Friday Five: Data Security Challenges in 2024, Compliance Updates, & More
Contact Us | |
Free Demo | |
Chat | |
In 2024's first edition of our Friday Five series, learn about CMMC updates and other data security challenges to come, new malware, and a ransomware decryptor that can help victims.
PENTAGON ISSUES PROPOSED CMMC RULE BY EDWARD GRAHAM
The Department of Defense (DOD) is set to release draft updates to the Cybersecurity Maturity Model Certification (CMMC) program, aiming to enhance cybersecurity requirements for defense contractors handling sensitive military information. The proposed rule, officially published this past December 26, expands security measures for Federal Contract Information (FCI) and introduces new Controlled Unclassified Information (CUI) security requirements for specific priority programs. Compliance with CMMC involves adhering to the National Institute of Standards and Technology’s (NIST's) special publication 800-171. The public comment period for the proposed rule and associated guidance documents ends on February 26 of this year. Small contractors facing challenges in CMMC compliance are advised to align their security practices with government standards.
MALWARE ABUSES GOOGLE OAUTH ENDPOINT TO ‘REVIVE’ COOKIES, HIJACK ACCOUNTS BY BILL TOULAS
Information-stealing malware is exploiting an undocumented Google OAuth endpoint called "MultiLogin" to restore expired authentication cookies and gain unauthorized access to users' accounts, even after passwords have been reset. The exploit involves an API endpoint intended for synchronizing accounts across different Google services, and it allows threat actors to regenerate expired Google Service cookies, maintaining persistent access on compromised accounts. Several information-stealing malware families, including Lumma and Rhadamanthys, have adopted this exploit, and at least six info-stealers currently claim the ability to regenerate Google cookies using this API endpoint.
LOCALIZATION MANDATES, AI REGS TO POSE MAJOR DATA CHALLENGES IN 2024 BY ROBERT LEMOS
In 2024, data security faces increased challenges as governments globally implement data localization laws, with over three-quarters of countries adopting such measures. The rush to regulate data use for generative AI models, influenced by initiatives like the Biden administration's AI executive order and the EU's AI Act, is another significant trend. Additionally, strict enforcement of data protection regulations will impact a broader range of companies. This emphasizes the importance for businesses to track data movement in the cloud, navigate a complex regulatory landscape, and adapt to varied localization requirements globally. Managing these trends is crucial for maintaining data privacy, security, and compliance.
NEW BLACK BASTA DECRYPTOR EXPLOITS RANSOMWARE FLAW TO RECOVER FILES BY LAWRENCE ABRAMS
Researchers have developed a "Black Basta Buster" decryptor to exploit a flaw in Black Basta ransomware, allowing victims of the ransomware group -- dating back to November 2022 -- to potentially recover files for free. The decryptor utilizes a weakness in the encryption algorithm, revealing the ChaCha keystream used for XOR encryption. While the flaw has been fixed in recent attacks, victims within the specified timeframe may benefit from the tool. The ransomware gang, Black Basta, emerged in April 2022, engaging in double-extortion attacks and collaborating with the QBot malware operation. The decryptor aids in file recovery for affected victims.
FDA CYBERSECURITY AGREEMENT ON MEDICAL DEVICES NEEDS UPDATING, WATCHDOG FINDS BY NIHAL KRISHAN
A recent report from the Government Accountability Office (GAO) highlights cybersecurity vulnerabilities in medical devices like heart monitors. The report emphasizes that although such vulnerabilities are not frequently exploited, they pose risks to hospital networks and patients. The GAO recommends updating the Food and Drug Administration's (FDA) medical device cybersecurity formal agreement, which is five years old, with the assistance of the Cybersecurity and Infrastructure Security Agency (CISA) to enhance coordination and clarify responsibilities. The FDA's authority in medical device cybersecurity has grown due to recent legislation, mandating manufacturers to submit cybersecurity plans for new devices. Both the FDA and CISA agreed with the GAO's recommendations for updating the agreement.
Recommended Resources
All the essential information you need about DLP in one eBook.
Expert views on the challenges of today & tomorrow.
The details on our platform architecture, how it works, and your deployment options.
Don't Fall Behind
Get the latest security insights
delivered to your inbox each week.
Thank you for subscribing!