CyberWire Daily

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world. read less
NewsNews
TechnologyTechnology
Tech NewsTech News
Daily NewsDaily News

Episodes

U.S. tightens the cybersecurity belt.
Yesterday
U.S. tightens the cybersecurity belt.
Biden bans Kaspersky over security concerns. Accenture says reports of them being breached are greatly exaggerated. SneakyChef targets diplomats in Africa, the Middle East, Europe and Asia. A serious firmware flaw affects Intel CPUs. More headaches for car dealerships relying on CDK Global. CISA Alerts Over 100,000 Individuals of Potential Data Breach in Chemical Security Tool Hack. SquidLoader targets Chinese organizations through phishing. A new nonprofit aims to establish certification standards in maritime cybersecurity. A sneak peek of our latest podcast, Only Malware in the Building. Using the court system for customer support. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Selena Larson, joined by Dave Bittner and Rick Howard, hosts the new podcast "Only Malware in the Building." This monthly collaboration between N2K CyberWire and Proofpoint delves into the most impactful and intriguing malware stories. Selena makes complex cybersecurity info fun and digestible, offering tech professionals clear, actionable insights.  Selected Reading Biden bans US sales of Kaspersky software over Russia ties (Reuters) Exclusive: Accenture says data leak claims false, only 3 affected (Cyber Daily) Chinese-aligned hacking group targeted more than a dozen government agencies, researchers find (CyberScoop) Intel-powered computers affected by serious firmware flaw (CVE-2024-0762) (Help Net Security) CDK warns: threat actors are calling customers, posing as support (bleepingcomputer) Personal and Chemical Facility Information Potentially Accessed in CISA Hack (SecurityWeek) New Highly Evasive SquidLoader Attacking Employees Mimic As Word Document (gbhackers) New body IMCSO to elevate standards and streamline provisioning of cybersecurity services in Maritime (itsecurityguru) US DHS partners with Indonesia to strengthen maritime cybersecurity in Indo-Pacific region (Industrial Cyber) How small claims court became Meta's customer service hotline (engadget). The curious case of the missing IcedID (Only Malware in the Building) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Cyberattack leaves dealerships feeling stuck in neutral.
2d ago
Cyberattack leaves dealerships feeling stuck in neutral.
Over 15,000 car dealerships hit the brakes after a software supplier cyber incident. The EU’s Chat Control gets put on hold. A hacker leaks contact details of over 33,000 Accenture employees. A major forklift manufacturer shuts down operations in the wake of a ransomware attack. IntelBroker claims to have leaked source code from Apple. An investigation questions the ethics of AI firm Perplexity. A radiology practice notifies over half a million people of a data breach. Federal contractors pay millions in fines for inadequate cyber security during the COVID-19 pandemic. Stolen files from the Kansas City Police department are posted online. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey. Remembering the work of MIT’s Arvind.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. With all eight domains wrapped up, Sam and Joe pivot to the homestretch of Joe's studies. With the test about two weeks away, Joe discusses his approach to retaining the information and filling any remaining knowledge gaps.  Selected Reading Car Dealerships Across US Halt Services After Cyberattack (Bloomberg) Car Dealers Are Idle Across the US After Second Cyberattack  (Bloomberg) EU Council has withdrawn the vote on Chat Control (Stack Diary) Hacker Leaks Data of 33,000 Accenture Employees in Third-Party Breach (HackRead) Crown Equipment confirms a cyberattack disrupted manufacturing (Bleeping Computer) Threat actor claims to have breached Apple, allegedly stealing source code of several internal tools (9to5Mac) Perplexity Is a Bullshit Machine (WIRED) Radiology Practice Hack Affects Sensitive Data of 512,000 (GovInfo Security) Federal contractors pay multimillion-dollar settlements over cybersecurity lapses (The Record) BlackSuit ransomware publishes Kansas City, Kansas, police files (StateScoop) Arvind, longtime MIT professor and prolific computer scientist, dies at 77 (MIT)   Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
T-Minus Overview- Our Moon [T-Minus Radio Program]
3d ago
T-Minus Overview- Our Moon [T-Minus Radio Program]
Please enjoy this bonus episode from our T-Minus Space Daily team. The N2K CyberWire team is observing the Juneteenth holiday here in the US. Welcome to the T-Minus Overview Radio Show. In this program we’ll feature some of the conversations from our daily podcast with the people who are forging the path in the new space era, from industry leaders, technology experts and pioneers, to educators, policy makers, research organizations, and more. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. T-Minus Guest Our guests are Science Writer and Author Rebecca Boyle, and CEO and Founder, Chair and CEO of Lonestar Space Holdings, Chris Stott.  T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Servers seized, terrorists teased.
4d ago
Servers seized, terrorists teased.
Europol and partners shut down 13 terrorist websites.  A data breach at the LA County Department of Public Health affects over two hundred thousand. The Take It Down act targets deepfake porn. The Five Eyes alliance update their strategies to protect critical infrastructure. VMware has disclosed two critical-rated vulnerabilities in vCenter Server. The alleged heads of the "Empire Market" dark web marketplace are charged in Chicago federal court. A new malware campaign tricks users into running malicious PowerShell “fixes.”Researchers thwart Memory Tagging Extensions in Arm chips. A major e-learning platform discloses a breach. On our Industry Voices segment, we are joined by Guy Guzner, CEO and Co-Founder of Savvy to discuss "Reimagining app and identity security for SaaS." Clearview AI offers plaintiffs a piece of the pie.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Guy Guzner, CEO and Co-Founder of Savvy to discuss "Reimagining app and identity security for SaaS." Selected Reading Europol Taken Down 13 Websites Linked to Terrorist Operations (GB Hackers) Los Angeles Public Health Department Discloses Large Data Breach (Infosecurity Magazine) New AI deepfake porn bill would require big tech to police and remove images (CNBC) Five Eyes' Critical 5 nations focus on adapting to evolving cyber threats to boost critical infrastructure security, resilience (Industrial Cyber) VMware by Broadcom warns of critical vCenter flaws (The Register) Empire Market owners charged for enabling $430M in dark web transactions (Bleeping Computer) From Clipboard to Compromise: A PowerShell Self-Pwn (Proofpoint US) Arm Memory Tag Extensions broken by speculative execution (The Register) Star ed-tech company discloses data breach (Cybernews) Clearview AI Is So Broke It’s Now Offering Lawsuits Plaintiffs A Cut Of Its Extremely Dubious Future Fortunes (Techdirt) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Scattered Spider hacker snagged in Spain.
5d ago
Scattered Spider hacker snagged in Spain.
Spanish authorities snag a top Scattered Spider hacker. HC3 issues an alert about PHP. WIRED chats with ShinyHunters about the breach affecting Snowflake customers. Meta delays LLM training over European privacy concerns. D-Link urges customers to upgrade routers against a factory installed backdoor. A new Linux malware uses emojis for command and control. Vermont’s Governor vetoes a groundbreaking privacy bill. California fines Blackbaud millions over a 2020 data breach. Guest Patrick Joyce, Proofpoint's Global Resident CISO, sharing some key challenges, expectations and priorities of chief information security officers (CISOs) worldwide. N2K’s CSO Rick Howard for a preview of his latest CSO Perspectives podcast episode on The Current State of XDR: A Rick-the-Toolman episode.  Be sure to change those virtual locks.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Patrick Joyce, Proofpoint's Global Resident CISO, sharing some key challenges, expectations and priorities of chief information security officers (CISOs) worldwide. You can learn more from their 2024 Voice of the CISO report.  CSO Perspectives  Dave is joined by N2K’s CSO Rick Howard for a preview of his latest CSO Perspectives podcast episode on The Current State of XDR: A Rick-the-Toolman episode. You can find the accompanying essay here. If you are not an N2K CyberWire Pro subscriber, you can catch the first half of the episode as a preview here.  Selected Reading Alleged Scattered Spider ringleader taken down in Spain after law enforcement crackdown (ITPro) US HC3 issues alert on critical PHP vulnerability impacting healthcare sector (Industrial Cyber) Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake (WIRED) Meta Pauses European GenAI Development Over Privacy Concerns (Infosecurity Magazine) Hidden Backdoor in D-Link Routers Let Attacker Login as Admin (GB Hackers) New Linux malware is controlled through emojis sent from Discord (Bleeping Computer) Vermont governor rejects state’s tough data privacy bill (The Record) Blackbaud must pay $6.75 million, improve security after lying about scope of 2020 hack (The Record) Former IT employee gets 2.5 years for wiping 180 virtual servers (Bleeping Computer)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The current state of XDR: A Rick-the-toolman episode.
5d ago
The current state of XDR: A Rick-the-toolman episode.
Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of “eXtended Detection and Response” (XDR) with CyberWire Hash Table guests Rick Doten, Centene’s VP of Security, and Milad Aslaner, Sentinel One’s XDR Product Manager. References: Alexandra Aguiar, 2023. Key Trends from the 2023 Hype Cycle for Security Operations [Gartner Hype Cycle Chart]. Noetic Cyber. Daniel Suarez, 2006. Daemon [Book]. Goodreads. Dave Crocker, 2020. Who Invented Email, Email History, How Email Was Invented [Websote]. LivingInternet. Eric Hutchins, Michael Cloppert, Rohan Amin, 2010, Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains [Paper] Lockheed Martin Corporation. Jon Ramsey, Mark Ryland, 2022. AWS co-announces release of the Open Cybersecurity Schema Framework (OCSF) project [Press Release]. Amazon Web Services. Nir Zuk, 2018. Palo Alto Networks Ignite USA ’18 Keynote [Presentation]. YouTube. Raffael Marty, 2021. A Log Management History Lesson – From syslogd(8) to XDR [Youtube Video]. YouTube. Raffael Marty, 2021. A history lesson on security logging, from syslogd to XDR [Essay]. VentureBeat. Rick Howard, 2020. Daemon [Podcast]. Word Notes. Rick Howard, 2021. XDR: from the Rick the Toolman Series. [Podcast and Essay]. CSO Perspectives, The CyberWire. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Staff, n.d. Open Cybersecurity Schema Framework [Standard]. GitHub. Staff, 2019. What is EDR? Endpoint Detection & Response Defined [Explainer]. CrowdStrike. Staff, 2020. Log Formats – a (Mostly) Complete Guide [Explainer]. Graylog. Stephen Watts, 2023. Common Event Format (CEF): An Introduction [Explainer]. Splunk. Thomas Lintemuth, Peter Firstbrook, Ayelet Heyman, Craig Lawson, Jeremy D’Hoinne, 2023. Market Guide for Extended Detection and Response [Essay]. Gartner. Learn more about your ad choices. Visit megaphone.fm/adchoices
A hacking keeps you humble.
Jun 14 2024
A hacking keeps you humble.
Microsoft’s President admits security failures in congressional testimony. Paul Nakasone joins OpenAI’s board. The feds hold their first AI tabletop exercise. CISA reports on the integration of space-based infrastructure. Cleveland city hall remains closed after a cyber attack. Truist commercial bank confirms a data breach. Rockwell Automation patches three high-severity vulnerabilities. University of Illinois researchers develop autonomous AI hacking agents. Arynn Crow, Sr Manager of AWS User Authentication Products, talks with N2K’s Brandon Karpf about security through MFA and FIDO Alliance passkeys, and her work on the Digital Identity Advancement Foundation. Can an AI run for mayor? Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In the first of our interviews captured during the AWS re:Inforce event this past week, guest Arynn Crow, Senior Manager of AWS User Authentication Products, talks with N2K’s Brandon Karpf about security through MFA and FIDO Alliance passkeys, and her work on the Digital Identity Advancement Foundation. Selected Reading Microsoft Admits Security Failings Allowed China's US Government Hack (Infosecurity Magazine) OpenAI adds Trump-appointed former NSA director Paul M. Nakasone to its board (The Washington Post) CISA leads first tabletop exercise for AI cybersecurity (CyberScoop) New CISA report addresses zero trust in space, boosting security for satellites and ground infrastructure (Industrial Cyber)  CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog (Security Affairs) Insurance giant Globe Life investigating web portal breach (Bleeping Computer) Cleveland remains paralyzed by cyberattack (News 5 Cleveland) Truist Bank confirms breach after stolen data shows up on hacking forum (Bleeping Computer) Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE (SecurityWeek) Researchers at the University of Illinois have developed AI Agents that can Autonomously Hack Websites and Find Zero-Day Vulnerabilities (MarkTechPost) Wyoming mayoral candidate wants to govern by AI bot (Ars Technica)   Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Whistleblower warns of profit over protection.
Jun 13 2024
Whistleblower warns of profit over protection.
A whistleblower claims that Microsoft prioritized profit over security. U.S. warnings of global election interference continue to rise. Cyber insurance claims hit record levels. Location tracking firm Tile suffers a data breach. A new phishing kit creates Progressive Web Apps. Questioning the government’s cyber silence. On today’s Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, is joined by Data Privacy Attorney Daniel Rosenzweig. Together, they unravel the complexities of aligning data privacy and cybersecurity laws with technological advancements. AI powered cheating lands one student in hot water.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment In this segment of Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, is joined by Data Privacy Attorney Daniel Rosenzweig. Together, they unravel the complexities of aligning data privacy and cybersecurity laws with technological advancements. Daniel shares his insights on the critical partnership between legal and tech teams.  To hear David and Daniel’s full conversation and learn how a deep understanding of both legal and tech realms can empower businesses to navigate evolving legal frameworks, particularly in light of emerging AI technologies, listen here. Check out Threat Vector every other Thursday in your favorite podcast app.  The information provided on this segment is not intended to constitute legal advice. All information presented is for general informational purposes only. The information contained may not constitute the most update, legal or interpretative compliance guidance. Contact your own attorney to obtain advice with respect to any particular legal matter. Selected Reading Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says (ProPublica) Microsoft president to testify about security lapses (IT News) Spy agencies’ foreign influence hub says it is issuing more private warnings (The Record) Cyber Insurance Claims Hit Record High in North America (Infosecurity Magazine) Hacker Accesses Internal ‘Tile’ Tool That Provides Location Data to Cops (404 Media) New phishing toolkit uses PWAs to steal login credentials (Bleeping Computer) Microsoft’s Recall puts the Biden administration’s cyber credibility on the line (CyberScoop) Turkish student creates custom AI device for cheating university exam, gets arrested (Ars Technica)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
COATHANGER isn’t hanging up just quite yet.
Jun 12 2024
COATHANGER isn’t hanging up just quite yet.
Dutch military intelligence warns of the Chinese Coathanger RAT. Pure Storage joins the growing list of Snowflake victims. JetBrains patches a GitHub IDE vulnerability. A data broker hits the brakes on selling driver location data. Flaws in VLC Media player allow remote code execution. Patch Tuesday updates. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey, taking on Domain 8, Software Development Security. Farewell, computer engineering legend Lynn Conway.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe take on Domain 8, Software Development Security, and tackle the following question: At which step of the SDLC should security considerations be first integrated? Functional requirements defining Project initiation and planning Testing and evaluation control System design specification Selected Reading Dutch intelligence says Chinese hacking campaign ‘more extensive’ than previously known (The Record) Pure Storage confirms data breach after Snowflake account hack (Bleeping Computer) Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) (Help Net Security) GitHub phishing campaign wipes repos, extorts victims (SC Magazine) Data broker shuts down product related to driver behavior patterns (The Record) VLC Media Player Vulnerabilities Allow Remote Code Execution (Cyber Security News) Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs (Bleeping Computer) ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA (SecurityWeek) Column: Lynn Conway, leading computer scientist and transgender pioneer, dies at 85 (LA Times) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Hijacking your heritage.
Jun 11 2024
Hijacking your heritage.
23andMe’s looming bankruptcy could pause class-action privacy lawsuits. The FCC focuses on BGP. The White House looks to big tech to help secure rural hospitals. Cylance confirms a data breach. Arm warns of GPU kernel driver vulnerabilities. The world's largest law firm faces class action over the MOVEit hack. SAP releases high priority patches. Apple redefines AI - literally - and offers up Private Cloud Compute at their developer’s conference. Guest Chris Novak, Senior Director of Cyber Security Consulting at Verizon, shares highlights and key takeaways of their recently published 2024 Data Breach Investigations Report (DBIR). Share your love — but not your passwords. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Chris Novak, Senior Director of Cyber Security Consulting at Verizon, shares highlights and key takeaways of their recently published 2024 Data Breach Investigations Report (DBIR). Selected Reading UK and Canada Launch Joint Probe Into 23andMe Breach While District Judge Says Bankruptcy Is Imminent (Metacurity) FCC Advances BGP Security Rules for Broadband Providers (bankinfosecurity) White House enlists Microsoft, Google for rural hospital cyberdefense (Beckers Health IT) Cylance confirms data breach linked to 'third-party' platform (bleepingcomputer) Arm warns of actively exploited flaw in Mali GPU kernel drivers (bleepingcomputer) Law firm Kirkland sued in class action over MOVEit data breach (Reuters) SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver (SecurityWeek) Here's how Apple's keeping your cloud-processed AI data safe (and why it matters) (ZDNET) When things go wrong: A digital sharing warning for couples (Malwarebytes) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Rethinking recalls.
Jun 10 2024
Rethinking recalls.
Microsoft makes Recall opt-in. The Senate holds hearings on federal cybersecurity standards. Snowflake’s scrutiny snowballs. New York Times source code is leaked online. Ransomware leads to British hospitals' desperate need for blood donors. Cisco Talos finds 15 serious vulnerabilities in PLCs. Sticky Werewolf targets Russia and Belarus. Frontier Communications warns 750,000 customers of a data breach. Chinese nationals get prison time in Zambia for cybercrimes. N2K’s CSO Rick Howard speaks with Danielle Ruderman, Security GTM Leader, AWS about what keeps CISOs up at night. DIY cell towers can land you in hot water.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K’s CSO Rick Howard speaks with Danielle Ruderman, Security GTM Leader, AWS about what keeps CISOs up at night and learnings from AWS CISO Circles. Today, our team is at the AWS re:Inforce this week. Stay tuned for our coverage. Selected Reading Windows won’t take screenshots of everything you do after all — unless you opt in (The Verge)  US Senate Committee holds hearing on harmonizing federal cybersecurity standards to address business challenges (Industrial Cyber) What Snowflake isn't saying about its customer data breaches (TechCrunch) New York Times source code stolen using exposed GitHub token (Bleeping Computer) London Hospitals Seek Biologics Backup After Ransomware Hit (GovInfo Security) Cisco Finds 15 Vulnerabilities in AutomationDirect PLCs (SecurityWeek) Sticky Werewolf targets the aviation industry in Russia and Belarus (Security Affairs) Frontier warns 750,000 of a data breach after extortion threats (Bleeping Computer) 22 Chinese Nationals Sentenced to Long Prison Terms in Zambia for Multinational Cybercrimes (SecurityWeek) Two arrested in UK over fake cell tower smishing campaign (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
A snapshot of security woes.
Jun 7 2024
A snapshot of security woes.
Microsoft's recall raises red flags. Ukraine's CERT sounds alarm. Russian hacktivists cause trouble in EU elections. DEVCORE uncovers critical code execution flaw. LastPass leaves users locked out. Apple commits to five years of iPhone security. An AI mail fail. Inside the FCC's plan to strengthen BGP protocol. Dave sits down with our guest Camille Stewart Gloster, Former Deputy National Cyber Director at the White House, as she shares a retrospective of her public service career. And let’s all Cheers to cybersecurity. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Camille Stewart Gloster, Former Deputy National Cyber Director at the White House, shares a retrospective of her public service career. Camille’s full conversation with Dave can be found on our weekly cybersecurity law, policy and privacy podcast, Caveat. You can listen to it here.  Selected Reading Microsoft’s Recall Feature Is Even More Hackable Than You Thought (WIRED) Microsoft Research scientist gives non-answer when asked about Windows Recall privacy concerns (TechSpot)  TotalRecall: A New Tool that Extracts Data From Windows 11 Recall Feature (Cyber Security News) Exclusive: Senators express "serious concern" with Pentagon's Microsoft plan (Axios) UAC-0020 used SPECTR Malware to target Ukraine defense forces (Security Affairs)  Russian hacktivists vow mass attacks against EU elections (The Register) Ransomware Actor Exploited CoinMiner Attacker's Proxy Server (Cyber Security News) Critical PHP Remote Code Execution Flaw let Attackers Inject Malicious Scripts (Cyber Security News) Users furious after LastPass down for hours (Cybernews) Apple Says iPhones Will Get Security Updates for at Least 5 Years (SecurityWeek)  EmailGPT Exposed to Prompt Injection Attacks (Infosecurity Magazine) FCC Proposes BGP Security Reporting for Broadband Providers (SecurityWeek) Unpacking the SEC 10-K cyber disclosures (PwC)  Apple set to launch Passwords app, taking on LastPass and 1Password (TechSpot) Wineloader Mimic As Ambassador Of India To Start The Infection Chain (Cyber Security News)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
CISA's calls for a JCDC makeover.
Jun 6 2024
CISA's calls for a JCDC makeover.
CSAC recommends key changes to the  Joint Cyber Defense Collaborative. Cloud vendor Snowflake says single-factor authentication is to blame in their recent breach. Publishers sue Google over pirated ebooks. The FBI shares LockBit decryption keys. V3B is a phishing as a service campaign targeting banking customers. Commando Cat targets Docker servers to deploy crypto miners. Our guest is Danny Allan, Snyk's CTO, discussing how in the rush to implement GenAI, some companies are bypassing best practices and security policies. Club Penguin fans stumble upon a cache of secrets in the house of mouse. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Danny Allan, Snyk's CTO, discussing how in the rush to implement GenAI, companies bypass best practices and security policies. This highlights a clear gap between those in leadership looking to adopt AI tools and the teams who are utilizing them. Learn more in Snyk Organizational AI Readiness Report.  Selected Reading CISA advisors urge changes to JCDC's goals, operations, membership criteria (The Record) CISA says 'patch now' to 7-year-old Oracle WebLogic bug (The Register) Snowflake says users with single-factor authentication targeted in attack (SC Media) Advance Auto Parts stolen data for sale after Snowflake attack (Bleeping Computer) Major Publishers Sue Google Over Ads for Pirated Ebooks (Publishing Perspectives) FBI unveils 7,000 decryption keys to aid LockBit victims (Silicon Republic)  Hackers Attacking Banking Customers Using Phishing-As-A-Service V3B Toolkit (GB Hackers) Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers (Trend Micro) Club Penguin fans breached Disney Confluence server, stole 2.5GB of data (Bleeping Computer)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Opening up on hidden secrets.
Jun 5 2024
Opening up on hidden secrets.
OpenAI insiders describe a culture of recklessness and secrecy. Concerns over Uganda’s biometric ID system. Sophos uncovers a Chinese cyberespionage operation called Crimson Palace. Poland aims to sure up cyber defenses against Russia. Zyxel warns of critical vulnerabilities in legacy NAS products. Arctic Wolf tracks an amateurish ransomware variant named Fog. A TikTok zero-day targets high profile accounts. Cisco patches a Webex vulnerability that exposed German government meetings. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey, diving into Domain 7, Security Operations. A Canadian data breach leads to a class action payday.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe dive into Domain 7, Security Operations, and tackle the following question: Which of the following is the MOST important goal of Disaster Recovery Planning? Business continuity Critical infrastructure restoration Human Safety Regulatory compliance Selected Reading OpenAI Whistle-Blowers Describe Reckless and Secretive Culture (The New York Times) Uganda: Yoweri Museveni's Critics Targeted Via Biometric ID System (Bloomberg) Chinese South China Sea Cyberespionage Campaign Unearthed (GovInfo Security) Palau confirms 'major' cyberattack, points to China (Digital Journal) Poland to invest $760 million in cyberdefense as Russian pressure mounts (The Record) 'NsaRescueAngel' Backdoor Account Again Discovered in Zyxel Products (SecurityWeek) Arctic Wolf sniffs out new ransomware variant (CSO Online) CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs (Security Affairs) Cisco Patches Webex Bugs Following Exposure of German Government Meetings (SecurityWeek) ICBC must pay $15K to all who had data breached before JIBC attacks (Vancouver Sun)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Ransomware hit causes pathology paralysis.
Jun 4 2024
Ransomware hit causes pathology paralysis.
Ransomware disrupts London hospitals. Researchers discover serious vulnerabilities in Progress' Telerik Report Server and Atlassian Confluence Data Center and Server. Over three million people are affected by a breach at a debt collection agency. A report finds Rural hospitals vulnerable to ransomware. An Australian mining firm finds some of its data on the Dark Web. Google patches 37 Android vulnerabilities. Russian threat actors target the Summer Olympics in Paris. On our Industry Voices segment, we are joined by Sandy Bird, CTO at Sonrai. Sandy discusses the risks of unused identity infrastructure. The Amazon rainforest goes online. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Sandy Bird, CTO at Sonrai. Sandy discusses the risks of unused identity infrastructure. You can learn more about Sonrai’s work in this area by reviewing their Quantifying Cloud Access Risk: Overprivileged Identities and Zombie Identities report. Selected Reading Critical incident declared as ransomware attack disrupts multiple London hospitals (The Record) CVE-2024-4358, CVE-2024-1800: Exploit Code Available for Critical Exploit Chain in Progress Telerik Report Server (Tenable) Atlassian’s Confluence hit with critical remote code execution bugs (CSO Online) Debt collection agency FBCS leaks information of 3 million US citizens (Malwarebytes) Rural hospitals are particularly vulnerable to ransomware, report finds (CyberScoop) Australian rare earths miner hit by cybersecurity breach (Mining Weekly) 37 Vulnerabilities Patched in Android (SecurityWeek) Russia used fake AI Tom Cruise in Olympic disinformation campaign (Computer Weekly) The Internet's Final Frontier: Remote Amazon Tribes (New York Times) Listen to our newest podcast, “Only Malware in the Building.” N2K and Proofpoint have teamed up to launch “Only Malware in the Building,” the newest podcast on the N2K CyberWire network. Each month our hosts Selena Larson, Proofpoint’s staff threat researcher, and N2K’s Rick Howard and Dave Bittner, explore the mysteries around today’s most intriguing cyber threats. Listen to the first episode and subscribe now. Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Things aren’t looking so Shiny(Hunters) at cloud provider Snowflake.
Jun 3 2024
Things aren’t looking so Shiny(Hunters) at cloud provider Snowflake.
Signs point to a major cybersecurity event at cloud provider Snowflake. Hugging Face discloses "unauthorized access" to its Spaces platform. Australian legislation seeks jail time for deepfake porn. CISA adds two vulnerabilities to the KEV catalog. Spanish police investigate a potential breach of drivers license info. NSA shares mobile device best practices. Everbridge crisis management software company reports a data breach. N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard joins us to preview CSO Perspectives Season 14 which launches today! Google tries to explain those weird AI search results.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard joins Dave to preview CSO Perspectives Season 14 which launches today! The first episode explores SolarWinds and the SEC. This episode of CSO Perspectives has a companion essay. You can find it here. Not an N2K Pro subscriber? You can catch the first half of the episode here.  Selected Reading The Ticketmaster Data Breach May Be Just the Beginning (WIRED) Hugging Face says it detected 'unauthorized access' to its AI model hosting platform (TechCrunch) Jail time for those caught distributing deepfake porn under new Australian laws (The Guardian) CISA warns of actively exploited Linux privilege elevation flaw (Bleeping Computer) Spanish police investigate whether hackers stole millions of drivers' data (Reuters) The NSA advises you to turn your phone off and back on once a week - here's why (ZDNET) Everbridge warns of corporate systems breach exposing business data (Bleeping Computer) Google’s AI Overview is flawed by design, and a new company blog post hints at why (Ars Technica)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices