š Welcome to the 18th edition Cyber Weekly DigestĀ of 2024.
We've made it to the bank holiday weekend! Did you know that the earliest known May festivities hark back to the Roman day Floralia, celebrating the Roman goddess of flowers? Nope, me neither!
So... whether you're swinging around a maypole and picking daffodils or celebrating the British way with a 24 pack of Carling and an optimistic, yet soggy BBQ, we wish you a great BH weekend!
NewĀ and noteworthyĀ this week:
Ā
š£ Big news at CV HQ with Horizon3.ai Introducing their Rapid Response service: Preemptive threat intelligence that allows you to get ahead of adversaries and secure your exploitable attack surface.
To learn more about this groundbreaking service, you can read the full press release here
Ā
š£ So far in 2024 there has been a 52.2% rise in the number of attacks that have bypassed SEG detection, with cybercriminals purposefully employing technical measures to avoid perimeter detection.
To understand more about the types of attacks that are bypassing the SEG, and why organisations are re-evaluating their traditional technologies, read the latest Phishing Threat Trends Report from Egress here
Ā
š£ ThreatAware are on fire with their blogs right now so we had to share the latest... Is it possible to achieve a single source of truth in cyber security?
In today's digital landscape, cyber-attacks are rising despite the proliferation of security tools. It begs the question: Can we truly attain a single source of truth in cyber security? Read the full blog post here
Ā Last but not least...
š£ Fortinet have just announced new updates to their GenAI portfolio to enhance both network and security operations, including the industryās first generative AI IoT security assistant.
Learn how deeper FortiAI integrations across the Fortinet Security Fabric allow organisations to strengthen their security posture and increase operational efficiency here
Ā
Now, let's take a look at our Cyber Weekly Digest, highlighting our top cyber security news picks of the week.
Ā
šØ This week we heard about an attack on Panda's (don't panic, not the cute black and white variety), a hefty prison sentence for a very naughty ex NSA employee and an important update on the resurfaced ZLoader malware!
Ā
Keep reading to stay up to date on the latest cyber security news.
Ā
Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of associates. Panda Express is the largest Chinese fast food chain in the United States, with over $3 billion in sales and 47,000 associates working in 2,300 branches. The company discovered a data security breach on March 10, 2024, which affected some of its corporate systems but left in-store systems, operations, and guest experience unaffected.
Ā
Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates. According to a new entry added to the Windows health dashboard on Tuesday, this known issue will only affect Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs. "This issue is likely to affect organisations that have a very small percentage of primary domain controllers in their environment and high NTLM traffic."
Ā
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild. Tracked as CVE-2023-7028 (CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover by sending password reset emails to an unverified email address. GitLab, which disclosed details of the shortcoming earlier this January, said it was introduced as part of a code change in version 16.1.0 on May 1, 2023.
Ā
The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it's based on, indicating that it's being actively developed. "The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection," Zscaler ThreatLabz researcher Santiago Vicente said in a technical report. "A similar anti-analysis feature was present in the leaked Zeus 2.X source code, but implemented differently." ZLoader, also called Terdot, DELoader, or Silent Night, emerged after a nearly two-year hiatus around September 2023 following its takedown in early 2022.
Ā
A former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer classified documents to Russia. "This sentence should serve as a stark warning to all those entrusted with protecting national defense information that there are consequences to betraying that trust," said FBI Director Christopher Wray. Jareh Sebastian Dalke, 32, of Colorado Springs was employed as an Information Systems Security Designer between June 6 to July 1, 2022, during which time he had access to sensitive information.
Kommentarer