Monthly Security Bulletin – August

Learn more about the latest Cybersecurity news in the August edition of our monthly Security bulletin, prepared by our Senior Security Analysts.

August hot topics:

• A team of security researchers found that several modern Honda car models have a vulnerable rolling code mechanism that allows unlocking the cars or even starting the engine remotely.
• Microsoft researchers have uncovered a massive phishing campaign that can steal credentials even if a user has multi-factor authentication (MFA) enabled and has so far attempted to compromise more than 10,000 organizations.
• A threat actor is infecting industrial control systems (ICS) to create a botnet through password “cracking” software for programmable logic controllers (PLCs).
• Researchers at Authomize have discovered four “high impact” security risks in the identity and access management (IAM) platform Okta, according to a Tuesday report.
• A North Korean-backed threat group tracked as Kimsuky is using a malicious browser extension to steal emails from Google Chrome or Microsoft Edge users reading their webmail.

The modern cybersecurity threat landscape is constantly evolving. New vulnerabilities and zero-day attacks are discovered every day, while the old vulnerabilities still exist. Mitigating modern cyber threats require solutions for continuous monitoring, correlation, and behavior analysis that are expensive and require a significant amount of time to be implemented. Moreover, many organizations struggle to hire and retain the expensive security experts needed to operate those solutions and provide value by defending the organizations. The ASOC (Advanced Security Operations Center) by Telelink Business Services allows organizations to get visibility, control, and recommendations on improving their cybersecurity posture for a fixed and predictable monthly fee.