š Welcome to the 33rd edition Cyber Weekly DigestĀ of 2024
This week we announced our first two sponsors for 'Cyber Security... Is No Joke' Comedy Night. We are absolutely thrilled to have crowdsourced security powerhouse Bugcrowd and CRN's 'Email Security Vendor of the Year' finalist Egress, a KnowBe4 Company join us in Glasgow on 11th September.
Grab your spot here before we hit capacity!
š Dad Joke of the Week: My dog ate all the scrabble tiles last night so I took him to the vet... still no word.
NewĀ and noteworthyĀ from our vendor community this week:
Ā
š£ Why are traditional email security tools like SEGs falling behind in the fight against modern #phishing threats?
Egress' latest blog explores how cybercriminals are outpacing these legacy solutions and what steps organisations need to take to stay protected.
š£ Introducing SentinelOneās new Extended Security Posture Management (xSPM), directly integrated into the AI-powered Singularity Platform.
Directly integrated into the AI-powered Singularity Platform and offering organisations a proactive approach to streamlining risk management, reducing alert fatigue, and accelerating remediation workflows, xSPM is set to help security teams fortify their security posture against new and evolving threats.
š£ In a year marked by significant upheavals in the cybersecurity landscape, the IBM Cost of a Data Breach Report 2024Ā sheds light on a stark reality: the escalating costs of data breaches are heavily influenced by human factors.
For CISOs and technical professionals, the findings are both a wake-up call and an opportunity. This blog from Immersive Labs explains why focusing on the human element and investing in comprehensive cyber response training is not just beneficial but essential for achieving cyber resilience
š£ Automox released the Audit Trail APIĀ to give you full audit history and visibility into console usage. This allows you to export Audit Trail data into your preferred logging or SIEM tool for further analysis. Soon, youāll be able to access Audit Trail data directly within the Automox console and quickly filter, search, group and export data to CSV files.
LastĀ but not least...
š£ Checking in from the Underground... ZeroFox rounded up the latestĀ #darkwebĀ news on this blog. Here's a sneak peak:Ā
šµ AI-Powered Tool to Target Cryptocurrency Wallets in Development
šµ Malicious Stealer Log Marketplace Advertised for Sale
šµ Project Showcased in Dark Web Competition Leverages AI Automation
Now, let's take a look at our top Cyber Security News picks of the week:
ā ļø This week we were warned of new #malware targeting Apple macOS systems, new #EDR-Killing tools and a media frenzy around an unconfirmed #hack...
Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users. The vulnerabilities "led to an entire break in the security of Sonos's secure boot process across a wide range of devices and remotely being able to compromise several devices over the air," NCC Group security researchers Alex Plaskett and Robert Herrera said.
Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architectures. "Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100 browser extensions, making it a highly versatile and dangerous threat," Elastic Security Labs said in a Thursday report.
Ā
A cybercrime group with links to the RansomHub ransomware has been observed using a new tool designed to terminate endpoint detection and response (EDR) software on compromised hosts, joining the likes of other similar programs like AuKill (aka AvNeutralizer) and Terminator. The EDR-killing utility has been dubbed EDRKillShifter by cybersecurity company Sophos, which discovered the tool in connection with a failed ransomware attack in May 2024.
Ā
Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, which is enabled by default. Found by Kunlun Lab'sĀ XiaoWei and tracked as CVE-2024-38063, this security bug is caused by an Integer Underflow weakness, which attackers could exploit to trigger buffer overflows that can be used to execute arbitrary code on vulnerable Windows 10, Windows 11, and Windows Server systems.
5. Unconfirmed Hack of 2.9 Billion Records at National Public Data Sparks Media Frenzy Amid Lawsuits
National Public Data (NPD) was supposedly hacked at some unspecified date. At the time of writing this, there is little to no verifiable proof of this, despite all the recent articles appearing in the media. NPD is a background checking service used by businesses to obtain criminal records and run employee background checks, which the company says can all be done via XML integration.
Comments