Welcome reader to your CybersecurityHQ report

Headlines

Microsoft hosted the Enpoint Security Summit this Tuesday at its Redmond, Washington, headquarters to talk about ways to improve cybersecurity systems. The summit sits in the shadow of the global IT outage caused in July from a CrowdStrike update on Windows systems.

The outage, which began on July 19, affected almost 8.5 million devices and had a devastating impact on the operation of airlines, hospitals, and other critical services.

Among the event’s topics were how to address a critical issue in cybersecurity—the reliance on single vendors to provide full spectrum protection. This allowed for a single issue to spread worldwide.

This issue is extremely important at the scale of Microsoft systems used by banks, airlines, and major infrastructure. But it reflects a greater trend across the cybersecurity space, where most firms rely on a single vendor to provide everything for them.

Microsoft remains the leader in the endpoint security market, and they appear to be preparing to make major changes. This summit seems to point at more development on the way.

Also on Tuesday, Microsoft alerted users of a critical flaw in its latest update—called CVE-2024-43491. The September Patch will solve the issue, along with 80 other security defects.

Reported anonymously, the flaw was not published with any information on possible exploitations or indicators of compromise.

Telegram continues to be in the news. Recently, the US Justice Department announced that leaders of the Terrorgram Collective (Dallas Humber, 34, of Elk Grove, California, and Matthew Allison, 37, of Boise, Idaho) were arrested last Friday and charged on 15 counts.

Terrorgram Collective is a large far right terrorist group that has been operating throughout hundreds of channels on Telegram.

In a statement, Attorney General Merrick B. Garland said, “Today’s indictment charges the defendants with leading a transnational terrorist group dedicated to attacking America’s critical infrastructure, targeting a hit list of our country’s public officials, and carrying out deadly hate crimes — all in the name of violent white supremacist ideology… Using the Telegram platform, they advanced their heinous white supremacist ideology, solicited hate crimes, and provided guidance and instructions for terrorist attacks on critical infrastructure and assassinations of government officials.”

Among the group’s notorious crimes were the shooting of three people outside an LGBT bar in Slovakia, planning an attack on a New Jersey energy facility, and a stabbing of five people outside a mosque in Turkey. They also “doxxed and solicited the murder of federal officials, conspired to provide material support to terrorists, and distributed information about explosives…”

These “bias-motivated attacks against those deemed by Terrorgram to be enemies of the white race” are motivated by a desire to “ignite a race war.”

Russia’s Unit 29155 is a military intelligence unit known for its part in major assassination, espionage, and sabotage operations in recent years. Now, it’s being accused by Western intelligence agencies of carrying out cyberattacks on Ukraine’s allies.

A joint statement released by the US, UK, and their allies says that the elite unit attacked a broad range of government and civilian agencies in the lead-up to Russia’s invasion of Ukraine.

The declaration claims there have been attacks on critical infrastructure in the EU, NATO member states, Asia, and Latin America—all connected to this single unit’s cyberwarfare wing. The digital operation goes by many names: Cadet Blizzard, Bleeding Bear, and Greyscale.

The connection between Unit 29155, which carries out special operations in the field, and a cyberwarfare group presents a potential paradigm shift—interweaving physical acts like assassination with digital ones.

To amplify the pressure being placed on Russia’s cyberwarfare, the US government has posted a $10 million reward for information “leading to the identification or location of” many Unit 29155 hackers.

On the business side of things, Rubrik’s shares dropped 6% on Tuesday in preparation for the IPO share-lockup expiring on Wednesday. Still, the Microsoft-backed cybersecurity firm has some positive news as well.

Share lockups are a period after an initial public offering (IPO) of stock—typically running 90 to 180 days. In that time, insiders (like executives, employees, and early investors) can’t sell their shares. It’s a way to steady the stock price out of the gate and reduce abuse of IPOs.

Because of the potential volatility when a share-lockup expires, price dips are not uncommon.

Still, 6% of Rubrik’s stock price represents a loss of $350 million in value. That’s despite outperforming analyst predictions for second quarter performance—with $205 million revenue coming in over an estimated $196.2 million.

The company emphasized its recent work helping in the fallout of the CrowdStrike outage, and they stand to benefit from the ongoing increase in enterprise spending on cybersecurity, especially after recent attacks on UnitedHealth Group and Halliburton.

With the presidential debate on Tuesday, the election heats up, and along with it are another haul of cybersecurity news.

US intelligence officials warn that Russian state media’s RT is using American personalities to sway the outcome of the election in former President Trump’s favor. Last week, the US charged two employees of RT with money laundering in an effort to fund election interference activities.

Speaking to Reuters on the issue, RT responded by saying, “Three things are certain in life: death, taxes and RT's interference in the U.S. elections."

Meanwhile, an enormous campaign of posts on TikTok, Facebook, X, Rumble, and YouTube have been linked to Russia’s RT.

US officials have also warned about potential influence from other international players, including China and Iran. For instance, a report by social network analysts at Graphika claim they found a cross-platform influence operation with links to the Chinese government. In it, multiple accounts posing as Americans spread posts on controversial topics. Though, how influential these kinds of operations are remains to be proven.

Next week, tech executives will head to Washington to speak with the Senate Intelligence Committee on election threats. This will include representatives from Alphabet, Meta, Microsoft, and Adobe.

As the race remains extremely tight, any influence in either direction could prove decisive.

Interesting Read

The AI revolution has brought with it a central debate: what exactly are the ethical rules we need to hold developers to? The discussion is ongoing, with adherents on all conceivable sides. And in the center of the maelstrom is Grok AI—run by Elon Musk’s xAI.

Its claim to fame? Very few guardrails.

While Claude and ChatGPT will often hedge what they say on potentially controversial topics, Grok speaks openly—often being accused of spreading misinformation and bias. But maybe that’s what helps it live up to xAI’s description of the product as “an AI search assistant with a twist of humor and a dash of rebellion.”

But there is now a new concern. How is Grok using data on the X platform, which is owned by the same parent company as the AI tool?

This article for Wired goes into the privacy debate, how the program uses data, why that is scarier than it may sound, and how to opt out.

Twitter Highlights

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team