Risky Bulletin: StopICE blames hack on "a CBP agent here in SoCal"
Summary
This Risky Business News bulletin summarizes several cybersecurity-related updates, including Microsoft disabling NTLM, Poland banning Chinese cars from military bases, and Ivanti patching two new zero-day vulnerabilities. The StopICE group is also claiming a hack originated from a CBP agent.
IFF Assessment
FOE
The mention of Ivanti patching two new zero-days indicates potential active exploitation, which poses a risk to defenders.
Severity
9.0
Critical
(AI Estimated)
Defender Context
Defenders should prioritize patching Ivanti systems to address the zero-day vulnerabilities and monitor for any signs of exploitation. Disabling NTLM, when possible, is also a positive step. The StopICE claim may warrant further investigation if relevant to the defender's organization.