Information Security News 7-1-2024

Share This Post

Levi’s Caught with Pants Down: Hackers Expose 72,000 Customer Account Details

Article Link: https://www.scmagazine.com/news/levis-gets-stripped-of-72000-customer-account-details

  • The retailer detected suspicious activity indicative of a credential stuffing attack, where attackers used stolen credentials from other breaches to access customer accounts.
  • Compromised information includes customers’ names, email addresses, mailing addresses, order history, and the last four digits of payment cards.
  • Levi Strauss responded by deactivating the affected accounts and forcing password resets to prevent further unauthorized access.
  • The company advises customers to use unique passwords for different services and a password manager tool to reduce the risk of similar attacks in the future.

CISA Says Crooks Used Ivanti Bugs to Snoop Around High-Risk Chemical Facilities

Article Link: https://www.theregister.com/2024/06/25/cisa_ivanti_chemical_facilities/

  • The US Cybersecurity and Infrastructure Security Agency (CISA) is urging high-risk chemical facilities to secure their online accounts after a breach in its Chemical Security Assessment Tool (CSAT) portal.
  • The breach exploited vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways, potentially allowing unauthorized access.
  • Although no data was stolen, encrypted site security plans, Top-Screen surveys (available through the CSAT tool), and personal details of facility staff were potentially accessed.
  • CISA advises rotating passwords and patching Ivanti bugs. Identity protection services will be available for affected individuals.

Cloud Breaches Impact Nearly Half of Organizations

Article Link: https://www.infosecurity-magazine.com/news/cloud-breaches-half-organizations/

  • With 3,000 respondents from 18 countries across 37 industries, the Thales Group 2024 Cloud Security study reports nearly half of organizations (44%) have experienced a cloud data breach, with 14% in the past year.
  • Three top root causes reported were human error and misconfigurations (31%), exploitation of known vulnerabilities (28%), and zero-day vulnerabilities (24%). Failure to use multi-factor authentication was a factor in 17% of breaches as well.
  • The report also noted that challenges in managing compliance and privacy are due to cloud complexity, with 53% using five or more key management systems.
  • Link to Thales Group’s Report: https://cpl.thalesgroup.com/cloud-security-research

Navigating the Evolving World of Cybersecurity Regulations in Financial Services

Article Link: https://biztechmagazine.com/article/2024/06/navigating-evolving-world-cybersecurity-regulations-financial-services

  • Financial services must comply with the New York Department of Financial Services’ Part 500 regulations, which require stricter cybersecurity controls.
  • Covered entities need to implement multi-factor authentication, have a designated CISO, written policies, and conduct periodic risk assessments and cybersecurity tests.
  • CISOs must report on cybersecurity posture to their board, highlighting the importance of board involvement in understanding and managing cybersecurity risks.
  • The Securities and Exchange Commission (SEC) and Department of Homeland Security (DHS) have issued new rules for incident reporting, while financial services benefit from zero-trust strategies and must navigate overlapping regulatory requirements.
  • Link to the NYDFS Part 500 Regulations: https://www.dfs.ny.gov/industry_guidance/cybersecurity

75% of New Vulnerabilities Exploited Within 19 Days

Article Link: https://www.helpnetsecurity.com/2024/06/27/nvd-vulnerabilities/

  • Over 30,000 new vulnerabilities were published last year, with a new vulnerability emerging approximately every 17 minutes, which has resulted in a 17% increase year-over-year.
  • The average time to patch vulnerabilities exceeds 100 days, while 75% of new vulnerabilities are exploited within 19 days.
  • The report also noted that nearly half of all reported vulnerabilities catalogued by the National Vulnerability Database (234,579) since inception 30 years ago, have only been discovered in the past five years, creating a “focus gap” for security teams.
  • Effective vulnerability management involves continuous identification, risk-based prioritization, leveraging existing controls, and ethical compliance.
  • Link to Skybox Security’s Report: https://www.skyboxsecurity.com/resources/report/vulnerability-threat-trends-report-2024/

Crown Equipment Confirms a Cyberattack Disrupted Manufacturing

Article Link: https://www.bleepingcomputer.com/news/security/crown-equipment-confirms-a-cyberattack-disrupted-manufacturing/

  • Crown Equipment, a major forklift manufacturer, confirmed a cyberattack that disrupted its operations since June 8th, 2024.
  • Reports suggest that the incident stemmed from an employee falling for a social engineering attack that led to remote access software being installed on their computer. The attack has led to IT system shutdowns, affecting employee clock-ins, access to service manuals, and machinery deliveries.
  • Crown is working with cybersecurity experts and the FBI. They have also slowly started to restore systems, although manufacturing is still impacted.

CHERI Alliance Aims to Secure Hardware Memory

Article Link: https://www.darkreading.com/endpoint-security/cheri-alliance-aims-to-secure-hardware-memory

  • The CHERI Alliance works to protect hardware memory from cyber attacks by separating hardware from software. They introduced detailed memory protection to block hackers completely.
  • The initiative, supported by FreeBSD Foundation and the University of Cambridge, emphasizes security for Advanced RISC Machines (ARM), Million Instructions Per Second (MIPS), and Reduced Instruction Set Computer (RISC-V) Five architectures, which are common in edge devices.
  • CHERI’s evolution is marked by its origins in a research program initiated by the University of Cambridge and SRI International, with DARPA’s CRASH funding.
  • Link to Additional Information: https://arxiv.org/pdf/2309.11332

Google Introduces Project Naptime for AI-Powered Vulnerability Research

Article Link: https://thehackernews.com/2024/06/google-introduces-project-naptime-for.html

  • Project Naptime is Google’s new framework for AI-powered vulnerability research.
  • The framework leverages large language models (LLMs) for automated discovery and security analysis. Its toolset includes a Code Browser, Python tool, Debugger, and Reporter for comprehensive research.
  • The performance review showed that this framework achieved top scores in CYBERSECEVAL 2 benchmarks for identifying buffer overflow and memory corruption flaws.
  • This initiative represents a significant advancement in the use of AI to enhance cybersecurity efforts.
  • Link to the CYBERSECEVAL 2 White Paper: https://ai.meta.com/research/publications/cyberseceval-2-a-wide-ranging-cybersecurity-evaluation-suite-for-large-language-models/

Achieve Next-Level Security Awareness by Creating Secure Social Norms

Article Link: https://www.darkreading.com/cybersecurity-operations/achieve-next-level-security-awareness-by-creating-secure-social-norms

  • Security awareness importance can be emphasized by developing secure social habits to reduce the likelihood of security breaches.
  • Human behavior highlights how individual actions can influence the security behavior of others.
  • Those in the role of security professionals are encouraged to transform security awareness into social norms and actions.
  • A practical tip is to launch security awareness campaigns and use clear language to explain security concepts and proactive steps.


Reach out to our incident response team for help

More To Explore

Information Security News 9-30-2024

NIST Drops Password Complexity, Mandatory Reset Rules Article Link: https://www.darkreading.com/identity-access-management-security/nist-drops-password-complexity-mandatory-reset-rules Hacker Plants False Memories in ChatGPT to Steal User Data in Perpetuity Article Link: https://arstechnica.com/security/2024/09/false-memories-planted-in-chatgpt-give-hacker-persistent-exfiltration-channel/

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.