episode-header-image

Jan 2024

29m 59s

Midnight Blizzard brings the storm.

About this episode

Russian state hackers breach Microsoft. LockBit claims Subway restaurants hack. A Swedish datacenter is hit with ransomware. VMware patches a vulnerability targeted by Chinese espionage groups. Sentinel Labs warns of North Korean APTs focus on cybersecurity pros. FTC order another data broker to restrict location data. US Feds release security guidance for water and wastewater sectors. Senators question the DOJ on facial recognition technology. Ukraine’s Monobank gets DDoSed. N2K’s CSO Rick Howard joins us to share some insight into what he and the Hash Table are cooking up for the upcoming season of his CSO Perspectives podcast. The passing of a Time Lord.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

N2K’s CSO Rick Howard joins us to share some insight into what he and the Hash Table are cooking up for the upcoming season of his CSO Perspectives podcast launching next month.

Selected Reading

Microsoft: Russian Hackers Had Access to Executives' Emails (GovInfo Security)

LockBit ransomware gang claims the attack on the sandwich chain Subway (Security Affairs)

Ransomware hits cloud service Tietoevry; numerous Swedish customers affected (The Record)

Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021 (Mandiant)

North Korea’s ScarCruft APT group targets infosec pros (CSO Online)

FTC Order Will Ban InMarket from Selling Precise Consumer Location Data (Federal Trade Commission)

US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities (SecurityWeek)

Ukraine’s Monobank hit with massive DDoS attack (Silicon Republic)

Senators ask DOJ to investigate whether facial recognition tech violates Civil Rights Act (The Record)

RIP, Internet’s Time Lord (On My Om)

Network Time Protocol (NTP) attack (noun) (Word Notes podcast)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Cyber defenders pulled into deportation duty.

DHS reassigns cyberstaff to immigration duties. A massive DDoS attack disrupts several major gaming platforms. Discord refuses ransom after a third-party support system breach. Researchers examine Chaos ransomware and creative log-poisoning web intrusions. The FCC reconsiders its ... Show More

Chinese hackers serve up espionage.

Chinese hackers infiltrate a major U.S. law firm. The EU Commission President warns Russia is waging a hybrid war against Europe. Researchers say LoJax is the latest malware from Russia’s Fancy Bear. Salesforce refuses ransom demands. London Police arrest two teens over an allege ... Show More

Critical GoAnywhere bug fuels ransomware wave.

Microsoft tags a critical vulnerability in Fortra’s GoAnywhere software. A critical Redis vulnerability could allow remote code execution. Researchers tie BIETA to China’s MSS technology enablement. Competing narratives cloud the Oracle E-Business Suite breach. An Ohio-based visi ... Show More

Recommended Episodes

Thu. 10/24 - Is TikTok A “National Security Risk?”

Is TikTok a national security risk? Inquiring Senators want to know. Earnings running the gamut from bad to surprisingly good from Twitter, Amazon and Tesla. And to paraphrase an old saw: if a voicemail system goes down how would anyone even notice?Sponsors:MealimeLegalForce RAPC ... Show More

How A Satellite Hack Became a Cybersecurity Wakeup Call

People around the world rely on satellites for their internet connections, credit card transactions–and even to keep track of time. Last year, a suspected Russian-led satellite hack exposed how vulnerable they are to security breaches, from individual hackers seeking to pilfer i ... Show More

Fri. 03/05 – Eyes Emoji On Tim Wu Joining The Biden Administration

Tim Wu joined the Biden administration and that sound you hear is a big collective gulp from Silicon Valley. A tweet undo button has been unearthed. Turntable.fm has resurfaced. New data suggests the death of silicon valley has been exaggerated. And of course, the weekend longrea ... Show More

The Cyber Front in the War on Ukraine

There are a lot of companies out there willing to sell shady customers the tools they need to spy on just about anyone. All over the world software vendors like Hacking Team and NSO Group will help you break into a cellphone or read an email you’re not supposed to. But that might ... Show More

Fri. 12/18 – Chinese Drone Maker DJI Blacklisted By The US

Drone maker DJI is blacklisted by the commerce department. Group video comes to Echo devices. Twitter launches Spaces. Sony offers refunds for Cyberpunk 2077. Coinbase files to go public. And, of course, the weekend longreads suggestions.Sponsors:Masterworks.io, promocode RIDE to ... Show More

The Dark Secrets of a Hacking Hero

In May of 2017, Marcus Hutchins saved the internet. A vicious ransomware attack known as WannaCry had infected computer systems across dozens of countries. It was the worst cyberattack in history at the time, and it seemed unstoppable. But Hutchins, a 23-year-old-hacker in Ilfrac ... Show More

Listen to millions of songs and podcasts on Anghami