This week, we're joined by John Masserini, a 30-year veteran CISO who has worked for major, multinational companies, including Dow Jones, Millicom, and MIAX.
As a Senior Security Analyst at TAG Cyber, John spends his days assisting enterprise clients on how to mature and enhance their security programs while also meeting with new security technology vendors and digging into how their solutions would benefit enterprise security programs.
We discuss how many organizations underfund their security teams, increased regulations changing how CISOs think, the eight tribes of CISO, six trending threats, and more.
Threat Landscape (02:18)
Darien, Chris and John break down this week’s Threat Landscape, broadly examining the threats that emerged, started to trend, and became mainstream, as well as the threats that haven’t seen any activity in the past month.
330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw (04:46)
Researchers discovered over 330,000 Fortinet firewalls exposed to a critical remote code execution vulnerability, despite patches released last month. The flaw allows attackers to execute arbitrary code via crafted requests and primarily targets Fortinet’s SSL VPN. A report found 69% of 490,000 SSL VPN interfaces on the internet remain unpatched, with many running outdated firmware.
MOVEit attack on Aon exposed data of the staff at the Dublin Airport (07:26)
MOVEit Transfer, a system used to manage an organization’s file transfer operations, has a critical SQL injection vulnerability. If exploited, it could enable unauthenticated attackers to access and manipulate a business’s database, potentially leading to data breaches, loss of sensitive information, and disruption of services.
High-Severity Flaws Fixed in Firefox 115 Update (09:26)
Firefox’s latest monthly update, version 115, will be the last version to support Windows 7, Windows 8, and macOS 10.12, 10.13, and 10.14. Users on these operating systems will automatically be switched to the Firefox Extended Support Release (ESR) version, which receives security updates but not feature updates. However, by September 2024, even the ESR version will no longer support these platforms. The update includes four high-rated CVE-numbered bug fixes and several moderate and low severity bug fixes.
CISA warns Samsung handset bugs and D-Link router flaws are being exploited in wild (12:20)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added six vulnerabilities affecting Samsung smartphones and two vulnerabilities impacting D-Link devices to its Known Exploited Vulnerabilities Catalog. Although patches for all eight CVEs were released in 2021, researchers have recently found evidence of active exploitation.
New Ransomware Actor 8Base Rivals LockBit in Extortion (13:27)
The 8Base ransomware has been active since at least March 2022 and has recently escalated its operations during May and June. Research by Malwarebytes and NCC Group has linked 8Base to 67 attacks, primarily targeting business services, manufacturing, and construction sectors in the U.S. and Brazil.
Free Akira ransomware decryptor helps recover your files (15:54)
A free decryption tool for Akira ransomware has been developed by security researchers at Avast. The ransomware, which first emerged in March 2023, has been responsible for high-profile attacks on universities, financial institutions, and even a daycare center. The decryption tool requires a sample Akira-encrypted file and a copy of the data file before it was hit by the ransomware attack.
