Daily Cyber Intel Brief: 11/26/2024
Today: Firefox and Windows Zero Days — Blue Yonder Ransomware — GhostSpider Malware — New IaC and PaC Blind Spots — 2,000 Palo Alto Firewalls Compromised — Finastra Breach Update
Get the critical updates you need as a cybersecurity professional or business leader without the time drag or hassle.
No one has time to sift through dozens of websites for critical cybersecurity insights. That’s why I developed a better solution-it’s automated, curated, and FREE. Designed for efficiency, I pinpoint the most critical cybersecurity events security professionals and business leaders need to know, and I publish them every business day by 9 AM CT for you.
Subscribe to receive automated notifications and stay ahead of critical developments — NO SPAM, just concise, relevant updates delivered directly to your inbox.
You can connect with me on LinkedIn and join my professional network.
11/26/2024 — New Cybersecurity Updates
Firefox and Windows zero-days exploited by Russian RomCom hackers — Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. Source
Blue Yonder ransomware attack disrupts grocery store supply chain– Supply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK. Source
Salt Typhoon hackers backdoor telcos with new GhostSpider malware — The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new “GhostSpider” backdoor in attacks against telecommunication service providers. Source
Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats — When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s why Intruder, a leader in attack surface management, built Intel — a free vulnerability intelligence platform designed to help you act fast and prioritize real threats. Source
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks — The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems. Source
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries — The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Source
CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks — The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. Source
Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks — Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp’s Terraform and Styra’s Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data. Source
New York Fines Geico and Travelers $11 Million Over Data Breaches — New York has announced $11 million settlements with Geico and Travelers over data breaches affecting 120,000 people. Source
Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack — Supply chain management software provider Blue Yonder has been targeted in a ransomware attack that caused significant disruptions for some customers. Source
Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks — A ransomware group has been observed exploiting a recently patched command injection vulnerability in Zyxel firewalls for initial access. Source
Halcyon Raises $100 Million at $1 Billion Valuation — Series C Funding round brings the total amount raised by the ransomware protection firm to $190 million. Source
More than 2,000 Palo Alto Networks firewalls compromised — Malicious actors were able to compromise more than 2,000 Palo Alto Networks firewalls. Source
Finastra investigates data breach, security leaders discuss — Finastra is investigating an alleged data breach. Security leaders share their insights. Source
Get notified when I publish new articles so you don’t miss the latest cybersecurity updates. I never share your email address; your subscription only sends you notifications when I publish new articles.
As a Bayesian Cyber Risk Quantification Scientist, I specialize in quantifying cybersecurity risks into measurable, data-driven insights using advanced Bayesian statistics and Bayesian Network modeling. By applying rigorous probabilistic analysis, I help organizations quantify cyber threats in financial terms, prioritize resource allocation, model return on control investments, and make strategic decisions within a complex threat landscape. With thirty years of experience in the financial industry, I bridge compliance and regulatory requirements with actionable, data-driven intelligence, enabling leadership to make higher-resolution decisions and maximize the impact of their investments.
Free Bayesian Primers for Cybersecurity Professionals:
Bayes Theorem Primer — https://timlaytonllc.com/bayesprimer/
Bayesian Network Primer — https://timlaytonllc.com/bnprimer/
Copyright: Copyright © 2024 Tim Layton & Associates, LLC. All rights reserved. All information and content on this website are protected by copyright and may not be reproduced, distributed, or transmitted in any form without prior written permission from Tim Layton & Associates, LLC.
Originally published at https://timlaytonllc.com on November 26, 2024.
