đ Welcome to the 29th edition Cyber Weekly Digest of 2024.
đ¨ As airlines, banks and media, along with the rest of the worlds Windows users, descend into utter chaos this morning, we hope everyone is safe and give a shout out to all the IT teams settling in for a long weekend. We are here if you need us and thought sharing this workaround might help đ
Katie 'Magic' Maxted has been busy this week securing a venue for the next 'Cyber Security... Is No Joke' Comedy night. Keep your peepers peeled for an announcement next week. Happy to report that one venue was kiboshed due to it's 'vegan only' menu, so fear not salad dodgers, we've got your back!
âŁď¸ A quick reminder that we are now an official partner of S4S Club! Join us on September 17th in London to learn from experts and partners who explain current risks, strategies, and real-life case studies. We're incredibly proud to be part of an event bringing true value to all attendees.
đł Lastly, I suffered an unexpected hack this week (apparently) of my Hotmail account. An email interestingly titled 'Hello pervert' certainly drew my attention! I was informed that the hacker had indecent videos of me but after careful consideration, unless he was referring to Sexy Salesforce or Titillating Teams I could only conclude that it was he, rather than I, that was pulling my plonker.
New and noteworthy this week:
Â
đŁ Did you see the announcement that Bugcrowdâs #acquisition of Informer - External Attack Surface Management was listed among the biggest #cybersecurity deals of May and June 2024 by James Coker in Infosecurity Magazine? Read all about it here
đŁ It's all going off at CultureAI this week as they announce the closing of a $10m Series A funding round. Ching Ching! This funding will power CultureAIâs product development and market expansion plans. Read the full press release here. On a side note, we also love this video featuring their CEO... It's time to usher in a new era of #HumanRiskManagement.
đŁ Immersive Labs application security expert Chris Wood shares tips for Building an Effective DevSecOps Team in SC Magazine, including:
đ Eliminate silos from the top down
đŤ Establish trust between teams
đĽ Balance risk management, together
Last but not least...
đŁ Missed out on illumio's recent webinar discussing DORA's requirements for cyber resilience and want to learn how implementing Zero Trust Segmentation can help quickly and effectively achieve DORA compliance? Woah, that was a long sentence! You're in luck... You can watch the full webinar here.
Now, let's take a look at our top cyber security news picks of the week.
â ď¸ This week we've heard about new bot activity warnings for the #TravelIndustry and what some very, very bad bunnies have been up to...
Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific China-based APT41 hacking group. "APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since 2023, enabling them to extract sensitive data over an extended period," Google-owned Mandiant said in a new report published Thursday.
As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of all bot attack requests last year. That's according to research from Imperva, a Thales company. In their 2024 Bad Bot Report, Imperva finds that bad bots accounted for 44.5% of the industry's web traffic in 2023âa significant jump from 37.4% in 2022. The summer travel season and major European sporting events are expected to drive increased consumer demand for flights, accommodation, and other travel-related services. As a result, Imperva warns that the industry could see a surge in bot activity. These bots target the industry through unauthorized scraping, seat spinning, account takeover, and fraud.
Â
A cybercriminal gang that researchers track as Revolver Rabbit has registered more than 500,000 domain names for infostealer campaigns that target Windows and macOS systems. To operate at such scale, the threat actor relies on registered domain generation algorithms (RDGAs), an automated method that allows registering multiple domain names in an instant. RDGAs are similar to the domain registration algorithms (DGAs) that cybercriminals implement in malware to create a list of potential destinations for command and control (C2) communication.
Â
OpenAI is rolling out a suite of new compliance and administrative tools for the business edition of ChatGPT as it continues to lean heavily on security features to sell to enterprise customers. The new OpenAI tools include an Enterprise Compliance API and integrations with eDiscovery and Data Loss Prevention (DLP) companies to clear the way for ChatGPT Enterprise deployments in heavily regulated industries like finance, healthcare and legal services.
The notorious FIN7 hacking group has been spotted selling its custom "AvNeutralizer" tool, used to evade detection by killing enterprise endpoint protection software on corporate networks. FIN7 is believed to be a Russian hacking group that has been active since 2013, initially focusing on financial fraud by hacking organizations and stealing debit and credit cards. They later moved into the ransomware space and were linked with the DarkSide and BlackMatter ransomware-as-a-operation platforms. The same threat actors are also likely tied to the BlackCat ransomware operation, which recently conducted an exit scam after stealing a UnitedHealth ransom payment.
Comentarios