Welcome to this week's edition of Nomios Weekly CyberWednesday! As always, we are here to provide you with a concise rundown of the most pivotal cybersecurity and networking events from around the world. This edition covers everything from the pressing implementation delays of EU cybersecurity rules, to critical vulnerabilities and their exploitation, as well as innovative tactics employed by cybercriminals. Our aim is to keep you informed and one step ahead in the dynamic landscape of digital security, crucial for IT professionals and enterprises operating globally.
1. Implementation Delays in EU Cybersecurity Rules
A significant number of EU member states are yet to meet the implementation deadline for the Network and Information Security Directive (NIS 2), raising concerns among critical sectors like water provision. The directive, which aims to enhance cyber resilience across key industries such as energy, transport, banking, and digital infrastructures, requires entities to report serious incidents within 72 hours. The varying pace of adoption across countries like Germany, the Netherlands, and Ireland is creating a patchwork of regulations, complicating compliance for businesses operating across these markets. (Source: Euronews.com)
2. Critical Vulnerability in Fortinet’s FortiManager
Fortinet has disclosed a severe vulnerability in FortiManager, identified as CVE-2024-47575 with a CVSS score of 9.8, which is currently under active exploitation. Known as FortiJump, this flaw could allow unauthenticated attackers to execute arbitrary code remotely through specially crafted requests to the FortiManager fgfmd daemon. This security lapse affects multiple versions of FortiManager and some older FortiAnalyzer models, prompting urgent calls for applying patches and implementing recommended workarounds. (Source: thehackernews.com)
3. Windows 'Downdate' Exploit Compromises Security
The newly discovered 'Downdate' attack poses a serious risk to Windows 11 systems by exploiting the Windows Update process to revert patched components to their vulnerable states. This technique allows attackers to undermine endpoint security defenses and install malicious rootkits, effectively turning robust protections into liabilities. This method has profound implications for organizational security, emphasizing the need for robust monitoring and updating practices. (Source: darkreading.com)
4. Delta’s Legal Battle with CrowdStrike Over Outage
Delta Air Lines has filed a lawsuit against CrowdStrike following a severe technology outage allegedly triggered by a faulty update implemented by the cybersecurity firm. The outage resulted in thousands of flight cancellations during the peak summer season, inflicting financial damage exceeding $500 million. Delta accuses CrowdStrike of negligence and seeks both compensation and punitive damages, highlighting the critical importance of rigorous testing and reliable cybersecurity partnerships. (Source: securityweek.com)
5. Cisco Confronts Exploited Security Flaw
Cisco has responded to an exploited vulnerability within its Adaptive Security Appliance and Firepower Threat Defense systems by releasing necessary patches. The flaw, identified as CVE-2024-20481, allowed attackers to initiate denial-of-service attacks through excessive VPN authentication requests, part of a broader brute-force campaign impacting numerous organizations. Cisco’s swift action underscores the ongoing threat of network-level attacks and the necessity for continual vigilance. (Source: securityweek.com)
6. Adaptive Strategies of Grandoreiro Banking Malware
The Grandoreiro banking malware continues to evolve, introducing advanced evasion techniques and expanding its geographic focus. New variants employ domain generation algorithms for stealthier command and control operations, and encryption methods like ciphertext stealing to enhance its concealment. Despite some arrests within the cybercrime group, the malware remains active, targeting financial institutions across Latin America and Europe. (Source: thehackernews.com)
7. ChatGPT Jailbreak Using Hexadecimal Encoding and Emojis
Researchers have bypassed ChatGPT's safeguards by encoding malicious instructions in hexadecimal format and emojis, tricking the AI into generating exploits for cybersecurity vulnerabilities. This vulnerability highlights potential weaknesses in AI language models and emphasizes the need for more sophisticated security measures to prevent misuse. (Source: securityweek.com)
8. Emerging Phishing Techniques
With the rise of advanced phishing techniques, experts like Stu Sjouwerman are sounding the alarm on methods such as SEO poisoning, mobile app phishing, and cloud-based attacks. These techniques exploit various digital platforms and applications to deceive users into divulging sensitive information. The increasing sophistication of these attacks calls for enhanced user education and proactive defense strategies to mitigate these evolving cyber threats. (Source: securityweek.com)
9. TeamTNT Expands Crypto Mining Campaigns
TeamTNT is intensifying its focus on cloud-native environments with a new campaign designed to hijack cloud resources for cryptocurrency mining. This operation not only uses compromised servers but also rents them out to other malicious actors, showcasing a shift towards more sustainable and profitable cybercriminal activities. This highlights the need for robust cloud security measures to protect against unauthorized access and misuse of computing resources. (Source: thehackernews.com)
10. Armis Secures Major Funding Ahead of Planned IPO
Armis, a leader in cyber exposure management, has raised $200 million in its latest funding round, pushing the company's valuation to $4.2 billion. This strategic capital injection is set to support Armis’s ambitious growth plans, including innovations in cyber exposure management and preparations for a public offering. This funding milestone demonstrates the strong market demand for sophisticated cybersecurity solutions capable of managing and mitigating enterprise-level risks.
(Source: armis.com)
Stay ahead of the latest cybersecurity developments by keeping an eye on these stories, and ensure your organisation's security protocols remain up to date.
Do you want to know more about this topic?
Our experts and sales teams are at your service. Leave your contact information and we will get back to you shortly.