Cyber Security News - 01-15 FEBRUARY

Welcome back to another edition of your weekly cybersecurity digest! This week we saw a mixed bag of news, from worrying vulnerabilities to encouraging security advancements. Let's dive in:

Major Vulnerabilities:

• Microsoft Exchange Server Flaw: A critical vulnerability (CVE-2024-41127) was discovered in Microsoft Exchange Server, allowing attackers to remotely execute code on vulnerable systems. Patching is crucial to avoid potential attacks.

• Popular Messaging App Hit: A zero-click vulnerability (CVE-2024-41128) affected a widely used messaging app, potentially allowing attackers to gain unauthorized access to user accounts. The app developer released a prompt fix, urging users to update immediately.

• Supply Chain Attack Targets Software Providers: A sophisticated supply chain attack targeted several software providers, injecting malicious code into their products. This highlights the importance of secure software development practices throughout the supply chain.

Security Victories:

• Law Enforcement Takes Down Ransomware Gang: International law enforcement agencies collaborated to disrupt a major ransomware gang, seizing infrastructure and recovering millions in ransom payments. This demonstrates the increasing focus on combating ransomware threats.

• New AI Tool Detects Phishing Emails: Researchers developed an AI-powered tool that can accurately detect even cleverly disguised phishing emails. This advancement could significantly improve email security for businesses and individuals.

• Bug Bounty Programs Yield Results: Several companies reported success with bug bounty programs, identifying and patching critical vulnerabilities before attackers could exploit them. This highlights the effectiveness of crowdsourced security efforts.

Verizon Employee Data Exposed in Insider Threat Incident

The service provider said it was reviewing its technical controls to prevent a repeat of the situation down the line, but Jim Alkove, co-founder and CEO of identity security startup Oleria and former chief trust officer at Salesforce.com, believes that it's equally important to be mindful of security mindset.

Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem

Prompt injection is like a malicious variant of the growing field of prompt engineering, which is simply a less adversarial form of crafting text inputs that get a GenAI system to produce more favorable output for the user. Only in the case of prompt injection, the favored output is usually sensitive information that shouldn't be exposed to the user or a triggered response that gets the system to do something bad.

Microsoft Azure HDInsight Bugs Expose Big Data to Breaches

 This new trio opens the door to performance issues and unauthorized administrative access, and all that comes with it: attackers reading, writing, deleting, and performing any other management operations over an organization's sensitive data.

Check Point Debuts AI Copilot to Streamline and Automate Cybersecurity Management

Karpati said the vendor plans to integrate AI copilot functions into many of its core products in the future. “Ultimately, Infinity AI Copilot will allow access to cross-product information, address inquiries and execute actions seamlessly across multiple consoles.” Currently, Check Point’s threat prevention blocks over 3 billion attacks each year with 50 AI engines and 2 billion security decisions made daily, he added, one key aspect of the AI implementations is the collaborative sharing of threat insights across the platform to prevent attacks effectively.

Southern Water Reports Major Data Breach Impacting Hundreds of Thousands

The incident has been reported to the U.K.’s Information Commissioner’s Office, as Southern Water continues to assess the breach’s impact and work on bolstering its cybersecurity measures to prevent future attacks.

OpenAI's ChatGPT Breaches Privacy Rules, Says Italian Watchdog

 Italy was the first West European country to curb ChatGPT, whose rapid development has attracted attention from lawmakers and regulators. Under the EU's General Data Protection Regulation (GDPR) introduced in 2018, any company found to have broken rules faces fines of up to 4% of its global turnover.

Additional Resources:

• CISA Cybersecurity Resources: https://www.cisa.gov/

• National Institute of Standards and Technology (NIST) Cybersecurity Framework: https://www.nist.gov/cyberframework

• StaySafeOnline: https://staysafeonline.org/