S1 EP. 14 CISA Alert on SharePoint Server Attacks, Chinese Hacking Plot Exposed, Ray AI Framework Under Siege

The State of Enterprise IT Security

Apr 1 2024 • 19 mins

In the 14th episode of the State of Enterprise IT Security, Brad Bussie, Chief Information Security Officer at e360, goes over CISA Alert on SharePoint Server Attacks, Chinese Hacking Plot Exposed, Ray AI Framework Under Siege and more.

Timestamps:
[00:01:10] CISA warns that hackers are actively attacking a SharePoint server vulnerability
[00:03:30] Millions of Americans caught up in a Chinese hacking plot
[00:14:00] Thousands of servers hacked in an ongoing attack targeting Ray AI framework

Episode Summary:

In the latest installment of "The State of Enterprise IT Security Edition," host Brad Bussie, CISO at e360, offers a deep dive into current cybersecurity threats and practical defense strategies. This episode covers three critical topics:

  1. CISA's SharePoint Server Vulnerability: Brad discusses a serious vulnerability in Microsoft SharePoint Server that is being actively exploited, emphasizing the critical nature of applying patches that have been available since May 2023 to prevent such attacks.
  2. Chinese Hacking Campaign: The episode moves on to a sinister hacking campaign orchestrated by Chinese nationals, which has been targeting American officials, businesses, and critics over 14 years. Bussie explores the campaign’s breadth and the U.S. government's response, including a reward for information leading to the identification of the perpetrators.
  3. Ray AI Framework Attacks: Thousands of servers have been compromised in an ongoing campaign targeting the Ray AI framework, used by companies like OpenAI, Uber, and Amazon. Brad outlines the campaign's impact on AI models and network credentials and provides advice on securing systems against such insidious attacks.

Listeners will come away with a greater understanding of the current cybersecurity landscape and how to implement effective security measures within their organizations.


About the Show:
The State of Enterprise IT Security podcast is your go-to source for the latest in IT security, offering approachable and actionable insights for technology leaders. Join us as we explore the complexities of cybersecurity and the innovative solutions driving the industry forward.

About e360:
e360 excels in delivering specialized technology solutions across Cloud, Cybersecurity, Digital Workplace, Modern Infrastructure, and Managed Services. We are at the forefront of driving digital transformation for global and national enterprises with our top-tier expertise.