French authorities outline the allegations against Telegram’s CEO. Google finds familiar spyware in Mongolian government websites. The Mirai botnet leverages obsolete security cameras. Iran’s Peach Sandstorm targets the space industry. A federal appeals court says platforms may be liable to algorithmically recommended content. Scam cycles are getting shorter. McDonald’s officials are grimacing after hackers take over their Instagram account. Our guests today are Dave DeWalt, Founder and CEO of NightDragon, and Nicole Bucala, CEO and GM at DataBee, sharing their joint initiative which aims to propel future cybersecurity innovations. A would-be extortionist fails to cover his tracks.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guests today are Dave DeWalt, Founder and CEO of NightDragon, and Nicole Bucala, CEO and GM at DataBee, sharing their joint initiative to propel future cybersecurity innovations. Learn more. 

Selected Reading

French authorities charge Telegram's Durov in probe into organized crime on app (Reuters)

Russian government hackers found using exploits made by spyware companies NSO and Intellexa (TechCrunch)

Old CCTV cameras provide a fresh opportunity for a Mirai botnet variant (The Record)

Notorious Iranian Hackers Have Been Targeting the Space Industry With a New Backdoor (WIRED) 

Appeals court revives TikTok ‘blackout challenge’ death suit (The Register)

Online scam cycles are getting shorter and more effective, Chainalysis finds (CyberScoop)

Cisco Patches Multiple NX-OS Software Vulnerabilities (SecurityWeek)

Crypto scammers who hacked McDonald's Instagram account say they stole $700,000 (Bitdefender)

magazine.com/news/it-engineer-charged-extort-former/">IT Engineer Charged For Attempting to Extort Former Employer (Infosecurity Magazine)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Threat actors use a malicious Pidgin plugin to deliver malware. The BlackByte ransomware group is exploiting a recently patched VMware ESXi  vulnerability. The State Department offers a $2.5 million reward for a major malware distributor. A Swiss industrial manufacturer suffers a cyberattack. The U.S. Marshals Service (USMS) responds to claims of data theft by the Hunters International ransomware gang. Park’N Fly reports a data breach affecting 1 million customers. Black Lotus Labs documents the active exploitation of a zero-day vulnerability in Versa Director servers. Federal law enforcement agencies warn that Iran-based cyber actors continue to exploit U.S. and foreign organizations. We kick off our new educational CertByte segment with hosts Chris Hare and George Monsalvatge. Precrime detectives root out election related misinformation before it happens. 

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s show, our guests are N2K's Chris Hare and George Monsalvatge introducing our new bi-weekly CertByte segments that kick off today on the CyberWire Daily podcast.

CertByte Segment

Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from our suite of industry-leading content and a study tip to help you achieve the professional certifications you need to fast-track your career growth.

In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by George Monsalvatge to break down a question targeting the Project Management Professional (PMP)® certification by the Project Management Institute®. Today’s question comes from N2K’s PMI® Project Management Professional (PMP®) Practice Test.

The PMP® is the global gold standard certification typically targeted for those who have about three to five years of project management experience. To learn more about this and other related topics under this objective, please refer to the following resource: Project Management Institute - Code of Ethics and Professional Conduct.

Have a question that you’d like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify.

Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.

Selected Reading

 Malware Delivered via Malicious Pidgin Plugin, Signal Fork (SecurityWeek)

BlackByte Hackers Exploiting VMware ESXi Auth Bypass Flaw to Deploy Ransomware (Cyber Security News)

US Offering $2.5 Million Reward for Belarusian Malware Distributor (SecurityWeek)

Services at Swiss manufacturer Schlatter disrupted in likely ransomware attack (SiliconANGLE)

US Marshals say data posted by ransomware gang not from 'new or undisclosed incident' (The Record)

Park’N Fly notifies 1 million customers of data breach (Bleeping Computer)

Taking the Crossroads: The Versa Director Zero-Day Exploitation (Lumen)

Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations (CISA)

Hundreds of 'PreCrime' Election-Related Fraud Sites Spotted (Metacurity)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacktivists respond to the arrest of Telegram’s CEO in France. Stealthy Linux malware stayed undetected for two years. Versa Networks patches a zero-day vulnerability. Google has patched its tenth zero-day vulnerability of 2024. Researchers at Arkose labs document Greasy Opal. A flaw in Microsoft 365 Copilot allowed attackers to exfiltrate sensitive user data. Gafgyt targets crypto mining in cloud native environments. Microsoft investigates an Exchange Online message quarantine issue. Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Kentucky Prisoners Trick Tablets to Generate Fake Money. 

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Available on GitHub, AI Goat is an intentionally vulnerable AI environment built in Terraform that includes numerous threats and vulnerabilities for testing and learning purposes. Learn more. 

Selected Reading

Arrest of Telegram CEO sparks cyberattacks against French websites (SC Media)

Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules (AON)

Stealthy 'sedexp' Linux malware evaded detection for two years (Bleeping Computer)

Google tags a tenth Chrome zero-day as exploited this year (Bleeping Computer)

Versa fixes Director zero-day vulnerability exploited in attacks (Bleeping Computer)

Greasy Opal: Greasing the Skids for Cybercrime (Arkose Labs)

Microsoft Copilot Prompt Injection Vulnerability Let Hackers Exfiltrate Personal Data (Cyber Security News)

Gafgyt Botnet: Weak SSH Passwords Targeted For GPU Mining (Security Boulevard)

Microsoft: Exchange Online mistakenly tags emails as malware (Bleeping Computer)

bulletin.com/news/national/kentucky-prisoners-hack-state-issued-computer-tablets-to-digitally-create-1m-how-d-they-do/article_f28eb222-c372-5a3c-bd43-102dd1a1f282.html">Kentucky prisoners hack state-issued computer tablets to digitally create $1M. How’d they do it? (Union Bulletin)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Telegram’s CEO is arrested by French police, presumably over moderation failures. A cyberattack disrupted services at Seattle-Tacoma International Airport and the Port of Seattle. SonicWall has warned customers of a critical vulnerability that could lead to unauthorized access or a firewall crash. Dutch and French regulators fined Uber €290 million for failing to protect the privacy of EU drivers. Microsoft will host a cybersecurity conference next month in response to the disastrous CrowdStrike software update. Radio Free Europe/Radio Liberty looks at Iran’s active attempts to interfere in the upcoming U.S. presidential election. Our guests are Danielle Ruderman, Senior Manager for Worldwide Security Specialists at AWS, and Adam Mikeal, CISO at Texas A&M. They spoke with N2K’s Brandon Karpf about CISO Circles, security challenges faced in higher education, and fostering the culture of security. Pig Butchering devastates a small town bank. 

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guests are Danielle Ruderman, Senior Manager for Worldwide Security Specialists at AWS, and Adam Mikeal, CISO at Texas A&M. They spoke with N2K’s Brandon Karpf about CISO Circles, security challenges faced in higher education, and fostering the culture of security. Brandon spoke with Danielle and Adam at AWS’ re:Inforce 2024. 

Selected Reading

Telegram CEO Pavel Durov arrested at French airport (BBC)

Is Telegram really an encrypted messaging app? – A Few Thoughts on Cryptographic Engineering (Cryptography Engineering)

The Port of Seattle and Sea-Tac Airport say they’ve been hit by ‘possible cyberattack’ (TechCrunch)

Nearly 32 Million Documents, Invoices, Contracts, and Agreements Exposed Online by Global Field Service Management Provider (Website Planet)

SonicWall Patches Critical SonicOS Vulnerability (SecurityWeek)

Uber fined €290 million for sending drivers’ data outside Europe (Politico)

plans-september-cybersecurity-event-after-crowdstrike-outage.html">Microsoft plans September cybersecurity event to discuss changes after CrowdStrike outage (CNBC)

Iran Tries To 'Storm' U.S. Election With Russian-Style Disinformation Campaign (Radio Free Europe/Radio Liberty)

Audit finds notable security gaps in FBI's storage media management (Bleeping Computer)

shan-hanes-pig-butchering-scam.html">Cryptocurrency 'pig butchering' scam wrecks Kansas bank, sends ex-CEO to prison for 24 years (CNBC)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Enjoy this special encore episode, where we are joined by Vice President of Global Systems Engineering Ellen Sundra and she shares her career path from life as a college grad who found her niche by creating a training program to a leader in cybersecurity. She realized that training and educating people was her passion. Ellen sees her value in providing soft skills as a natural balance to her technical team at Forescout Technologies. Being a woman in a male-dominated world proved to be a challenge and gaining her confidence to share her unique point of view helped her excel in it. Ellen recommends keeping your eyes open for how your skill set fits into cybersecurity. Find your perspective and really embrace it! We thank Ellen for sharing her story with us.

Learn more about your ad choices. Visit megaphone.fm/adchoices

In this Special Edition podcast, N2K's Executive Editor Brandon Karpf speaks with Dustin Moody, mathematician at NIST, about their first 3 recently finalized post-quantum encryption standards.

NIST finalized a key set of encryption algorithms designed to protect against future cyberattacks from quantum computers, which operate in fundamentally different ways from traditional computers. Listen as Brandon and Dustin discuss these algorithms and how quantum computing will change the way we view encryption and cyber attacks in the future.

Resources:

NIST Releases First 3 Finalized Post-Quantum Encryption Standards (NIST)

• FIPS 203
• FIPS 204
• FIPS 205

What is Post Quantum Cryptography? (NIST)

National Cybersecurity Center of Excellence (NCCoE)

Post-Quantum Cryptography Standardization Project (NIST)

Need to know: NIST finalizes post-quantum encryption standards essential for cybersecurity. (N2K CyberWire)

Learn more about your ad choices. Visit megaphone.fm/adchoices

Robert Duncan, VP of Product Strategy from Netcraft, is discussing their work on "Mule-as-a-Service Infrastructure Exposed." Netcraft's new threat intelligence reveals the intricate connections within global fraud networks, showing how criminals use specialized services like Mule-as-a-Service (MaaS) to launder scam proceeds.

By mapping the cyber and financial infrastructure, including bank accounts, crypto wallets, and phone numbers, Netcraft exposes how different scams are interconnected and identifies weak points that can be targeted to disrupt these operations. This insight provides an opportunity to prevent fraud and protect against financial crimes like pig butchering, investment scams, and romance fraud.

The research can be found here:

• Mule-as-a-Service Infrastructure Exposed

Learn more about your ad choices. Visit megaphone.fm/adchoices

The exploitation of the LiteSpeed Cache Wordpress plugin has begun. Halliburton confirms a cyberattack. Velvet Ant targets Cisco Switch appliances. The Qilin ransomware group harvests credentials stored in Google Chrome. Ham radio enthusiasts pay a million dollar ransom. SolarWinds releases a hotfix to fix a hotfix. A telecom company will pay a million dollar fine over President Biden deepfakes. The Justice Department is suing the Georgia Institute of Technology and an affiliated company for allegedly failing to meet required cybersecurity standards for Pentagon contracts. Today’s guest is Dustin Moody, mathematician at NIST, speaking with N2K's Brandon Karpf about post-quantum encryption standards.  When it comes to phishing simulations, sometimes the cure is scarier than the disease.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today’s guest Dustin Moody, mathematician at NIST, talks with N2K's Brandon Karpf about their first 3 finalized post-quantum encryption standards. You can hear more of Brandon and Dustin’s conversation as they go into more detail on the individual standards on Sunday in our Special Edition podcast. Stay tuned. 

You can read more on the newly-released standards here. Want to learn more about what post-quantum cryptography is? Check out this resource from NICE. 

Selected Reading

Hackers are exploiting critical bug in LiteSpeed Cache plugin (Bleeping Computer)

Oil industry giant Halliburton confirms 'issue' following reported cyberattack (The Record)

China-Nexus Threat Group ‘Velvet Ant’ Exploits Zero-Day on Cisco Nexus Switches (Sygnia)

Qilin ransomware now steals credentials from Chrome browsers (Bleeping Computer)

ARRL IT Security Incident - Report to Members (ARRL: The National Association for Amateur Radio)

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw (SecurityWeek)

Telecom company hit with $1 million penalty over AI-generated fake Biden robocalls (The Record)

DOJ sues Georgia Tech over allegedly failing to meet cyber requirements for DOD contracts (CyberScoop)

Uni phishing test based on fake Ebola scare prompts apology (The Register)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

A Wordpress plugin vulnerability puts 5 million sites at risk. Google releases an emergency Chrome update addressing an actively exploited vulnerability. Cisco patches multiple vulnerabilities. Researchers say Slack AI is vulnerable to prompt injection. Widely used RFID smart cards could be easily backdoored. The FAA proposes new cybersecurity rules for airplanes, engines, and propellers. A member of the Russian Karakurt ransomware group faces charges in the U.S. The Five Eyes release a guide on Best Practices for Event Logging and Threat Detection. The Kremlin claims widespread online outages are due to DDoS, but experts think otherwise. In our Threat Vector segment, guest host Michael Sikorski speaks with Jason Healey, Senior Research Scholar at Columbia University's School of International and Public Affairs. A deadbeat dad dodges debt through death. 

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector Segment

In this Threat Vector segment, guest host Michael Sikorski, CTO of Unit 42, engages in a thought-provoking conversation about the historical challenges and advances in cyber conflict with Jason Healey, Senior Research Scholar at Columbia University's School of International and Public Affairs. To listen to their full conversation, check out the episode here. You can catch new episodes of Threat Vector every Thursday on the N2K CyberWire network. 

Selected Reading

Critical Privilege Escalation in LiteSpeed Cache Plugin (Patchstack)

Google fixes ninth Chrome zero-day exploited in attacks this year (The Register)

Cisco Patches High-Severity Vulnerability Reported by NSA (SecurityWeek)

Slack AI can leak private data via prompt injection (The Register)

Major Backdoor in Millions of RFID Cards Allows Instant Cloning (SecurityWeek)

FAA proposes new cybersecurity rules for airplanes (The Record)

U.S. charges Karakurt extortion gang’s “cold case” negotiator (Bleeping Computer)

ASD’s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection (CISA)

Kremlin blames widespread website disruptions on DDoS attack; digital experts disagree (The Record)

Deadbeat dad faked his own death by hacking government sites (The Register)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

A major American chipmaker discloses a cyberattack. Cybercriminals exploit Progressive Web Applications (PWAs) to bypass iOS and Android defenses. Mandiant uncovers a privilege escalation vulnerability in Microsoft Azure Kubernetes Services. ALBeast hits ALB. Microsoft’s latest security update has caused significant issues for dual-boot systems. The DOE’s new SolarSnitch program aims to sure up solar panel security. Researchers uncover LLM poisoning techniques. An Iranian-linked group uses a fake podcast to lure a target. Our guest is Parya Lotfi, CEO of DuckDuckGoose, discussing the increasing problem of deepfakes in the cybersecurity landscape. Return to sender - AirTag edition. 

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guest Parya Lotfi, CEO of DuckDuckGoose, discusses the increasing relevance of deepfakes in the cybersecurity landscape.

Selected Reading

Microchip Technology discloses cyberattack impacting operations (Bleeping Computer)

Android and iOS users targeted with novel banking app phishing campaign (Cybernews)

Azure Kubernetes Services Vulnerability Exposed Sensitive Information (SecurityWeek)

ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk (HACKREAD)

Microsoft’s latest security update has ruined dual-boot Windows and Linux PCs (The Verge)

DOE debuts SolarSnitch technology to boost cybersecurity in solar energy systems (Industrial Cyber)

Researchers Highlight How Poisoned LLMs Can Suggest Vulnerable Code (Dark Reading)

Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset | Proofpoint US (Proofpoint)

Serial mail thieves thwarted when victim sends herself an AirTag (Apple Insider) 

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices