Demo-lition derby: iVerify and Google clash over pixel app pitfalls.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 16 August 2024

⏱️ 27 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Google and iVerify clash over the security implications of an Android app. CISA has issued a warning about a critical vulnerability in SolarWinds Web Help Desk. Ransomware attacks targeting industrial sectors surge. Microsoft is rolling out mandatory MFA for Azure. Banshee Stealer is a new macOS-targeted malware developed by Russian threat actors. A popular flight tracking website exposes users’ personal and professional information. San Francisco goes after websites generating deepfake nudes. Daniel Blackford, Director of Threat Research at Proofpoint, joins us to discuss emerging tactics used by threat actors and trends in e-crime tied to nation states. Scammers Use Google to Scam Google. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Daniel Blackford, Director of Threat Research at Proofpoint, joined us while he was out at Black Hat to discuss emerging tactics used by threat actors and trends in e-crime tied to nation states. Selected Reading Google to remove app from Pixel devices following claims that it made phones vulnerable (The Record) Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App (WIRED) SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day (SecurityWeek) Microsoft Mandates MFA for All Azure Sign-Ins (Infosecurity Magazine) New Banshee Stealer macOS Malware Priced at $3,000 Per Month (SecurityWeek) Dragos reports resurgence of ransomware attacks on industrial sectors, raising likelihood of targeting OT networks (Industrial Cyber) CISA Releases Eleven Industrial Control Systems Advisories (CISA) FlightAware Exposed Pilots’ and Users’ Info (404 Media) AI-powered ‘undressing’ websites are getting sued (The Verge) Dozens of Google products targeted by scammers via malicious search ads (Malwarebytes) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	The IT world used to be simpler. You only had to secure and manage environments that you controlled.
0:20.0	Then came new technologies and new ways to work. Now employees, apps, and networks are everywhere.
0:27.0	This means poor visibility, security gaps, and added risk.
0:31.0	That's why Cloudflare created the first ever connectivity cloud.
0:35.6	Visit Cloud.com to protect your business everywhere you do business. Google and I verify Clash over the security implications of an Android app.
0:57.0	CISA has issued a warning about a critical vulnerability in Solar Wins web help desk,
1:03.4	ransomware attacks targeting industrial sectors surge.
1:07.2	Microsoft is rolling out mandatory MFA for Azure.
1:10.8	Banshee Steeler is a new Mac OS targeted malware developed by Russian
1:15.0	thread actors.
1:16.3	A popular flight tracking website exposes users personal and professional information.
1:21.7	San Francisco goes after websites generating deep fake news.
1:26.0	Daniel Blackford, Director of Threat Research at Proof Point,
1:29.0	joins us to discuss emerging tactics used by threat actors and trends in e-crime tied to nation states.
1:36.0	And scammers use Google to scam Google. It's Friday, August 16, 2024.
1:54.0	I'm Dave Bitner, and this is your CyberWire Intel briefing. Thanks for joining us here today. Happy
2:03.0	It is always great to have you with us.
2:15.9	Google and I verify are clashing over the security implications of an Android app,
2:21.9	showcase dot APK found on pixel devices.
2:26.0	IVerify claims the app used for in-store demos
2:30.0	exposes millions of devices to potential cyber attacks by allowing hackers to exploit the
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.