ESI Convergent

💡New blog! Five Can't-Miss Sessions on #ArtificialIntelligence and #DigitalTransformation at #ISCEast 2024! ✨As part of the jam-packed SIA Education at ISC East conference, you’ll discover expert insights on how to leverage #AI in complex data analysis, AI and the future of #corporatesecurity and more. In this blog, get a sneak peek of five top sessions from speakers Pierre Bourgeix of ESI Convergent, Mike Fein of Google, Rachelle Loyear of Allied Universal and Benjamin Rowe of Arcules. 🔗Check it out at the link in the comments! #securityindustry ISC Security Events

Geutebrück USA adds Pierre Bourgeix to its advisory board "Bourgeix is particularly impressed by Geutebrück's ability to deliver video management solutions that are not only extraordinarily powerful and analytically driven, but also remarkably intuitive and user-friendly. He believes this combination of sophistication and accessibility is essential for empowering security professionals to tackle their unique challenges with confidence and efficiency." https://lnkd.in/ezyz-Bsp #videomanagementsolutions #securityprofessionals Geutebruck USA Security Systems News Pierre Bourgeix J. Terry Ottinger

CISA: Hackers target industrial systems using “unsophisticated methods” Nation state syndicates are actively attacking OT infrastructure within various industries to cause maximum disruption to municipal systems. "CISA warned today of threat actors trying to breach critical infrastructure networks by targeting Internet-exposed industrial devices using "unsophisticated" methods like brute force attacks and default credentials. According to the cybersecurity agency, these ongoing attacks targeting critical infrastructure OT and ICS devices are also impacting water and wastewater systems. OT devices integrate hardware and software and help monitor and control physical processes in manufacturing, critical infrastructure, and other industries. In water treatment plants, for instance, they regulate water treatment processes, distribution, and pressure, ensuring a continuous and safe water supply." IAPSC - International Association of Professional Security Consultants Security Industry Association (SIA) https://lnkd.in/gjrVpQTf

FERC proposes enhanced cybersecurity standards to protect US bulk power systems from malicious threats The utility and energy sector as a whole has been at the eye of the storm regarding cyber attacks. From OT (operational technology) to OT/ IT infrastructure the United States is fighting a multi pronged attack from nation states to its syndicate proxy. FERC is bringing awareness to this issue but we as an industry must invest in its cyber and IT infrastructure to ensure we protect our way of life. "The U.S. Federal Energy Regulatory Commission (FERC) has proposed to require new or modified critical infrastructure protection (CIP) standards to address the growing risks posed by malicious actors seeking to compromise the reliable operation of the bulk-power system. The Commission also proposed to approve a CIP reliability standard that requires internal network security monitoring inside an entity’s electronic security perimeter. The proposal would direct the North American Electric Reliability Corporation (NERC) to require entities to identify their current supply chain risks to their grid-related cybersecurity systems at specified intervals; assess and take steps to validate the accuracy of the information received from vendors during the procurement process; and document, track and respond to these risks to their systems. NERC would submit responsive new or revised standards within 12 months of the effective date of a final rule. Additionally, the Commission also would direct NERC to extend the applicability of the supply chain standards to include a category of products known as protected cyber assets, or ‘PCAs.’ The Commission also proposed to approve a CIP reliability standard that requires internal network security monitoring inside an entity’s electronic security perimeter, which NERC had submitted to comply with FERC Order No. 887. That rule, approved in January 2023, directed NERC to develop CIP reliability standards requiring internal network security monitoring to provide greater defense-in-depth for entities’ CIP-networked environments." IAPSC - International Association of Professional Security Consultants Security Industry Association (SIA) Carey Boethel Steven Sinclair Jim Southern, CSPM, PSP Darin Dillon James Whitley https://lnkd.in/e7PbCiw8

Alert! SambaSpy Attacking Windows Users With Weaponized PDF Files Highly effective and potentially dangerous attack is on going. Please forward to network administrators. This attack has started in Europe however will be reaching the United States if it hasn't already done so. The article gives specific details on the attack and it's very sophisticated deployment. This is one for all to take notice. "Threat actors often make use of weaponized PDF files as they enable them to deliver malware and execute attacks through phishing schemes. These PDFs can contain embedded malicious code, links, and scripts that exploit vulnerabilities in PDF readers, making them a preferred method for evading traditional security measures. Kaspersky Lab researchers recently discovered that SambaSpy has been actively attacking Windows users with weaponized PDF files. SambaSpy Attacking Windows Users In May 2024, cybersecurity researchers uncovered a highly targeted malware campaign focusing primarily on Italian SambaSpy is obfuscated using Zelix KlassMaster, and it offers an extensive range of malicious capabilities that we have mentioned below:- FSambaSpy is obfuscated using Zelix KlassMaster, and it offers an extensive range of malicious capabilities that we have mentioned below:- " *File system manipulation *Process management *Keylogging (using JNativeHook) *Clipboard control *Webcam access *Screen capture *Remote desktop functionality *Browser credential theft (targeting Chrome, *Edge, Opera, Brave, Iridium, and Vivaldi) *Ability to load additional plugins at runtimile *system manipulation *Process management *Keylogging (using JNativeHook) *Clipboard control *Webcam access *Screen capture *Remote desktop functionality *Browser credential theft (targeting Chrome, *Edge, Opera, Brave, Iridium, and Vivaldi) *Ability to load additional plugins at runtim IAPSC - International Association of Professional Security Consultants Security Industry Association (SIA)

Disney ditching Slack after massive July data breach As breaches hit the headlines we can see how these attacks can affect business tools we use daily innevitably affecting organizations decisions on how they operate internally and externally. Risk turns into liability if organizations do not evaluate their systems consistently especially when sensitive and confidential data are at risk. Systems and tools must be evaluated and tested consistently by third parties to ensure resilience and security is being apllied. Strong cyber governance is critical to ensure policies and procedures are always followed to make sure that the lowest common denominator such as a tool or person using a tool doesnt become your worst nightmare. From Clowdstike to Slack this is only the beginning. "The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels. According to CNBC, Disney has already begun migrating to new "streamlined enterprise-wide collaboration tools" and emailed employees this week to say that they will finish the migration at the end of the company's next fiscal quarter. This move comes after the company suffered a massive data breach in July when a threat actor named 'NullBulge' breached Disney's Slack platform and stole 1.1TB of data. The threat actor claimed to steal all messages and files from almost 10,000 Slack channels containing upcoming project details, financial information, information technology information, and other confidential information." IAPSC - International Association of Professional Security Consultants Security Industry Association (SIA) https://lnkd.in/edkunQp3

Alert! CISA Warns of Five Vulnerabilities Actively Exploited in the Wild Please pass along to your network administrator. This is an on going attack! The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding five critical vulnerabilities that are being actively exploited in the wild. Organizations using affected products are urged to apply vendor-provided mitigations or discontinue use if no solutions are available. The vulnerabilities affect several major software platforms and pose significant data security and system integrity risks CVE-2024-27348 – Apache HugeGraph-Server Vulnerability CVE-2024-27348 CVE-2020-0618 – Microsoft SQL Server Reporting Services Vulnerability Identified as CVE-2020-0618, CVE-2019-1069 – Microsoft Windows Task Scheduler Vulnerability CVE-2019-1069 CVE-2022-21445 – Oracle JDeveloper Vulnerability Oracle JDeveloper, part of the Fusion Middleware suite, is affected by CVE-2022-21445. CVE-2020-14644 – Oracle WebLogic Server Vulnerability CVE-2020-14644 IAPSC - International Association of Professional Security Consultants Security Industry Association (SIA) https://lnkd.in/eYZyhCwJ

It has not been a good year for Microsoft. With the affects of the cloudstrike debacle still fresh in everyone's minds another "outage" has taken place surrounding Azure cloud services. This is an ongoing event so please notify your system administrator and follow up with your Response plans for business continuity. Stay aware and vigilant. IAPSC - International Association of Professional Security Consultants Security Industry Association (SIA) https://lnkd.in/eCFiBU6q

We are so proud to share that the leadership team of ESI Convergent will be at SecurityXchange from August 11-14, 2024! This is a premiere opportunity to develop strategic partnerships and stay afloat on current security trends while engaging with industry leaders. We believe in the power of collaboration and innovation, and we look forward to these meaningful discussions and new opportunities. Join us at SecurityXchange and let’s see together how we can collaborate to make this world a safer and more secure place.

Happy Independence Day 2024 Today is a momentous occasion as the nation celebrates another year of freedom and self-governance. On this special day, communities across the country will come together to honor the hard-fought victories and sacrifices of the past that paved the way for the liberties we enjoy today. Festive parades will wind through city streets, showcasing the patriotic spirit of the people with marching bands, colorful floats, and enthusiastic crowds waving the red, white, and blue. Neighborhoods will host lively barbecues and block parties, the sizzling aroma of grilled foods and the laughter of friends and families filling the air. As the sun sets, the night sky will explode in a dazzling display of fireworks, the brilliant bursts of light and thunderous booms evoking a sense of national pride and unity. Throughout the day, people will reflect on the founding principles that have guided the country for centuries - principles of democracy, equality, and opportunity that have made the United States a beacon of hope for people around the world. This Independence Day will be a joyous celebration of how far the nation has come, and an affirmation of the enduring strength and resilience that will carry it forward into the future. #independenceday2024 #happyindependenceday #usa #happy4thofjuly