Glen Roberts

"The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been attributed to a threat actor tracked as Mimo (aka Hezb), which has a long history of leveraging N-day security flaws in various web applications to deploy cryptocurrency miners. "Although Mimo's primary motivation remains financial, through cryptocurrency mining and bandwidth monetization, the sophistication of their recent operations suggests potential preparation for more lucrative criminal activities," Datadog Security Labs said in a report published this week. Mimo's exploitation of CVE-2025-32432, a critical security flaw in Craft CMS, for cryptojacking and proxyjacking was documented by Sekoia in May 2025." https://lnkd.in/d-j33inX

1

Lots of text in the AWS post-mortem: https://lnkd.in/e-xRFw6b (edited for brevity) * already disabled the DynamoDB DNS Planner and the DNS Enactor automation worldwide * we will fix the race condition scenario and add additional protections to prevent the application of incorrect DNS plans. * For NLB, we are adding a velocity control mechanism to limit the capacity a single NLB can remove when health check failures cause AZ failover. * For EC2, we are building an additional test suite * We will improve the throttling mechanism in our EC2 data propagation systems to rate limit * we will look for additional ways to avoid impact from a similar event in the future, and how to further reduce time to recovery.

1

Cyber Insurance 2026 Requirements Cyber insurers are tightening underwriting for 2026. Expect stricter MFA enforcement, proof of backup integrity testing, stronger vendor controls, and higher deductibles for social engineering losses. One practical step you can take today: Pull your last insurance questionnaire and compare it to the controls you have now. The gaps are usually obvious. If you’d like a short list of the new requirements we’re already seeing, just let me know. Hashtags: #CyberInsurance #CFO #RiskManagement #COO #CISO #BusinessContinuity #MemphisBusiness #Underwriting

14

Boards don’t care about CVEs. They care about cash flow. If your security brief sounds like “we closed 327 medium-severity findings,” you’ve already lost your audience. Executives speak in dollars, risk, and velocity. If you can’t translate vulnerabilities into those terms, you’ll always be seen as a cost center. Security isn’t about patch counts. It’s about protecting revenue. Speak the right language or get tuned out.

8

CISA Warns of Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code CISA has issued an urgent warning about a critical zero-day vulnerability in Google Chrome’s V8 JavaScript engine that is being actively exploited by cybercriminals to execute arbitrary code on victims’ systems. On June 5, 2025, CISA added CVE-2025-5419 to its Known Exploited Vulnerabilities (KEV) Catalog, confirming that threat actors are leveraging this high-severity flaw in real-world attacks. The vulnerability affects Google Chrome versions prior to 137.0.7151.68 and poses significant risks to millions of users worldwide. Stay Connected to Sidharth Sharma, CPA, CISA, CISM, CFE, CDPSE for content related to Cyber Security. #CyberSecurity #JPMC #Technology #InfoSec #DataProtection #DataPrivacy #ThreatIntelligence #CyberThreats #NetworkSecurity #CyberDefense #SecurityAwareness #ITSecurity #SecuritySolutions #CyberResilience #DigitalSecurity #SecurityBestPractices #CyberRisk #SecurityOperations  https://lnkd.in/eqDU_zRY

1

Myth: "Vendor security is their problem." Reality: If a supplier is compromised, their breach becomes your breach. You inherit their security posture the moment you integrate. Assess, monitor, and control vendor access - and demand evidence, not just a certificate. Third-party risk management must be active and continuous. #SupplyChain #ThirdPartyRisk #VendorSecurity

3