Skyhigh Security CloudCast

Skyhigh Security CloudCast
  • 0.0 (0)
  • TECHNOLOGY
  • UPDATED DAILY

Join our Data Experts in the following podcast episodes, as we talk about all things Data. As an organization’s biggest asset, the importance of protecting data in a space with no jurisdiction is paramount; particularly at a time when the risks of data breaches globally have never been more serious. Adhering to compliance regulations is also a key challenge facing organizations including FedGov and a critical component of how these organizations protect their data.

  1. FEB 12

    CloudCast Cybersecurity Headlines for February 12th, 2025

    From the CloudCast Studios, I’m Scott Schlee, and these are your cybersecurity headlines for the week of Wednesday, February 12th, 2025. Headlines this week: Critical Remote Code Execution Vulnerability in Microsoft Outlook Ransomware Payments Decline by 35% in 2024 GrubHub Discloses Data Breach Affecting Users and Partners Spyware Firm Cuts Ties with Italy Amid Targeting Allegations Microsoft Warns of Attacks Exploiting ASP.NET Machine Keys Lazarus Group Targets Professionals with Job-Themed Malware SparkCat Malware Campaign Targets Cryptocurrency Wallets Silent Lynx Group Targets Central Asian Organizations Engineer IMI Suffers Cyberattack Following Similar Incident at Smiths Group Taiwan Bans DeepSeek AI Over National Security Concerns Thank you again for listening to Skyhigh Cloudcast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: Taiwan Bans DeepSeek AI Over National Security Concerns: diesec.com Critical Remote Code Execution Vulnerability in Microsoft Outlook: diesec.com Ransomware Payments Decline by 35% in 2024: diesec.com GrubHub Discloses Data Breach Affecting Users and Partners: diesec.com Spyware Firm Cuts Ties with Italy Amid Targeting Allegations: diesec.com Microsoft Warns of Attacks Exploiting ASP.NET Machine Keys: thehackernews.com Lazarus Group Targets Professionals with Job-Themed Malware: thehackernews.com SparkCat Malware Campaign Targets Cryptocurrency Wallets: thehackernews.com Silent Lynx Group Targets Central Asian Organizations: thehackernews.com Engineer IMI Suffers Cyberattack Following Similar Incident at Smiths Group: cybersecurity-review.com ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript From the CloudCast Studios, I’m Scott Schlee, and these are your cybersecurity headlines for the week of Wednesday, February 12th, 2025. A Critical Remote Code Execution Vulnerability Has Been Discovered in Microsoft Outlook: The Cybersecurity and Infrastructure Security Agency issued an urgent alert about an actively exploited vulnerability in Microsoft Outlook. Attackers can execute remote code by bypassing Outlook’s protections using a simple URL trick, endangering sensitive data. Federal agencies and private organizations are urged to apply patches promptly to mitigate this threat. GrubHub Has Disclosed A Data Breach Affecting Users and Partners: Food delivery service GrubHub reported a data breach resulting from a compromised third-party service provider account. Exposed information includes names, emails, phone numbers, and partial payment details of some campus diners. GrubHub has terminated the unauthorized access, enhanced security measures, and advises users to maintain strong, unique passwords. Paragon Solutions Cuts Ties with Italy Amid Targeting Allegations: Israeli spyware company Paragon Solutions has severed relationships with its Italian clients following allegations that its software was used to target government critics. A recent spyware campaign affected 90 users across 24 countries, including journalists and activists, prompting an investigation by Italian authorities into the misuse of surveillance tools. Microsoft Warns of Attacks Exploiting ASP.NET Machine Keys: Microsoft identified over 3,000 publicly disclosed ASP.NET machine keys that attackers are exploiting to inject and execute malicious code using the Godzilla post-exploitation framework. This technique, known as ViewState code injection, poses significant risks to web applications. Organizations are advised to review and secure their ASP.NET configurations to prevent such attacks. Lazarus Group Is Targeting Professionals with Job-Themed Malware: The North Korean-linked Lazarus Group has launched a campaign using fake LinkedIn job offers in the cryptocurrency and travel sectors to distribute malware. The malicious code is capable of infecting Windows, macOS, and Linux systems, highlighting the group’s evolving tactics and the need for vigilance among professionals receiving unsolicited job communications. SparkCat Malware Campaign Is Targeting Cryptocurrency Wallets: A new malware campaign dubbed SparkCat has been identified, leveraging fake apps on both Apple’s App Store and Google’s Play Store to steal mnemonic phrases associated with cryptocurrency wallets. Notably, this marks one of the first instances of a stealer with optical character recognition capabilities being discovered in the Apple App Store. The malicious apps have since been removed, but users are advised to remain cautious when downloading wallet-related applications. Silent Lynx Group Is Targeting Central Asian Organizations: A previously unidentified hacking group, dubbed Silent Lynx, has been targeting entities in Kyrgyzstan and Turkmenistan, including embassies, legal firms, government-backed banks, and think tanks. The attackers deploy a PowerShell script that utilizes Telegram for command-and-control operations. Attribution points to a Kazakhstan-origin threat actor, with tactical overlaps observed with the YoroTrooper group. IMI Suffers A Cyberattack Following A Similar Incident at Smiths Group: Engineering firm IMI confirmed a cyberattack affecting its global systems, occurring shortly after a similar breach at rival company Smiths Group. While specific data accessed remains undisclosed, the incident underscores the increasing targeting of engineering and manufacturing sectors by cybercriminals. Organizations in these industries are urged to bolster their cybersecurity defenses. Taiwan Bans DeepSeek AI Over National Security Concerns: Taiwan has prohibited the use of DeepSeek, a Chinese-developed AI chatbot, citing risks of data leakage and potential censorship issues. This move aligns with actions taken by other countries concerned about the security implications of foreign AI technologies. The ban underscores the growing global apprehension regarding AI governance and data privacy. And let’s end the week off with some positive news. Ransomware Payments Declined by 35% in 2024: Despite a record number of ransomware attacks in 2024, totaling 5,263 incidents, ransom payments decreased to $813.55 million—a 35% drop from the previous year. This decline is attributed to improved cybersecurity measures, robust backups, and intensified law enforcement actions against ransomware groups. The trend indicates a shift in how organizations are managing and responding to ransomware threats. And those are your headlines for the week. Thank you again for listening to Skyhigh Cloudcast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or Cloudcast, please visit skyhighsecurity.com. Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print. .accordion-flush .accordion-item .accordion-button, .accordion-flush .accordion-item .accordion-button.collapsed { border-radius: 0; border-top: solid 1px #ededed; border-bottom: solid 1px #ededed; background-color: #f8f9fa; } .accordion-button:focus { box-shadow:none; } .accordion-body { border-bottom: solid 1px #ededed; border-left: solid 1px #ededed; border-right: solid 1px #ededed; } .font-italic { font-style: italic; }

    6 min

  2. FEB 5

    CloudCast Cybersecurity Headlines for February 5th, 2025

    From the Skyhigh Studios, I’m Scott Schlee, and these are your cybersecurity headlines for the week of Wednesday, February 5th, 2025. Headlines this week: Android Users Urged to Update Devices Due to Critical Vulnerabilities Smiths Group Suffers Global Cyberattack TalkTalk Investigates Potential Data Breach Apple Releases Critical Security Updates Law Enforcement Shuts Down Illicit Cybercrime Services Google Blocks Over 2 Million Risky Android Apps in 2024 UnitedHealth Discloses Massive Data Breach DeepSeek AI Chatbot’s Data Exposure & Proposed US Government Ban Thank you again for listening to Skyhigh Cloudcast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: Android Users Urged to Update Devices Due to Critical Vulnerabilities: thesun.ie Smiths Group Suffers Global Cyberattack: thetimes.co.uk TalkTalk Investigates Potential Data Breach: thesun.ie Apple Releases Critical Security Updates: diesec.com Law Enforcement Shuts Down Illicit Cybercrime Services: thehackernews.com Google Blocks Over 2 Million Risky Android Apps in 2024: diesec.com United Health Discloses Massive Data Breach: diesec.com DeepSeek AI Chatbot’s Data Exposure: diesec.com Lawmakers Advocate for DeepSeek Ban on Government Devices: wsj.com ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript Google released a security update addressing nearly 50 flaws in the Android operating system, including a high-severity vulnerability that could allow attackers to install malware or steal files without user authentication. Users are strongly advised to update their devices promptly to mitigate these risks. Smiths Group, a multinational engineering firm, experienced a cyberattack leading to unauthorized access to its systems. The company isolated the affected systems and is collaborating with cybersecurity experts to assess and recover from the incident. The breach resulted in a 1.7% drop in the company’s share price. Telecom company TalkTalk is investigating claims of a data breach after a hacker alleged they were selling data from nearly 19 million of the company’s current and former customers. The breach reportedly involves customer names, emails, IP addresses, and phone numbers, though no financial information is believed to be at risk. Apple issued updates to address a zero-day vulnerability (CVE-2025-24085) in its Core Media component, which could allow malicious applications to escalate privileges on affected devices. Users are advised to update their iPhones, Macs, and other Apple devices to the latest software versions to protect against potential exploits. A series of law enforcement operations led to the takedown of online marketplaces such as Cracked, Nulled, Sellix, StarkRDP, and HeartSender, which were involved in selling hacking tools, illegal goods, and crimeware solutions. These actions impacted millions of users and disrupted significant illegal activities. Google reported that it blocked a record 2.3 million harmful Android apps from the Play Store in 2024, utilizing AI-powered reviews to detect threats more efficiently. Additionally, 158,000 developer accounts were banned for attempting to distribute malware, highlighting ongoing efforts to secure the app ecosystem. UnitedHealth revealed that a data breach in 2024 affected approximately 190 million Americans, making it the largest healthcare data breach in U.S. history. The compromised information includes personal and healthcare data, underscoring the critical need for robust data protection measures in the healthcare sector. Our final stories this week focus on DeepSeek, the Chinese-developed AI chatbot, facing major security concerns. Released on January 10, 2025, for iOS and Android, it quickly became the most-downloaded free app on the U.S. iOS App Store by January 27, surpassing even ChatGPT. Researchers have recently discovered that the platform exposed over a million lines of sensitive data online, including software keys and user chat logs, raising serious privacy risks. U.S. lawmakers are now pushing to ban DeepSeek from government devices, citing fears that foreign governments could potentially access and misuse the data. This follows a growing trend of regulatory crackdowns on AI applications with potential national security implications. The situation highlights the ongoing debate around AI governance, data privacy, and the risks associated with rapidly developing AI models. And those are your headlines for the week. Thank you again for listening to Skyhigh Cloudcast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or Cloudcast, please visit skyhighsecurity.com. Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print. .accordion-flush .accordion-item .accordion-button, .accordion-flush .accordion-item .accordion-button.collapsed { border-radius: 0; border-top: solid 1px #ededed; border-bottom: solid 1px #ededed; background-color: #f8f9fa; } .accordion-button:focus { box-shadow:none; } .accordion-body { border-bottom: solid 1px #ededed; border-left: solid 1px #ededed; border-right: solid 1px #ededed; } .font-italic { font-style: italic; }

    5 min

  3. JAN 15

    CloudCast Cybersecurity Headlines for January 15, 2025

    From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Wednesday, January 15, 2025, and these are your cybersecurity headlines. Headlines this week: US Treasury Department Reports A Significant Data Breach China Protests US Sanctions Over Cyber Activities Bayview Asset Management Agrees to a $20 Million Settlement Apple Proposes a $95 Million Siri Privacy Settlement Sophisticated AI-Driven Phishing Scams Are Targeting Email Users Myanmar Enacts a Cybersecurity Law Enforcing Internet Censorship US Cybersecurity Experts Predict Increased Post-Election Cyber Attacks Former US Federal Officials Recommend Cybersecurity Policies for the Upcoming Trump Administration Project 2025’s Proposed Changes and Their Potential Impact on US Election Security And Concerns Over Quantum Computing’s Impact on Cybersecurity Before diving into this week’s headlines, we want to take a moment to acknowledge the devastating wildfires currently impacting California. Our thoughts are with everyone affected, including those who have lost homes, loved ones, or are facing displacement. As always, we encourage listeners to support relief efforts if they’re able. Please visit Charity Navigator for a list of trusted organizations offering support. Thank you again for listening to Skyhigh Cloudcast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: US Treasury Department Breach: US News China Protests US Sanctions Over Cyber Activities: US News Bayview Asset Management’s $20 Million Settlement: WSJ Apple’s $95 Million Siri Privacy Settlement: Vox AI-Driven Phishing Scams Targeting Email Users: New York Post Myanmar’s Cybersecurity Law Enforces Internet Censorship: AP News US Cybersecurity Experts Predict Increased Cyber Attacks Post-Election: The Australian Quantum Computing’s Impact on Cybersecurity: The Times Former Officials Recommend Cybersecurity Policies for Next Administration: POLITICO Project 2025’s Potential Impact on US Election Security: WIRED ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, and these are your cybersecurity headlines for the week of January 6th, 2025. The U.S. Treasury Department reported a significant cyber incident attributed to Chinese state-backed hackers. Attackers remotely accessed employee workstations and unclassified documents, raising concerns about the security of federal systems. The Cybersecurity and Infrastructure Security Agency (CISA) stated there is no indication that other federal agencies were affected. The U.S. Treasury Department imposed sanctions on Beijing-based Integrity Technology Group for its alleged involvement in hacking incidents targeting U.S. critical infrastructure. China condemned the sanctions, denying the allegations and accusing the U.S. of defamation. This development underscores escalating cyber tensions between the two nations. Bayview Asset Management agreed to a $20 million settlement following a 2021 data breach that exposed personal information of 5.8 million customers. The firm faced criticism for inadequate cybersecurity measures and lack of cooperation with regulatory investigations. As part of the settlement, Bayview will enhance its cybersecurity protocols and undergo independent assessments. Apple proposed a $95 million settlement in a class-action lawsuit alleging unlawful surveillance through Siri. The lawsuit followed revelations that Siri had inadvertently recorded private conversations. Affected users between 2014 and 2024 may be eligible for compensation, highlighting ongoing concerns about digital privacy and device eavesdropping. Cybersecurity experts warned Gmail, Outlook, and Apple Mail users about sophisticated phishing scams utilizing artificial intelligence. These AI-generated emails are highly personalized, making them difficult to distinguish from legitimate correspondence. Users are advised to verify email senders, avoid clicking on suspicious links, and implement two-factor authentication to enhance security. Myanmar’s military government enacted a new cybersecurity law extending its control over internet usage and information flow. The law targets communication methods like virtual private networks (VPNs) and imposes sanctions on digital platforms that fail to prevent the spread of “disinformation.” Non-compliance can result in fines, suspensions, and imprisonment, raising concerns about freedom of expression and digital rights. Following Donald Trump’s presidential victory, cybersecurity experts anticipate a surge in cyber attacks from nations like China, Russia, North Korea, and Iran. The use of AI in cyber crimes is expected to escalate, making phishing emails and deepfake campaigns more convincing. Organizations are urged to adopt comprehensive cybersecurity measures to defend against these evolving threats. A bipartisan group of former federal officials proposed around 40 recommendations for cybersecurity policies for the upcoming administration. The plan emphasizes integrating cyber regulations, addressing workforce gaps, enhancing public-private collaboration, and developing a continuity of the economy plan to prepare for major cyberattacks. The report also highlights the need to standardize cybersecurity for critical infrastructure and address outdated regulations. Project 2025, developed by the Heritage Foundation, proposes significant reductions and changes to the Cybersecurity and Infrastructure Security Agency (CISA), a move that could jeopardize U.S. election security. The project criticizes CISA, particularly its efforts to combat misinformation, and suggests transferring some of its responsibilities to the military and intelligence community. Experts warn that the proposals could weaken CISA, undermine its critical functions, and create gaps in cybersecurity, leaving the nation vulnerable to misinformation and cyber threats. The U.S. has initiated efforts for businesses to enhance their cybersecurity systems against potential quantum computer threats. The National Institute of Standards and Technology has approved three algorithms for post-quantum cryptography after eight years of research. Major tech firms like Google and Apple have already started incorporating the new algorithms into their products. While current quantum computers cannot break existing encryption, they might in the future, making immediate action critical. Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print. .accordion-flush .accordion-item .accordion-button, .accordion-flush .accordion-item .accordion-button.collapsed { border-radius: 0; border-top: solid 1px #ededed; border-bottom: solid 1px #ededed; background-color: #f8f9fa; }

    7 min

  4. 12/18/2024

    CloudCast Cybersecurity Headlines for December 18, 2024

    From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Wednesday, December 18th, 2024, and these are your cybersecurity headlines. Headlines this week: Microsoft’s AI Tool Privacy Concerns North Korean IT Worker Indictments Mysterious Drone Sightings Sanctions on Chinese Hackers Apple Users Urged to Update Devices SEC Cybersecurity Enforcement UK’s Cybersecurity Concerns Game Freak Data Breach Geico and Travelers Fined for Data Breaches Krispy Kreme Cyberattack Thank you again for listening to Skyhigh Cloudcast. This is our last episode of CloudCast for 2024. We sincerely hope you have a wonderful holiday break. We’ll be back in January and hope you will be too. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: Wired – Microsoft’s AI Tool Privacy Concerns and Mysterious Drone Sightings The Times (UK) – North Korean IT Worker Indictments and UK’s Cybersecurity Concerns Reuters – Sanctions on Chinese Hackers and SEC Cybersecurity Enforcement New York Post – Apple Users Urged to Update Devices The Scottish Sun – Game Freak Data Breach Wall Street Journal (WSJ) – Geico and Travelers Fined for Data Breaches MarketWatch – Krispy Kreme Cyberattack ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Wednesday, December 4th, 2024, and these are your cybersecurity headlines. Microsoft’s AI Tool Privacy Concerns: Microsoft’s AI tool, Recall, has been found capturing sensitive data, including credit card and Social Security numbers, every five seconds. Despite safeguards, this raises significant privacy and security concerns. North Korean IT Worker Indictments: Fourteen North Koreans have been indicted for posing as IT workers to fund nuclear programs. They infiltrated American and Western IT companies, using sophisticated fake identities and VPNs to mimic legitimate employees. This highlights the geopolitical cyber risks posed by state-sponsored actors. Mysterious Drone Sightings: Unexplained drone activity in New Jersey and neighboring states has triggered federal investigations into potential security threats. The drones have caused concern among authorities, leading to increased scrutiny and efforts to identify their origin and purpose. Sanctions on Chinese Hackers: The U.S. has sanctioned Chinese cybersecurity company Sichuan Silence Information Technology for deploying ransomware that posed significant risks to human life. In April 2020, the company used malicious software on over 80,000 firewalls globally, including critical infrastructure, leading to data theft and network disruptions. Apple Users Urged to Update Devices: Cybersecurity experts are urging Apple users to update their iPhones to iOS 18 to avoid a data-stealing bug capable of bypassing safeguards. Concerns over Apple’s AI program have led to hesitancy in updating, leaving devices vulnerable to attackers who can access sensitive data without user notification. SEC Cybersecurity Enforcement: The Securities and Exchange Commission (SEC) announced four settled enforcement orders against issuers for materially misleading disclosures following the 2020 SolarWinds cybersecurity incident. These settlements underscore the SEC’s focus on accurate and timely disclosure of cyber incidents. UK’s Cybersecurity Concerns: Britain is increasingly vulnerable to cyberattacks and complacent about the threats posed by hackers, warns Richard Horne, CEO of the UK’s National Cyber Security Centre (NCSC). Recent cyberattacks have disrupted services at Liverpool hospitals and impacted the grocery and prison transport sectors. The NCSC emphasizes the urgency of closing the gap between threats and cyber-resilience across critical infrastructure and the economy. Game Freak Data Breach: Game Freak, the developer behind Pokémon, confirmed a security breach that resulted in the leak of employee details and codenames for upcoming 10th generation Pokémon games. The breach also exposed information about the anticipated Nintendo Switch 2 console. This incident is considered one of the largest in gaming history. Geico and Travelers Fined for Data Breaches: New York State fined auto insurers Geico and Travelers Indemnity a total of $11.3 million due to cybersecurity lapses that led to data breaches affecting 120,000 individuals during the Covid-19 pandemic. The breaches contributed to a larger hacking campaign that exploited personal information for various frauds, including fraudulent unemployment claims. Krispy Kreme Cyberattack: Krispy Kreme reported an IT systems breach, causing significant impacts on its business operations and a 2% drop in its stock. The cyberattack disrupted online ordering in parts of the U.S., though physical stores remain open. The company is working with cybersecurity experts to investigate and contain the breach. Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print. .accordion-flush .accordion-item .accordion-button, .accordion-flush .accordion-item .accordion-button.collapsed { border-radius: 0; border-top: solid 1px #ededed; border-bottom: solid 1px #ededed; background-color: #f8f9fa; }

    5 min

  5. 12/12/2024

    Top 10 Cybersecurity Headlines of 2024

    From the CloudCast Studios at Skyhigh Security, I’m your host Scott Schlee, and today we’re counting down the top 10 cybersecurity headlines of 2024. The Top Headlines for 2024: RockYou2024: 10 billion passwords leaked in the largest compilation of all time Microsoft Falls Victim to Russia-Backed ‘Midnight Blizzard’ Cyberattack UnitedHealth says Change Healthcare hack affects over 100 million, the largest-ever US healthcare data breach National Public Data breach publishes private data of 2.9B people Hackers steal “significant volume” of data from hundreds of Snowflake customers Notorious hacking group responsible for Ticketmaster data breach Crooks Steal Phone, SMS Records for Nearly All AT&T Customers Ascension hacked after employee downloaded malicious file CDK Global outage caused by BlackSuit ransomware attack Widespread IT Outage Due to CrowdStrike Update Thank you for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite podcast platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: Wikipedia · Krebs On Security · CyberNews · Dark Reading · TechCrunch · Microsoft · ARS Technica · Ticketmaster · HIPPA Journal · Bleeping Computer ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Thursday, December 12th, 2024, and today, we’re counting down the top 10 cybersecurity headlines of 2024. This year brought no shortage of challenges—from healthcare breaches exposing millions of records, to CrowdStrike’s worldwide outage that disrupted businesses across the globe, and even one breach that cascaded from one company to another. These stories reflect the ever-evolving threats we face and some of the critical lessons learned along the way. And now, in no particular order, let’s dive into the year that was, in cybersecurity.” In July 2024, a massive compilation of nearly 10 billion unique plaintext passwords, dubbed “RockYou2024,” was leaked on a popular hacking forum. This dataset amalgamated passwords from thousands of previous breaches, both old and recent, creating an unprecedented repository of compromised credentials. The leak significantly heightened the risk of credential stuffing attacks, where cybercriminals exploit reused passwords to gain unauthorized access to various accounts. Security experts urged individuals to immediately reset compromised passwords, adopt strong and unique passwords for each account, utilize password managers, and enable multi-factor authentication to mitigate potential threats. In January 2024, Microsoft revealed that the Russian state-sponsored group Midnight Blizzard (also known as APT29 or Nobelium) had infiltrated its corporate email systems. The attackers employed a password spray attack to compromise a legacy non-production test account lacking multi-factor authentication. This initial breach allowed them to escalate privileges and access a small percentage of corporate email accounts, including those of senior leadership and cybersecurity personnel. The group exfiltrated emails and attachments, aiming to gather intelligence on Microsoft’s knowledge of their operations. Microsoft has since implemented enhanced security measures across its environments to prevent similar future incidents. In February 2024, Change Healthcare, a subsidiary of UnitedHealth Group, suffered a ransomware attack by the ALPHV/BlackCat group, compromising the personal and health information of over 100 million individuals—the largest healthcare data breach in U.S. history. The stolen data included names, contact details, Social Security numbers, medical records, and financial information. The breach disrupted healthcare services nationwide, affecting claims processing and patient care. UnitedHealth paid a $22 million ransom to the attackers and has been notifying affected individuals, offering two years of free credit monitoring and identity protection services. In April 2024, National Public Data, a background check company, suffered a massive data breach that exposed approximately 2.9 billion records, affecting up to 170 million individuals across the U.S., U.K., and Canada. The compromised data included full names, Social Security numbers, mailing addresses, email addresses, and phone numbers. The breach was attributed to a third-party hacker who gained access to the company’s systems in December 2023, with data leaks occurring from April through the summer of 2024. This incident led to multiple class-action lawsuits and significant reputational damage, ultimately resulting in National Public Data filing for Chapter 11 bankruptcy in October 2024. In mid-2024, a cybercriminal group identified as UNC5537 executed a series of attacks targeting customers of Snowflake, a prominent cloud data platform. By exploiting credentials harvested through infostealer malware, the attackers accessed approximately 165 customer accounts lacking multi-factor authentication (MFA), leading to the exfiltration of substantial volumes of sensitive data. Notable victims included Ticketmaster, Santander Bank, and AT&T, with the latter’s breach exposing call records of over 100 million customers. The attackers attempted to extort affected organizations, demanding ransoms to prevent the public release of stolen data. In response, Snowflake collaborated with cybersecurity firm Mandiant to investigate the breaches and has since initiated plans to mandate MFA for all user accounts to enhance security. In May 2024, Ticketmaster experienced a significant data breach that exposed personal information of approximately 560 million customers worldwide. The hacking group ShinyHunters claimed responsibility, offering 1.3 terabytes of stolen data—including names, addresses, phone numbers, and partial credit card details—for $500,000 on the dark web. Ticketmaster detected unauthorized activity on May 20 and has since collaborated with law enforcement and cybersecurity experts to investigate the breach. The company assured customers that their accounts remain secure and offered affected individuals 12 months of free identity monitoring services. Customers are advised to monitor their financial accounts for suspicious activity and be vigilant against potential phishing attempts. In July 2024, AT&T disclosed a significant data breach that compromised the call and text records of nearly all its wireless customers. The breach affected approximately 110 million individuals, exposing metadata such as phone numbers, call durations, and associated cell tower locations. While the content of communications and sensitive personal information like Social Security numbers were not included, the exposed data could still be exploited for targeted phishing attacks and other malicious activities. AT&T has since secured the breach, notified affected customers, and is collaborating with law enforcement, resulting in at least one arrest related to the incident. In May 2024, Ascension, a major U.S. healthcare system, suffered a ransomware attack initiated by an employee inadvertently downloading a malicious file. The Russian-linked Black Basta group was identified as the perpetrator. The breach disrupted operations across Ascension’s 140 hospitals, leading to ambulance diversions, postponed medical procedures, and a six-week outage of electronic health records (EHR). Financially, the attack contributed to a $1.1 billion net loss for the fiscal year ending June 30, 2024, due to delays in revenue cycle processes and increased remediation costs. Ascension has since restored EHR access and is collaborating with cybersecurity experts to strengthen its defenses and prevent future incidents. In June 2024, CDK Global, a leading software provider for automotive dealerships, fell victim to a ransomware attack by the BlackSuit group, causing widespread operational disruptions across approximately 15,000 dealerships in North America. The breach forced many dealerships to revert to manual processes, significantly slowing down sales and service operations. To expedite system restoration, CDK Global reportedly paid a $25 million ransom to the attackers. The incident not only highlighted vulnerabilities within the automotive sector’s digital infrastructure but also underscored the substantial financial and operational risks associated with cyberattacks. In July 2024, a defective software update from cybersecurity firm CrowdStrike caused a global IT outage, disrupting numerous industries. The faulty update led to widespread system crashes, notably displaying the “blue screen of death” on Windows devices. This incident affected over 8.5 million devices worldwide, grounding thousands of flights, halting financial transactions, and impairing healthcare services. The recovery process was complex, requiring manual interventions and system reboots, which prolonged downtime for many organizations. The outage highlighted the critical need for robust software testing and the vulnerabilities inherent in c

    9 min

  6. 12/04/2024

    CloudCast Cybersecurity Headlines for December 4, 2024

    From the CloudCast Studios at Skyhigh Security, I’m your host Scott Schlee and these are your Cybersecurity Headlines for the week of Wednesday, December 4, 2024. Headlines this week: The White House Struggles to Contain Massive Chinese Telco Hacks Americans to Receive Up to $5,000 from $1.6 Million Data Breach Settlement New York State Fines Geico and Travelers $11.3 Million for Data Breaches Britain Now Worse at Dealing with Cyberattackers, GCHQ Says CrowdStrike Raises Annual Forecast on Steady Cybersecurity Demand Google Chrome Users Warned to Avoid Scam Websites Smartphone Users Urged to Delete 15 Malicious ‘SpyLoan’ Apps Netflix Subscribers Targeted by Phishing Scam Interpol takes down over 1,000 cybercrime suspects in Africa Thank you for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite podcast platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: Politico · The Sun · Wall Street Journal · The Times · Reuters · New York Post · New York Post · New York Post · Reuters · AP News ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Wednesday, December 4th, 2024, and these are your cybersecurity headlines. President Joe Biden’s administration is intensively addressing breaches of multiple U.S. telecommunications providers by the China-backed hacking group, Salt Typhoon. Despite daily meetings of a special White House response group and collaboration with affected telecoms, the hackers remain entrenched, leaving many Americans vulnerable to surveillance. The intrusion, which began in the spring and was publicly acknowledged in October, has targeted high-profile individuals and accessed extensive communications data. The administration emphasizes the need for collaboration between telecoms, cybersecurity firms, and international partners to mitigate further damage and suggests that new security mandates may be necessary to prevent future breaches. Individuals affected by a data breach at Hilb Group can claim up to $5,000 from a $1.6 million settlement by providing proof of losses, such as receipts. The breach, occurring between December 1, 2022, and January 12, 2023, exposed sensitive information, including Social Security numbers and financial data. Hilb Group denies wrongdoing but agreed to the settlement. Claimants must file by December 13, 2024. New York State imposed fines totaling $11.3 million on auto insurers Geico and Travelers Indemnity for cybersecurity lapses that led to data breaches affecting 120,000 individuals during the COVID-19 pandemic. Hackers accessed Geico’s online quoting tool, stealing personal data of approximately 116,000 people starting in 2020. In a separate incident, hackers infiltrated Travelers’ quoting tool, exposing data of around 4,000 people over seven months in 2021. Both companies violated the Department of Financial Services’ cybersecurity regulations and are mandated to implement cybersecurity improvements. Richard Horne, CEO of the UK’s National Cyber Security Centre (NCSC), warned that Britain is increasingly vulnerable to cyberattacks and complacent about threats from hackers. National defenses have not kept pace with rising hostile activities from countries like Russia and China. Organizations have largely failed to follow NCSC guidance, widening the gap between threats and defenses. Recent cyberattacks have disrupted services in sectors such as healthcare and transportation, with most incidents being ransomware attacks dominated by Russian groups. Cybersecurity firm CrowdStrike increased its annual revenue and profit forecasts due to growing demand for cybersecurity services amid rising online threats. After surpassing third-quarter revenue expectations, CrowdStrike anticipates annual revenues between $3.92 and $3.93 billion, exceeding previous estimates. The company also expects adjusted annual earnings per share to reach between $3.74 and $3.76. Despite a slight dip in stock prices due to quarterly revenue projections, CrowdStrike’s customer engagement packages have strengthened client relationships. Google Chrome users are being cautioned about the prevalence of scam websites appearing in search results. Google is developing an AI-powered tool called “Store Reviews” to provide summaries of third-party reviews from cybersecurity companies, aiding in the identification of fraudulent sites. In the meantime, users are advised to be vigilant by not clicking on suspicious links, verifying website URLs, checking for “https,” researching ads before clicking, and avoiding “Sponsored” listings that might be scam fronts. Common scams include non-delivery, non-payment, auction fraud, and gift card fraud. Cybersecurity firm McAfee has identified 15 malicious apps, collectively downloaded by at least 8 million Android users, which pose significant security threats. These “SpyLoan” apps entice users with promises of quick loans but instead extract sensitive information and gain access to other apps on the device, leading to potential extortion, harassment, and financial loss. Despite some apps being removed from the Google Play Store, developers have updated others, allowing them to persist. Users are advised to delete these apps, scrutinize app developers, review permissions, and read user reviews before downloading new applications. Netflix users are being warned about a cyber scam involving fraudulent messages that aim to steal financial information. Scammers send fake SMS texts claiming issues with Netflix accounts, directing recipients to confirm their details via a phishing website. These messages are designed to collect personal information, including login credentials and credit card details, which are then sold on the dark web. Users are advised to be cautious, as Netflix does not contact customers via text with verification links, and to avoid clicking on suspicious links, instead manually entering website URLs. Interpol, in collaboration with Afripol, conducted Operation Serengeti from September 2 to October 31, 2024, across 19 African countries, resulting in the arrest of 1,006 individuals involved in cybercrimes such as ransomware, business email compromise, digital extortion, and online scams. The operation identified over 35,000 victims and linked the criminal activities to nearly $193 million in financial losses worldwide. This coordinated effort underscores the increasing volume and sophistication of cybercrime attacks and highlights the importance of international cooperation in combating such threats. And those are your headlines for the week. Thank you again for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite podcast platform so you never miss an update. If you liked the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit SkyhighSecurity.com. Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print. .accordion-flush .accordion-item .accordion-button, .accordion-flush .accordion-item .accordion-button.collapsed { border-radius: 0; border-top: solid 1px #ededed; border-bottom: solid 1px #ededed; background-color: #f8f9fa; } .accordion-button:focus { box-shadow:none; } .accordion-body { border-bottom: solid 1px #ededed; border-left: solid 1px #ededed; border-right: solid 1px #ededed; } .font-italic { font-style: italic; }

    8 min

  7. 11/20/2024

    CloudCast Cybersecurity Headlines for November 20, 2024

    From the CloudCast Studios at Skyhigh Security, I’m your host Scott Schlee and these are your Cybersecurity Headlines for the week of Wednesday, November 20, 2024. Headlines this week: Trump’s Second Term Expected to Bring Big Changes to U.S. Cyber Agency The DHS issues recommendations for AI in critical infrastructure. New York Department of Financial Services Issues AI Cybersecurity Guidance The EPA Reports Cybersecurity Concerns Related to Drinking Water Systems Chinese Hackers Target Tibetan Websites in Malware Attack Bitfinex Hacker Sentenced to 5 Years for $10 Billion Bitcoin Heist U.S. Introduces New Data Rules to Combat Cybercrime Bitdefender Releases Free Decryptor for ShrinkLocker Ransomware Microsoft Releases November 2024 Security Updates ESET Research Analyzes RedLine Stealer’s Backend Modules Thank you for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: The Wall Street Journal · The Australian · AP News · Wired · Wired · Reuters · World Economic Forum · The Hacker News · CISA · We Live Security ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript Trump’s Second Term Expected to Bring Big Changes to U.S. Cyber Agency, The DHS issues recommendations for AI in critical infrastructure, New York Department of Financial Services Issues AI Cybersecurity Guidance, The EPA Reports Cybersecurity Concerns Related to Drinking Water Systems, Chinese Hackers Target Tibetan Websites in Malware Attack, Bitfinex Hacker Sentenced to 5 Years for $10 Billion Bitcoin Heist, U.S. Introduces New Data Rules to Combat Cybercrime, Bitdefender Releases Free Decryptor for ShrinkLocker Ransomware, Microsoft Releases November 2024 Security Updates, and ESET Research Analyzes RedLine Stealer’s Backend Modules. From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Wednesday, November 20th, and these are your cybersecurity headlines. President-elect Donald Trump’s upcoming administration is anticipated to significantly alter the focus and structure of the Cybersecurity and Infrastructure Security Agency. Critics argue that CISA’s mission has expanded beyond its core responsibilities, prompting discussions about refocusing on federal and critical infrastructure protection. The appointment of Elon Musk and Vivek Ramaswamy to lead a government restructuring initiative may impact CISA’s funding and operations. Despite potential changes, experts believe the agency’s dissolution is unlikely due to bipartisan support for its mission. The Department of Homeland Security has issued new recommendations for integrating artificial intelligence into critical infrastructure sectors to enhance security and operational efficiency. These guidelines aim to balance innovation with risk management, focusing on protecting against AI-driven threats while leveraging its capabilities for improved threat detection and response. Key recommendations include establishing robust AI governance frameworks, conducting regular risk assessments, and implementing transparency measures to ensure trust in AI applications. The DHS emphasizes collaboration between public and private sectors to secure critical systems and safeguard national resilience in an increasingly AI-driven world. On October 16th, 2024, the New York State Department of Financial Services released new guidance for financial institutions to mitigate cybersecurity risks associated with AI. This guidance complements existing cybersecurity regulations and emphasizes the need for updated risk assessments, incident response plans, and monitoring of AI-related threats. Specific actions include annual risk assessments, implementation of multi-factor authentication by November 2025, and robust management of third-party service providers. Financial institutions are advised to align their cybersecurity programs with this guidance to ensure compliance and effectively manage AI-related risks. The U.S. Environmental Protection Agency’s Office of Inspector General released a report highlighting significant cybersecurity vulnerabilities in the nation’s drinking water systems. The assessment, which examined 1,062 systems serving over 193 million people, identified that 97 systems, accounting for approximately 26.6 million users, had critical or high-risk vulnerabilities. Additionally, 211 systems serving over 82.7 million people were found to have medium and low-risk issues, such as externally visible open portals. These vulnerabilities could potentially be exploited by malicious actors to disrupt services or cause physical damage to water infrastructure. The report also noted that the EPA lacks a dedicated cybersecurity incident reporting system for water and wastewater systems, relying instead on the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency for such notifications. The cybersecurity firm Insikt Group reports that a Chinese state-sponsored hacking group, TAG-112, compromised Tibetan community websites to distribute malware. Visitors to these sites were prompted to download a malicious file disguised as a security certificate, leading to the installation of espionage tools. This tactic mirrors previous methods used by other Chinese advanced persistent threat groups. The Chinese Foreign Ministry has denied involvement in the attacks. Ilya Lichtenstein, involved in the 2016 Bitfinex cryptocurrency exchange hack, has been sentenced to five years in prison for stealing and laundering bitcoin valued at $10 billion. His wife, Heather Morgan, was also implicated in the scheme. This case highlights the ongoing challenges in securing digital assets and the legal repercussions of cybercrimes in the cryptocurrency sector. The sentencing serves as a deterrent to potential cybercriminals targeting financial platforms. The U.S. government has introduced new regulations aimed at curbing cybercrime, which reached a financial impact of $12.5 billion last year. The rules include a ban on transferring geolocation data of over 1,000 U.S. devices to countries of concern, such as China, Russia, Iran, Venezuela, Cuba, and North Korea. These measures target data brokers who might sell sensitive information to foreign adversaries. The initiative underscores the government’s commitment to protecting national security and personal privacy in the digital age. Romanian cybersecurity company Bitdefender has released a free decryptor tool to assist victims of the ShrinkLocker ransomware. ShrinkLocker, identified earlier this year, exploits Microsoft’s BitLocker utility to encrypt files in extortion attacks targeting entities in Mexico, Indonesia, and Jordan. The decryptor enables affected users to recover their data without paying the ransom, highlighting the importance of collaborative efforts in combating ransomware threats. On November 12, 2024, Microsoft issued security updates addressing vulnerabilities across multiple products. These updates aim to prevent cyber threat actors from exploiting these vulnerabilities to gain control over affected systems. Users and administrators are encouraged to review the Microsoft Security Update Guide for November and apply the necessary updates to maintain system security. ESET researchers have conducted an in-depth analysis of the backend modules of RedLine Stealer, a notorious infostealer malware. Following international authorities’ takedown of RedLine Stealer, ESET’s research provides insights into the malware’s operations and infrastructure. This analysis aids cybersecurity professionals in understanding and mitigating threats posed by similar malware. The findings underscore the ongoing need for vigilance and advanced threat detection in the cybersecurity landscape. And those are your headlines for the week. Thank you again for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you liked the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit SkyhighSecurity.com. Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print. .accordion-flush .accordion-item .accordion-button, .accordion-flush .accordion-item .accordion-button.collapsed { border-radius: 0; border-top: solid 1px #ededed; border-bottom: solid 1px #ededed; background-color: #f8f9fa; } .accordion-button:focus { box-shadow:none; } .accordion-body { border-bottom: solid 1px #ededed; border-left: solid 1px #ededed; border-right: solid 1px #ededed; } .font-italic { font-style: italic; }

    8 min

  8. 11/06/2024

    CloudCast Cybersecurity Headlines for November 6, 2024

    From the CloudCast Studios at Skyhigh Security, I’m your host Scott Schlee and these are your Cybersecurity Headlines for the week of Tuesday, November 6, 2024. Headlines this week: Fortinet Flaw Exploited AWS CDK Vulnerability Patched SEC Charges Over SolarWinds Disclosures REvil Members Sentenced in Russia Meta’s WhatsApp Security Update CISA and FBI Probe China-Linked Hacks Change Healthcare Data Breach Delta Sues CrowdStrike Over Outage Thank you for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript From the CloudCast Studios at Skyhigh Security, I’m Scott Schlee, and these are your Cybersecurity Headlines for the week of Tuesday, November 6th, 2024. Fortinet recently disclosed a critical flaw in its FortiManager software, which has been actively exploited in zero-day attacks to compromise systems. This vulnerability, known as an out-of-bounds write, allows remote attackers to execute arbitrary code, giving them unauthorized control over affected systems and the ability to steal sensitive data. Organizations using Fortinet products have been strongly urged to apply patches immediately to mitigate potential risks. Critical vulnerability in Amazon’s cloud development kit allowed potential account takeovers, exposing users to security risks. This flaw, if exploited, could enable attackers to gain full control over AWS accounts through improperly secured S3 bucket configurations. Amazon has since released a patch for the CDK urging all users to update to the latest version to secure their cloud environments against this risk. The SEC has charged four companies, including Unisys and Avaya, for misleading disclosures regarding their cybersecurity practices following the 2020 SolarWinds cyberattack. These firms allegedly failed to adequately inform investors about the extent of their exposure to cybersecurity risks, instead providing only generic or incomplete risk information. As a result, fines totaling $6 million have been imposed on the companies, with Unisys paying the largest penalty of $4 million. Four members of the notorious REvil Ransomware group were sentenced by the St. Petersburg Garrison Military Court to several years in prison. These individuals were found guilty of crimes related to the illegal circulation of payment methods, marking a rare sentencing for cybercriminals within Russia. This group, linked to high-profile ransomware attacks had been apprehended in 2022, and this verdict signals a significant stance by Russian authorities against certain cybercrime activities. Meta recently introduced an enhanced security feature for WhatsApp known as Identity Proof Linked Storage, IPLS, which provides encrypted storage for user contacts. This new update aims to improve user privacy by safeguarding contact data within WhatsApp, ensuring that only the user can access their stored information. In addition, WhatsApp continues to rely on end-to-end encryption to secure messages, calls, and other media shared through the app, reinforcing its commitment to user privacy. The FBI and CISA are investigating a series of cyber intrusions allegedly orchestrated by Chinese state-sponsored actors targeting U.S. telecommunication networks. Reports indicate that high-profile political figures, including former President Donald Trump and Vice President Kamala Harris, were those affected by these attacks. Breaches raise concerns about potential compromises in national security, and U.S. agencies are urging organizations to remain vigilant and report suspicious activity. In February 2024, Change Healthcare, a leading healthcare payment processing company, experienced a significant ransomware attack compromising the personal and health information of approximately 100 million individuals. This breach affected sensitive data including medical records and financial details, leading to heightened privacy concerns across the healthcare industry. In response, Change Healthcare has offered impacted individuals two years of free credit monitoring and identity theft protection to mitigate potential fallout from the data exposure. And finally, Delta Airlines has recently filed a lawsuit against CrowdStrike, a prominent cybersecurity firm following a major system outage in July 2024 that led to significant operational disruptions. Delta alleges that CrowdStrike’s cybersecurity solutions failed to protect its systems effectively, resulting in the costly outage and downtime. The lawsuit highlights concerns about accountability and service reliability and partnerships between large corporations and cybersecurity providers, especially in the aviation industry, where such outages have far-reaching impacts. CrowdStrike, known for its high-profile cybersecurity clients, is expected to defend against these claims, which could set a precedent for similar cases in the industry. And those are your headlines for the week. Thank you again for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you liked the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit SkyhighSecurity.com. Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print. .accordion-flush .accordion-item .accordion-button, .accordion-flush .accordion-item .accordion-button.collapsed { border-radius: 0; border-top: solid 1px #ededed; border-bottom: solid 1px #ededed; background-color: #f8f9fa; } .accordion-button:focus { box-shadow:none; } .accordion-body { border-bottom: solid 1px #ededed; border-left: solid 1px #ededed; border-right: solid 1px #ededed; } .font-italic { font-style: italic; }

    5 min
See All (15)

About

Join our Data Experts in the following podcast episodes, as we talk about all things Data. As an organization’s biggest asset, the importance of protecting data in a space with no jurisdiction is paramount; particularly at a time when the risks of data breaches globally have never been more serious. Adhering to compliance regulations is also a key challenge facing organizations including FedGov and a critical component of how these organizations protect their data.

Information