Author: Chase Snyder, Sr. PMM, Xage Security
This is the monthly zero trust cyber risk roundup highlighting key news and actionable insights for enterprises looking to stop the next cyberattack by land, by sea, or in space. Our July 2024 Cyber Risk Roundup offers a quick peek at this month’s big stories.
Follow Xage Security on LinkedIn for daily updates on cyber risk and global events.
After CrowdStrike’s Blue Screen of Death Moment, What’s Next?
The global IT outage caused by a CrowdStrike update is driving questions about the security of software update paths. In a year when software supply chain attacks have spiked (up over 60% according to Verizon DBIR 2024), and the widely used XZUtils Linux package nearly had a malicious backdoor inserted, the scrutiny on enterprise software as a risk vector is intensifying. Learn more and read what cybersecurity experts are saying about the incident
Protecting Linux Systems from RegreSSHion (CVE-2024-6387)
OpenSSH has a high-risk vulnerability (CVE-2024-6387) nicknamed RegreSSHion that could allow unauthenticated remote code execution against a broad swath of Linux systems. Xage can protect vulnerable assets even if they haven’t been patched yet. Read our overview of the vulnerability and how to stay secure. Learn more.
When Misinfo and Cyber Risk Collide
The intersection of political misinformation, hacktivism, and cyber risk is driving concern while local and global political tension ramps up. The DOS Won’t Hunt podcast had a panel of experts on to discuss. Listen here.
Cyberattack Brings Down Los Angeles Courts
36 courthouses in Los Angeles were closed due to a ransomware attack, highlighting the massive disruption that can occur when government systems are targeted. This is the largest trial court system in the U.S. and showcases the ways that large, complex systems with software interdependencies can be disrupted to directly impact the lives and livelihoods of everyday Americans. Learn more.
Microsoft Discloses New Vulnerability in AD-Joined ESXi Hypervisors
A vulnerability that is already being actively exploited by ransomware gangs has been disclosed by Microsoft. The vulnerability, assigned CVE-2024-37085, enables attackers to elevate their privileges to admin level on domain-joined ESXi hypervisors and allowing them to encrypt systems and potentially exfiltrate data. Read the Microsoft blog.
The Next OT Cybersecurity Product Market
Well known industrial cybersecurity commentator Dale Peterson published some insightful thoughts about the OT cybersecurity market, with a shoutout for Xage Security in the OT secure remote access market. Read more
New “FrostyGoop” Malware Targets ICS by Abusing Modbus Protocol
TechTarget published coverage of a new malware targeting Industrial Control Systems via the commonly used Modbus protocol. This is another signal that OT, ICS, and cyberphysical systems (CPS) are in the crosshairs of cyberattackers. The attacks on OT will continue until security improves. Read more
Millions of Web Users at Risk from OAuth Vulnerability
Researchers at Salt Security’s Salt Labs warn that the combination of an XSS technique and a vulnerability in the widely-used OAuth protocol could result in widespread exploitation. The hack was discovered in Business Insider website, but they predict that the combinations of factors to make it possible are likely common across many popular sites. Read the Article.
Xage and Armis Partner to Bring Secure Remote Access to OT
Xage and Armis are deepening our partnership to bring zero trust principles and secure remote access to operational technology. Watch our 1-minute video to learn more.
