New Ivanti bugs joined the Known Exploited Vulnerabilities - September 2024 Cyber Risk Roundup
This is the monthly zero trust cybersecurity newsletter highlighting key news and actionable insights for enterprises looking to stop the next cyberattack by land, by sea, or in space. Our September Cyber Risk Roundup offers a quick peek at this month's big stories.
☁️🪲 Two new Ivanti vulnerabilities have joined the Known Exploited Vulnerabilities catalog, requiring federal agencies to apply a fix by October 10 and 15, respectively.
⛽🏭 Halliburton confirmed that data was stolen in the hack earlier this year, another incident amid escalating attacks on critical infrastructure.
💊 US healthcare orgs under attack by “Vanilla Tempest” ransomware group, leveraging the same ransomware strain seen in recent attacks on Michigan hospitals.
🛡️💰Craigslist founder Craig Newmark dedicates $1.2 million to mobilizing volunteer networks in his ongoing campaign to improve civil cyber defense.
✈️ After the attack on Seattle-Tacoma International Airport, the Port of Seattle refused to pay the $6 million ransom demanded of them.
🗓️ National Insider Threat Awareness Month brings focus to the rising tide of insider threats, especially in critical infrastructure.
Get the above stories and more in our September Cyber Risk Roundup. Keep scrolling for cyber guides, deep dives, and upcoming events.
Highlights
Transport for London (TfL) Cyberattack
The recent cyberattack on Transport for London (TfL) had wide-ranging digital impacts on the millions who use it, from data losses to online service disruptions, emphasizing the increasing importance of zero trust for critical infrastructure.
Just In Time Access and Session Termination - Demo
Just-in-time access is an important way to lock down privileged accounts so they can’t be abused by attackers. Learn key components of this control, from RBAC to managing ephemeral accounts.
Resource Roundup: Deep Dives on Privilege Escalation
Interested in privilege escalation and how to prevent it? We’ve collected intriguing analyses and in-depth longreads on the topic.
The Evolving Risks of Insider Threat
Get insights from experts on insider threats in this article for National Insider Threat Awareness Month.
Events
ManuSec 2024
Join us at ManuSec 2024 for our booth sponsorship and speaking session on Day 1, Track A at 2:10PM - "Charting a Secure Future for Autonomous Operations” - featuring our VP of Consulting and Services, Amit Pawar.
Webinar: Cyber Risk & The Board of Directors: CISO Topics & Strategies to Level Up Your “Board” Game
When cyberattacks and security incidents in the news start affecting stock prices, and new SEC rules mean executives can be held personally accountable for cybersecurity failures, the board is bound to come knocking on the CISO’s door.
Join a fireside chat with Victor Chang, a longtime CISO and advisor to many company boards, and Mathieu Gorge, Founder at Vigitrust and Author of The Cyber Elephant in the Boardroom. Victor and Mathieu will discuss how both sides of the table, from CISO to Board Chair, can ask the right questions and collaborate effectively to assure the security of their companies in a high stakes, increasingly complex situation.
AFCEA TechNet IndoPacific 2024
Xage Government will be sponsoring at the 2024 AFCEA IndoPacific show - you can find us at Booth #1512 where we will be sharing details about how we secure critical assets for secure mission operations and help solve problems for entities like the US Space Force & Air Force.
When: October 22-24
Xage Security In the News
Enterprise Security Tech, InformationWeek, and more
Xage got a lot of mentions and publications in the press this month. Visit our press page to check them out.