CISO Talk by James Azar
CyberHub Podcast
T-Mobile Shares Salt Typhoon Hack Details, Uganda Central Bank Hack, CrowdStrike Q3 Results
0:00
Current time: 0:00 / Total time: -18:00
-18:00

T-Mobile Shares Salt Typhoon Hack Details, Uganda Central Bank Hack, CrowdStrike Q3 Results

From Black Friday Threats to the Call for a U.S. Cyber Force: A Comprehensive Dive into the Latest Cybersecurity News with CISO James Azar as Russia begins to add pieces to negotiate with Trump

Good morning, Security Gang, and happy Monday! I hope everyone had a relaxing and secure Thanksgiving weekend. Remarkably, no major cybersecurity incidents were reported over the holiday, allowing many to enjoy the break. Reflecting on past years in banking, I recall Thanksgiving often being the calm before the storm as operations ramped up for Black Friday.

This year, however, I savored the holiday without such responsibilities. For those who were hard at work protecting systems, your efforts are greatly appreciated. Let’s dive into today’s cybersecurity stories!

T-Mobile & Salt Typhoon Cyber Attack

T-Mobile shared updates about a recent cyberattack attributed to the Chinese group Salt Typhoon. According to T-Mobile's CSO Jeff Simon, the attack was thwarted, and no sensitive customer data was compromised. However, T-Mobile’s history of five breaches in three years has heightened scrutiny. The attack reportedly originated from a wireline provider’s network, which was swiftly disconnected. While fingers point to Salt Typhoon, the scale and fallout of the attack remain unclear as investigations continue.

Bank of Uganda Cybersecurity Breach

Uganda’s central bank suffered a cyberattack, with reports suggesting Southeast Asian hackers may have stolen $17 million. While the government has confirmed the breach, details about the attackers and the extent of the theft remain scarce. This mirrors earlier attacks on central banks, such as North Korea’s $180 million heist from Bangladesh. These incidents highlight the vulnerability of financial institutions, particularly in nations under economic pressure.

International Game Technology Cyber Incident

UK-based gaming technology giant International Game Technology (IGT) disclosed a significant cyber incident, taking systems offline to mitigate disruption. IGT’s announcement follows increased attacks on gambling entities, where downtime equates to steep financial losses. With $587 million in quarterly revenue and operations in 100+ countries, the impact of this attack will be closely monitored.

Magento E-commerce Malware Targeting Payment Data

Cybercriminals targeted Magento-based e-commerce websites using sophisticated cart-skimming malware to steal payment information. Researchers identified two main methods: creating fake credit card forms and directly harvesting data from payment fields. This underscores the importance of using credit cards over debit cards and leveraging temporary online cards for safer transactions during the holiday season.

U.S. Cyber Force Proposal

A growing movement in Washington advocates for creating a dedicated Cyber Force within the military. Proponents argue that the fragmented approach across branches limits the effectiveness of Cyber Command. An independent cyber branch could attract top talent, unify missions, and bolster national defense against increasingly sophisticated threats, especially from adversaries like China, which significantly outnumber U.S. capabilities.

Snowflake Hack Linked to U.S. Army Soldier

Investigative journalist Brian Krebs reports that one suspect in the Snowflake hack might be a U.S. Army soldier stationed in Korea. Two others involved include a Canadian arrested for extradition and another individual in Turkish custody. The case highlights the complexity of cyber investigations and the global nature of cybercrime.

Leave a comment

CrowdStrike’s Resilience Post-Outage

Despite a summer outage affecting its Falcon platform, CrowdStrike retained a 97% customer retention rate in Q3. CEO George Kurtz attributed this to strong customer trust and the difficulty of transitioning away from MDR/XDR providers, demonstrating the resilience of their business model.

Microsoft Patches Vulnerabilities

Microsoft patched critical vulnerabilities affecting Azure, Co-Pilot, and its partner network. These issues, including privilege escalation and cross-site scripting flaws, underscore the ongoing challenges of securing cloud-based and AI-driven services.

Bulgarian Spy Ring Targeting NATO

Two Bulgarians pleaded guilty in the UK for spying on behalf of Russia, targeting NATO-aligned military bases and critics of Moscow. Using advanced tech like drones and jammers, the group conducted surveillance over three years, illustrating Russia’s persistent espionage efforts in Europe.

Russian Arrest of Ransomware Suspect

Russia arrested Mikhail Pavlov, a wanted ransomware operator, potentially positioning him as a bargaining chip in geopolitical negotiations. This tactic reflects Russia’s strategic use of cybercriminals in broader diplomatic games.

Action List

  1. E-Commerce Safety: Use credit cards or temporary online cards for transactions. Avoid debit cards during the holiday season.

  2. Monitor Central Bank Vulnerabilities: For financial professionals, evaluate security frameworks against nation-state actors targeting central institutions.

  3. Advocate for Cybersecurity Talent: Support initiatives to centralize and enhance military cybersecurity capabilities.

  4. Stay Informed: Follow developments in major breaches, such as T-Mobile and IGT, for lessons in incident response and threat detection.

  5. Engage in Public Cyber Discussions: Share insights on the necessity of a dedicated U.S. Cyber Force to address evolving threats.

Closing
Thank you for tuning in this morning. Stay cyber safe, stay vigilant, and connect with us on social media or subscribe to our podcast.

See you tomorrow at 9 AM Eastern for more cybersecurity updates!

Thanks for reading CISO Talk by James Azar! This post is public so feel free to share it.

Share

✅ Story Links:

https://www.securityweek.com/t-mobile-shares-more-information-on-china-linked-cyberattack/

https://krebsonsecurity.com/2024/11/hacker-in-snowflake-extortions-may-be-a-u-s-soldier/

https://therecord.media/uganda-cyberattack-central-bank

https://www.cybersecuritydive.com/news/international-game-technology-cyberattack/733899/

https://www.darkreading.com/application-security/sneaky-skimmer-malware-magento-sites-black-friday

https://www.wsj.com/tech/cybersecurity/creating-military-cyber-force-75844bf5?mod=cybersecurity_news_article_pos3

https://www.cybersecuritydive.com/news/crowdstrike-retains-customers/734203/

https://www.securityweek.com/microsoft-patches-exploited-vulnerability-in-partner-network-website/

https://therecord.media/bulgarians-plead-guilty-uk-spying-russia

https://www.securityweek.com/russian-hacker-with-10-million-bounty-on-his-head-reportedly-arrested/

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1

✅ Important Links to Follow:

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast

Stay Connected With Us.

👉Facebook: https://www.facebook.com/CyberHubpodcast/

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/

👉Twitter (X): https://twitter.com/cyberhubpodcast

👉Instagram: https://www.instagram.com/cyberhubpodcast

✅ For Business Inquiries: info@cyberhubpodcast.com

=============================

About The CyberHub Podcast.

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.