October 28, 2024 at 08:33AM
Cybersecurity news reveals new threats including a critical Fortinet flaw under exploitation, severe cryptographic issues in cloud services, and North Korean Lazarus Group exploiting a Chrome vulnerability. Notably, Delta Air Lines sued CrowdStrike for a major outage, while CISA investigates unauthorized telecom access by Chinese threat actors. Stay informed and safe.
### Meeting Takeaways (October 28, 2024)
#### Key Cybersecurity Updates
– **Threat of the Week:**
– A critical flaw in Fortinet’s FortiManager (CVE-2024-47575) with a CVSS score of 9.8 is under active exploitation, identified by Google-owned Mandiant as UNC5820.
– **Trending CVEs:**
– Notable CVEs include CVE-2024-41992, CVE-2024-20481, CVE-2024-20412, CVE-2024-20424, CVE-2024-20329, CVE-2024-38094, CVE-2024-8260, CVE-2024-38812, CVE-2024-9537, and CVE-2024-48904.
#### Major News Highlights
– **Severe Cryptographic Flaws:**
Found in five cloud storage providers, including Sync and pCloud, allowing potential data tampering and unauthorized access.
– **Lazarus Group Exploits Google Chrome Flaw (CVE-2024-4947):**
An ongoing campaign leveraging a now-patched zero-day vulnerability in Chrome to control compromised devices.
– **AWS CDK Flaw Fixed:**
A vulnerability that could lead to account takeover was patched in July 2024.
– **SEC Charges for Misleading Disclosures:**
Four companies, including Avaya and Check Point, were charged for downplaying the impact of SolarWinds-related breaches.
– **REvil Members Sentenced:**
Four individuals from the ransomware group received prison sentences in Russia.
#### Noteworthy Developments
– **Delta Air Lines vs. CrowdStrike:**
Delta is suing CrowdStrike for a major outage impacting operations and customer experiences, attributing fault to the vendor’s negligence.
– **Meta’s New WhatsApp Security Feature:**
Meta introduced an encrypted storage system for WhatsApp contacts to enhance user privacy.
– **CISA and FBI Investigating Salt Typhoon:**
Investigations into unauthorized access to U.S. telecommunications infrastructure by Chinese-linked actors.
– **Employee Fraud Schemes:**
Reported instances of fraudulent hires highlight the necessity for stringent verification processes.
– **AI Tool Vulnerabilities Explored:**
Researchers discovered ways to manipulate digital watermarks in AWS tools and prompt injection flaws in Google’s AI systems.
#### Resources and Insights
– **Webinar on Data Security in Cloud:**
Upcoming session featuring CISO Benny Bloch discussing lessons learned in improving data security posture with DSPM.
– **Expert Insight on Overlooked Vulnerabilities:**
Emphasis on IAM misconfigurations, API security, shadow IT risks, and recommended tools for prevention.
– **DNS Security Tip:**
Recommendations to enhance DNS security include using privacy-focused resolvers, employing DNSSEC, and encrypting DNS requests.
### Conclusion
Stay vigilant against emerging cybersecurity threats. Keep informed of the latest developments to safeguard against potential vulnerabilities. More updates will follow next week.