episode-header-image

Aug 2024

34m 26s

Cyberattack cripples major American chip...

About this episode

A major American chipmaker discloses a cyberattack. Cybercriminals exploit Progressive Web Applications (PWAs) to bypass iOS and Android defenses. Mandiant uncovers a privilege escalation vulnerability in Microsoft Azure Kubernetes Services. ALBeast hits ALB. Microsoft’s latest security update has caused significant issues for dual-boot systems. The DOE’s new SolarSnitch program aims to sure up solar panel security. Researchers uncover LLM poisoning techniques. An Iranian-linked group uses a fake podcast to lure a target. Our guest is Parya Lotfi, CEO of DuckDuckGoose, discussing the increasing problem of deepfakes in the cybersecurity landscape. Return to sender - AirTag edition.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guest Parya Lotfi, CEO of DuckDuckGoose, discusses the increasing relevance of deepfakes in the cybersecurity landscape.

Selected Reading

Microchip Technology discloses cyberattack impacting operations (Bleeping Computer)

Android and iOS users targeted with novel banking app phishing campaign (Cybernews)

Azure Kubernetes Services Vulnerability Exposed Sensitive Information (SecurityWeek)

ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk (HACKREAD)

Microsoft’s latest security update has ruined dual-boot Windows and Linux PCs (The Verge)

DOE debuts SolarSnitch technology to boost cybersecurity in solar energy systems (Industrial Cyber)

Researchers Highlight How Poisoned LLMs Can Suggest Vulnerable Code (Dark Reading)

Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset | Proofpoint US (Proofpoint)

Serial mail thieves thwarted when victim sends herself an AirTag (Apple Insider)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Chrome’s high-risk bug gets squashed.

Google and Microsoft issue critical updates. CISA warns of active exploitation of a critical flaw in Wing FTP Server. Cloudflare restores their DNS Resolver service following a brief outage. A critical vulnerability in a PHP documentation tool allows attackers to execute code on ... Show More

The Grok that broke the camel’s back.

A DOGE employee leaks private API keys to GitHub. North Korea’s “Contagious Interview” campaign has a new malware loader. A New Jersey diagnostic lab suffers a ransomware attack. A top-grossing dark web marketplace goes dark in what experts believe is an exit scam. MITRE launches ... Show More

Taxing times for cyber fraudsters.

British and Romanian authorities make arrests in a major tax fraud scheme. The Interlock ransomware gang has a new RAT. A new vulnerability in Google Gemini for Workspace allows attackers to hide malicious instructions inside emails. Suspected Chinese hackers breach a major DC la ... Show More

Recommended Episodes

Scattered Spider Targets US Insurance, Microsoft Zero-Day, Major Database Breach, and AI Poison Pill

In this episode, host Jim Love delves into recent cybersecurity threats and breakthroughs. The notorious Scattered Spider hacker group has shifted its focus to US insurance companies after attacking UK retailers earlier this year. Microsoft's urgent security updates address activ ... Show More

DeepSeek Security Failure: Cyber Security Today, Friday, January 31, 2025

Cybersecurity Today: DeepSeek AI's Data Breach, New API Threats, & Operation Talent In this episode of 'Cybersecurity Today,' host Jim Love delves into the recent security lapse by DeepSeek AI, highlighting the exposure of sensitive data through an open ClickHouse database. Learn ... Show More

Massive Data Breaches Hit Thousands Of Popular Mobile Apps: Cyber Security Today for Monday, January 13, 2025

Massive Data Breaches, Apple Targeted, Facebook Security Flaw - Cybersecurity Today In this episode of Cybersecurity Today, host Jim Love covers a massive breach revealing how location data is harvested through thousands of popular mobile apps on Android and iOS. Files leaked fro ... Show More

How Cybercriminals Leverage Disruption for Maximum Impact [Encore]

In this episode of Threat Vector, David Moulton, Director of Thought Leadership at Unit 42, sits down with Wendi Whitmore, Senior Vice President of Unit 42, to discuss the increasing speed and sophistication of cyber attacks. Wendi shares her extensive expertise, highlighting the ... Show More

Final Draft Malware Attacks Using Outlook: Cyber Security Today for Tuesday, February 18th, 2025

Critical PostgreSQL Bug Exploited in Treasury Hack & New Threats Unveiled - Cybersecurity Today In today's episode of Cybersecurity Today, hosted by Jim Love, we delve into major cybersecurity events, including a crucial PostgreSQL vulnerability exploited in the U.S. Treasury hac ... Show More

Decoding XDR: Allie Mellen on What’s Next

Announcement: We are pleased to share an exciting announcement about Cortex XDR at the top of our show. You can learn more here. Check out our episode on "Cyber Espionage and Financial Crime: North Korea’s Double Threat" with Assaf Dahan, Director of Threat Research at Palo Alto ... Show More

Google’s New Free Cybersecurity Certificate: Cyber Security Today for Monday, November 25, 2024

Cybersecurity Today: Palo Alto Firewalls Breached, APT28's Wi-Fi Hack, Meta Fights Scams In today's episode, over 2,000 Palo Alto firewalls were hacked via patched zero-day vulnerabilities; a Russian group, APT28, exploited Wi-Fi networks in a novel 'Nearest Neighbor Attack' to b ... Show More

Starbucks Issues Manual Pay To Employees During Ransomware Attack: Cyber Security Today for Wednesday, November 27th, 2024

Retailers Face AI Bot Attacks, Avast Exploit, and Starbucks Ransomware Challenges In this episode of 'Cybersecurity Today,' host Jim Love covers the latest cyber threats impacting retailers, including AI-powered bot attacks and ransomware incidents. Discover how hackers are explo ... Show More

Cybersecurity Today: WestJet Cyber Incident, Anubis Ransomware Evolution, Discord Exploits, and Google Cloud Outage

Host David Shipley discusses several critical cybersecurity incidents and developments. WestJet, Canada's second-largest airline, faced a cybersecurity breach impacting its mobile app and internal systems. The airline is working with law enforcement to investigate while emphasizi ... Show More

Listen to millions of songs and podcasts on Anghami