Another Medical Device Firm Hit

Medical Device Breaches, Anti-Scam Pledge Scrutiny, AI Font Trick, and Iran-Linked Cyber Updates.

Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst

The episode covers several cybersecurity stories: Intuitive Surgical disclosed a March 12 phishing-led intrusion where stolen credentials enabled access to its internal administrative network and data theft (customer/business contacts and employee records), while clinical platforms and Da Vinci/Ion systems remained unaffected. Eleven tech and retail firms including Google, Amazon, and OpenAI pledged to share threat intel on scams, amid skepticism and Verafin figures estimating $4.4T in global financial crime in 2025 and rising AI-driven fraud. LayerX demonstrated a font/CSS "glyph substitution" technique that shows humans a malicious command while AI assistants read benign text; Microsoft addressed it, while others deemed it out of scope. In Iran-war updates, senior Iranian cyber figures were reportedly killed; Iran-linked group Handala's Stryker attack allegedly wiped nearly 80,000 devices via compromised admin accounts and Intune, with further unverified leak claims. Denver crosswalk speakers were hacked due to default passwords.

00:00 Sponsor Message Meter
00:19 Medical Device Breach
01:52 Phishing Still Wins
02:32 Tech Pledge Against Scams
03:43 Fraud Numbers And AI
05:49 Font Trick AI Bypass
07:22 Vendor Responses Lessons
09:03 Iran Cyber War Updates
10:00 Stryker Intune Wipe Attack
11:07 More Iranian Claims
12:17 Denver Crosswalk Hack
13:10 Wrap Up And Signoff
13:33 Sponsor Outro Meter