Forecast - Expect scattered scanning showers with a high chance of BGP route hijacks and a slight drizzle of MOVEit vulnerabilities.
This week, we start off with a follow-up from last week's episode, specifically the Columbus, Ohio, ransomware attack debacle. The city initially downplayed the breach, claiming no data was stolen, only to reveal that 3.1 terabytes of sensitive data had been leaked by the Rhysida ransomware group. The city's lack of transparency and inadequate security practices have been exposed, and we're discussing the security industry's "open letter" response, and the City Council's reactions now that they're back in session.
Next up, we chat about the TDECU MOVEit incident, where a third-party vendor used by TDECU to transfer data was compromised by a bad actor. The incident exposed the personal information of specific TDECU members, employees, and other individuals transacting with TDECU members, including full names, dates of birth, social security numbers, and more. We're discussing the unusually long time it took for disclosure (13 months!) and show how attackers keep looking for this tech.
In our Cyber Spotlight segment, we shine some light on the White House's new BGP roadmap, aimed at enhancing internet routing security. The roadmap addresses vulnerabilities in the Border Gateway Protocol (BGP), which is a foundational protocol that enables over 70,000 independent networks to operate as the internet. We discuss the key components of the roadmap, including the adoption of Resource Public Key Infrastructure (RPKI), the federal government's role in implementing RPKI, and the importance of public-private collaboration in securing BGP.
We also showcase VulnCheck's recent blog on initial access vulns.
And, of course, we also take a look at recent tags and discuss the latest updates from CISA's Known Exploited Vulnerabilities (KEV) catalog.
Can't Watch? Listen Here
.png)
