Good morning, Security Gang! With only two episodes left this year, we’re diving into a packed episode filled with critical cybersecurity updates, ongoing investigations, and industry insights. For those who’ve taken a holiday break, welcome back!

For the rest of us who stayed glued to the news, here’s what unfolded over the weekend. Grab your espresso and buckle up for today’s detailed recap.

China’s Salt Typhoon Campaign Expands

Deputy National Security Advisor Ann Neuberger disclosed a ninth telecom company victimized by China’s Salt Typhoon campaign. This revelation came after federal guidance helped identify the breach. Notably, AT&T and Verizon confirmed their involvement but reassured the public that their networks have been cleansed of the threat.

The FCC plans to vote on new cybersecurity regulations next month. However, criticism looms over their failure to enforce the 1994 Telecommunications Security Act effectively. China remains a persistent adversary, and calls are growing for offensive measures to address the ongoing cyber threats.

HHS Steps Up Cybersecurity for Healthcare

Healthcare breaches remain a significant issue, with attackers targeting sensitive patient data. The Department of Health and Human Services (HHS) is proposing new encryption and compliance mandates under HIPAA.

Breaches at Ascension and United Health spotlight the vulnerabilities in healthcare. The healthcare industry often self-regulates with frameworks like HITRUST, leaving HHS lagging. Weak healthcare security exacerbates fraud, increasing costs for consumers and eroding trust.

DOJ Finalizes Rule on Bulk Data Protection

The Department of Justice issued a rule enforcing Executive Order 14117 to safeguard Americans’ bulk sensitive data from foreign adversaries like China and Russia. Overlapping regulations create confusion for companies, while federal agencies struggle with enforcement. Centralize cybersecurity efforts under CISA to streamline compliance and oversight.

CyberHaven Breach Over Christmas

Cybersecurity startup CyberHaven fell victim to a Christmas Day attack, distributing malicious Chrome extensions. The company acted swiftly, removing the malicious package within 60 minutes. Researchers suspect a phishing attack compromised an admin account. The incident highlights the risks of trusted security tools being weaponized.

Critical Vulnerabilities Patched

• Palo Alto Networks: Fixed a zero-day vulnerability (CVE-2024-3393) that allowed denial-of-service attacks on their firewalls.

• Fort Faith Routers: A command injection flaw (CVE-2024-12856) in industrial routers was exploited to deploy reverse shells. Firmware updates are now available.

E-Commerce Skimming Attack Targets Zag

Zag, known for mobile accessories, reported a breach via their e-commerce provider’s third-party application. Malicious code was injected, exposing customer credit card data. More cases of skimming attacks may emerge as the holiday fallout unfolds.

Share

Flagstar Bank Fined for Misleading Cyber Breach Statements

Flagstar Bank agreed to pay a $3.5 million SEC fine for misrepresenting the impact of a 2021 breach affecting 1.5 million customers. Transparent communication during breaches remains critical for maintaining trust and compliance.

Suspected Russian Sabotage in the Baltic Sea

Finland seized a Russian ship suspected of severing submarine cables in the Baltic Sea. The act is believed to be part of Russia’s economic warfare against NATO-aligned nations. Cable disruptions increase latency and weaken critical communications.

Action List for Security Professionals

1. Review Telecom Guidance: Ensure your organization is monitoring for Salt Typhoon techniques and securing supply chains.

2. Strengthen Healthcare Data Encryption: Adopt industry best practices like HITRUST for compliance.

3. Centralize Cyber Efforts: Advocate for streamlined federal oversight to reduce regulatory confusion.

4. Validate Security Tools: Audit browser extensions and admin controls to minimize risks.

5. Patch Critical Vulnerabilities: Apply the latest updates for Palo Alto firewalls and Fort Faith routers.

6. Enhance Incident Communication: Develop transparent breach response protocols to maintain stakeholder trust.

7. Monitor Geopolitical Risks: Stay informed about potential infrastructure sabotage and prepare contingency plans.

Leave a comment

That’s it for today, gang. We’ll be back tomorrow at 9 a.m. EST for another episode. Don’t miss our final episodes of the year as we dive into the biggest stories of 2024. Stay cyber safe, and as always, don’t forget to subscribe, comment, and share your thoughts! Happy New Year to those signing off early.

✅ Story Links:

https://therecord.media/nine-us-companies-hacked-salt-typhoon-china-espionage

https://www.bleepingcomputer.com/news/security/atandt-and-verizon-say-networks-secure-after-salt-typhoon-breach/

https://www.bankinfosecurity.com/white-house-clears-hipaa-security-rule-update-a-27170

https://www.securityweek.com/us-issues-final-rule-for-protecting-personal-data-against-foreign-adversaries/

https://www.justice.gov/nsd/media/1382521/dl

https://therecord.media/cyberhaven-hack-google-chrome-extension

https://www.securityweek.com/palo-alto-networks-patches-firewall-zero-day-exploited-for-dos-attacks/

https://www.securityweek.com/four-faith-industrial-router-vulnerability-exploited-in-attacks/

https://www.bleepingcomputer.com/news/security/hackers-steal-zagg-customers-credit-cards-in-third-party-breach/

https://www.cybersecuritydive.com/news/flagstar-sec-fine-cyberattack/736070/

https://therecord.media/finland-suspected-russian-spy-ship-undersea-cables-severed

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1

✅ Important Links to Follow:

👉Website:

CISO Talk by James Azar

The latest news and topics from a cybersecurity practitioners discussing Cybersecurity, Privacy, Technology & Geo-Politics. I am a two times Founder and Chief Information Security Officer. All opinions are my own

👉Listen here: https://linktr.ee/cyberhubpodcast

✅ Stay Connected With Us.

👉Facebook: https://www.facebook.com/CyberHubpodcast/

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/

👉Twitter (X): https://twitter.com/cyberhubpodcast

👉Instagram: https://www.instagram.com/cyberhubpodcast

✅ For Business Inquiries: info@cyberhubpodcast.com

=============================

✅ About The CyberHub Podcast.

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.