CyberSec Roundup
A synopsis of the Latest Cybersecurity News
FBI issues warning about Hive Ransomware
The FBI’s most recent Flash Alert is warning businesses about the Hive Ransomware group. They use various methods to compromise networks including phishing emails and infect them with ransomware once they are in. Organizations that fall prey are required to pay the ransom or have their information leaked to the “HiveLeaks” site. The group has already attacked at least 28 organizations including hospitals.
Azure Database Alert
Microsoft notified Azure customers via email of a critical vulnerability with Azure Cosmos DB which could potentially allow a user to gain access to another customer’s resources by using the account’s primary read-write key. Most customers using NoSQL databases are running Cosmos DB, which includes many Fortune 500 companies. The cloud security firm WIZ notified Microsoft of the vulnerability which they mitigated immediately, but still advised customers to take steps to secure access to data in Azure Cosmos DB.
White House Cybersecurity Summit
President Biden met with many of the biggest companies in the private sector last week to discuss how they could improve America’s cybersecurity infrastructure. This is against the backdrop of the increased number of cyber-attacks against government agencies and companies in the last year. The Big Tech companies have stepped up to the plate with commitments from Apple to set up a program to improve security in supply chains, Google & Microsoft investing billions in various security initiatives, Amazon offering free cybersecurity awareness training, and IBM pledging to train 150,000 people in cybersecurity.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)