episode-header-image

Aug 2024

33m 8s

Weeding out 'worms' for Window's users.

About this episode

Microsoft urges users to patch a critical TCP/IP remote code execution vulnerability. Texas sues GM over the privacy of location and driving data. Google says Iran’s APT42 is responsible for recent phishing attacks targeting presidential campaigns. Doppelgänger struggles to sustain its operations. Sophos X-Ops examines the Mad Liberator extortion gang. Fortra researchers document a potential Blue Screen of Death vulnerability on Windows. China’s Green Cicada Network creates over 5,000 AI-controlled inauthentic X(Twitter) accounts. Kim Dotcom is being extradited to the United States. Our guest is Rui Ribeiro, CEO at JScrambler, to discuss how the extensive use of first and third-party JavaScript is a blessing and a curse. Wireless shifting can really grind your gears.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today’s guest Rui Ribeiro, JScrambler's CEO, joins us to discuss how the extensive use of first and third-party JavaScript is both a blessing and a curse.

Selected Reading

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now (Bleeping Computer)

Texas sues General Motors over car data tracking (POLITICO)

Google: Iranian Group APT42 Behind Trump, Biden Hack Attempts (Security Boulevard)

Doppelgänger operation rushes to secure itself amid ongoing detections, German agency says (The Record)

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR (SecurityWeek)

A new extortion crew, Mad Liberator, emerges on the scene (The Register)

Beware, Windows users. Newly-spotted CVE-2024-6768 vulnerability can cause blue screen (MSPoweruser)

CyberCX Unmasks China-linked AI Disinformation Capability on X (Cyber CX)

Kim Dotcom is being Megauploaded to the US for trial (The Verge)

Want to Win a Bike Race? Hack Your Rival’s Wireless Shifters (WIRED)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

No honor among thieves. [Research Saturday]

John Fokker, Head of Threat Intelligence at Trellix is discussing "Gang Wars: Breaking Trust Among Cyber Criminals." Trellix researchers reveal how the once-organized ransomware underworld is collapsing under its own paranoia. Once united through Ransomware-as-a-Service programs, ... Show More

When the breachers get breached.

International law enforcement take down the Breachforums domains. Researchers link exploitation campaigns targeting Cisco, Palo Alto Networks, and Fortinet. Juniper Networks patches over 200 vulnerabilities. Apple and Google update their bug bounties. Evaluating AI use in applica ... Show More

Cyber defenders pulled into deportation duty.

DHS reassigns cyberstaff to immigration duties. A massive DDoS attack disrupts several major gaming platforms. Discord refuses ransom after a third-party support system breach. Researchers examine Chaos ransomware and creative log-poisoning web intrusions. The FCC reconsiders its ... Show More

Recommended Episodes

Cloudflare Fends Off A Record Breaking 11.5 Tbps DDoS Attack

In this episode of Cybersecurity Today, host Jim Love covers the latest and most critical stories in the world of cyber threats and digital defense: • Cloudflare fends off a record-breaking 11.5 Tbps DDoS attack, highlighting the relentless scale and sophistication of modern cybe ... Show More

SN 1014: FREEDOM Administration Login - Apple's UK Privacy Showdown, $1.5 Billion Crypto Heist

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in ... Show More

Hackers Say Thanks For Lousy Security In Large Fast Food Chain

Cybersecurity Today: Ghost Action Campaign, SalesLoft Breach, AI Vulnerabilities, and Restaurant Security Flaws Host David Shipley discusses the latest in cybersecurity, including the Ghost Action Campaign which compromised over 3000 secrets from GitHub repositories, the SalesLof ... Show More

Cybersecurity Breaches: Salesforce, Workday, and Critical Infrastructure Hacked

In today's episode of 'Cybersecurity Today,' hosted by Jim Love, we cover several key issues in the cybersecurity landscape. Firstly, a breach involving Workday and social engineering attacks targeting Salesforce customers is discussed. Next, the risks posed by a recent Windows u ... Show More

Cybersecurity Today: Massive Data Exposures, Microsoft Failures, and PayPal Breach Claims

In this episode of Cybersecurity Today, host Jim Love covers a range of recent cybersecurity incidents. A major privacy failure has hit Elon Musk's Grok chatbot, exposing over 370,000 private conversations with sensitive information. Microsoft's recent security update has caused ... Show More

Cybersecurity Updates: CEO Legal Troubles, Global Cyber Rules, Microsoft Fix Issues, and AI at B-Side SF

In this episode of 'Cybersecurity Today', host David Shipley covers multiple key stories: Veritaco CEO Jeffrey Bowie is charged with attempting to infect a hospital with malware. Global Chief Information Security Officers (CISOs) call on world governments to harmonize cybersecuri ... Show More

NPM Attack Leave Hackers Empty Handed: Cybersecurity Today with David Shipley

Cybersecurity Today: NPM Attack, Void Proxy Phishing, and Major Business Disruptions In this episode of Cybersecurity Today, host David Shipley discusses a recent massive NPM attack that, despite causing significant disruption, left hackers with minimal gains. We also cover a new ... Show More

City Jerks, AI animals, and is the BBC hacking again?

Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers' live phone calls with victims.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer secu ... Show More

Zoom.. just one click and your data goes boom!

Graham explores how the Elusive Comet cybercrime gang are using a sneaky trick of stealing your cryptocurrency via an innocent-appearing Zoom call, and Carole goes under the covers to explore the extraordinary lengths bio-hacking millionaire Bryan Johnson is attempting to extend ... Show More

Listen to millions of songs and podcasts on Anghami