From the CloudCast Studios at Skyhigh Security, I’m Scott Schlee, and these are your Cybersecurity Headlines for the week of Tuesday, November 6th, 2024.
Fortinet recently disclosed a critical flaw in its FortiManager software, which has been actively exploited in zero-day attacks to compromise systems. This vulnerability, known as an out-of-bounds write, allows remote attackers to execute arbitrary code, giving them unauthorized control over affected systems and the ability to steal sensitive data. Organizations using Fortinet products have been strongly urged to apply patches immediately to mitigate potential risks.
Critical vulnerability in Amazon’s cloud development kit allowed potential account takeovers, exposing users to security risks. This flaw, if exploited, could enable attackers to gain full control over AWS accounts through improperly secured S3 bucket configurations. Amazon has since released a patch for the CDK urging all users to update to the latest version to secure their cloud environments against this risk.
The SEC has charged four companies, including Unisys and Avaya, for misleading disclosures regarding their cybersecurity practices following the 2020 SolarWinds cyberattack. These firms allegedly failed to adequately inform investors about the extent of their exposure to cybersecurity risks, instead providing only generic or incomplete risk information. As a result, fines totaling $6 million have been imposed on the companies, with Unisys paying the largest penalty of $4 million.
Four members of the notorious REvil Ransomware group were sentenced by the St. Petersburg Garrison Military Court to several years in prison. These individuals were found guilty of crimes related to the illegal circulation of payment methods, marking a rare sentencing for cybercriminals within Russia. This group, linked to high-profile ransomware attacks had been apprehended in 2022, and this verdict signals a significant stance by Russian authorities against certain cybercrime activities.
Meta recently introduced an enhanced security feature for WhatsApp known as Identity Proof Linked Storage, IPLS, which provides encrypted storage for user contacts. This new update aims to improve user privacy by safeguarding contact data within WhatsApp, ensuring that only the user can access their stored information. In addition, WhatsApp continues to rely on end-to-end encryption to secure messages, calls, and other media shared through the app, reinforcing its commitment to user privacy.
The FBI and CISA are investigating a series of cyber intrusions allegedly orchestrated by Chinese state-sponsored actors targeting U.S. telecommunication networks. Reports indicate that high-profile political figures, including former President Donald Trump and Vice President Kamala Harris, were those affected by these attacks. Breaches raise concerns about potential compromises in national security, and U.S. agencies are urging organizations to remain vigilant and report suspicious activity.
In February 2024, Change Healthcare, a leading healthcare payment processing company, experienced a significant ransomware attack compromising the personal and health information of approximately 100 million individuals. This breach affected sensitive data including medical records and financial details, leading to heightened privacy concerns across the healthcare industry. In response, Change Healthcare has offered impacted individuals two years of free credit monitoring and identity theft protection to mitigate potential fallout from the data exposure.
And finally, Delta Airlines has recently filed a lawsuit against CrowdStrike, a prominent cybersecurity firm following a major system outage in July 2024 that led to significant operational disruptions. Delta alleges that CrowdStrike’s cybersecurity solutions failed to protect its systems effectively, resulting in the costly outage and downtime. The lawsuit highlights concerns about accountability and service reliability and partnerships between large corporations and cybersecurity providers, especially in the aviation industry, where such outages have far-reaching impacts. CrowdStrike, known for its high-profile cybersecurity clients, is expected to defend against these claims, which could set a precedent for similar cases in the industry.
And those are your headlines for the week. Thank you again for listening to Skyhigh CloudCast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you liked the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit SkyhighSecurity.com.
Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print.