Adrian Johnson
TLDR:
- LockBit leak site back online, revealing lists of victims
- NIST updates its Cybersecurity Framework to help all organizations
Key elements of last week’s news include the return of the LockBit leak site, where victims of the ransomware-as-a-service operation are expected to be unveiled. NIST has also updated its Cybersecurity Framework to benefit all organizations, not just those in critical infrastructure. Other highlights include the White House urging the use of memory-safe programming languages, APT29 revamping techniques to breach cloud environments, and the release of Kali Linux 2024.1 with new tools and kernels. Additionally, there have been reports of scammers on Airbnb redirecting users to fake Tripadvisor sites to steal money, and the ALPHV/BlackCat ransomware group claiming responsibility for a cyberattack affecting pharmacy transactions in the US. Security operations are advised to ditch Excel for better risk management, and the report from Coalition indicates a 25% rise in CVE counts for 2024, reaching almost 35,000 vulnerabilities. These and more updates are covered in the week’s news.
