CyberTalk: The Security Update

Welcome to a video series intended to raise awareness of cybersecurity issues beyond what is simply in the latest newsfeed.

In this series, Robin Johns and Bill Carter discuss the top Security items that every cyber team needs to know to help keep them aware of what is happening in the broader security space, and more importantly, how Cato helps keep you protected.

This week we discuss the following topics:

1. XMRig – APPetite for Crypto
   
   • XMRig, a legitimate program for cryptocurrency mining, is being added to systems via illegally downloaded applications as a trojan payload. Victims are observed to be downloading the modified application from The Pirate Bay, with a focus on Final Cut Pro. This comparison has revealed this is the third generation of the campaign, which uses evasion techniques to hide the presence of XMRig. MAC OS Ventura does stop modified Final Cut Pro, but XMRig still installs. How can you ensure that your end-users aren't sailing the digital high seas of piracy?
2. Food for Thought - Holding Dole to Ransom
   
   • Dole plc, headquartered in Dublin, Ireland, is one of the world’s largest producers of fruits and vegetables, with third-quarter income in 2022 reported at $2.3 billion. They recently became victim to a ransomware attack that halted their production plants in North America, which is believed to have come as part of CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution. How could this have been avoided?

Watch the latest episode here: