episode-header-image

Sep 2024

34m 3s

Brazil nixes Twitter’s successor.

About this episode

Brazil blocks access to X/Twitter. Transport for London has been hit with a cyberattack. Threat actors have poisoned GlobalProtect VPN software to deliver WikiLoader. “Voldemort” is a significant international cyber-espionage campaign. Researchers uncover an SQL injection flaw with implications for airport security. Three men plead guilty to running an MFA bypass service. The FTC has filed a complaint against security camera firm Verkada. CBIZ Benefits & Insurance Services disclosed a data breach affecting nearly 36,000. The cybersecurity implications of a second Trump term. On our Industry Insights segment, guest Caroline Wong, Chief Strategy Officer at Cobalt, discusses application security and artificial intelligence. A Washington startup claims to revolutionize political lobbying with AI.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Insights segment, guest Caroline Wong, Chief Strategy Officer at Cobalt, discusses application security and artificial intelligence. You can find out more from Cobalt’s The State of Pentesting Report 2024 here.

Selected Reading

Brazil Suspends Access to Elon Musk's X, Including via VPNs (GovInfo Security)

Cyberattack hits agency responsible for London’s transport network (The Record)

Hacking Poisoning GlobalProtect VPN To Deliver WikiLoader Malware On Windows (Cyber Security News)

Scores of Organizations Hit By Novel Voldemort Malware (Infosecurity Magazine)

Researchers find SQL injection to bypass airport TSA security checks (Bleeping Computer)

Three Plead Guilty to Running MFA Bypass Site (Infosecurity Magazine)

Verkada to Pay $2.95 Million Over FTC Probe Into Security Camera Hacking (SecurityWeek)

Business services giant CBIZ discloses customer data breach (Bleeping Computer)

Who would be the cyber pros in a second Trump term? (CyberScoop)

Convicted fraudsters launch AI lobbying firm using fake names (Politico)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Chinese hackers serve up espionage.

Chinese hackers infiltrate a major U.S. law firm. The EU Commission President warns Russia is waging a hybrid war against Europe. Researchers say LoJax is the latest malware from Russia’s Fancy Bear. Salesforce refuses ransom demands. London Police arrest two teens over an allege ... Show More

Critical GoAnywhere bug fuels ransomware wave.

Microsoft tags a critical vulnerability in Fortra’s GoAnywhere software. A critical Redis vulnerability could allow remote code execution. Researchers tie BIETA to China’s MSS technology enablement. Competing narratives cloud the Oracle E-Business Suite breach. An Ohio-based visi ... Show More

Oracle zero-day serves up persistent access.

A critical zero-day in Oracle E-Business Suite is under active exploitation. ICE plans a major expansion of its social media surveillance operations. Discord confirms a third-party data breach. A critical vulnerability in the Unity game engine could allow arbitrary code execution ... Show More

Recommended Episodes

Cybersecurity Updates: CEO Legal Troubles, Global Cyber Rules, Microsoft Fix Issues, and AI at B-Side SF

In this episode of 'Cybersecurity Today', host David Shipley covers multiple key stories: Veritaco CEO Jeffrey Bowie is charged with attempting to infect a hospital with malware. Global Chief Information Security Officers (CISOs) call on world governments to harmonize cybersecuri ... Show More

Cybersecurity Today: Virtual Employees, AI Security Agents, and CVE Program Updates

In this episode of 'Cybersecurity Today,' host Jim Love discusses various pressing topics in the realm of cybersecurity. Highlights include Anthropic's prediction on AI-powered virtual employees and their potential security risks, Microsoft’s introduction of AI security agents to ... Show More

Hackers Say Thanks For Lousy Security In Large Fast Food Chain

Cybersecurity Today: Ghost Action Campaign, SalesLoft Breach, AI Vulnerabilities, and Restaurant Security Flaws Host David Shipley discusses the latest in cybersecurity, including the Ghost Action Campaign which compromised over 3000 secrets from GitHub repositories, the SalesLof ... Show More

Cybersecurity Breaches: Salesforce, Workday, and Critical Infrastructure Hacked

In today's episode of 'Cybersecurity Today,' hosted by Jim Love, we cover several key issues in the cybersecurity landscape. Firstly, a breach involving Workday and social engineering attacks targeting Salesforce customers is discussed. Next, the risks posed by a recent Windows u ... Show More

War Room Best Practices

In this episode of Threat Vector, David Moulton, Director of Thought Leadership at Unit 42, is joined by cybersecurity experts Kyle Wilhoit, Director of Threat Research, and Michal Goldstein, Director of Security Architecture and Research at Palo Alto Networks. Together, they exp ... Show More

Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear's New Malware, and Canada's Anti-Fraud Proposals

Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear's New Malware, and Canada's Anti-Fraud Proposals In this episode of Cybersecurity Today, hosted by David Shipley, we examine several major cybersecurity stories. A whistleblower accuses Elon M ... Show More

SN 1014: FREEDOM Administration Login - Apple's UK Privacy Showdown, $1.5 Billion Crypto Heist

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in ... Show More

Wed. 09/04 – Elon Blinks In Brazil

SpaceX has agreed to block access to X, in Brazil, on Starlink. Looks like YubiKeys are hackable. Who is the mystery platform looking to expand AI datacenters at an historic scale? And the Catch 22 that Intel is in. They need CHIPS Act money, but can their troubles mean the CHIPS ... Show More

Behind the Scenes with Palo Alto Networks CIO and CISO Securing Business Success with Frictionless Cybersecurity

In this episode of Threat Vector, David Moulton speaks with Meerah Rajavel, CIO of Palo Alto Networks, and Niall Browne, CISO of the organization, about the importance of aligning IT strategy with cybersecurity. Meerah and Niall discuss how frictionless security, AI integration, ... Show More

Listen to millions of songs and podcasts on Anghami