In this month’s briefing we explore:
Cybersecurity
- IDAM platform OneLogin security breach: The Identity and Access Management (IDAM) platform was breached in May 2017 and affected all companies using OneLogin’s US data center. Know how to respond if you’re using OneLogin. (2:49)
- Russian CrashOverride/Industroyer malware disrupts power grids: The attack happened last December, and affected one-fifth of Ukraine’s capital. The threat group has been identified. Understand how to mitigate these types of broad-scale attacks. (6:16)
Threat Actor Campaigns
- China-based threat actor APT3 links to Chinese Ministry of State Security: Know how to respond to nation-state attackers. (13:03)
Regulatory, Legal, and Compliance
- Bell Canada data breach: Bell suffered an attack in May that compromised 1.9M active email addresses and 1,700 customer names and phone numbers. Know the people, process, and technology tactics to put in place to mitigate these breaches. (17:30)
Exploitation and Tactics
- Vault 7 Update: 12 updates have been released around Wikileaks Vault 7. Find out what these updates mean to your overall situational awareness of critical vulnerabilities. (20:42)
- Major RCE “Wormable” identified in SAMBA 3.5: In 2010, SAMBA v3.5 was released, and now a critical vulnerability has been identified. If you are using an older or unsupported version of SAMBA, tune in to figure out what to do next. (25:50)
If you have a question or would like to receive these monthly briefings via email, submit a request here.