📰 Chemical Facilities Warned of possible data theft in CISA Breach | Tuesday Times | June 25, 2024

Joses Member Posts: 51 admin
edited June 25 in General Community

What is Tuesday Times?

Tuesday Times is a weekly Tuesday series where we highlight a handful of recent cybersecurity-related news stories. We'll provide brief summaries of these news stories and link the articles directly, should you want to read more!

Feel free to comment on any of the articles highlighted, or share your own in the comments below!

Chemical Facilities Warned of possible data theft in CISA Breach | Tuesday Times | June 25, 2024

Chemical facilities warned of possible data theft in CISA CSAT breach

  • In an ironic twist of fate, this week's data breach story comes from none other than the Cybersecurity and Infrastructure Security Agency (CISA). Earlier this week, CISA posted a notification that confirmed that one of their tools was "the target of a cybersecurity intrusion by a malicious actor from January 23-26, 2024."
  • The Chemical Security Assessment Tool (CSAT) was breached via a vulnerability linked to CISA's Ivanti device. This tool is used as a way to classify facilities that have chemicals as "high-risk" by a series of surveys, assessments, and reports that contain sensitive information about the facilities.
  • While CISA claims that it "found no evidence of credentials being stolen," they are still encouraging their CSAT users to change their passwords for their CSAT account and any account that used the same password. So, if you've created an account linked to CISA or CSAT in the past, I'd suggest changing your password ASAP to reduce the likelihood of becoming a future cybersecurity victim.

Microsoft faces heavy fines after EU investigation into unfair Teams bundles

  • Microsoft can't seem to catch a break this month, as it is now being investigated by the European Union (EU) for allegedly "breaching antitrust regulation by bundling Teams with its Office 365 and Microsoft 365 subscriptions."
  • The EU claims that by bundling in Teams with its already dominant software packages of Windows and Office suite, it is essentially "restricting competition" and leaving no room for other "remote communication and collaboration tools."
  • If Microsoft is found guilty it would face fines of "up to 10% of its worldwide annual turnover." So this begs the question, do you use both Teams and Office 365 at your company?

Understanding APIs and how attackers abuse them to steal data

  • As application programming interfaces (APIs) continue to grow in usage, it is important to understand how they can be exploited by cyber threat actors and what steps companies can take to protect against these potential exploits.
  • As CSO Online brilliantly states, APIs "can be exploited to expose sensitive data (e.g., customer lists, personally identifiable information (PII) and credit card details) while enabling application-to-application communication." From phishing attacks to mass searching repositories, cyber threat actors will go to great lengths to find API keys and secrets to gain access to sensitive company information.
  • Proper asset management is necessary to avoid API exploitation, and this can be done via a secure custom inventory or centralized secret management software. Rate throttling is another important security measure that allows companies to limit the number of requests that can be made by a single client.