Last week cyber news
-
- Following the fear of a Russian cyber-attack, the Danish government is asking citizens to prepare for a scenario of three days without food supplies, etc. At the beginning of the month, Denmark raised the level of threat to the country from cyber-attacks to level 3 out of 5.
- The insurance giant Globe Life reports that it has detected unauthorized access to the company’s systems. (This is the same company whose stock fell 54% earlier this year after reports of fraud. The company, of course, denied it).
- Truist Bank in the US reports a data leak after hackers posted bank information for sale.
- Mandiant reports that the Scattered Spider attack group is now only using data theft extortion without encryption. Mandiant’s report can be found here.
- Speaking of Scattered Spider, the Vx underground organization reports that the Spanish police arrested one of the members of the group in the last day. A 22-year-old boy who was mainly responsible for performing SIM swapping and apparently took a central part in the attack on the MGM hotel chain and casino.
- CDK Global shut down most of its systems due to a cyberattack, effectively shutting down auto dealerships across the United States. General Motors, Group 1 Automotive and Holman are some of the affected dealerships.
- The US government officially announces that it bans the use of Kaspersky products throughout the US. After the government offices were banned, the United States expands the ban on the use of Kaspersky’s antivirus products throughout the United States for fear of national security. As of September 29, 2024, there will be a ban on selling Kaspersky products in the country and Kaspersky will be prohibited from sending updates to customers in the United States.
Security updates
The Israel National Cyber Directorate alerted:
Vulnerabilities in Fortinet equipment. The company has published several security updates, one of them with a high classification and three with a medium classification. It is highly recommended to test and install the latest version for the equipment you have as soon as possible. Critical vulnerabilities in VMware vCenter servers. The company published 3 vulnerabilities, 2 of which are critical. The vulnerabilities could allow remote code execution without the need for authentication.
It is highly recommended to test and install the latest version as soon as possible.