday, a faulty software update from CrowdStrike caused a massive outage affecting 8.5 million Windows devices, disrupting major operations, including those at Atlanta's Hartsfield-Jackson Airport. Recovery is ongoing, with full resolution expected by Wednesday. Microsoft released a USB tool to expedite the repair process, with less than 1% of all Windows machines affected.

Action Items:

1. Use the USB Tool: IT admins should use Microsoft's USB tool to repair impacted Windows clients and servers.

2. Verify Authentic Sources: Engage only with official CrowdStrike representatives and platforms to avoid malware disguised as recovery tools.

Leave a comment

WazirX Crypto Theft

WazirX suffered a cyberattack, resulting in the theft of $230 million from a multi-sig wallet. The company has suspended withdrawals and launched a bug bounty program to recover the stolen funds, offering significant rewards for actionable intelligence and recovery assistance.

Action Items:

1. Report Intelligence: Provide actionable intelligence to WazirX for a reward of up to $10,000 USDT.

2. Participate in Recovery Efforts: White hat hackers can assist in recovering the stolen assets, with a potential reward of up to $23 million.

SolarWinds Update

A district court dismissed most charges in the civil fraud case against SolarWinds, except for claims related to the company's 2017 security statement on their trust page. This decision emphasizes the importance of accurate and transparent security claims.

Action Items:

1. Review Trust Pages: Ensure all statements on company trust pages are accurate and up-to-date.

2. Update Software: Apply patches for the critical vulnerabilities in SolarWinds' Access Rights Manager software to prevent remote code execution attacks.

Additional Headlines

  • Revolver Rabbit Campaign: Over 500,000 domain names registered for infostealer campaigns targeting Windows and Mac OS systems. Stay vigilant and update security measures.

  • Ghost Emperor Resurfacing: The advanced Chinese group known for targeting telecoms and government entities has returned with evolved capabilities. Review security protocols and stay informed about their tactics.

  • UK Teen Arrested: A 17-year-old involved in cyberattacks against major organizations, including MGM Resort, was arrested. Continue monitoring for scattered spider activities.

Thank you for joining today's episode. Stay cyber safe and see you tomorrow at 9 a.m. Eastern for more updates.

Stay connected on social media and subscribe to our podcast on your favorite platform.

👀 SHOW Supporters:

Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub

✅ Story Links: 

https://www.securityweek.com/microsoft-says-8-5-million-windows-devices-impacted-by-crowdstrike-incident-publishes-recovery-tool/

https://www.bleepingcomputer.com/news/security/fake-crowdstrike-fixes-target-companies-with-malware-data-wipers/

https://thecyberexpress.com/wazirx-cyberattack-update-bounty-program/

https://www.bleepingcomputer.com/news/security/solarwinds-fixes-8-critical-bugs-in-access-rights-audit-software/

https://www.cybersecuritydive.com/news/majority-sec-fraud-solarwinds-dismissed/721753/

https://www.bleepingcomputer.com/news/security/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/

https://www.darkreading.com/threat-intelligence/notorious-chinese-hacker-gang-re-emerges-after-two-years

https://www.securityweek.com/suspected-scattered-spider-member-arrested-in-uk/

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Website: https://www.cyberhubpodcast.com

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast   

Stay Connected With Us.

👉Rumble: https://rumble.com/c/c-1353861 

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.