š Welcome to the 27th edition Cyber Weekly DigestĀ of 2024.
This week in badly emojied bullet points:
š«µš» Another week, another hire... welcome to the team Chris Faulkner, our new Cyber Security Consultant. A 30 year security veteran, lover of pizza and karaoke, father of many humans and one German Shepherd. Excited to have you on board Chris!
š§š» Our Cyber Wizard HP attended the first Climb Partner Summit. Great event, great company (Censys) and even won a pair of headphones - magic!
š The ultimate news of the week... Two donkeys spotted outside CV HQ. I know what you're thinking, Nigel and Rishi on their campaign trails but no, these guys are way too cute!
NewĀ and noteworthyĀ this week:
Ā
š£ Notice a spike or drop in active hosts? It might be a red flag!Ā #CensysTip: Analyse the historical trends in your data. Big changes could hint at suspicious events, like the start of a threat incident. Check out this eBook from our friends at Censys on how to stay alert and keep your network safe!Ā
š£ We know that vulnerabilities are inevitable, but how you respond sets you apart. Bugcrowd's Vulnerability Disclosure Programs (VDPs) provide a secure, trusted channel for hackers to report issues. Research shows that most hackers won't report a vulnerability without a clear, safe path. Protect your data, check out this blog
š£ Recent hacks into university data and systems highlight the importance of TPRM in higher education. Did you know that 85% of UK Universities have experienced some sort of data breach? Read why TPRM has become a priority in higher education and more in this super helpful guide from Risk Ledger
š£ How can you surface the risks your employees make in real time? How can you automatically deliver tailored coaching when specific behaviours are observed? How can you nudge an employee to fix their risky behaviour right as it happens? With an end-to-end human risk management platform of course! CultureAI enters the chat... Boom!
Last but not least...
š£ Abnormal Security excitedly announced this week the official release of AI Security Mailbox! This cutting-edge tool is designed to enhance the cybersecurity landscape by providing personalised, GenAI-driven responses to employee-reported emails. Pretty cool!
Now, let's take a look at our Cyber Weekly Digest, highlighting our top cyber security news picks of the week.
Ā
šØ This week we were reminded of the importance of API security, heard about some not so Wise data issues and received a huge warning over using personal devices!
Ā
Keep reading to stay up to date on the latest cyber security news.
Ā
Thousands of pedophiles who download and share child sexual abuse material (CSAM) were identified through information-stealing malware logs leaked on the dark web, highlighting a new dimension of using stolen credentials in law enforcement investigations. The novel use of the dataset was conducted by Recorded Future's Insikt Group, who shared a report explaining how they identified 3,324 unique accounts that accessed illegal portals known for distributing CSAM. By leveraging other data stolen from the target, Insikt analysts could track those accounts to usernames on various platforms, derive their IP addresses, and even system information.
Ā
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. Authy is a mobile app that generates multi-factor authentication codes at websites where you have MFA enabled.Ā In late June, a threat actor named ShinyHunters leaked a CSV text file containing what they claim are 33 million phone numbers registered with the Authy service.
Ā
Healthcare fintech firm HealthEquity is warning that it suffered a data breach after a partner's account was compromised and used to access the Company's systems to steal protected health information. The Company says it detected the compromise after detecting 'anomalous behavior' from a partner's personal device and launched an investigation into the incident. The investigation revealed that the partner had been compromised by hackers who leveraged the hijacked account to gain unauthorized access to HealthEquity's systemsĀ and, later, exfiltrate sensitive health data.
Ā
JavaScript scripts referencing the recently suspended polyfill.io domain are present on over 380,000 internet-exposed hosts, attack surface management firm Censys reports. Used to host polyfills, small JavaScript bits providing modern functionality in older browsers, polyfill.io was suspended last week, after it was caught redirecting the visitors of websites embedding polyfill.io code to betting and adult sites. The security community linked the malicious behavior to the siteās owner, the Chinese content delivery network (CDN) company Funnull, which bought polyfill.io and the associated GitHub repository in February 2024.
Fintech companies Wise and Affirm have revealed that the recent data breach suffered by Evolve Bank impacts some of their customers. The notorious ransomware group LockBit recently threatened to leak data allegedly stolen from the US Federal Reserve. The cybercriminals did leak data on June 26, but it turned out that the files actually originated from an Arkansas-based financial organization, Evolve Bank & Trust.
The bank almost immediately confirmed that the hackers apparently gained access to customer and financial technology partner information.Ā
Comments