CyberTalk: The Security Update
Welcome to a video series intended to raise awareness of cybersecurity issues beyond what is simply in the latest newsfeed.
In this series, Robin Johns and Bill Carter discuss the top Security items that every cyber team needs to know to help keep them aware of what is happening in the broader security space, and more importantly, how Cato helps keep you protected.
This week we discuss the following topics:
- Envoy: Is Three A Crowd?
- Employee data and company info has been stolen from Atlassian allegedly via Envoy, a third-party app, and the data was posted on the chat app Telegram. Threat actor SiegedSec claimed responsibility and Atlassian’s response seemed to indicate physical access concerns. The Attack vector is still being investigated by the third party, but it has been stated that it was not a result of a direct Atlassian breach. Published data included Office floor plans and 14,000 records of PII. What could they have done to prevent this?
- There's a FatalRAT among us
- Individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote access trojans such as FatalRAT to compromised machines. The attacks involve purchasing ad slots to appear in Google search results and direct users looking for popular applications to rogue websites hosting trojanized installers, this was shown to be achieved by using typosquatting domains. How can you ensure your users are clicking legitimate links?
Watch the latest episode here: