CISA's calls for a JCDC makeover.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 6 June 2024

⏱️ 25 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

CSAC recommends key changes to the Joint Cyber Defense Collaborative. Cloud vendor Snowflake says single-factor authentication is to blame in their recent breach. Publishers sue Google over pirated ebooks. The FBI shares LockBit decryption keys. V3B is a phishing as a service campaign targeting banking customers. Commando Cat targets Docker servers to deploy crypto miners. Our guest is Danny Allen, Snyk's CTO, discussing how in the rush to implement GenAI, some companies are bypassing best practices and security policies. Club Penguin fans stumble upon a cache of secrets in the house of mouse. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Danny Allen, Snyk's CTO, discussing how in the rush to implement GenAI, companies bypass best practices and security policies. This highlights a clear gap between those in leadership looking to adopt AI tools and the teams who are utilizing them. Learn more in Snyk Organizational AI Readiness Report. Selected Reading CISA advisors urge changes to JCDC's goals, operations, membership criteria (The Record) CISA says 'patch now' to 7-year-old Oracle WebLogic bug (The Register) Snowflake says users with single-factor authentication targeted in attack (SC Media) Advance Auto Parts stolen data for sale after Snowflake attack (Bleeping Computer) Major Publishers Sue Google Over Ads for Pirated Ebooks (Publishing Perspectives) FBI unveils 7,000 decryption keys to aid LockBit victims (Silicon Republic) Hackers Attacking Banking Customers Using Phishing-As-A-Service V3B Toolkit (GB Hackers) Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers (Trend Micro) Club Penguin fans breached Disney Confluence server, stole 2.5GB of data (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	The IT world used to be simpler. You only had to secure and manage environments that you controlled.
0:20.0	Then came new technologies and new ways to work. Now employees, apps, and networks are everywhere.
0:27.0	This means poor visibility, security gaps, and added risk.
0:31.0	That's why Cloudflare created the first ever connectivity cloud.
0:35.6	Visit Cloud.com to protect your business everywhere you do business. C.S. C.S.
0:43.0	C.SAC recommends key changes to the Joint Cyber Defense Collaborative.
0:57.5	Cloud Vendor Snowflake says single-factor authentication is to blame in their recent breach, publishers sue Google over pirated e-books,
1:06.2	the FBI shares Lockbit decryption keys.
1:09.4	V3B is a fishing as a service campaign targeting banking customers, commando cat targets is Danny Allen
1:19.5	Aline's Chief Technology's commando Cat targets Docker Services to deploy crypto miners.
1:18.0	Our guest is Danny Allen, Sneeek's Chief Technology Officer, discussing how in the rush to implement generative AI, some companies
1:25.2	are bypassing best practices and security policies.
1:29.6	And Club Penguin fans stumble upon a cash of secrets in the house of mouse. It's Thursday, June 6, 2024. I'm Dave Bitner and this is your cyberwire Intel briefing. Thank you for joining us here today. It is great to have you with us.
2:09.0	Yesterday, the Cybersecurity and Infrastructure Security Agency convened its second quarter 2024
2:16.7	Cybersecurity Advisory Committee meeting, C.SAC, and recommended key changes to the Joint Cyber Defense Collaborative to address
2:25.8	member complaints about mismanagement and inefficiency. The JCDC launched by
2:31.6	CISA in 2021, allows private companies to share threat information with
2:36.5	the government.
2:37.5	The C-SACS recommendations include refining the JCDC's goals, membership criteria, and operations.
2:45.0	In February, some J.C. members criticized the initiative for slow responses and insufficient technical expertise.
2:53.0	The JCDC includes over 300 organizations,
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.