Technical Difficulties and Commitment to the Audience

The CyberHub Podcast, hosted by James Azar, experienced a minor hiccup with the publication timing of a previous episode due to technical issues. Azar, while traveling for work, emphasizes the integral role the podcast and its audience play in his daily routine, likening it to a morning ritual essential for starting his day.

Ivanti's Rocky Start in 2024

Ivanti's Security Challenge: The year 2024 began with significant challenges for Ivanti, formerly known as Pulse Secure, as they faced multiple zero-day vulnerabilities being exploited in their Connect Secure VPN appliances. This situation underscores the importance of incorporating secure software development life cycle (SLDC) practices from the outset to prevent such vulnerabilities.

Schneider Electric's Ransomware Ordeal

Cactus Ransomware Hits Schneider Electric: Schneider Electric fell victim to an alleged Cactus ransomware attack, leading to the theft of corporate data from its sustainability business division. The attack, which occurred on January 17th, disrupted services and poses a threat to Schneider Electric's clients, including major corporations like Clorox, DHL, and PepsiCo. Schneider Electric's effective divisional segmentation limited the attack's impact, showcasing the importance of network segmentation in corporate resilience against cyber threats.

SolarWinds Challenges SEC Charges

SolarWinds' Legal Battle: SolarWinds is pushing back against charges from the FCC related to the mishandling of a Russian-backed cyber espionage attack, arguing that the charges exceed the FCC's expertise and authority. SolarWinds maintains that it acted transparently and appropriately, stressing that it was a victim of a nation-state attack, not a perpetrator.

Critical Vulnerabilities and Cybersecurity Alerts

• Jenkins Vulnerability Alert: A critical vulnerability in Jenkins (CVE-20-242389 or 7) necessitates immediate patching to prevent exploitation.
• Python Package Index (PyPI) Malware: Malicious packages on PyPI have been found delivering Whitesnake Stealer malware, affecting Windows systems and highlighting ongoing threats within open-source repositories.
• Juniper and Durant Security Updates: High-severity flaws in Juniper's SRX and EX series demand urgent patches to secure systems against potential control by threat actors.

Data Breach Notifications and Scams Alert

• Keenan & Associates Data Breach: Over 1.5 million customers have been notified of a data breach at Keenan & Associates, an insurance brokerage firm, exposing sensitive personal information.
• FBI Warns of Courier Scams: The FBI alerts the public, especially senior citizens, about scams involving couriers collecting money or valuables under false pretenses, emphasizing the need for community awareness and protection of vulnerable populations.

Conclusion and Call to Action

Azar concludes the episode by urging listeners to spread awareness about the latest scams, particularly among senior citizens, to protect them from becoming victims. The episode encapsulates a mix of cybersecurity challenges, legal battles, and community efforts to safeguard against evolving cyber threats, emphasizing the collective role in maintaining cyber safety.

Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel!

 

Apply now to be a featured partner on the show: https://www.cyberhubpodcast.com/contact

******

Listen here: https://linktr.ee/cyberhubpodcast

SubStack: https://jamesazar.substack.com/

******

Website: https://www.cyberhubpodcast.com

Youtube: https://www.youtube.com/c/TheCyberHubPodcast

Rumble: https://rumble.com/c/c-1353861

Facebook: https://www.facebook.com/CyberHubpodcast/

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast

Instagram: https://www.instagram.com/cyberhubpodcast

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

#cybernews #infosec #cybersecurity #cyberhubpodcast #ciso #infosecnews #infosecurity #cybersecuritytips #podcast #technews #tinkertribe #securitygang #informationsecurity #cyberattack #databreach #exploit #zeroday

Music by Brian Penny and is authorized for use. See more of Brian Penny on Spotify!