Avsnitt
-
Adam Khan, VP of Security Operations at Barracuda, joins to discuss his team's work on "The evolving use of QR codes in phishing attacks." Cybercriminals are evolving phishing tactics by embedding QR codes, or “quishing,” into PDF documents attached to emails, tricking recipients into scanning them to access malicious websites that steal credentials.
Barracuda researchers found over half a million such emails from June to September 2024, with most impersonating brands like Microsoft, DocuSign, and Adobe to exploit urgency and trust. To counter these attacks, businesses should deploy multilayered email security, use AI-powered detection tools, educate employees on QR code risks, and enable multifactor authentication to safeguard accounts.
The research can be found here:
Threat Spotlight: The evolving use of QR codes in phishing attacks
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Russian hackers attack Ukraine’s state registers. NotLockBit is a new ransomware strain targeting macOS and Windows. Sophos discloses three critical vulnerabilities in its Firewall product. The BadBox botnet infects over 190,000 Android devices. BeyondTrust patches two critical vulnerabilities. Hackers stole $2.2 billion from cryptocurrency platforms in 2024. Officials dismantle a live sports streaming piracy ring. Rockwell Automation patches critical vulnerabilities in a device used for energy control in industrial systems. A new report from Dragos highlights ransomware groups targeting industrial sectors. A Ukrainian national is sentenced to 60 months in prison for distributing the Raccoon Infostealer malware. We bid a fond farewell to our colleague Rick Howard, who’s retiring after years of inspiring leadership, wisdom, and camaraderie. The LockBit gang tease what’s yet to come.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today’s guest segment is bittersweet as we bid farewell to our beloved Rick Howard, who’s retiring after years of inspiring leadership, wisdom, and camaraderie. Join us in celebrating his incredible journey, sharing heartfelt memories, and letting him know just how deeply he’ll be missed by all of us here at N2K.
Selected Reading
Ukraine’s state registers hit with one of Russia’s largest cyberattacks, officials say (The Record)
NotLockBit - Previously Unknown Ransomware Attack Windows & macOS (GB Hackers)
Critical Sophos Firewall Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News)
Botnet of 190,000 BadBox-Infected Android Devices Discovered (SecurityWeek)
BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) (SOCRadar)
Crypto-Hackers Steal $2.2bn as North Koreans Dominate (Infosecurity Magazine)
Massive live sports piracy ring with 812 million yearly visits taken offline (Bleeping Computer)
Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems (SecurityWeek)
Ransomware Attackers Target Industries with Low Downtime Tolerance (Infosecurity Magazine)
Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US (SecurityWeek)
NetWalker Ransomware Operator Sentenced For Hacking Hundreds Of Organizations (Cyber Security News)
LockBit Admins Tease a New Ransomware Version (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Saknas det avsnitt?
-
CISA urges senior government officials to enhance mobile device security. Russian state-sponsored hacker group Sandworm is targeting Ukrainian soldiers. A website bug in GPS tracking firm Hapn is exposing customer information. Multiple critical vulnerabilities have been identified in Sharp branded routers. Ireland’s Data Protection Commission fines Meta $263 million for alleged GDPR violations. Google releases an urgent Chrome security update to address four high-rated vulnerabilities. Cyberattacks on India-based organizations surged 92% year-over-year. Cybercriminals target Google Calendar to launch phishing attacks. Fortinet patches a critical vulnerability in FortiWLM. Juniper Networks warns of a botnet infection targeting routers with default credentials. Our guest is Jeff Krull, principal and practice leader of Baker Tilly's cybersecurity practice, with advice on using employee access controls to limit internal cyber threats. When is “undesirable” a badge of honor?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Jeff Krull, principal and practice leader of Baker Tilly's cybersecurity practice, talking about using employee access controls to limit internal cyber threats.
Selected Reading
CISA urges senior government officials to lock down mobile devices amid ongoing Salt Typhoon breach (The Record)
Sandworm-linked hackers target users of Ukraine’s military app in new spying campaign (The Record)
Tracker firm Hapn spilling names of thousands of GPS tracking customers (TechCrunch)
Multiple security flaws reported in SHARP routers (Beyond Machines)
Meta fined $263 million for alleged GDPR violations that led to data breach (The Record)
Update Google Chrome Now—4 New Windows, Mac, Linux Security Warnings (Forbes)
India Sees Surge in Banking, Utilities API Attacks (Dark Reading)
Google Calendar Phishing Scam Targets Users with Malicious Invites (Hackread)
Fortinet Patches Critical FortiWLM Vulnerability (SecurityWeek)
Juniper Warns of Mirai Botnet Targeting Session Smart Routers (SecurityWeek)
Recorded Future CEO Calls Russia’s “Undesirable” Listing a “Compliment” (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The U.S. considers a ban on Chinese made routers. More than 200 Cleo managed file-transfer servers remain vulnerable. The Androxgh0st botnet expands. Schneider Electric reports a critical vulnerability in some PLCs. A critical Apache Struts 2 vulnerability is being actively exploited. Malicious campaigns are targeting Chinese-branded IoT devices. A Nebraska-based healthcare insurer discloses a data breach affecting over 225,000 individuals. IntelBroker leaks 2.9GB of data from Cisco’s DevHub environment. CISA issues a Binding Operational Directive requiring federal agencies to enhance cloud security. On today’s CERTByte segment, Chris Hare and Dan Neville unpack a question targeting the Network+ certification. INTERPOL says, “Enough with the pig butchering.“
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
This week, Chris is joined by Dan Neville to break down a question targeting the Network+ certification (N10-008 expires on 12/20/24 and the N10-009 update launched on June 20th of this year). Today’s question comes from N2K’s CompTIA® Network+ Practice Test, both exam versions of which are offered on our site.
Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here and on our site are not actual current or prior questions and answers from these certification publishers or providers.
Selected Reading
U.S. Weighs Ban on Chinese-Made Router in Millions of American Homes (Wall Street Journal)
Attack Exposure: Unpatched Cleo Managed File-Transfer Software (BankInfo Security)
Androxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities (Hackread)
Schneider Electric reports critical flaw in Modicon Programmable Logic Controllers (Beyond Machines)
RATs can sniff out your Chinese-made web cameras: here’s how to defend yourself (Cybernews)
Regional Care Data Breach Impacts 225,000 People (SecurityWeek)
Hacker IntelBroker Leaked 2.9GB of Data Stolen From Cisco DevHub Instance (Cyber Security News)
New critical Apache Struts flaw exploited to find vulnerable servers (Bleeping Computer)
CISA Issues Binding Operational Directive for Improved Cloud Security (SecurityWeek)
Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure (CISA)
INTERPOL urges end to 'Pig Butchering' term, cites harm to online victims (INTERPOL)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Biden administration takes its first step to retaliate against China for the Salt Typhoon cyberattack. The Feds release a draft National Cyber Incident Response Plan. Telecom Namibia suffers a cyberattack. The Australian Information Commissioner has reached a $50 million settlement with Meta over the Cambridge Analytica scandal. CISA releases its 2024 year in review. LastPass hackers nab an additional five millions dollars. Texas Tech University notifies over 1.4 million individuals of a ransomware attack. Researchers discover a new DarkGate RAT attack vector using vishing. A fraudster gets 69 months in prison. On our Threat Vector segment, David Moulton speaks with Nir Zuk, Founder and CTO of Palo Alto Networks about predictions for 2025. Surveillance tweaks our brains in unexpected ways.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
On our Threat Vector segment, we preview this week’s episode where host David Moulton talks with Nir Zuk, Founder and CTO of Palo Alto Networks. They talk about Palo Alto Networks' predictions for 2025, focusing on the shift to unified data security platforms and the growing importance of AI in cybersecurity. You can catch new episodes of Threat Vector every Thursday here and on your favorite podcast app.
Selected Reading
Biden Administration Takes First Step to Retaliate Against China Over Hack (The New York Times)
US Unveils New National Cyber Incident Response Plan (Infosecurity Magazine)
Telecom Namibia Cyberattack: 400,000 Files Leaked (The Cyber Express)
Landmark settlement of $50m from Meta for Australian users impacted by Cambridge Analytica incident (OAIC)
CISA Warns of New Windows Vulnerability Used in Hacker Attacks (CyberInsider)
CISA 2024 Year in review (CISA)
LastPass threat actor steals $5.4M from victims just a week before Xmas (Cointelegraph)
Texas Tech University Data Breach Impacts 1.4 Million People (SecurityWeek)
Microsoft Teams Vishing Spreads DarkGate RAT (Dark Reading)
Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence (SecurityWeek)
The psychological implications of Big Brother’s gaze (SCIMEX)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A cyberattack in Rhode Island targets those who applied for government assistance programs. U.S. Senators propose a three billion dollar budget item to “rip and replace” Chinese telecom equipment. The Clop ransomware gang confirms exploiting vulnerabilities in Cleo’s managed file transfer platforms. A major Southern California healthcare provider suffers a ransomware attack. A leading US auto parts provider discloses a cyberattack on its Canadian business unit.SRP Federal Credit Union notifies over 240,000 individuals of cyberattack. A sophisticated phishing campaign targets YouTube creators. Researchers identify a high-severity vulnerability in Mullvad VPN. A horrific dark web forum moderator gets 30 years in prison. Our guests are Perry Carpenter and Mason Amadeus, hosts of the new FAIK Files podcast. Jailbreaking your license plate.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guests are Perry Carpenter and Mason Amadeus, hosts of The FAIK Files podcast, talking about their new show. You can find new episodes of The FAIK Files every Friday on the N2K CyberWire network.
Selected Reading
Personal Data of Rhode Island Residents Breached in Large Cyberattack (The New York Times)
Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches ( CyberScoop)
Clop ransomware claims responsibility for Cleo data theft attacks (Bleeping Computer)
Hackers Steal 17M Patient Records in Attack on 3 Hospitals (BankInfo Security)
Major Auto Parts Firm LKQ Hit by Cyberattack (Securityweek)
SRP Federal Credit Union Ransomware Attack Impacts 240,000 (Securityweek)
ConnectOnCall Announces 914K-Record Data Breach (HIPAA Journal)
Malware Hidden in Fake Business Proposals Hits YouTube Creators (Hackread)
Critical Mullvad VPN Vulnerabilities Let Attackers Execute Malicious Code (Cyber Security News)
Texan man gets 30 years in prison for running CSAM exchange (The Register)
Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets (WIRED)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of Career Notes.
Senior security researcher from Secureworks Marcelle Lee shares her career journey into cybersecurity and how she helps solve hard problems in her daily work. Marcelle came into cybersecurity not through any traditional path. She describes her route from a different field and starting in cyber at her local community college through a grant program. Marcelle took full advantage of the opportunities she had and grew her career from there. She recommends finding your specialty, but continue to build other skills. As a woman in the field, she is a strong proponent of diversity and encouraging others to find what excites them. And, we thank Marcelle for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Andrew Morris, Founder and CTO of GreyNoise, to discuss their work on "GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI." GreyNoise discovered two critical zero-day vulnerabilities in IoT-connected live streaming cameras, used in sensitive environments like healthcare and industrial operations, by leveraging its AI-powered detection system, Sift.
The vulnerabilities, CVE-2024-8956 (insufficient authentication) and CVE-2024-8957 (OS command injection), could allow attackers to take full control of affected devices, manipulate video feeds, or integrate them into botnets for broader attacks. This breakthrough underscores the transformative role of AI in identifying threats that traditional systems might miss, highlighting the urgent need for robust cybersecurity measures in the expanding IoT landscape.
The research can be found here:
GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The U.S. dismantles the Rydox criminal marketplace. File-sharing provider Cleo urges customers to immediately patch a critical vulnerability. A Japanese media giant reportedly paid nearly $3 million to a Russia-linked ransomware group. The largest Bitcoin ATM operator in the U.S. confirms a data breach. Microsoft quietly patches two potentially critical vulnerabilities. Researchers at Claroty describe a malware tool used by nation-state actors to target critical IoT and OT systems. Dell releases patches for a pair of critical vulnerabilities. A federal court indicts 14 North Korean nationals for a scheme funding North Korea’s weapons programs. Texas accuses a data broker of sharing sensitive driving data without consent. Tim Starks, senior reporter at CyberScoop, joins Dave to explore the FCC's groundbreaking proposal to introduce cybersecurity rules linked to wiretapping laws. How the bots stole Christmas.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Tim Starks, senior reporter at CyberScoop, joins Dave to explore the FCC's groundbreaking proposal to introduce cybersecurity rules linked to wiretapping laws. Read more about it in Tim’s article.
Selected Reading
Rydox Cybercrime Marketplace Disrupted, Administrators Arrested (SecurityWeek)
Cleo urges customers to ‘immediately’ apply new patch as researchers discover new malware (The Record)
Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers (The Record)
Bitcoin ATM Giant Byte Federal Hit by Hackers, 58,000 Users Impacted (Hackread)
Microsoft Patches Vulnerabilities in Windows Defender, Update Catalog (SecurityWeek)
Researchers Discover Malware Used by Nation-Sates to Attack OT Systems (Infosecurity Magazine)
Critical Dell Security Vulnerabilities Let Attackers Compromise Affected Systems (Cyber Security News)
14 North Korean IT Workers Charged, US to Offer $5 Million Rewards for Info (Cyber Security News)
Texas adds data broker specializing in driver behavior to list of alleged privacy law violators (The Record)
UK Shoppers Frustrated as Bots Snap Up Popular Christmas Gifts (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. “AuthQuake” allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophisticated variant of the Snake Keylogger malware. Adobe addresses critical vulnerabilities across their product line. Chinese law enforcement has been using spyware to collect data from Android devices since 2017. A new report highlights the gaps in hardware and firmware security management. A Krispy Kreme cyberattack creates a sticky situation. N2K’s Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and Innovation Officer at the FS-ISAC discussing cryptographic agility. Do Not Track bids a fond farewell.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, N2K’s Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and Innovation Officer at the FS-ISAC discussing cryptographic agility. You can learn more in their new white paper "Building Cryptographic Agility in the Financial Sector." We will share the extended version of this conversation over our winter break. Stay tuned.
Selected Reading
ChatGPT Down Globally, Services Restored After Hours Of Outage (Cyber Security News)
Facebook, Instagram and other Meta apps go down due to 'technical issue' (CNBC)
Unfinished business for Trump: Ending the Cyber Command and NSA 'dual hat' (The Record)
Apache issues patches for critical Struts 2 RCE bug (The Register)
Microsoft MFA Bypassed via AuthQuake Attack (SecurityWeek)
Nova Keylogger – A Snake Malware Steal Credentials and Capture Screenshorts From Windows (Cyber Security News)
Adobe releases December 2024 patches for flaws in multiple products, including critical (Beyond Machines)
Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement (SecurityWeek)
Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge (Infosecurity Magazine)
Krispy Kreme cyberattack impacts online orders and operations (Bleeping Computer)
Firefox, one of the first “Do Not Track” supporters, no longer offers it (Ars Technica)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Microsoft confirms a critical Windows zero-day vulnerability. Global law enforcement agencies dismantle 27 DDoS platforms. Researchers compromise memory in AMD virtual machines. Ivanti reports multiple critical vulnerabilities in its Cloud Services Application. Group-IB researchers expose a sophisticated global phishing campaign. A zero-day vulnerability in Cleo’s managed file transfer software is under active exploitation. The U.S. sanctions a Chinese firm for a 2020 firewall exploit. Congress looks to require the FCC to regulate telecom cybersecurity. Our guest is Malachi Walker, Security Strategist at DomainTools, discussing their role in ODNI's newly established Sentinel Horizon Program. SpartanWarriorz dodge a Telegram crackdown.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Malachi Walker, Security Strategist at DomainTools, about their role in ODNI's newly established Sentinel Horizon Program.
Selected Reading
New Windows 0Day Attack Confirmed—Homeland Security Says Update Now (Forbes)
Microsoft Fixes 71 CVEs Including Actively Exploited Zero-Day (Infosecurity Magazine)
Atlassian, Splunk Patch High-Severity Vulnerabilities (SecurityWeek)
Chrome Security Update, Patch for 3 High-severity Vulnerabilities (Cyber Security News)
ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others (SecurityWeek)
Operation PowerOFF Takes Down DDoS Boosters (Infosecurity Magazine)
AMD Chip VM Memory Protections Broken by BadRAM (Security Boulevard)
Three more vulns spotted in Ivanti CSA, all critical, one 10/10 (The Register)
Global Ongoing Phishing Campaign Targets Employees Across 12 Industries (Hackread)
New Cleo zero-day RCE flaw exploited in data theft attacks (Bleeping Computer)
US Sanctions Chinese Firm at Center of Global Firewall Hack (Infosecurity Magazine)
Wyden legislation would mandate FCC cybersecurity rules for telecoms (CyberScoop)
Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down (Security Boulevard)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Researchers uncover a large-scale hacking operation tied to the infamous ShinyHunters. A Dell Power Manager vulnerability lets attackers execute malicious code. TikTok requests a federal court injunction to delay a U.S. ban. Radiant Capital attributed a $50 million cryptocurrency heist to North Korea. Japanese firms report ransomware attacks affecting their U.S. subsidiaries. WhatsApp’s “ViewOnce” feature faces continued scrutiny. SpyLoan malware targets Android users through deceptive loan apps. A major Romanian electricity distributor is investigating an ongoing ransomware attack. A critical flaw in OpenWrt Sysupgrade has been fixed. Contenders for top cyber roles in the next Trump administration visit Mar-a-Lago. On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Google’s new quantum chip promises scaling without failing.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Check out Cobalt’s GigaOm Radar Report for PTaaS 2024 to learn more.
Selected Reading
ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket (Hackread)
Dell Power Manager Vulnerability Let Attackers Execute Malicious Code (Cyber Security News)
TikTok Asks Court To Suspend Ban Ahead of Supreme Court Appeal (The Information)
Radiant links $50 million crypto heist to North Korean hackers (Bleeping Computer)
US subsidiaries of Japanese water treatment company, green tea maker hit with ransomware (The Record)
WhatsApp View Once Vulnerability Let Attackers Bypass The Privacy Feature (Cyber Security News)
SpyLoan Malware: A Growing Threat to Android Users (Security Boulevard)
Romanian energy supplier Electrica hit by ransomware attack (Bleeping Computer)
OpenWrt Sysupgrade flaw let hackers push malicious firmware images (Bleeping Computer)
Homeland Security veteran to be interviewed for Trump administration cyber role (The Record)
Google claims ‘breakthrough’ with new quantum chip (Silicon Republic)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A critical zero-day is confirmed by a Japanese router maker. Romania annuls the first round of its 2024 presidential election over concerns of Russian interference. A sophisticated malware campaign targets macOS users. Mandiant uncovers a method to bypass browser isolation using QR codes. Belgian and Dutch authorities arrest eight individuals linked to online fraud schemes. A medical device company discloses a ransomware attack. A community hospital in Massachusetts confirms a ransomware attack affecting over three hundred thousand. The Termite ransomware gang claims responsibility for the attack on Blue Yonder. Synology patches multiple vulnerabilities in its Router Manager (SRM) software. The head of U.S. Cyber Command outlines the challenges of keeping decision makers up to date. Our guest is Anna Pobletts, Head of Passwordless at 1Password, discussing the state of passkeys and what she sees on the road to a truly passwordless future. Robot rats join the mischief.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Anna Pobletts, Head of Passwordless at 1Password, discussing the state of passkeys and what she sees on the road to a truly passwordless future.
Selected Reading
I-O Data Confirms Zero-Day Attacks on Routers, Full Patches Pending (SecurityWeek)
Romania’s top court annuls presidential election result (CNN)
MacOS Passwords Alert—New Malware Targets Keychain, Chrome, Brave, Opera (Forbes)
QR codes bypass browser isolation for malicious C2 communication (Bleeping Computer)
Eight Suspected Phishers Arrested in Belgium, Netherlands (SecurityWeek)
Medical Device Maker Artivion Scrambling to Restore Systems After Ransomware Attack (SecurityWeek)
Anna Jaques Hospital ransomware breach exposed data of 300K patients (Bleeping Computer)
Blue Yonder SaaS giant breached by Termite ransomware gang (Bleeping Computer)
Synology Router Vulnerabilities Let Attackers Inject Arbitrary Web Script (Cyber Security News)
Cyber Command Chief Discusses Challenges of Getting Intel to Users (Defense.gov)
Robot Rodents: How AI Learned To Squeak And Play (Hackaday)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CEO and Founder of Votiro Aviv Grafi shares his story from serving as a member of the IDF's intelligence forces to leading his own venture. Aviv says his service in the IDF shaped a lot of his thinking and problem solving. Following his military service, Aviv worked to gain more real world and business experience. Starting his own business as a pentester was where the seeds for what would become Votiro would form. Aviv talks about the roller coaster that you experience when starting your own venture and offers some advice. And, we thank Aviv for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this special edition podcast, N2K's Executive Editor Brandon Karpf talks with author, CEO and cybersecurity advisor Dr. Bilyana Lilly about her new novel "Digital Mindhunters."
Book Overview
In a high-stakes game of espionage and deception, a female analyst uncovers Russia's plot to wield artificial intelligence, espionage, and disinformation as weapons of chaos against the United States. As she races against time to thwart an assassination plot, she finds herself entangled in a web of international intrigue and discovers a parallel threat from a Chinese spy network aiming to steal data, manipulate American voters, and harness technology to dismantle the very foundations of U.S. democracy. In a world where lies are a weapon and trust is a luxury, she navigates the treacherous worlds of arms dealers, hackers, and spies to protect her country.
About the author
Dr. Bilyana Lilly is a cybersecurity and information warfare expert. She advises senior executives in the private and public sector on how to mitigate cybersecurity risk across their enterprises. Dr. Lilly serves on the Advisory Boards of the venture capital firm Night Dragon and the cybersecurity firm RunSafe Security. She chairs the Democratic Resilience Track of the Warsaw Security Forum and is an adjunct senior advisor for critical infrastructure and resilience at the Institute for Security and Technology. Her previous roles include a manager at Deloitte's Financial Cybersecurity Practice and a fellow at the RAND Corporation. Dr. Lilly holds a PhD in policy analysis and cyber security, and three master's degrees, including an honors degree from Oxford University. Her book "Russian Information Warfare" became a bestseller and is on display at the Pentagon. Dr. Lilly is a mentor and a speaker at RSA, DefCon, CyCon, and the Executive Women's Forum. She has been denounced by Russia's Ministry of Foreign Affairs and called cyber expert by Tom Hanks.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Shawn Kanady, Global Director of Trustwave SpiderLabs, to discuss their work on "Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader." Trustwave SpiderLabs has uncovered Pronsis Loader, a new malware variant using the rare programming language JPHP and stealthy installation tactics to evade detection.
The malware is capable of delivering high-risk payloads like Lumma Stealer and Latrodectus, posing a significant threat. Researchers highlight its unique capabilities and infrastructure, offering insights for bolstering cybersecurity defenses.
The research can be found here:
Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Researchers uncover a critical Windows zero-day. An alleged Ukrainian cyberattack targets one of Russia’s largest banks. Russian group BlueAlpha exploits CloudFlare services. Microsoft flags Chinese hacking group Storm-0227 for targeting critical infrastructure and U.S. government agencies. SonicWall patches high-severity vulnerabilities in its secure access gateway. Atrium Health reports a data breach affecting over half a million individuals. Rockwell Automation discloses four critical vulnerabilities in its Arena software. U.S. authorities arrest an alleged member of the Scattered Spider gang. Our guest is Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox Contest and its new investment component. C3PO gets caught in the crypto mines.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Joining Dave today is Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox Contest and its new investment component. Read more details in the press release.
Selected Reading
New Windows 7 To 11 Warning As Zero-Day With No Official Fix Confirmed (Forbes)
Russian users report Gazprombank outages amid alleged Ukrainian cyberattack (The Record)
BlueAlpha Russian hackers caught abusing CloudFlare services (SC Media)
U.S. org suffered four month intrusion by Chinese hackers (Bleeping Computer)
Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (The Register)
SonicWall Patches 6 Vulnerabilities in Secure Access Gateway (SecurityWeek)
Mitel MiCollab zero-day and PoC exploit unveiled (Help Net Security)
Atrium Health Data Breach Impacts 585,000 People (SecurityWeek)
Rockwell Automation Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News)
US arrests Scattered Spider suspect linked to telecom hacks (Bleeping Computer)
Nebraska Man pleads guilty to $3.5 million cryptojacking scheme (Bleeping Computer)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Europol dismantles the Manson cybercrime market. Operation Destabilise stops two major Russian-speaking money laundering networks. New details emerge on China’s attacks on U.S. telecoms. Black Lotus Labs uncovers a covert campaign by the Russian-based threat actor “Secret Blizzard”. Cisco issues patches for a high impact bootloader vulnerability. Trend Micro researchers uncovered Earth Minotaur targeting Tibetan and Uyghur communities. Payroll Pirates target HR payroll systems to redirect employee funds .Pegasus spyware may be more prevalent than previously believed. Our guest today is Jon France, CISO at ISC2, with insights from the ISC2 2024 Workforce Study. How businesses can lose customers one tip at a time.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Jon France, CISO at ISC2, sharing the ISC2 2024 Workforce Study. You can read the press release about the report here and dig into the details of the report itself here.
Selected Reading
50 Servers Linked to Cybercrime Marketplace and Phishing Sites Seized by Law Enforcement (SecurityWeek)
UK’s NCA Disrupts Multibillion-Dollar Russian Money Launderers (Infosecurity Magazine)
The White House reveals at least 8 U.S. telecom firms impacted by China’s Salt Typhoon cyberattack (Fast Company)
Senators implore Department of Defense to expand the use of Matrix (Element)
Snowblind: The Invisible Hand of Secret Blizzard (Lumen)
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage (Microsoft Security)
Russian Hackers Exploit Rival Attackers’ Infrastructure for Espionage (Infosecurity Magazine)
Bootloader Vulnerability Impacts Over 100 Cisco Switches (SecurityWeek)
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks (Trend Micro)
Hunting Payroll Pirates: Silent Push Tracks HR Redirect Phishing Scam (Silent Push)
iVerify Mobile Threat Investigation Uncovers New Pegasus Samples (iVerify)
How a Russian man’s harrowing tale shows the physical dangers of spyware (CyberScoop)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
International law enforcement takes down the MATRIX messaging platform. SailPoint discloses a critical vulnerability in its IdentityIQ platform. A Solana library has been backdoored. SolarWinds discloses a critical vulnerability in its Platform product. Researchers identify 16 zero-day vulnerabilities in Fuji Electric’s remote monitoring software. Cisco urges users to patch a decade-old vulnerability. CISA warns of active exploitation of Zyxel firewall devices. A critical XSS vulnerability has been identified in MobSF. Google’s December 2024 Android security update addresses 14 high-severity vulnerabilities. The Federal Trade Commission settles with data brokers over alleged consent violations. On today’s CertByte segment, Chris Hare and Dan Neville break down a question targeting the A+ Core (220-1101) Exam 1 certification. A vodka company gets iced by ransomware.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K’s suite of industry-leading certification resources, and a study tip to help you achieve the professional certifications you need to fast-track your career growth in IT, cyber security, or project management.
This week, Chris is joined by Dan Neville breaking down a question targeting the A+ Core (220-1101) Exam 1 certification. Today’s question comes from N2K’s CompTIA® A+ Core Exam 1 Practice Test (Core Exam 2 Practice Test is also available on our site).
Have a question that you’d like to see covered? Email us at [email protected]. Check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify.
Please note: The questions and answers provided here and on our site are not actual current or prior questions and answers from these certification publishers or providers.
Additional sources: www.comptia.org
Selected Reading
International Operation Dismantles MATRIX: A Sophisticated Encrypted Messaging Service (SOCRadar)
German Police Shutter Country’s Largest Dark Web Market (Infosecurity Magazine)
10/10 directory traversal bug hits SailPoint's IdentityIQ (The Register)
Solana Web3.js Library Backdoored in Supply Chain Attack (SecurityWeek)
SolarWinds Platform XSS Vulnerability Let Attackers Inject Malicious Code (Cyber Security News)
16 Zero-Days Uncovered in Fuji Electric Monitoring Software (GovInfo Security)
Cisco Urges Immediate Patch for Decade-Old WebVPN Vulnerability (Hackread)
VulnerabilitiesCISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks (SecurityWeek)
U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog (SecurityAffairs)
MobSF XSS Vulnerability Let Attackers Inject Malicious Scripts (GB Hacker)
Android's December 2024 Security Update Patches 14 Vulnerabilities (SecurityWeek)
FTC accuses data brokers of improperly selling location info (The Register)
Vodka Giant Stoli Files for Bankruptcy After Ransomware Attack (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
More than 760,000 see their personal data exposed on the BreachForums cybercrime forum. The new head of the UK’s NCSC warns against underestimating growing cyber threats. The Consumer Financial Protection Bureau (CFPB) looks to prevent data brokers from selling Americans’ personal and financial information. A U.S. government and energy sector contractor discloses a ransomware attack. The “smoked ham” Windows backdoor is being actively deployed. A new report warns of overreliance on Chinese-made LIDAR technology. SmokeLoader malware targets companies in Taiwan. NIST proposes new password guidelines. South Korean police make arrests over 240,000 satellite receivers with built-in DDoS attack capabilities. On our Threat Vector segment, we preview this week’s episode where host David Moulton goes Behind the Scenes with Palo Alto Networks CIO and CISO. ChatGPT has a Voldemort moment.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
On our Threat Vector segment, we preview this week’s episode where host David Moulton goes “Behind the Scenes with Palo Alto Networks CIO and CISO Securing Business Success with Frictionless Cybersecurity.” Meerah Rajavel, CIO of Palo Alto Networks, and Niall Browne, CISO of the organization, join David to discuss the importance of aligning IT strategy with cybersecurity. You can catch new episodes of Threat Vector every Thursday here and on your favorite podcast app.
Selected Reading
760,000 Employee Records From Several Major Firms Leaked Online (SecurityWeek)
UK cyber chief warns country is ‘widely underestimating’ risks from cyberattacks (The Record)
US agency proposes new rule blocking data brokers from selling Americans' sensitive personal data (TechCrunch)
US government contractor ENGlobal says operations are ‘limited’ following cyberattack (TechCrunch)
New Windows Backdoor Security Warning For Bing, Dropbox, Google Users (Forbes)
Chinese LIDAR Dominance a Cybersecurity Threat, Warns Think Tank (Infosecurity Magazine)
SmokeLoader Attack Targets Companies in Taiwan (FortiGuard Labs)
Korea arrests CEO for adding DDoS feature to satellite receivers (Bleeping Computer)
Do Your Passwords Meet the Proposed New Federal Guidelines? (Wall Street Journal)
These names cause ChatGPT to break, and it's due to AI hallucinations ( TechSpot)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Visa fler
![Quishing for trouble. [Research Saturday]](https://is5-ssl.mzstatic.com/image/thumb/Podcasts116/v4/12/16/ca/1216caa3-af21-5352-8400-c6e0e84332b5/mza_6844882071149318753.jpg/80x80bb.jpg)