👀 SHOW Supporters:
Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub
Transport for London (TfL) Cyber Attack
TfL, the city's transport authority, is investigating a cyber attack that has not yet impacted services, though some operational delays are reported. The incident has been reported to the UK's National Cyber Security Centre and National Crime Agency.
Action Items:
Monitor Updates: Keep an eye on official updates from TfL and relevant authorities.
Prepare Contingency Plans: If you rely on London's public transport, plan for potential disruptions.
WazirX Cryptocurrency Hack
WazirX, a leading cryptocurrency exchange in India, revealed that 43% of customer funds were lost in a cyber attack, totaling over $230 million. The exchange is undergoing restructuring, with a six-month timeline to address liabilities.
Action Items:
Review Crypto Security Practices: Ensure robust security measures for handling cryptocurrencies, especially multi-signature wallets.
Stay Informed on Legal Developments: Monitor legal actions and restructuring plans related to WazirX.
CISA's New Cyber Incident Reporting Portal
CISA launched a beta version of its online portal for voluntary reporting of cyber attacks, vulnerabilities, and data breaches. This portal is in preparation for mandatory reporting for critical infrastructure organizations in 2024.
Action Items:
Test the Portal: Critical infrastructure organizations should start using the portal to familiarize themselves with its features.
Prepare for Mandatory Reporting: Begin developing internal processes to comply with future mandatory reporting requirements.
BlackByte Ransomware as a Service (RaaS) Update
Talos has identified BlackByte RaaS as an offshoot of the notorious Conti group. The group exploits the ESXi hypervisor vulnerability (CVE-SX) and targets enterprise systems.
Action Items:
Strengthen EDR and Hypervisor Security: Ensure that your security operations center is vigilant about these vulnerabilities.
Patch Systems Promptly: Regularly update and patch your systems to mitigate these threats.
Russian State-Backed APT29 Exploits
Google researchers reported that Russian APT29 (Midnight Blizzard) reused exploits previously deployed by spyware vendors like NSO Group. These exploits targeted iOS and Chrome vulnerabilities in a campaign affecting Mongolian government websites.
Action Items:
Patch Devices: Ensure that all devices, especially those running iOS and Chrome, are updated to the latest versions.
Monitor for Exploits: Stay alert for potential attacks using these or similar exploits.
Microsoft MacOS Vulnerabilities
Eight vulnerabilities were discovered in Microsoft applications for Mac OS, including Outlook, Teams, and Word. These vulnerabilities could allow attackers to gain elevated privileges and access sensitive data.
Action Items:
Check for Updates: Ensure that all Microsoft applications on Mac OS are up to date.
Limit Access: Review and restrict access to sensitive systems, especially for users with Mac OS devices.
CrowdStrike Legal and Congressional Challenges
CrowdStrike is facing multiple legal challenges, including a $500 million lawsuit from Delta Airlines and potential congressional testimony regarding a software update failure. Several other major companies are also pursuing legal action against CrowdStrike.
Action Items:
Monitor Legal Proceedings: Keep an eye on the outcomes of these cases as they may impact cybersecurity practices and regulations.
FTC Fine Against Verkada
The FTC imposed a $3 million fine on Verkada for cybersecurity failures that led to multiple breaches. The violations included inadequate password security, insecure default settings, and insufficient access controls.
Action Items:
Enhance Security Practices: Review and strengthen security practices to ensure they meet or exceed FTC guidelines.
Implement MFA and Access Controls: Ensure that multi-factor authentication and robust access controls are in place across all systems.
Stay Updated: Follow CyberHub’s platforms for the latest cybersecurity news and updates.
Free Speech Concerns: A new article on the potential global impact of France and Brazil’s approach to free speech online is available on CyberHub's Substack. Understanding these issues is crucial for cybersecurity practitioners.
Next Episode Preview
Tune in tomorrow at 9 a.m. Eastern for more cybersecurity updates, and be sure to check out our latest content on YouTube and Substack. Azar! This post is public so feel free to share it.
✅ Story Links:Â
https://thecyberexpress.com/indian-crypto-exchange-wazirx-cyberattack/
https://www.cybersecuritydive.com/news/cisa-cyber-incident-portal/725770/
https://thecyberexpress.com/security-camera-firm-verkada-fined/
https://thehackernews.com/2024/09/new-flaws-in-microsoft-macos-apps-could.html
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1 Â
✅ Important Links to Follow:Â
👉Substack:
👉Listen here: https://linktr.ee/cyberhubpodcast  Â
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/Â
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/Â
👉Twitter (X): https://twitter.com/cyberhubpodcastÂ
👉Instagram: https://www.instagram.com/cyberhubpodcastÂ
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.Â
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.Â
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
🚨 Transport London Disclosed Security Incident, WazirX Troubles, CISA Cyber Incident Portal Launch