Cyber Cloud Africa

The July 18, 2024, Talos Threat Source newsletter covers recent cybersecurity events, including an analysis of the latest malware threats, notable vulnerabilities, and data breaches.
http://oal.lu/atF1H

It's best to just assume you’ve been involved in a data breach somehow Telecommunications provider AT&T disclosed earlier this month that adversaries stole a cache of data that contained the phone numbers and call records of “nearly all” of its customers.

Cisco Duo now supports OAuth 2.0 Client Credentials, allowing secure service-to-service API interactions without user involvement. The implementation simplifies authentication processes, offering robust security measures for enterprise environments.
http://cs.co/9004iAzqy

ThousandEyes examines the impact of internet outages on the financial services sector. Get insights into common causes of outages and learn the importance of robust monitoring and mitigation strategies to ensure continuous operation and protect customer trust.
http://cs.co/9009iAG5t

ThousandEyes' report analyzes the performance and outages of Twitter following its rebranding to X. Get insights into these issues and a comprehensive overview of the platform's stability during the transition.
http://cs.co/9002iAEPm

Cisco helps financial institutions maintain digital compliance with PCI DSS 4.0 by offering comprehensive solutions like network security controls, secure configurations, and strong cryptography.
http://cs.co/9004iABYo

Cisco Secure Workload offers advanced tools to protect against vulnerabilities. By providing visibility into traffic flows and package versions, it helps identify/mitigate risks through microsegmentation, auto-quarantine, and virtual patching.
http://cs.co/9002if7Mq

Cisco launches the Coalition for Secure AI (CoSAI), uniting industry leaders to enhance AI security. This initiative aims to integrate robust AI controls, share best practices, and build open-source solutions to address AI-specific security challenges.
http://oal.lu/1ggEX

Introducing the Coalition for Secure AI (CoSAI) Announcing the launch of the Coalition for Secure AI (CoSAI) to help securely build, deploy, and operate AI systems to mitigate AI-specific security risks.

In financial services, communications compliance is crucial due to significant fines for unmonitored communications. Cisco's partnership with Theta Lake enhances security and compliance in Webex, aiding firms to manage risks and ensure regulatory adherence.

Communications Compliance is Taking Center Stage in the Boardroom Cisco Webex in collaboration with a partner provides a compliance and security solution tailored for digital communications within the Webex Suite, serving major organizations like top North American banks.

Africa is undergoing rapid digital transformation, but cybersecurity remains a significant challenge. With increased internet usage, mobile banking, and AI-driven innovation, there's a growing need for robust cybersecurity measures.
http://oal.lu/tdYgs

Our Shared Responsibility: Africa's Cybersecurity Imperative We have a shared responsibility to embed cybersecurity at the core of our digital strategies, and we look forward to the opportunity to enhance cyber resilience in Africa—a continent on the brink of a remarkable digital transformation.

Cisco Talos discovered 15 vulnerabilities in Realtek rtl819x Jungle SDK, impacting small/home office wireless routers. Realtek patched these issues, but LevelOne has not. For more details and protection, check out the full report and Snort coverage updates.

15 vulnerabilities discovered in software development kit for wireless routers Talos researchers discovered these vulnerabilities in the Jungle SDK while researching other vulnerabilities in the LevelOne WBR-6013 wireless router.

Get valuable insights in to how cryptocurrency drainer phishing scams work. Scammers use social engineering and deceptive URLs to steal private keys and credentials, draining victims' wallets.
http://oal.lu/YR0LF

How do cryptocurrency drainer phishing scams work? In recent months, a surge in cryptodrainer phishing attacks has been observed, targeting cryptocurrency holders with sophisticated schemes aimed at tricking them into divulging their valuable credentials.

Learn how HTML smuggling techniques are used in email attacks, embedding JavaScript in HTML attachments to bypass security filters. Attackers use encoding and obfuscation to evade detection.
http://oal.lu/hV2Nx

Hidden between the tags: Insights into spammers’ evasion techniques in HTML Smuggling Talos is releasing a new list of CyberChef recipes that enable faster and easier reversal of encoded JavaScript code contained in the observed HTML attachments.

Data breaches are fueling scam campaigns. Criminals use stolen data to execute sophisticated attacks, including phishing and vishing, to steal sensitive information. Find out our key recommendations to boost your defenses.
http://oal.lu/Sew0U

Impact of data breaches is fueling scam campaigns Data breaches have become one of the most crucial threats to organizations across the globe, and they’ve only become more prevalent and serious over time.

Cisco Talos dives into ransomware attack chains, highlighting common tactics like phishing and exploiting vulnerabilities for initial access. Key defenses include patch management, strong passwords, and multi-factor authentication.
http://oal.lu/Y8xf1

Inside the ransomware playbook: Analyzing attack chains and mapping common TTPs Based on a comprehensive review of more than a dozen prominent ransomware groups, we identified several commonalities in TTPs, along with several notable differences and outliers.

Is your current security setup putting your business at risk? Streamline your security operations and providie comprehensive protection and peace of mind for your business with Cisco Secure Networking.
Learn more here: http://oal.lu/SQJPd

Cisco Small and Medium Business Technology Solutions Get secure, affordable, cloud-managed IT solutions for any size organization. Shop security, networking, and collaboration products for your business.

Boost your cybersecurity with the trifecta of XDR, SIEM, and SOAR. Integrating these technologies provides advanced threat detection, centralized event analysis, and automated response, enhancing your organization's security posture.
http://oal.lu/SriCu

The Trifecta Effect of Integrating XDR, SIEM, and SOAR Stay ahead of sophisticated cybersecurity threats with the trifecta effect of integrating XDR, SIEM, and SOAR. Learn how integrating these technologies can enhance your organization's security.

Cisco Talos' latest newsletter addresses the cybersecurity threats surrounding the 2024 Olympics, highlighting the risks from increased digital infrastructure and connected devices.
http://oal.lu/ltYKF

Checking in on the state of cybersecurity and the Olympics Even if a threat actor isn’t successful in some widespread breach that makes international headlines, even smaller-scale threats and actors are just hoping to cause chaos.

Cisco Duo's integration with Badge offers a hardware-less multi-factor authentication (MFA) solution. This setup enhances security and user experience by eliminating physical devices and reducing phishing risks.
http://oal.lu/X6LgC

Badge Integration With Cisco Duo Delivers Hardware-less MFA Next-gen MFA integrates physical and cybersecurity. Badge and Cisco Duo together provide passwordless, hardware-free, phishing-resistant authentication.

Optimize your with these key tips: maintain consistent security practices, simplify protocols, ensure network visibility, foster team collaboration, and choose scalable solutions. Stay productive and secure!
http://oal.lu/rwaSc

How to Optimize Remote Work Choosing the right remote work systems for your SMB is easy. We have a large list of customizable solutions that can keep your teams connected and secure. Best practices for working from home and remotely. Learn how to protect your employees, your clients and yourself when working from home.

Enhance network security with Cisco's insights. Monitor DNS traffic to identify and block threats early. Implement robust DNS security, protect endpoints, and follow strategies from Cisco's Cyber Threat Trends Report for effective threat mitigation.
http://oal.lu/geHeG

How to Monitor Network Traffic: Findings from the Cisco Cyber Threat Trends Report The Cisco Cyber Threat Trends report examines malicious domains for trends and patterns. See what the data tells us about the threat landscape.

Boost cloud security with Cisco's insights on DevSecOps. Embrace multicloud environments, reduce misconfigurations, and integrate security into your development lifecycle for better protection and faster remediation.
http://oal.lu/KrVrm

The State of Cloud Security Platforms and DevSecOps A new survey by Cisco and Enterprise Strategy Group reveals the true contours of cloud native application development and security

Strengthen Europe's cybersecurity with proactive policies! Learn from international best practices to fortify digital defenses and enhance resilience.
http://oal.lu/V7WKI

European Cyber Resilience: How the EU Can Patch the Weak Spots in its Collective Armour This blog delves into two crucial issues for EU policymakers to enhance Europe's cyber resilience: unsupported connected devices within critical infrastructure networks and the handling of discovered vulnerabilities by government agencies. This blog delves into two crucial issues for EU policymakers...

Track fast-moving clouds with ThousandEyes to understand the performance and data flow impacts of public cloud services. The Cloud Performance Report reveals how different providers handle traffic, aiding in better infrastructure decisions.
http://oal.lu/9T7UJ

Why It’s Vital To Track Fast-moving Clouds Public cloud services are complex and dynamic. The ThousandEyes Cloud Performance Report helps customers choose the right service for their needs.

Boost your AI security incident response with insights from Cisco's participation in a CISA-led exercise. Learn about the upcoming AI Security Incident Collaboration Playbook, emphasizing collaboration, information sharing, and proactive cybersecurity strategies.

Enhancing AI Security Incident Response Through Collaborative Exercises Take-aways from a tabletop exercise led by CISA's Joint Cyber Defense Collaborative (JCDC), which brought together government and industry leaders to enhance our collective ability to respond to AI-related security incidents.

Microsoft's latest Patch Tuesday update disclosed 49 vulnerabilities, with only one critical issue: CVE-2024-30080, a remote code ex*****on vulnerability in Microsoft Message Queuing (MSMQ).
Learn more:

Only one critical issue disclosed as part of Microsoft Patch Tuesday The lone critical security issue is a remote code ex*****on vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.

Cisco Talos has identified a new campaign by the Transparent Tribe APT group, also known as Mythic Leopard, targeting Indian government and defense entities. This campaign uses spearphishing emails with malicious attachments to distribute malware.
Learn more:

Operation Celestial Force employs mobile and desktop malware to target Indian entities Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track as “HeavyLift.”

Cisco is proud to be part of the race in partnership with Politecnico di Milano. A Maserati GranCabrio Folgore will travel 1000 km in autonomous driving mode supported by Cisco connectivity and safety technologies!
Learn more: http://oal.lu/Y0VCq

1000 Miglia: Cisco e Politecnico di Milano in gara con una Maserati a guida autonoma Una Maserati GranCabrio Folgore con alimentazione full electric sarà protagonista del progetto “1000 Miglia Autonomous Drive” del Politecnico di Milano: percorrerà 1000 km su strada in modalità di guida autonoma supportata dalle tecnologie di connettività e sicurezza di Cisco

In a new video, Tech YouTuber David Bombal sits down with Joe Vaccaro, VP and General Manager of ThousandEyes, to unpack the recent announcements revealed at Cisco Live US.

Shifting IT Operations From Monitoring to Automation In a new video, Tech YouTuber David Bombal sits down with Joe Vaccaro, VP and General Manager of ThousandEyes, to unpack the recent announcements revealed at Cisco Live US. They discuss combining unmatched telemetry data and AI-driven capabilities to transform Digital Experience Assurance.