CISO Talk by James Azar
CyberHub Podcast
🚨 US Marshall Service Disputes Breach Claims, Cloud Extortion Attacks, Snowflake & SaaS Security
0:00
Current time: 0:00 / Total time: -18:05
-18:05

🚨 US Marshall Service Disputes Breach Claims, Cloud Extortion Attacks, Snowflake & SaaS Security

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioner’s breakdown the latest to bolster their cybersecurity programs

👀 SHOW Supporters:

Today’s Episode is supported by our friends at Nudge Security free 14-day trial to all CyberHub Podcast community members at https://www.nudgesecurity.com/cyberhub

U.S. Marshal Service Ransomware Claims

The U.S. Marshal Service is refuting claims by the Hunter’s International ransomware gang, who listed them as a victim on their data leak site. The Marshal Service reviewed the materials posted on the dark web and concluded that they do not stem from any new or undisclosed incident. The gang has not yet released any substantial stolen documents, casting doubt on the legitimacy of their claims.

Young Consulting Data Breach

Young Consulting is notifying 950,000 individuals of a data breach that occurred earlier this year, compromising sensitive personal information, including Social Security numbers and insurance details. The breach was attributed to the BlackSuit ransomware gang, who accessed the network between April 10th and April 13th.

SaaS Security and Bling Libra Attacks

Researchers from Palo Alto Networks’ Unit 42 unveiled details about the Bling Libra group, known for the Ticketmaster breach. The group has been targeting AWS environments using stolen credentials, conducting reconnaissance operations, and potentially laying the groundwork for larger attacks.

Action Item:

  • Implement strong identity and access management (IAM) practices, including mandatory multi-factor authentication (MFA) across all cloud and SaaS environments.

  • Regularly audit and inventory all SaaS applications used within the organization.

Snowflake and SaaS Security Debate

Snowflake's CEO addressed recent security concerns following a wave of attacks. While Snowflake’s infrastructure wasn’t breached, customers who failed to implement MFA were compromised. This raises the ongoing debate about the balance between enforcing strict security measures and maintaining user experience.

Action Item:

  • Consider enforcing security best practices, such as mandatory MFA, even if it may impact user experience.

  • Security measures should be non-intrusive yet effective, protecting users without diminishing the product's usability.

    Thanks for reading CISO Talk by James Azar! This post is public so feel free to share it.

    Share

Apache OFBIS Vulnerability

CISA added a critical Apache OFBIS vulnerability (CVE-2024-38856) to its Known Exploited Vulnerabilities Catalog. This incorrect authorization flaw allows unauthenticated endpoints to execute code, affecting all versions through 18.12.14. A fix is available in version 18.12.15.

Action Item:

  • Immediately update all affected Apache OFBIS instances to version 18.12.15 or later to mitigate the risk of exploitation.

  • Ensure continuous monitoring for any signs of attempted exploitation.

Microsoft Endpoint Security Summit

Microsoft is organizing a summit in Redmond, Washington, to align antivirus (AV) partners following lessons learned from the recent CrowdStrike outage, which exclusively impacted Windows devices.

Action Item:

  • Stay informed about outcomes and recommendations from the summit.

  • Review and strengthen endpoint security strategies, particularly for Windows devices, to avoid similar incidents.

U.S. State Department's Malware Distribution Reward

The U.S. State Department announced a $2.5 million reward for information leading to the arrest of Vladimir Katoraya, a Belarusian national involved in widespread malware distribution.

SEC Settlement with Community Trust

The SEC reached a settlement with Community Trust for $850,000 over their failure to secure millions in client funds due to cyber intrusions. The fine was imposed despite the loss being around $4 million.

Interview with David Katz on FTC Hashing Rules

David Katz, a prominent cybersecurity attorney, discussed the FTC’s warning about the misuse of hashing for data security. He emphasized the importance of clear communication between CISOs and legal teams to avoid potential regulatory scrutiny.

Action Item:

CISOs should engage in proactive communication with legal teams to ensure that the technical aspects of data security are accurately represented in public statements. Keep detailed records of all advice provided to protect against future legal challenges.

Conclusion

The CyberHub Podcast covered a range of pressing cybersecurity issues, from data breaches and ransomware to regulatory challenges and cloud security. Each story emphasizes the need for strong, proactive security measures and clear communication between technical and legal teams to navigate the complex landscape of cybersecurity risks and regulations.

Leave a comment

✅ Story Links: 

https://www.bleepingcomputer.com/news/security/us-marshals-service-disputes-ransomware-gangs-breach-claims/

https://www.securityweek.com/950000-impacted-by-young-consulting-data-breach/

https://www.darkreading.com/threat-intelligence/threat-group-bling-libra-extortion-cloud-attacks

https://www.cybersecuritydive.com/news/snowflake-security-responsibility-customers/724994/

https://www.securityweek.com/second-apache-ofbiz-vulnerability-exploited-in-attacks/

https://www.securityweek.com/microsoft-convenes-endpoint-security-firms-following-crowdstrike-incident/

https://www.securityweek.com/us-offering-2-5-million-reward-for-belarusian-malware-distributor/

https://www.cybersecuritydive.com/news/sec-settles-cyber-equiniti-trust/725227/

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast   

Stay Connected With Us.

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.