Avsnitt
-
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect!
The 12 Days of Malware lyrics
On the first day of Christmas, my malware gave to me:
A keylogger logging my keys.
On the second day of Christmas, my malware gave to me:
2 Trojan Apps...
And a keylogger logging my keys.
On the third day of Christmas, my malware gave to me:
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the fourth day of Christmas, my malware gave to me:
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the fifth day of Christmas, my malware gave to me:
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the sixth day of Christmas, my malware gave to me:
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the seventh day of Christmas, my malware gave to me:
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the eighth day of Christmas, my malware gave to me:
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the ninth day of Christmas, my malware gave to me:
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the tenth day of Christmas, my malware gave to me:
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days! (Bah-dum-dum-dum!)
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the eleventh day of Christmas, my malware gave to me:
11 Phishers phishing...
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days! (Bah-dum-dum-dum!)
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the twelfth day of Christmas, my malware gave to me:
12 Hackers hacking...
11 Phishers phishing...
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Gather 'round for a holiday treat like no other! In this festive edition of Only Malware in the Building, we present A Social Engineering Carol—a cunning twist on the classic Dickens tale, penned and created by our very own Dave Bittner. Follow a modern-day Scrooge as they navigate the ghostly consequences of phishing, vishing, and smishing in this holiday cybersecurity fable.
Don't miss the accompanying video, packed with holiday cheer and cyber lessons to keep you safe this season! Check it out now!
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Saknas det avsnitt?
-
Please enjoy this encore of T-Minus Space Daily.
A few hours prior to the Russian invasion of Ukraine on February 24, 2022, Russia’s military intelligence launched a cyberattack against ViaSat’s KA-SAT satellite network, which was used by the Ukrainian Armed Forces. It prevented them from using satellite communications to respond to the invasion. After the ViaSat hack, numerous cyber operations were conducted against the space sector from both sides of the conflict. What have we learnt from the Viasat attack? Clémence Poirier has written a report on the Viasat cybersecurity attack during the war in Ukraine. Hacking the Cosmos: Cyber operations against the space sector.
You can connect with Clémence Poirier on LinkedIn, and read her report on this website.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram.
T-Minus Crew Survey
We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
Want to join us for an interview?
Please send your pitch to [email protected] and include your name, affiliation, and topic proposal.
T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, Threat Vector by Palo Alto Networks. See you in 2025!
Announcement: We are pleased to share an exciting announcement about Cortex XDR at the top of our show. You can learn more here. Check out our episode on "Cyber Espionage and Financial Crime: North Korea’s Double Threat" with Assaf Dahan, Director of Threat Research at Palo Alto Networks Cortex team.
Join host David Moulton on Threat Vector, as he dives deep into the rapidly evolving XDR landscape with Allie Mellen, Principal Analyst at Forrester. With expertise in security operations, nation-state threats, and the application of AI in security, Allie offers an inside look at how XDR is reshaping threat detection and response. From tackling the SIEM market’s current challenges to optimizing detection engineering, Allie provides invaluable insights into the people, processes, and tools central to an effective SOC. This episode offers listeners a thoughtful exploration of how to navigate today's complex threat landscape and separate XDR hype from reality. Perfect for cybersecurity professionals looking to stay ahead in the field, tune in to hear expert perspectives on the next steps in cybersecurity resilience.
Ready to go deeper? Join Josh Costa, Director of Product Marketing, Allie Mellen, Principal Analyst at Forrester and David Moulton, Director of Content and Thought Leadership for Unit 42 as they discuss the State of XDR https://start.paloaltonetworks.com/State-of-XDR-with-Forrester.
Join the conversation on our social media channels:
Website: http://www.paloaltonetworks.com
Threat Research: https://unit42.paloaltonetworks.com/
Facebook: https://www.facebook.com/LifeatPaloAltoNetworks/
LinkedIn: https://www.linkedin.com/company/palo-alto-networks/
YouTube: @paloaltonetworks
Twitter: https://twitter.com/PaloAltoNtwks
About Threat Vector
Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.
The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.
Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.
Palo Alto Networks
Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. http://paloaltonetworks.com
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A federal judge finds NSO Group liable for hacking WhatsApp. China accuses the U.S. government of cyberattacks. The UK’s Operation Destabilise uncovers a vast criminal network. An alleged LockBit developer says he did it for the money. Apache releases a security update for their Tomcat web server. Siemens issues a security advisory for their User Management Component. Italy’s data protection authority fines OpenAI $15.6 million. Researchers demonstrate a method to bypass the latest Wi-Fi security protocol. Apple sends potential spyware victims to a nonprofit for help. Our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Hackers supersize their McDonald’s delivery orders.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention.
Selected Reading
Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices (Recorded Future)
Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets (CyberScoop)
Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing (Recorded Future)
Suspected LockBit dev faces extradition to the US (The Register)
Apache fixes remote code execution bypass in Tomcat web server (Bleeping Computer)
Siemens Warn of Critical Vulnerability in UMC (GovInfoSecurity)
Italy's Privacy Watchdog Fines OpenAI for ChatGPT's Violations in Collecting Users Personal Data (SecurityWeek)
WPA3 Network Password Bypassed via MITM Attack & Social Engineering (CyberSecurityNews.com)
Apple Warns Users Of iPhone Spyware Attacks—What You Need To Know (Forbes)
McDonald’s Delivery App Vulnerability Let Anyone Place an Order for Just $0.01 (CyberSecurityNews.com)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CEO and co-founder of SafeGuard Cyber Jim Zufoletti shares his journey starting out as an intrepreneur and transformation into a serial entrepreneur in cybersecurity. Jim shares how he got his feet wet working for others as an intrepreneur and catching the entrepreneurial bug in the mid-90s. He has co-founded a number of companies starting with FreeMarkets, a B2B ecommerce company. After that went public and Jim moved on, he went to business school at the University of Virginia and crossed paths with his future co-founder of SafeGuard Cyber. At UVA, Jim was inspired by a professor who exposed him to the effectuation approach to entrepreneurship, Along those lines, Jim recommends those looking to start a business in cyber build their experience portfolio. Jim took what he learned to help build where he is today. His company helps protect the humans in this new digital world with the current work from home environment. And, we thank Jim for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Adam Khan, VP of Security Operations at Barracuda, joins to discuss his team's work on "The evolving use of QR codes in phishing attacks." Cybercriminals are evolving phishing tactics by embedding QR codes, or “quishing,” into PDF documents attached to emails, tricking recipients into scanning them to access malicious websites that steal credentials.
Barracuda researchers found over half a million such emails from June to September 2024, with most impersonating brands like Microsoft, DocuSign, and Adobe to exploit urgency and trust. To counter these attacks, businesses should deploy multilayered email security, use AI-powered detection tools, educate employees on QR code risks, and enable multifactor authentication to safeguard accounts.
The research can be found here:
Threat Spotlight: The evolving use of QR codes in phishing attacks
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Russian hackers attack Ukraine’s state registers. NotLockBit is a new ransomware strain targeting macOS and Windows. Sophos discloses three critical vulnerabilities in its Firewall product. The BadBox botnet infects over 190,000 Android devices. BeyondTrust patches two critical vulnerabilities. Hackers stole $2.2 billion from cryptocurrency platforms in 2024. Officials dismantle a live sports streaming piracy ring. Rockwell Automation patches critical vulnerabilities in a device used for energy control in industrial systems. A new report from Dragos highlights ransomware groups targeting industrial sectors. A Ukrainian national is sentenced to 60 months in prison for distributing the Raccoon Infostealer malware. We bid a fond farewell to our colleague Rick Howard, who’s retiring after years of inspiring leadership, wisdom, and camaraderie. The LockBit gang tease what’s yet to come.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today’s guest segment is bittersweet as we bid farewell to our beloved Rick Howard, who’s retiring after years of inspiring leadership, wisdom, and camaraderie. Join us in celebrating his incredible journey, sharing heartfelt memories, and letting him know just how deeply he’ll be missed by all of us here at N2K.
Selected Reading
Ukraine’s state registers hit with one of Russia’s largest cyberattacks, officials say (The Record)
NotLockBit - Previously Unknown Ransomware Attack Windows & macOS (GB Hackers)
Critical Sophos Firewall Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News)
Botnet of 190,000 BadBox-Infected Android Devices Discovered (SecurityWeek)
BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) (SOCRadar)
Crypto-Hackers Steal $2.2bn as North Koreans Dominate (Infosecurity Magazine)
Massive live sports piracy ring with 812 million yearly visits taken offline (Bleeping Computer)
Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems (SecurityWeek)
Ransomware Attackers Target Industries with Low Downtime Tolerance (Infosecurity Magazine)
Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US (SecurityWeek)
NetWalker Ransomware Operator Sentenced For Hacking Hundreds Of Organizations (Cyber Security News)
LockBit Admins Tease a New Ransomware Version (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA urges senior government officials to enhance mobile device security. Russian state-sponsored hacker group Sandworm is targeting Ukrainian soldiers. A website bug in GPS tracking firm Hapn is exposing customer information. Multiple critical vulnerabilities have been identified in Sharp branded routers. Ireland’s Data Protection Commission fines Meta $263 million for alleged GDPR violations. Google releases an urgent Chrome security update to address four high-rated vulnerabilities. Cyberattacks on India-based organizations surged 92% year-over-year. Cybercriminals target Google Calendar to launch phishing attacks. Fortinet patches a critical vulnerability in FortiWLM. Juniper Networks warns of a botnet infection targeting routers with default credentials. Our guest is Jeff Krull, principal and practice leader of Baker Tilly's cybersecurity practice, with advice on using employee access controls to limit internal cyber threats. When is “undesirable” a badge of honor?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Jeff Krull, principal and practice leader of Baker Tilly's cybersecurity practice, talking about using employee access controls to limit internal cyber threats.
Selected Reading
CISA urges senior government officials to lock down mobile devices amid ongoing Salt Typhoon breach (The Record)
Sandworm-linked hackers target users of Ukraine’s military app in new spying campaign (The Record)
Tracker firm Hapn spilling names of thousands of GPS tracking customers (TechCrunch)
Multiple security flaws reported in SHARP routers (Beyond Machines)
Meta fined $263 million for alleged GDPR violations that led to data breach (The Record)
Update Google Chrome Now—4 New Windows, Mac, Linux Security Warnings (Forbes)
India Sees Surge in Banking, Utilities API Attacks (Dark Reading)
Google Calendar Phishing Scam Targets Users with Malicious Invites (Hackread)
Fortinet Patches Critical FortiWLM Vulnerability (SecurityWeek)
Juniper Warns of Mirai Botnet Targeting Session Smart Routers (SecurityWeek)
Recorded Future CEO Calls Russia’s “Undesirable” Listing a “Compliment” (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The U.S. considers a ban on Chinese made routers. More than 200 Cleo managed file-transfer servers remain vulnerable. The Androxgh0st botnet expands. Schneider Electric reports a critical vulnerability in some PLCs. A critical Apache Struts 2 vulnerability is being actively exploited. Malicious campaigns are targeting Chinese-branded IoT devices. A Nebraska-based healthcare insurer discloses a data breach affecting over 225,000 individuals. IntelBroker leaks 2.9GB of data from Cisco’s DevHub environment. CISA issues a Binding Operational Directive requiring federal agencies to enhance cloud security. On today’s CERTByte segment, Chris Hare and Dan Neville unpack a question targeting the Network+ certification. INTERPOL says, “Enough with the pig butchering.“
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
This week, Chris is joined by Dan Neville to break down a question targeting the Network+ certification (N10-008 expires on 12/20/24 and the N10-009 update launched on June 20th of this year). Today’s question comes from N2K’s CompTIA® Network+ Practice Test, both exam versions of which are offered on our site.
Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here and on our site are not actual current or prior questions and answers from these certification publishers or providers.
Selected Reading
U.S. Weighs Ban on Chinese-Made Router in Millions of American Homes (Wall Street Journal)
Attack Exposure: Unpatched Cleo Managed File-Transfer Software (BankInfo Security)
Androxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities (Hackread)
Schneider Electric reports critical flaw in Modicon Programmable Logic Controllers (Beyond Machines)
RATs can sniff out your Chinese-made web cameras: here’s how to defend yourself (Cybernews)
Regional Care Data Breach Impacts 225,000 People (SecurityWeek)
Hacker IntelBroker Leaked 2.9GB of Data Stolen From Cisco DevHub Instance (Cyber Security News)
New critical Apache Struts flaw exploited to find vulnerable servers (Bleeping Computer)
CISA Issues Binding Operational Directive for Improved Cloud Security (SecurityWeek)
Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure (CISA)
INTERPOL urges end to 'Pig Butchering' term, cites harm to online victims (INTERPOL)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Biden administration takes its first step to retaliate against China for the Salt Typhoon cyberattack. The Feds release a draft National Cyber Incident Response Plan. Telecom Namibia suffers a cyberattack. The Australian Information Commissioner has reached a $50 million settlement with Meta over the Cambridge Analytica scandal. CISA releases its 2024 year in review. LastPass hackers nab an additional five millions dollars. Texas Tech University notifies over 1.4 million individuals of a ransomware attack. Researchers discover a new DarkGate RAT attack vector using vishing. A fraudster gets 69 months in prison. On our Threat Vector segment, David Moulton speaks with Nir Zuk, Founder and CTO of Palo Alto Networks about predictions for 2025. Surveillance tweaks our brains in unexpected ways.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
On our Threat Vector segment, we preview this week’s episode where host David Moulton talks with Nir Zuk, Founder and CTO of Palo Alto Networks. They talk about Palo Alto Networks' predictions for 2025, focusing on the shift to unified data security platforms and the growing importance of AI in cybersecurity. You can catch new episodes of Threat Vector every Thursday here and on your favorite podcast app.
Selected Reading
Biden Administration Takes First Step to Retaliate Against China Over Hack (The New York Times)
US Unveils New National Cyber Incident Response Plan (Infosecurity Magazine)
Telecom Namibia Cyberattack: 400,000 Files Leaked (The Cyber Express)
Landmark settlement of $50m from Meta for Australian users impacted by Cambridge Analytica incident (OAIC)
CISA Warns of New Windows Vulnerability Used in Hacker Attacks (CyberInsider)
CISA 2024 Year in review (CISA)
LastPass threat actor steals $5.4M from victims just a week before Xmas (Cointelegraph)
Texas Tech University Data Breach Impacts 1.4 Million People (SecurityWeek)
Microsoft Teams Vishing Spreads DarkGate RAT (Dark Reading)
Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence (SecurityWeek)
The psychological implications of Big Brother’s gaze (SCIMEX)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A cyberattack in Rhode Island targets those who applied for government assistance programs. U.S. Senators propose a three billion dollar budget item to “rip and replace” Chinese telecom equipment. The Clop ransomware gang confirms exploiting vulnerabilities in Cleo’s managed file transfer platforms. A major Southern California healthcare provider suffers a ransomware attack. A leading US auto parts provider discloses a cyberattack on its Canadian business unit.SRP Federal Credit Union notifies over 240,000 individuals of cyberattack. A sophisticated phishing campaign targets YouTube creators. Researchers identify a high-severity vulnerability in Mullvad VPN. A horrific dark web forum moderator gets 30 years in prison. Our guests are Perry Carpenter and Mason Amadeus, hosts of the new FAIK Files podcast. Jailbreaking your license plate.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guests are Perry Carpenter and Mason Amadeus, hosts of The FAIK Files podcast, talking about their new show. You can find new episodes of The FAIK Files every Friday on the N2K CyberWire network.
Selected Reading
Personal Data of Rhode Island Residents Breached in Large Cyberattack (The New York Times)
Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches ( CyberScoop)
Clop ransomware claims responsibility for Cleo data theft attacks (Bleeping Computer)
Hackers Steal 17M Patient Records in Attack on 3 Hospitals (BankInfo Security)
Major Auto Parts Firm LKQ Hit by Cyberattack (Securityweek)
SRP Federal Credit Union Ransomware Attack Impacts 240,000 (Securityweek)
ConnectOnCall Announces 914K-Record Data Breach (HIPAA Journal)
Malware Hidden in Fake Business Proposals Hits YouTube Creators (Hackread)
Critical Mullvad VPN Vulnerabilities Let Attackers Execute Malicious Code (Cyber Security News)
Texan man gets 30 years in prison for running CSAM exchange (The Register)
Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets (WIRED)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of Career Notes.
Senior security researcher from Secureworks Marcelle Lee shares her career journey into cybersecurity and how she helps solve hard problems in her daily work. Marcelle came into cybersecurity not through any traditional path. She describes her route from a different field and starting in cyber at her local community college through a grant program. Marcelle took full advantage of the opportunities she had and grew her career from there. She recommends finding your specialty, but continue to build other skills. As a woman in the field, she is a strong proponent of diversity and encouraging others to find what excites them. And, we thank Marcelle for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Andrew Morris, Founder and CTO of GreyNoise, to discuss their work on "GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI." GreyNoise discovered two critical zero-day vulnerabilities in IoT-connected live streaming cameras, used in sensitive environments like healthcare and industrial operations, by leveraging its AI-powered detection system, Sift.
The vulnerabilities, CVE-2024-8956 (insufficient authentication) and CVE-2024-8957 (OS command injection), could allow attackers to take full control of affected devices, manipulate video feeds, or integrate them into botnets for broader attacks. This breakthrough underscores the transformative role of AI in identifying threats that traditional systems might miss, highlighting the urgent need for robust cybersecurity measures in the expanding IoT landscape.
The research can be found here:
GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The U.S. dismantles the Rydox criminal marketplace. File-sharing provider Cleo urges customers to immediately patch a critical vulnerability. A Japanese media giant reportedly paid nearly $3 million to a Russia-linked ransomware group. The largest Bitcoin ATM operator in the U.S. confirms a data breach. Microsoft quietly patches two potentially critical vulnerabilities. Researchers at Claroty describe a malware tool used by nation-state actors to target critical IoT and OT systems. Dell releases patches for a pair of critical vulnerabilities. A federal court indicts 14 North Korean nationals for a scheme funding North Korea’s weapons programs. Texas accuses a data broker of sharing sensitive driving data without consent. Tim Starks, senior reporter at CyberScoop, joins Dave to explore the FCC's groundbreaking proposal to introduce cybersecurity rules linked to wiretapping laws. How the bots stole Christmas.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Tim Starks, senior reporter at CyberScoop, joins Dave to explore the FCC's groundbreaking proposal to introduce cybersecurity rules linked to wiretapping laws. Read more about it in Tim’s article.
Selected Reading
Rydox Cybercrime Marketplace Disrupted, Administrators Arrested (SecurityWeek)
Cleo urges customers to ‘immediately’ apply new patch as researchers discover new malware (The Record)
Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers (The Record)
Bitcoin ATM Giant Byte Federal Hit by Hackers, 58,000 Users Impacted (Hackread)
Microsoft Patches Vulnerabilities in Windows Defender, Update Catalog (SecurityWeek)
Researchers Discover Malware Used by Nation-Sates to Attack OT Systems (Infosecurity Magazine)
Critical Dell Security Vulnerabilities Let Attackers Compromise Affected Systems (Cyber Security News)
14 North Korean IT Workers Charged, US to Offer $5 Million Rewards for Info (Cyber Security News)
Texas adds data broker specializing in driver behavior to list of alleged privacy law violators (The Record)
UK Shoppers Frustrated as Bots Snap Up Popular Christmas Gifts (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. “AuthQuake” allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophisticated variant of the Snake Keylogger malware. Adobe addresses critical vulnerabilities across their product line. Chinese law enforcement has been using spyware to collect data from Android devices since 2017. A new report highlights the gaps in hardware and firmware security management. A Krispy Kreme cyberattack creates a sticky situation. N2K’s Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and Innovation Officer at the FS-ISAC discussing cryptographic agility. Do Not Track bids a fond farewell.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, N2K’s Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and Innovation Officer at the FS-ISAC discussing cryptographic agility. You can learn more in their new white paper "Building Cryptographic Agility in the Financial Sector." We will share the extended version of this conversation over our winter break. Stay tuned.
Selected Reading
ChatGPT Down Globally, Services Restored After Hours Of Outage (Cyber Security News)
Facebook, Instagram and other Meta apps go down due to 'technical issue' (CNBC)
Unfinished business for Trump: Ending the Cyber Command and NSA 'dual hat' (The Record)
Apache issues patches for critical Struts 2 RCE bug (The Register)
Microsoft MFA Bypassed via AuthQuake Attack (SecurityWeek)
Nova Keylogger – A Snake Malware Steal Credentials and Capture Screenshorts From Windows (Cyber Security News)
Adobe releases December 2024 patches for flaws in multiple products, including critical (Beyond Machines)
Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement (SecurityWeek)
Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge (Infosecurity Magazine)
Krispy Kreme cyberattack impacts online orders and operations (Bleeping Computer)
Firefox, one of the first “Do Not Track” supporters, no longer offers it (Ars Technica)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Microsoft confirms a critical Windows zero-day vulnerability. Global law enforcement agencies dismantle 27 DDoS platforms. Researchers compromise memory in AMD virtual machines. Ivanti reports multiple critical vulnerabilities in its Cloud Services Application. Group-IB researchers expose a sophisticated global phishing campaign. A zero-day vulnerability in Cleo’s managed file transfer software is under active exploitation. The U.S. sanctions a Chinese firm for a 2020 firewall exploit. Congress looks to require the FCC to regulate telecom cybersecurity. Our guest is Malachi Walker, Security Strategist at DomainTools, discussing their role in ODNI's newly established Sentinel Horizon Program. SpartanWarriorz dodge a Telegram crackdown.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Malachi Walker, Security Strategist at DomainTools, about their role in ODNI's newly established Sentinel Horizon Program.
Selected Reading
New Windows 0Day Attack Confirmed—Homeland Security Says Update Now (Forbes)
Microsoft Fixes 71 CVEs Including Actively Exploited Zero-Day (Infosecurity Magazine)
Atlassian, Splunk Patch High-Severity Vulnerabilities (SecurityWeek)
Chrome Security Update, Patch for 3 High-severity Vulnerabilities (Cyber Security News)
ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others (SecurityWeek)
Operation PowerOFF Takes Down DDoS Boosters (Infosecurity Magazine)
AMD Chip VM Memory Protections Broken by BadRAM (Security Boulevard)
Three more vulns spotted in Ivanti CSA, all critical, one 10/10 (The Register)
Global Ongoing Phishing Campaign Targets Employees Across 12 Industries (Hackread)
New Cleo zero-day RCE flaw exploited in data theft attacks (Bleeping Computer)
US Sanctions Chinese Firm at Center of Global Firewall Hack (Infosecurity Magazine)
Wyden legislation would mandate FCC cybersecurity rules for telecoms (CyberScoop)
Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down (Security Boulevard)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Researchers uncover a large-scale hacking operation tied to the infamous ShinyHunters. A Dell Power Manager vulnerability lets attackers execute malicious code. TikTok requests a federal court injunction to delay a U.S. ban. Radiant Capital attributed a $50 million cryptocurrency heist to North Korea. Japanese firms report ransomware attacks affecting their U.S. subsidiaries. WhatsApp’s “ViewOnce” feature faces continued scrutiny. SpyLoan malware targets Android users through deceptive loan apps. A major Romanian electricity distributor is investigating an ongoing ransomware attack. A critical flaw in OpenWrt Sysupgrade has been fixed. Contenders for top cyber roles in the next Trump administration visit Mar-a-Lago. On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Google’s new quantum chip promises scaling without failing.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Check out Cobalt’s GigaOm Radar Report for PTaaS 2024 to learn more.
Selected Reading
ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket (Hackread)
Dell Power Manager Vulnerability Let Attackers Execute Malicious Code (Cyber Security News)
TikTok Asks Court To Suspend Ban Ahead of Supreme Court Appeal (The Information)
Radiant links $50 million crypto heist to North Korean hackers (Bleeping Computer)
US subsidiaries of Japanese water treatment company, green tea maker hit with ransomware (The Record)
WhatsApp View Once Vulnerability Let Attackers Bypass The Privacy Feature (Cyber Security News)
SpyLoan Malware: A Growing Threat to Android Users (Security Boulevard)
Romanian energy supplier Electrica hit by ransomware attack (Bleeping Computer)
OpenWrt Sysupgrade flaw let hackers push malicious firmware images (Bleeping Computer)
Homeland Security veteran to be interviewed for Trump administration cyber role (The Record)
Google claims ‘breakthrough’ with new quantum chip (Silicon Republic)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A critical zero-day is confirmed by a Japanese router maker. Romania annuls the first round of its 2024 presidential election over concerns of Russian interference. A sophisticated malware campaign targets macOS users. Mandiant uncovers a method to bypass browser isolation using QR codes. Belgian and Dutch authorities arrest eight individuals linked to online fraud schemes. A medical device company discloses a ransomware attack. A community hospital in Massachusetts confirms a ransomware attack affecting over three hundred thousand. The Termite ransomware gang claims responsibility for the attack on Blue Yonder. Synology patches multiple vulnerabilities in its Router Manager (SRM) software. The head of U.S. Cyber Command outlines the challenges of keeping decision makers up to date. Our guest is Anna Pobletts, Head of Passwordless at 1Password, discussing the state of passkeys and what she sees on the road to a truly passwordless future. Robot rats join the mischief.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Anna Pobletts, Head of Passwordless at 1Password, discussing the state of passkeys and what she sees on the road to a truly passwordless future.
Selected Reading
I-O Data Confirms Zero-Day Attacks on Routers, Full Patches Pending (SecurityWeek)
Romania’s top court annuls presidential election result (CNN)
MacOS Passwords Alert—New Malware Targets Keychain, Chrome, Brave, Opera (Forbes)
QR codes bypass browser isolation for malicious C2 communication (Bleeping Computer)
Eight Suspected Phishers Arrested in Belgium, Netherlands (SecurityWeek)
Medical Device Maker Artivion Scrambling to Restore Systems After Ransomware Attack (SecurityWeek)
Anna Jaques Hospital ransomware breach exposed data of 300K patients (Bleeping Computer)
Blue Yonder SaaS giant breached by Termite ransomware gang (Bleeping Computer)
Synology Router Vulnerabilities Let Attackers Inject Arbitrary Web Script (Cyber Security News)
Cyber Command Chief Discusses Challenges of Getting Intel to Users (Defense.gov)
Robot Rodents: How AI Learned To Squeak And Play (Hackaday)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CEO and Founder of Votiro Aviv Grafi shares his story from serving as a member of the IDF's intelligence forces to leading his own venture. Aviv says his service in the IDF shaped a lot of his thinking and problem solving. Following his military service, Aviv worked to gain more real world and business experience. Starting his own business as a pentester was where the seeds for what would become Votiro would form. Aviv talks about the roller coaster that you experience when starting your own venture and offers some advice. And, we thank Aviv for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Visa fler
![The CyberWire: The 12 Days of Malware. [Special edition]](https://is5-ssl.mzstatic.com/image/thumb/Podcasts116/v4/12/16/ca/1216caa3-af21-5352-8400-c6e0e84332b5/mza_6844882071149318753.jpg/80x80bb.jpg)