Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition analyses cyberattacks related to the Israel-Palestine conflict, global DNS probing by a Chinese threat actor, and a significant data leak involving the New York Times.

Based on news cycles within cybersecurity, it's easy to fall into the trap of thinking that threats only come from certain parts of the world or that they only target specific industries. However, the reality is that cyber attacks know no borders, and no organisation is immune. The recent report by Cisco Talos showcasing the discovery of a six-year campaign by Pakistani hackers targeting Indian government and defence organisations is a stark reminder of this fact.

Digital relationships with third-party vendors increase opportunities for growth, but they also increase opportunities for cyberattacks — a recent study found that 61% of U.S. companies said they have experienced a data breach caused by one of their vendors or third parties (up 12% since 2016). Implementing a vendor risk management strategy aligned with frameworks like the NIST security framework can help mitigate these risks.

Jump to Tutorial As of June 30, 2024, CentOS 7 will reach its end of life (EOL). That means it will no longer receive updates, bug fixes, critical security patches, or any new features. It is very important to migrate to a supported operating system to maintain the functionality and security of your systems. AlmaLinux is a reliable alternative to CentoOS. It’s a community-driven enterprise distribution that is binary compatible with Red Hat Enterprise Linux (RHEL).

In the world of security, there are many different frameworks that may be relevant or important to your plans. We’ve talked a lot about FedRAMP, the federal government’s security framework, but it’s only one of many options. Others, from HIPAA to FISMA to SOC2, can all have their role. One of the biggest and most direct equivalents to FedRAMP is ISO 27001. What is it, how does it compare to FedRAMP, and which one should you use? Let’s talk about it. Table of Contents 1.

This month we dive into CheckPoints CVE-2024-24919 to explain what this vulnerability does and why we have seen it being used in the wild already!

The FBI has made a significant breakthrough in the fight against LockBit ransomware by recovering over 7,000 decryption keys, which can now be used by victims to restore their encrypted data at no cost. FBI's Efforts Against LockBit Ransomware During the 2024 Boston Conference on Cyber Security, FBI Cyber Division Assistant Director Bryan Vorndran announced the recovery of these keys, emphasizing the agency's commitment to assisting past LockBit victims.

In the not-so-distant past, managing user identities and access controls was a relatively straightforward process. Organizations operated within the confines of their on-premises networks where users logged onto a single system to access the resources they needed. This well-defined perimeter enabled IT departments to maintain tight control over who accessed what and from where. However, the advent of cloud computing has disrupted this traditional paradigm.

While every business needs technology to grow and succeed, not all businesses have the skills and resources they need to protect their environments, their data and their customers from today’s security threats. Small businesses in particular are at risk as cybercriminals realize both the potential value of the data they have — and how vulnerable they can be to cyberattacks. According to the U.S.

SQL Agent proxies are a form of built-in service that allows the schedule and running of automated tasks within SQL Server. These tasks can perform various actions related to database management. The msdb database is a crucial system database in Microsoft SQL Server which primarily serves SQL server agents. These databases store information related to SQL Agent jobs, including their configuration, execution history, vital system tables and data.