Security risks in the hardware and software supply chains. Patches and proofs-of-concept. A look at recent incidents hitting major corporations. Online surveillance and social credit in Russia.
CyberWire Daily5 Okt 2023

Security risks in the hardware and software supply chains. Patches and proofs-of-concept. A look at recent incidents hitting major corporations. Online surveillance and social credit in Russia.

Apple patches actively exploited iOS 17 vulnerability. Qakbot's survival of a major takedown. BADBOX puts malware into the device supply chain. LoonyTunables and a privilege-escalation risk. Scattered Spider believed responsible for cyberattack against Clorox. Sony discloses information on its data breach. In today’s Threat Vector segment, Chris Tillett, Senior Research Engineer at Palo Alto Networks and member of the Advisory Board at Titaniam Labs, joins host David Moulton to delve inside the mind of an insider threat. Dave Bittner sits down with Eric Goldstein, Executive Assistant Director at CISA, to discuss shared progress against the ransomware threat. And the Kremlin tightens control over the Russian information space. On this segment of Threat Vector, Chris Tillett, Senior Research Engineer at Palo Alto Networks and member of the Advisory Board at Titaniam Labs, joins host David Moulton to delve inside the mind of an insider threat. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/191 Selected reading. Apple emergency update fixes new zero-day used to hack iPhones (BleepingComputer) Apple releases iOS 17.0.3 to address iPhone 15 overheating issues (Computing) Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day (SecurityWeek) Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown (Cisco Talos Blog) HUMAN Disrupts Digital Supply Chain Threat Actor Scheme Originating from China (HUMAN) Trojans All the Way Down: BADBOX and PEACHPIT (Human) 'Looney Tunables' Bug Opens Millions of Linux Systems to Root Takeover (Dark Reading) Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions (The Hacker News) Clorox Security Breach Linked to Group Behind Casino Hacks (Bloomberg) Clorox Warns of a Sales Mess After Cyberattack (Wall Street Journal) Sony confirms data breach impacting thousands in the U.S. (BleepingComputer) Sony sent data breach notifications to about 6,800 individuals (Security Affairs) Russian Offensive Campaign Assessment, October 4, 2023 (Institute for the Study of War) Learn more about your ad choices. Visit megaphone.fm/adchoices

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(3696)

When trusted sites turn. [Research Saturday]

When trusted sites turn. [Research Saturday]

Lauren Fievisohn, Ph.D, Senior Threat Researcher from Silent Push, is sharing their work on "Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attacks in Thousands of Comprom...

18 Jul 17min

A nightmare on Windows street.

A nightmare on Windows street.

Nightmare Eclipse drops another Windows zero-day. The Gentlemen take the ransomware crown. CISA orders emergency Fortinet patching. Canada’s surveillance bill faces U.S. scrutiny. Meta’s Oversight Boa...

17 Jul 25min

For hackers, sharing is caring.

For hackers, sharing is caring.

CISA warns of active SharePoint attacks. The NSA pushes coordinated vulnerability disclosure. ClickLock Stealer targets macOS. Splunk and Zoom patch critical flaws. Spirals ransomware strikes in under...

16 Jul 30min

Patchapalooza packs a punch.

Patchapalooza packs a punch.

Patch Tuesday. SonicWall urges immediate patching of actively exploited vulnerabilities. The White House launches an AI-backed vulnerability clearinghouse. The Air Force contends with widespread cybe...

15 Jul 28min

The ransomware toll road.

The ransomware toll road.

Treasury sanctions a VPN provider tied to ransomware. The Pentagon hits pause on CMMC audits. Critical flaws surface in Google Cloud’s Dialogflow CX. Estée Lauder discloses a data breach. Mobile netwo...

14 Jul 26min

State of the router.

State of the router.

The U.S. and its allies warn of Russian cyber threats targeting critical infrastructure as Europe rolls out new sanctions. Apple sues OpenAI over alleged trade secret theft. Progress investigates a po...

13 Jul 26min

Preparing space for Q-day. [T-Minus: Space-Cyber Briefing]

Preparing space for Q-day. [T-Minus: Space-Cyber Briefing]

As the world prepares itself for quantum computing, governments and private space enterprises alike are looking to get ahead of the technology and manage the rapidly-accelerating risks. In this week’...

12 Jul 21min

Conti-versal opinions. [Research Saturday]

Conti-versal opinions. [Research Saturday]

Today we are joined by Geoff White, host of Cyber Hack and BBC journalist, taking a deep dive into the Conti ransomware gang. Geoff explores an in-depth investigation into the notorious Conti ransomwa...

11 Jul 29min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
fotballpodden-2
forklart
stopp-verden
popradet
rss-gukild-johaug
det-store-bildet
hanna-de-heldige
rss-ness
aftenbla-bla
nokon-ma-ga
dine-penger-pengeradet
rss-penger-polser-og-politikk
bt-dokumentar-2
lydartikler-fra-aftenposten
rss-utenrikskomiteen-med-bogen-og-grasvik
e24-podden
unitedno