š Welcome to the 30th edition Cyber Weekly DigestĀ of 2024.
Katie 'Magic' Maxted announced this week that the next 'Cyber Security... Is No Joke' Comedy night will be held in... š“ó §ó ¢ó ³ó £ó “ó æ Glasgow š“ó §ó ¢ó ³ó £ó “ó æ on 11th September and you can now register here
Also pleased to share that Cyber Vigilance have been named as a live UK Channel Partner for Microsoft MPO. With multiparty private offers, channel partners can now procure solutions on the customersā behalf, simplifying the sales process through the marketplace.Ā
NewĀ and noteworthyĀ this week:
Ā
š£ CISOs have their hands full, hereās whatās grabbing their attention:
šļø Regulatory obligations: New AI regulations from the EU and US mean CISOs need solutions to stay compliant and maintain trust.
š Burnout: 50% of CISOs are expected to change jobs due to burnout from managing security breaches.
š Closing the skills gap: GenAI is reducing the need for entry-level hires, with 24% of security leaders already cutting back on headcount.
Bugcrowd recently released a new report Inside the Mind of a CISO (linked in case you missed it) and this blog covers the Top 8 CISO Priorities in 2024
š£ Something a little different... SentinelOne are now powering the broadest insurance ecosystem in the market to further prevent ransomware across all surfaces. With their new Risk Assurance Initiative, leading carriers and providers, including AXA XL, Coalition, Inc., Travelers, At-Bay, CFC, and Hanover, are leveraging their autonomous capabilities and Singularityā¢ Platform to deliver world-class threat protection for policyholders. You can read the press release here
š£ Ever wonder what's lurking in the dark corners of the internet?
Good news, ZeroFox just dropped a new guide on #darkweb scanning! From compromised passwords to shady forums plotting #cyberattacks, there's a whole world out there that could put your business at risk. the š¦ are breaking down the tools and tricks to keep you one step ahead of the bad guys!
š£ In a landscape where 75% of new vulnerabilities are exploited within 19 days of discovery, the average time to patch currently exceeds 100 days! This year alone has already seen more CVEs released than in 2020 and 2021, making automated patching solutions essential for your company's cybersecurity resilience.
By adopting Automated Patching and Continuous Exposure Management with Automox your org can:
ā¬ļø Significantly reduce your Mean Time to Repair (MTTR)
š¦¾ Strengthen your entire IT infrastructure
š§ Enable your security team to focus on remediation rather than detection.
LastĀ but not least...
š£ Gartner predicts āby 2029, more than 95% of global organisations will be running containerised applications in production." Organisations need to understand the tech - what it is, why it's being used and the associated risks so we couldn't not share this blog from illumio - Demystifying Containers: Whatās a Service Mesh and How Do You Secure It?
Now, let's take a look at our top cyber security news picks of the week:
ā ļø This week we heard about new #phishing scams in Germany, apologies and updates from last weeks major #Crowdstrike incident and threat actors on #Github with fantastic porn names...
Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals," the company said. "They targeted primarily adult men in the U.S. and used fake accounts to mask their identities." In cases where some of these accounts attempted to target minors, Meta said it reported them to the National Center for Missing and Exploited Children (NCMEC).
CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter installer via a website impersonating an unnamed German entity. The imposter website is said to have been created on July 20, a day after the botched update crashed nearly 9 million Windows devices, causing extensive IT disruptions across the world.
Ā
Threat actors known asĀ 'Stargazer Goblin' have created a malware Distribution-as-a-Service (DaaS) from over 3,000 fake accounts on GitHub that push information-stealing malware. The malware delivery service is called Stargazers Ghost Network and it utilizes GitHub repositories along with compromised WordPress sites to distributeĀ password-protected archives that contain malware. In most cases, the malware are infostealers, such as RedLine, Lumma Stealer, Rhadamanthys, RisePro, and Atlantida Stealer.
Ā
CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data to pass its Content Validator and cause millions of Windows systems to crash on July 19, 2024. The cybersecurity company explained that the issue was caused by a problematic content configuration updateĀ meant to gather telemetry on new threat techniques. After passing the Content Validator, the update didn't go through additional verifications due to trust in previous successful deployments of the underlying Inter-Process Communication (IPC) Template Type. Therefore, it wasn't caught before it reached online hosts running Falcon version 7.11 and later.
Threat actors have used a vulnerability in Telegram for Android to distribute malicious files disguised as videos, ESET warns. The cybersecurity firm identified the security defect after finding on a cybercrime forum an advertisement for a zero-day exploit targeting Telegram for Android. According to ESET, the exploit was likely developed using the Telegram API, allowing developers to upload crafted multimedia files to Telegram chats or channels programmatically.
Comments