HopeNet Cyber Recap – 04.05.24 – HopeNet CISO Services

HopeNet (HopeNetCISO.com) curates a list of recent security news relevant to churches, nonprofits, and charities. The headlines and comments are meant to provide enough to get an overview of recent happenings, but links are also provided for readers that want to explore certain topics deeper.

General

Scoop: Congress bans staff use of Microsoft’s AI Copilot – “The Microsoft Copilot application has been deemed by the Office of Cybersecurity to be a risk to users due to the threat of leaking House data to non-House approved cloud services.” I absolutely agree.
Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds – May be time to use those room safes…

Access Attacks

Cyberattack strikes Hot Topic (again) – a “credential stuffing” attack was used. These attacks use leaked passwords from breaches to log into other sites. It is important to use different passwords across different sites.
Multi-factor Authentication (MFA) Bypassed to Permit Data Breach – This attack used “Push notification spamming”. This causes the user to be barraged by MFA approval requests until they (purposely or accidentally) accept.

Security Culture

Ivanti vows to transform its security operating model – More Ivanti vulnerabilities – the latest in a long line. As mentioned in a previous newsletter, the number of attacks indicate a problem overall with Ivanti’s practices. They have now admitted as much.
Review Board issues scathing report against Microsoft for Chinese Hack – One of the best comments I have heard related to this event is “Security is no longer just a technical issue but a people and ultimately cultural issue.”

Data Breach or Loss

OWASP Data Breach Caused by Server Misconfiguration – It is disturbingly ironic that “Security Misconfiguration” is #5 on the popular OWASP Top 10 Application Security Risks.
17 Billion Personal Records Exposed in Data Breaches in 2023 – Wait, aren’t there fewer than 8 billion people total in the world?
Boat Dealer MarineMax Confirms Data Breach

Operational Disruption

Missouri county home to Kansas City says suspected ransomware attack affecting tax payments – Significant disruptions affecting tax payments and online property, marriage licenses and inmate searches.
RDP Abuse Present in 90% of Ransomware Breaches – Working remotely has its advantages, but it also introduces new risks. Seems that remote access has overtaken email phishing as the top delivery method for ransomware.

Vulnerabilities

XZ Utils Backdoor Implanted in Intricate Supply Chain Attack – Another supply chain attack using open source software. If you are using Linux or other Unix based operating systems, this is worth a read. Free scanner referenced in the article.
Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites – more plug in / supply chain issues.

If this was shared with you and you would like to receive your own copy in the future, please subscribe at HopeNetCISO.com. Thanks for reading!