👋 Welcome to the 20th edition Cyber Weekly Digest of 2024.
Many interesting and exciting goings-on at CV HQ this week!
I'm not talking about 'that' photo of the night sky (yeah, yeah, all 20,000 of them were very cool), Luke Littler topping his first Premier League (oi, oi, oi) or Baby Reindeer... I'm talking announcing new partnerships, releasing new podcasts and planning more trips to see our Scottish friends up in Glasgow...
New and noteworthy this week:
🟣 Join the Cyber Vigilance team on Wednesday 29th May at DIGIT Expo West, which brings Scotland's largest annual technology showcase to Glasgow.
We will be exhibiting alongside our partners Rapid7 and Automox. You can register here
🟣 This week we were thrilled to announce our latest partnership with Egress Software Technologies!
Working with Egress means our customers can protect themselves from the full spectrum of email risks including inbound, outbound and encryption. The Egress Intelligent Email Security Platform continuously assesses human risk and dynamically adapt policy controls to dramatically enhance organisations security. Read our blog post to find out more
🟣 Don't forget to check out our latest podcast episode "Humans are the weakest link..." feat. Katie 'Magic' Maxted and John Scott from CultureAI, discussing why statements like this can be so frustrating when managing human risk.
Side note: If you didn't think of Anne Robinson (or Romesh for the Gen Z's) and add a cheeky "Goodbye" are you even human!?
🟣 With #Infosec2024 just around the corner, make sure you visit Egress (new partner, not sure I've mentioned it before, #nobiggie) on stand C80, ExCel London June 4-6th. You can register here
Last but not least...
🟣 Standing ovation for CultureAI this week as they score a hat-trick at the Cyber Security Excellence Awards!! 🏆 Best Cyber Security Company - Best Security Automation - Best Human Risk Management Platform 🏆 BOOM!
Now, let's take a look at our Cyber Weekly Digest, highlighting our top cyber security news picks of the week.
🚨 This week we heard from Rapid7 researchers that uncovered a social engineering campaign, an almighty volume of fraudulent transactions blocked by Apple and an article from The Hacker News covering the 6 Mistakes Organizations Make When Deploying Advanced Authentication
Keep reading to stay up to date on the latest cyber security news.
Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation. "The incident involves a threat actor overwhelming a user's email with junk and calling the user, offering assistance," Rapid7 researchers Tyler McGraw, Thomas Elkins, and Evan McCann said. "The threat actor prompts impacted users to download remote monitoring and management software like AnyDesk or utilize Microsoft's built-in Quick Assist feature in order to establish a remote connection."
The Microsoft Threat Intelligence team said it has observed a threat actor it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks. "Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware," the company said in a report published on May 15, 2024. The attack chain involves the use of impersonation through voice phishing to trick unsuspecting victims into installing remote monitoring and management (RMM) tools, followed by the delivery of QakBot, Cobalt Strike, and ultimately Black Basta ransomware.
Researchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic. The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on WEP, WPA3, 802.11X/EAP, and AMPE protocols. The method "involves downgrading victims to a less secure network by spoofing a trusted network name (SSID) so they can intercept their traffic or carry out further attacks," Top10VPN said, which collaborated with KU Leuven professor and researcher Mathy Vanhoef.
Deploying advanced authentication measures is key to helping organizations address their weakest cybersecurity link: their human users. Having some form of 2-factor authentication in place is a great start, but many organizations may not yet be in that spot or have the needed level of authentication sophistication to adequately safeguard organizational data. When deploying advanced authentication measures, organizations can make mistakes, and it is crucial to be aware of these potential pitfalls...
Apple's anti-fraud technology has blocked more than $7 billion in potentially fraudulent transactions in four years, the company states in its latest annual fraud prevention analysis. From 2020 through 2023, the company also detected more than 14 million stolen cards and blocked them from transacting on its platform along with 3.3 million accounts. Statistics for last year show that Apple stopped $1.8 billion in suspicious transactions, slightly less than the $2 billion blocked in 2022.
Comments