Cyber Stories Newsletter: Stay Informed on the Latest Cybersecurity News
Welcome to our weekly cyber newsletter!
Here, we keep you up-to-date with the latest happenings in the cyber world, providing insights into fascinating stories that have been making headlines. It's crucial to stay informed about cybersecurity threats and emerging trends, especially in today's ever-evolving digital landscape. In this edition, we bring you some compelling stories from the past week:
CVSS 4.0: Next Generation Vulnerability Severity Rating Standard Released
The Forum of Incident Response and Security Teams (FIRST) has introduced CVSS 4.0, the latest version of the Common Vulnerability Scoring System standard. This framework assigns numerical scores or qualitative representations to assess software security vulnerabilities' severity. With enhanced base metrics, new nomenclature, and applicability to OT/ICS/IoT, CVSS 4.0 provides a more detailed evaluation of vulnerabilities. It aids in prioritizing responses to security threats and comparing risks across different systems and software. The release of CVSS 4.0 marks a significant milestone after eight years since the previous major version.
Boeing Confirms Cyberattack and System Compromise
In a recent development, aerospace giant Boeing has confirmed that it has fallen victim to a cyberattack, resulting in the compromise of its parts and distribution systems. The company is taking immediate action to address the incident and is notifying affected customers. This breach highlights the ongoing threats faced by critical industries and emphasizes the need for robust cybersecurity measures to protect against cybercriminal activities.
Russian Hackers Breached Pentagon and DOJ Emails
In a major cyberattack earlier this year, Russian hackers breached approximately 632,000 email addresses belonging to employees of the Department of Justice (DOJ) and the Pentagon, according to a recent report. The data breach, attributed to a Russian-speaking criminal group, affected various organizations in addition to the DOJ and Pentagon. The compromised data, while considered to be of low sensitivity, includes email addresses, links to government employee surveys, and internal tracking codes. The hackers gained access through a file transfer program known as MOVEit, which was used by the data firm Westat, an agency employed by the Office of Personnel Management to conduct surveys. The hack was deemed a "major incident" by the OPM, although the compromised data was not classified.
US Leads Global Alliance to Curb Ransomware Payments.
The United States is spearheading a 40-country alliance known as the International Counter Ransomware Initiative to combat the growing threat of ransomware attacks. The alliance aims to disrupt the financial resources of ransomware threat actors by leveraging information-sharing tools and artificial intelligence (AI). This collaborative effort seeks to reduce the profitability and impact of ransomware attacks worldwide, highlighting the importance of international cooperation in cybersecurity.
As always, if you have any questions or concerns regarding these stories or any recent threats, feel free to reach out. Stay safe and secure online! 🔒💪
.svg)