Cyber Risk Update 7 JUN 2024

This is a selection of this week's events.  Join the conversation for more news and advisories, and connect on our discord server.  This server is focused on cybersecurity collaboration with critical infrastructure stakeholders. (TLP Clear Only) Invite: https://discord.gg/PGz3NDKb5V  

Join (ISC)2 East Bay Chapter; membership is free! https://isc2-eastbay-chapter.org/membership/

Career

• 225,000 More Cybersecurity Workers Needed in US: CyberSeek. There are 1.2 million cybersecurity workers in the US, but 225,000 more are needed to close the talent gap, according to new data. https://www.securityweek.com/225000-more-cybersecurity-workers-needed-in-us-cyberseek/

Cyber Incidents

• Dubai government suffers alleged ransomware attack https://cybernews.com/news/dubai-government-ransomware-attack-daixin/

• Ransomware attack chaos at London hospitals blamed on Qilin gang https://cybernews.com/news/synnovis-ransomware-attack-london-hospitals-qilin-gang/

• Accidental or not, another Google leak exposes multiple privacy breaches https://cybernews.com/news/google-leak-exposes-privacy-breaches/

• Financial data wiped from US eye clinics, over 300k people affected https://cybernews.com/news/panorama-eyecare-breach/

• Australian Mining Giant Confirms BianLian Ransomware Attack (06/05) https://www.bankinfosecurity.com/australian-mining-giant-confirms-bianlian-ransomware-attack-a-25414

• Advance Auto Parts stolen data for sale after Snowflake attack https://www.bleepingcomputer.com/news/security/advance-auto-parts-stolen-data-for-sale-after-snowflake-attack/

• Hijacking Scheme Takes Over High-Profile TikTok Accounts https://www.darkreading.com/cyberattacks-data-breaches/hijacking-scheme-takes-over-high-profile-tiktok-accounts

• Ticketmaster Breach Showcases SaaS Data Security Risks https://www.darkreading.com/cloud-security/ticketmaster-breach-showcases-saas-data-security-risks

TTP

• Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide (06/05) https://thehackernews.com/2024/06/rebranded-knight-ransomware-targeting.html

Nation States

• Chinese hacking groups team up in cyber espionage campaign (06/05) https://www.bleepingcomputer.com/news/security/chinese-hacking-groups-team-up-in-cyber-espionage-campaign

• Chinese South China Sea Cyberespionage Campaign Unearthed https://www.govinfosecurity.com/chinese-south-china-sea-cyberespionage-campaign-unearthed-a-25411

• Ukrainian Systems Hit by Cobalt Strike Via a Malicious Excel File https://www.darkreading.com/cyberattacks-data-breaches/ukrainian-systems-hit-by-cobalt-strike-via-a-malicious-excel-file

• Russian cyber operations are largest threat to Olympics, Google warns https://cybernews.com/security/russian-cyber-operations-largest-threat-to-olympics/

DeepFakes

• “Tom Cruise” undermining Paris Olympics in Russian deepfake https://cybernews.com/news/fake-tom-cruise-undermining-paris-olympics/

Collaboration

• Panel advises CISA on how to improve industry-government collaboration project (06/05) https://cyberscoop.com/panel-advises-cisa-on-how-to-improve-industry-government-collaboration-project

• Law enforcement's vital role in bomb prevention and cybersecurity (06/05) https://www.police1.com/police-training/protecting-america-law-enforcements-vital-role-in-bomb-prevention-and-cybersecurity

• FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out https://www.bleepingcomputer.com/news/security/fbi-recovers-7-000-lockbit-keys-urges-ransomware-victims-to-reach-out/

Supply Chain

• CISA SBOM community group explores applying software transparency concepts to artificial intelligence (06/05) https://insidecybersecurity.com/daily-news/cisa-sbom-community-group-explores-applying-software-transparency-concepts-artificial

• What CISOs need to know about Microsoft’s Copilot+ https://www.csoonline.com/article/2137682/what-cisos-need-to-know-about-microsofts-copilot.html

• Unauthorized AI is eating your company data, thanks to your employees https://www.csoonline.com/article/2138447/unauthorized-ai-is-eating-your-company-data-thanks-to-your-employees.html

Financial

• Cyberattacks pose mounting risks to creditworthiness: Moody's (06/05) https://www.cfodive.com/news/cyberattacks-pose-mounting-risks-creditworthiness-moodys-cybersecurity/718144

• State and local government groups urge Congress to continue dispersing cyber funding https://statescoop.com/state-local-cyber-grant-funding-clawbacks-2024/

Legislation

• White House wants to harmonize the breadth of cybersecurity regulations (06/05) https://www.cybersecuritydive.com/news/white-house-harmonize-cybersecurity-regulations/718072

• There is a policy rider in the spending bill for CISA that would prohibit “the government from labeling Americans’ constitutionally protected speech as ‘misinformation’ and imposes a penalty of termination for such action,” according to the summary. https://insidecybersecurity.com/daily-news/house-appropriators-consider-policy-riders-prohibit-cisa-misinformation-work-spending-sec

Other

• In Other News: Apple WPS Surveillance, Canadian Gov Wants Backdoors, NIST AI Program https://www.securityweek.com/in-other-news-apple-wps-surveillance-canadian-gov-wants-backdoors-nist-ai-program/

• 8 principles for ethical AI at work, according to the White House https://hrexecutive.com/8-principles-for-ethical-ai-at-work-according-to-the-white-house/

• NIST is finally getting help with the National Vulnerability Database backlog https://www.csoonline.com/article/2138449/nist-is-finally-getting-help-with-the-national-vulnerability-database-backlog.html