CyberWire Daily

• The invisible force fueling cyber chaos.

  A joint advisory labels Fast Flux a national security threat. Europol shuts down a major international CSAM platform. Oracle verifies a data breach. A new attack targets Apache Tomcat servers. The Hunters International group pivots away from ransomware. Hackers target Juniper routers using default credentials. A controversy erupts over a critical CrushFTP vulnerability.  Johannes Ullrich, Dean of Research at SANS Technology Institute unpacks Next.js.  Abracadabra, alakazam — poof! Your credentials are gone. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Johannes Ullrich, Dean of Research at SANS Technology Institute, is discussing Next.js and how similar problems have led to vulnerabilities recently. Selected Reading Fast Flux: A National Security Threat (CISA) Don’t cut CISA personnel, House panel leaders say, as they plan legislation giving the agency more to do (CyberScoop) CSAM platform Kidflix shut down by international operation (The Record) AI Image Site GenNomis Exposed 47GB of Underage Deepfakes (Hackread) Oracle tells clients of second recent hack, log-in data stolen, Bloomberg News reports (Reuters) Hackers Exploiting Apache Tomcat Vulnerability to Steal SSH Credentials & Gain Server Control (Cyber Security News) Hunters International Ransomware Gang Rebranding, Shifting Focus (SecurityWeek) Hackers Actively Scanning for Juniper’s Smart Router With Default Password (Cyber Security News) Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability (SecurityWeek)  New Malware Attacking Magic Enthusiasts to Steal Login Credentials (Cyber Security News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  30:59
• Chrome & Firefox squash the latest flaws.

  Google and Mozilla patch nearly two dozen security flaws. The UK’s Royal Mail Group sees 144GB of data stolen and leaked. A bizarre campaign looks to recruit cybersecurity professionals to hack Chinese websites. PostgreSQL servers with weak credentials have been compromised for cryptojacking. Google Cloud patches a vulnerability affecting its Cloud Run platform. Oracle faces a class-action lawsuit over alleged cloud services data breaches. CISA releases ICS advisories detailing vulnerabilities in Rockwell Automation and Hitachi Energy products. General Paul Nakasone offers a candid assessment of America’s evolving cyber threats. On today’s CertByte segment,  a look at the Cisco Enterprise Network Core Technologies exam. Are AI LLMs more like minds or mirrors? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K’s suite of industry-leading certification resources, this week, Chris is joined by Troy McMillan to break down a question targeting the Cisco Enterprise Network Core Technologies (350-401 ENCOR) v1.1 exam. Today’s question comes from N2K’s Cisco CCNP Implementing and Operating Cisco Enterprise Network Core Technologies ENCOR (350-401) Practice Test. The ENCOR exam enables candidates to earn the Cisco Certified Specialist - Enterprise Core certification, which can also be used to meet exam requirements for several other Cisco certifications. Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify.To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.  Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Additional source: https://www.cisco.com/site/us/en/learn/training-certifications/exams/encor.html   Selected Reading Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities (SecurityWeek) Royal Mail Group Loses 144GB to Infostealers: Same Samsung Hacker, Same 2021 Infostealer Log (Infostealers) Someone is trying to recruit security researchers in bizarre hacking campaign (TechCrunch) Ongoing cryptomining campaign hits over 1.5K PostgreSQL servers (SC Media) ImageRunner Flaw Exposed Sensitive Information in Google Cloud (SecurityWeek) Google Brings End-to-End Encrypted Emails to All Enterprise Gmail Users (SecurityWeek) Oracle now faces class action amid alleged data breaches (The Register) CISA Releases Two ICS Advisories for Vulnerabilities, & Exploits Surrounding ICS (Cyber Security News) Exclusive: Gen. Paul Nakasone says China is now our biggest cyber threat (The Record) Large AI models are cultural and social technologies (Science) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  30:28
• Hackers beware, fines are in the air.

  The UK unveils the full scope of its upcoming Cyber Security and Resilience Bill. Apple warns of critical zero-day vulnerabilities under active exploitation. The InterLock ransomware group claims responsibility for a cyberattack on National Presto Industries. Microsoft flags a critical vulnerability in Canon printer drivers. Check Point Software confirms a data breach. The FTC warns 23andMe’s bankruptcy trustees to uphold their privacy obligations. A Canadian hacker has been arrested and charged for allegedly breaching systems tied to the Texas Republican Party. A GCHQ intern pleads guilty to stealing top-secret data. On our Threat Vector segment, host David Moulton from Palo Alto Networks speaks with Richu Channakeshava, Senior Product Manager at Palo Alto Networks, about the urgent need for organizations to prepare for a post-quantum world. The confabulous hallucinations of AI.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment Host David Moulton from Palo Alto Networks Threat Vector podcast asks “Is the Quantum Threat Closer Than You Think?” on the latest segment of Threat Vector. Quantum computing is advancing fast, and with it comes a major cybersecurity risk—the potential to break today’s encryption standards. David speaks with Richu Channakeshava, Senior Product Manager at Palo Alto Networks, about the urgent need for organizations to prepare for a post-quantum world. You can catch the full discussion here. Be sure to listen to new episodes of Threat Vector every Thursday on your favorite podcast app.  Selected Reading UK threatens £100K-a-day fines under new cyber bill (The Register) Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks (Cyber Security News) Ransomware Group Takes Credit for National Presto Industries Attack (SecurityWeek) Critical Vulnerability Found in Canon Printer Drivers (SecurityWeek) Check Point Acknowledges Data Breach, Claims Information is 'Old (Cyber Security News) FTC: 23andMe's Buyer Must Uphold Co.'s Data Privacy Pledge (BankInfo Security) Canadian hacker arrested for allegedly stealing data from Texas Republican Party (The Record) GCHQ intern took top secret spy tool home, now faces prison (The Register) A Peek Into How AI 'Thinks' - and Why It Hallucinates (GovInfo Security) Why Confabulation, Not Hallucination, Defines AI Errors (Integrative Psych) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  30:47
• Ransom demands and medical data for sale.

  A cyberattack targeting Oracle Health compromises patient data. The DOJ nabs over $8 million tied to romance scams. Trend Micro examines a China-linked APT group conducting cyber-espionage. A new Android banking trojan called Crocodilus has emerged. North Korea’s Lazarus Group targets job seekers in the crypto industry. CISA IDs a new malware variant targeting Ivanti Connect Secure appliances. Maria Varmazis, host of N2K’s T-Minus Space Daily show chats with Jake Braun, former White House Principal Deputy National Cyber Director and chairman of DEF CON Franklin. They discuss designating space as critical infrastructure. Nulling out your pizza payment.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Maria Varmazis, host of N2K’s T-Minus Space Daily show sits down with Jake Braun, former White House Principal Deputy National Cyber Director and chairman of DEF CON Franklin, and they discuss designating space as critical infrastructure and sharing an overview of its attack surface. Selected Reading Oracle Health breach compromises patient data at US hospitals (Bleeping Computer) Oracle Warns Health Customers of Patient Data Breach (Bloomberg) Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware (SecurityWeek) U.S. seized $8.2 million in crypto linked to 'Romance Baiting' scams (Bleeping Computer) DOJ Seizes USD 8.2M Tied to Pig Butchering Scheme (TRM Labs) Earth Alux Hackers Employ VARGIET Malware to Attack Organizations (Cyber Security News)  'Crocodilus' Android Banking Trojan Allows Device Takeover, Data Theft (SecurityWeek) ClickFake Interview – Lazarus Hackers Exploit Windows and macOS Users Fake Job Campaign (Cyber Security News)  CISA Analyzes Malware Used in Ivanti Zero-Day Attacks (SecurityWeek) How A Null Character Was Used to Bypass Payments (System Weakness on Medium)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  35:52
• Alyssa Miller: We have to elevate others. [BISO] [Career Notes]

  Please enjoy this encore episode of Career Notes. Business Information Security Officer at S&P Global Ratings, Alyssa Miller, joins us to talk about her journey to become a champion to create a welcoming nature and acceptance of diversity in the cybersecurity community. Starting her first full-time tech position while still in college, Alyssa noted the culture shock being in both worlds. Entering as a programmer and then moving to pen testing where she got her start in security, Alyssa grew into a leader who is committed to elevating those around her. Some stumbling blocks along the way gave her pause and helped point her in her current role where Alyssa works to bring more diverse views to improve the problem-solving in the space, something she sees as a key to success for the industry. We thank Alyssa for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  9:14

More News podcasts

Trending News podcasts

About CyberWire Daily

CyberWire Daily: Podcasts in Family