Cyberwire Intel Briefing Notes - July 22, 2024

Jul 25, 2024

Cyberwire Intel Briefing - July 22, 2024

Key Events and Updates

CrowdStrike Outage

  • Impacted 8.5M devices globally
    • Significant disruptions in US airline industry
    • Delta Airlines canceled 3,500+ flights
  • Cause
    • Sensor configuration update on July 19th
    • Logic error led to system crashes and blue screens
  • Response
    • Apology from CrowdStrike CEO George Kurtz
    • Fault identified in Channel File 291
    • Named pipe execution for Windows systems fault
    • Microsoft developed WinPE recovery tool
  • Consequences
    • Increased phishing scams
    • Warnings from CISA and UK NCSC
    • Greater scrutiny of major tech firms suggested

UK Police Arrest and Cyber Crime Group

  • 17-year-old member of Scattered Spider arrested
    • Involved in ransomware attacks and network breaches
    • Collaborated with FBI

DHS Report and Contractor Issues

  • Scathing report on CISA and FLETC
    • Ignored directive to cut ties with high-risk contractor
    • Sensitive data potentially exposed
  • Security deficiencies highlighted
    • Included PIIs of law enforcement officers

Huntress Report - Sock Golish Malware

  • Javascript downloader malware distributing AsyncRAT
    • Involves BOINC platform misuse
  • Indicators of compromise provided

LA Superior Court Ransomware Attack

  • Largest trial court in the US affected
    • No compromised user data at this stage
    • Court serves 10M residents

OCC Report on Banks' Cyber Risk Management

  • Poor ratings for half of the major banks' operational risk management
    • Implications for regulatory scrutiny and capital requirements

CISA Critical Vulnerabilities Additions

  • Vulnerabilities in Adobe Commerce, Magento, SolarWinds ServeU, VMware

Australian Police and SMS Phishing

  • Seizure of SIM boxes and arrests
    • Over 318 million malicious messages sent recently

Featured Interview: Chris Grove on Protecting the Summer Olympics

  • Complexity of securing a temporary smart city
  • Infrastructure challenges
    • Water, wastewater, power, etc.
  • Cybersecurity for competition integrity
  • Disinformation and its effects
  • Public safety and emergency planning

Commentary and Analysis

Cyber Threat Intelligence

  • Mandiant's 2013 APT report influence
  • Growth in vendor participation and usage

Internships in Cybersecurity

  • Importance of practical experience
  • William Westerhoff's success story
    • Discovered critical vulnerability during internship
  • Emphasis on mentoring and meaningful project work

Sponsors Mentioned

  • Strata Identity
  • KnowBe4
  • Vanta
  • Savvy Security

Conclusion

  • Emphasis on the fragile digital ecosystem and need for robust cybersecurity measures
  • Highlight on ongoing global and local cybersecurity measures and findings