This week’s Cyber Security Headlines – Week in Review, June 19-23, is hosted by Rich Stroffolino with our guest, Janet Heins, CISO, iHeartMedia
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com
Microsoft says early June service outages were cyberattacks
Microsoft said on Friday that the outages that affected certain services of the company through some of the earlier days of June were the result of cyberattacks, but said it saw no evidence of any customer data being accessed or compromised. The company said it opened an investigation and began tracking the DDoS activity by the threat actor it refers to as Storm-1359 after it identified the threat, but has not confirmed whether the it had identified the party responsible for the attack.
(Reuters)
Third MOVEit vulnerability raises alarms as US Agriculture Department says it may be impacted
This third vulnerability is causing alarm among U.S. officials and cybersecurity researchers after it was revealed that several government agencies were affected by a hack exploiting the first bug. Progress Software, told Recorded Future News that an “independent source” disclosed the new vulnerability. Tracked as CVE-2023-35708, the bug could give hackers escalated privileges and potential unauthorized access to a victim’s environment. Although Progress has not seen indications that this new vulnerability has been exploited, and has developed a patch, they state it is “extremely important” that all MOVEit customers take immediate action to address the issue.
Reddit hit with ransom demand
Most of the coverage about Reddit of late relates to its controversial API pricing changes. But the company also needs to deal with the threat of a data leak. The ransomware organization ALPHV posted on its leak site it will release 80GB of data exfiltrated from Reddit in an attack the company acknowledged back in February. The attackers demanded a $4.5 million ransom and a reversal on the recent API pricing changes. Reddit said the attack stole employee information and internal documents, with “no evidence” of access to personal user data.
Cyber security market growth outpaces tech sector
The analysts at Canalys report that the cyber security market as a whole grew 12.5% on the year in Q1 to $18.6 billion. This comes as many potential clients for cyber security continue to cut costs in a tightening economy. Palo Alto Networks remained the market share leader in the segment, with 8.7% of revenue. Meanwhile Crowdstrike saw the biggest growth on the year, with revenue up 39.9% to surpass Check Point for the fourth biggest market share. Large and medium-sized organizations lead the growth in spending, while small and micro businesses grew cybersecurity spending 7.5% and 4.3%, respectively.
(Canalys)
Thanks to today’s episode sponsor, Wing Security
ChatGPT accounts for sale
Security researchers at Group-IB discovered over 100,000 compromised ChatGPT account credentials for sale on illicit forums over the last year. India accounted for over 12,000 credentials in this set, with many accounts from the Asia-Pacific region in general. Analysis shows that the Raccoon info stealer accounted for a majority of these stolen credentials. Analysts note that since ChatGPT retains all conversations by default, these credentials could potentially leak business information or other sensitive data sent to the popular chatbot.
Mondelēz International’s info compromised in 3rd party breach
The producer of Oreo cookies and Ritz crackers among other snack foods has warned 51,000 of its past and present employees that their personal info was stolen from the company’s 3rd party law firm. Hackers broke into the network of Bryan Cave Leighton Paisner LLP and were able to access social security numbers,names, addresses, dates of birth, marital status, gender, employee identification numbers, and retirement plan info belonging to current and former Mondelēz workers. As a side note Mondelēz was among the global companies hit in the NotPetya outbreak and recently settled a $100-million-plus cleanup bill with its cyber insurer, Zurich American Insurance Company.
63% of IT leaders measure IT success by reduced risk
A survey by Rocket Software took a look at the biggest challenges facing IT leaders of large organizations and their approach to modernizing their IT department. The report revealed that the top concerns among IT leaders include improving overall IT performance (60%), data security (50%), process risk and compliance (46%) and the need to improve agility (41%).
Respondents noted that the top measure of success within their IT organization was by increased efficiency (71%) which they defined as faster DevOps and automated processes. Optimized resources (67%) and reduced risk (63%) were also among the top measures of IT success.
ICEFALL vulnerability disclosed affecting Schneider tool
Following up on a story we brought you exactly one year ago, researchers have disclosed a vulnerability affecting tools made by OT manufacturer Schneider Electric — the final bug announced as part of a set of disclosures collectively known as OT:ICEFALL that was released on June 22, 2023. The vulnerability affects the company’s ION and PowerLogic power meters, which provide power and energy monitoring tools to organizations in the manufacturing, energy, water and wastewater systems sectors. Tagged as CVE-2022-46680, the vulnerability has a CVSS score of 8.8 out of 10, indicating a high severity, and allows hackers to gain access to credentials that would help them change configuration settings or potentially modify firmware.