On June 19, 2024, CDK Global notified customers that a cyber incident had led to a shutdown of its systems, significantly impacting car dealerships across the United States. CDK Global serves nearly 15,000 dealership locations, and the incident caused substantial disruption, forcing car dealerships to halt operations and revert to manual processes. Dealerships were initially notified about the incident around 2AM Eastern time on June 19, 2024, with an update at 8AM confirming the incident.

The create symbolic links user right determines the users ability to create a symbolic link within Windows from the device they’re logged on to. These links point to other files or folders, just like regular shortcuts, but works in a more advanced way. Symbolic links help maintain organization and flexibility while minimizing potential security risks by giving the ability to create a link in one folder that points to a file in a different folder, making it seem like the file exists in both places.

A new Rust-based information-stealing malware named Fickle Stealer has been identified, using multiple attack vectors to compromise systems and extract sensitive information. According to Fortinet FortiGuard Labs, Fickle Stealer is being distributed through four different methods: VBA dropper, VBA downloader, link downloader, and executable downloader. Some of these methods employ a PowerShell script to bypass User Account Control (UAC) and execute the malware.

A new report from Barracuda has found that email conversation hijacking attacks have risen by 70% since 2022. Additionally, business email compromise (BEC) attacks accounted for 10.6% of social engineering attacks in 2023, compared to 8% in 2022 and 9% in 2021. These attacks require more effort on the part of attackers, but they typically have a much higher payout than other forms of social engineering.

Phishing is the weapon of choice for many adversaries. And it’s easy to understand why: Users fall victim to attacks in under 60 seconds on average, novice cybercriminals can launch effective phishing campaigns thanks to off-the-shelf phishing kits and generative AI, and above all, it works — 71% of organizations reported at least one successful attack in 2023.

On June 17, 2024, VMware disclosed two critical vulnerabilities (CVE-2024-37079 & CVE-2024-37080) affecting vCenter Server and Cloud Foundation. These vulnerabilities stem from a heap-overflow issue in the implementation of the DCERPC protocol which can be exploited by remote threat actors. By sending specially crafted network packets, threat actors could exploit CVE-2024-37079 and CVE-2024-37080 to achieve Remote Code Execution (RCE) on both vCenter Server and Cloud Foundation systems.

Could your employees be unintentionally putting your business at risk? While companies prioritize protection against external cyber threats, the often-overlooked unintentional insider threats can lead to significant financial and reputational risks for your business. These threats can come from simple human errors, such as accidental data sharing, misconfigurations, or falling victim to phishing attacks.

Communication across business units, technology layers, and systems is a massive challenge when it comes to streamlining any process, especially vulnerability remediation. Seemplicity’s new Microsoft Teams integration elevates cross team collaboration by facilitating the distribution of information, remediation requests, and more. These capabilities enable users to share findings with varying levels of context, depending on the recipients’ requirements. .

My hacker story does not paint me in the best light, and it is not intended to. I am a firm believer in sharing one's mistakes and being open to learning from them. My incident taught me so much, and many years later, I am still benefiting from the learning opportunities. As the wise quote goes, "We have met the enemy, and they are us" — a sentiment that perfectly sums up my experience.