Storm⚡️Watch by GreyNoise Intelligence
Forecast = Advanced Persistent Thunderstorms
In this episode of Storm⚡️Watch, we dive deep into the evolving landscape of cybersecurity in 2024. The episode kicks off with a thought-provoking roundtable discussion, pondering the potential theme song of 2024, setting the tone for a year that's already shaping up to be full of significant cybersecurity developments. We then transition into a comprehensive analysis of recent cybersecurity events and trends that are shaping the digital world.
First on the agenda is the international police operation that successfully disrupted the notorious Lockbit cybercrime gang, a significant victory in the ongoing battle against cybercrime. This is followed by an exploration of the Justice Department's court-authorized disruption of a botnet controlled by the Russian GRU, highlighting the global efforts to combat state-sponsored cyberthreats. The episode also delves into the discovery of new vulnerabilities within SolarWinds' software, some of which are unauthorized, underscoring the persistent challenges in securing widely used software platforms.
The discussion then shifts to a series of high-profile hacks and leaks, including the Shanghai Anxun/I-SOON hack/leak and a significant state government leak and hack, illustrating the diverse nature of cyber threats facing organizations today. The episode emphasizes the critical need for security vendors to adopt Software Bill of Materials (SBOMs) and a resilient Software Development Life Cycle (SDLC), through the lens of Eclypsium's teardown of Ivanti.
Additionally, the episode features Rezonate's guide to hardening Okta's security posture, offering practical advice for enhancing cybersecurity defenses. In company news, GreyNoise celebrates the appointment of a new CEO and shares insights from the Grimoire blog on CVE-2021-44529, further demonstrating the company's commitment to advancing cybersecurity knowledge.
The episode concludes with a roundup of recent tags, active campaigns, and a discussion on the Known Exploited Vulnerabilities (KEV) catalog from CISA, providing listeners with a comprehensive overview of the current cybersecurity landscape and actionable insights for enhancing their security posture.