Brief

Brief #68: RansomHub Hits 210 Critical Targets, Chromium Zero-Day, YubiKey Flaw, AI-Generated Cloud Risks

RansomHub targets critical infrastructure, North Korean hackers exploit Chromium zero-day, YubiKey 5 vulnerability allows cloning, AI-generated cloud code poses security risks. CISOs face budget challenges.

9 min read
Mandos brief cybersecurity newsletter covering week 36 of 2024

Happy Sunday!

I hope this Brief finds you well and ready to tackle the week ahead.

In this week's edition, I am covering:


Your feedback shapes Mandos Brief and I'd love to hear your thoughts about the content I share.

Now, let's get started with this week's most relevant updates...


INDUSTRY NEWS

RansomHub Ransomware Targets 210 Victims Across Critical Infrastructure Sectors

North Korean Threat Actor Exploits Chromium Zero-Day Vulnerability

Cryptographic Flaw in YubiKey 5 Allows Cloning When Attackers Gain Physical Access

Researchers Discover Vulnerability in Airport Security System Allowing Unauthorized Cockpit Access

New Cicada3301 Ransomware Shares Similarities with BlackCat Operation

LEADERSHIP INSIGHTS

Proximity Resilience Graph Helps CISOs Communicate Cyber-Risk Effectively

Aligning Cybersecurity Strategies with Organizational Risk Tolerance

Security Budgets Plateau in 2024 Amid Economic Uncertainty

CAREER DEVELOPMENT

Burp Suite Penetration Testing Workflow Tutorials Released

Microsoft Sentinel Level 400 Training: Become a Sentinel Ninja

Soft Skills and Business Acumen Key to Higher Cybersecurity Salaries

AI & SECURITY

Anthropic Introduces Claude Enterprise with Expanded Context Window and GitHub Integration

AI in Healthcare Cybersecurity: Best Practices and Use Cases

AI-Generated Cloud Infrastructure Code Contains Serious Security Flaws

MARKET ANALYSIS

HackerOne Launches PartnerOne Channel Program to Expand Global Access to Human-Powered Cybersecurity Solutions

Hypernative Secures $16M to Enhance Web3 Security with AI

Absolute Software Acquires Syxsense to Enhance Endpoint Security and Management

TOOLS

PII Crawler

PII Crawler is a data scanning tool designed to identify and locate Personally Identifiable Information (PII) within various file types and databases.


Security Trails

SecurityTrails API offers robust APIs and data services for security teams, providing access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains


Acronis Cyber Protect

Acronis Cyber Protect is an integrated cybersecurity and data protection platform that provides zero-day malware and ransomware protection, backup, and forensic investigations for managed service providers, IT teams, and home users


Before you go

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity leadership insights and tips, follow me on LinkedInBlueSky and Mastodon.

Best, 
Nikoloz

Share This Post

Check out these related posts

Brief #72: NVIDIA flaw, 3.8 Tbps Cloudflare DDoS, AWS AI hijacking

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 9 min read

Brief #71: Storm-0501 Targets Hybrid Clouds, CUPS RCE Flaw, AI Security Challenges, Wiz's $20B Valuation

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 9 min read

Brief #70: China's 260K-Device Botnet Thwarted, SolarWinds RCE Flaw, macOS Zero-Click Exploit, AI in Compliance

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 10 min read