Good morning, everyone!
Welcome to the CyberHub Podcast's final episode for the week, recorded on Thursday, January 16, 2024.
This episode dives into a packed agenda of emerging threats, governance dilemmas, and industry-wide cybersecurity developments.
Grab your coffee—or in host James Azar’s case, a Celsius Green Apple Cherry—and join us as we break down the week's most pressing cybersecurity stories.
Healthcare Breaches and the Growing Threat of Insurance Fraud
The U.S. healthcare industry experienced a staggering 180 million compromised records in 2023, according to an analysis of the HHS OCR database. These incidents, mostly attributed to criminal groups rather than nation-states, underscore the persistent vulnerabilities in healthcare systems. Key points include:
Affected Entities: 440 healthcare providers, 100 business associates, and 60 health plans were targeted.
Top States Hit: Texas led the list, followed by California, New York, and others.
Primary Threat: Healthcare insurance fraud is the primary monetization tactic, significantly inflating healthcare costs and disrupting patient care.
Belson Group's Brazen Debut: A New Threat Emerges
A new hacker collective, Belson Group, made its entrance by releasing data from 15,000 foreign devices, including sensitive credentials, configurations, and firewall rules. This comes alongside a recently exploited Fortinet zero-day vulnerability (CVE-2024-55591), active since November.
FTC Cracks Down on GoDaddy's Cybersecurity Failures
The FTC has issued penalties against GoDaddy for multiple breaches from 2019 to 2022, citing failure to:
Track software updates.
Assess cybersecurity incidents.
Protect customer data as advertised.
GoDaddy is now required to implement a comprehensive InfoSec program and undergo external audits every two years.
Critical Patching Updates: BeyondTrust and SAP Vulnerabilities
BeyondTrust (CVE-2024-12686): Used in the Silk Typhoon attack targeting the U.S. Treasury.
SAP NetWeaver (CVE-2025-00070 & 00066): Critical vulnerabilities allowing privilege escalation and information disclosure.
Malvertising Campaigns: Google Ads Impersonation
Threat actors are hijacking Google Ads accounts to distribute malware via malicious ads. The incidents emphasize the critical need to include advertising security in broader cybersecurity strategies.
Simplifying Incident Reporting: A Call to Action
As Jen Easterly concludes her term at CISA, ongoing confusion around overlapping reporting requirements (e.g., CIRCIA, SEC) remains a significant burden on private industries. The solution? A unified federal data breach notification law to streamline processes and reduce compliance costs.
The Basics Still Matter: DNS Misconfigurations Fuel Botnets
A newly discovered MicroTik botnet using misconfigured DNS records highlights the importance of basic cybersecurity hygiene. Businesses must prioritize:
Strong DNS and email security.
Proper firewall configurations.
Defense-in-depth strategies.
Cyber Incidents Top Allianz Risk Barometer
According to Allianz’s 2024 report, cybersecurity incidents remain the top business risk. Misinterpretations—such as conflating IT disruptions (e.g., CrowdStrike outages) with cybersecurity breaches—further highlight the need for clear communication between IT and business leaders.
Biden’s Cybersecurity Executive Orders
Outgoing President Biden signed new executive orders mandating minimum cybersecurity standards for government technology contractors. While these orders build on existing frameworks like CMMC, they signal a continued emphasis on public-private cybersecurity partnerships.
Action List for Practitioners
Healthcare Sector: Strengthen defenses against ransomware and healthcare insurance fraud.
Vulnerability Management: Patch critical flaws, including BeyondTrust and SAP NetWeaver vulnerabilities.
Incident Reporting: Advocate for streamlined federal notification laws.
Advertising Security: Incorporate ad account protections into overall cybersecurity strategies.
Cyber Hygiene: Double down on basic configurations like DNS security and firewall rules.
Don’t Miss Tomorrow’s Episode!
Catch James Azar’s interview with Andy Ellis, CSO Hall of Famer and YL Ventures partner, tomorrow at 11 a.m. EST.
✅ Story Links:
https://www.securityweek.com/data-from-15000-fortinet-firewalls-leaked-by-hackers/
https://therecord.media/ftc-godaddy-cyber-failings-fine
https://therecord.media/cyber-incident-reporting-sec-circia-cisa-easterly
https://www.cybersecuritydive.com/news/cyber-business-risk-us-globally/737447/
https://www.securityweek.com/biden-executive-order-aims-to-shore-up-us-cyber-defenses/
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
🚨 Important Links to Follow:
👉Website:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
🤝 For Business Inquiries: info@cyberhubpodcast.com
=============================
🚀 About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
Share this post