Dialysis down, data out.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 14 August 2025

⏱️ 25 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

A ransomware attack exposes personal medical records of VA patients. New joint guidance from CISA and the NSA emphasizes asset inventory and OT taxonomy. The UK government reportedly spent millions to cover up a data breach. Researchers identified two critical flaws in a widely used print orchestration platform. Phishing attacks increasingly rely on personalization. Rooting and jailbreaking frameworks pose serious enterprise risks. Fortinet warns of a critical command injection flaw in FortiSIEM. Estonian nationals are sentenced in a crypto Ponzi scheme. Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Meet the Blockchain Bandits of Pyongyang. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Their team tested open-source, underground, and commercial AI models on vulnerability research and exploit development tasks—finding high failure rates and significant limitations, even among top commercial systems. Selected Reading Medical records for 1 million dialysis patients breached in data hack of VA vendor (Stars and Stripes) NSA Joins CISA and Others to Share OT Asset Inventory Guidance (NSA.gov) CISA warns of N-able N-central flaws exploited in zero-day attacks (Bleeping Computer) U.K. Secretly Spent $3.2 Million to Stop Journalists From Reporting on Data Breach (The New York Times) From Support Ticket to Zero Day (Horizon3.ai) Personalization in Phishing: Advanced Tactics for Malware Delivery (Cofense) The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device (Zimperium) Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild (Bleeping Computer) Estonians behind $577 million cryptomining fraud sentenced to 16 months (The Record) Someone counter-hacked a North Korean IT worker: Here’s what they found (Cointelegraph) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:05.7	A ransomware attack exposes personal medical records of VA patients. New joint guidance from SISA and the NSA emphasize asset inventory and OT taxonomy. The UK government reportedly spent millions to cover up a data breach. Researchers identified two critical flaws in a widely used print orchestration platform.
0:38.1	Fishing attacks increasingly rely on personalization.
0:41.4	Rooting and jailbreaking frameworks pose serious enterprise risks.
0:45.4	Fortinette warns of a critical command injection flaw.
0:48.6	Estonian nationals are sentenced in a crypto-Ponzi scheme.
0:52.6	Michaela Campabaso from Forscout joins us to separate the hype from reality around vibe hacking.
0:58.7	And meet the blockchain bandits of Pyongyang.
1:17.3	It's Thursday, August 14th, 2025.
1:21.2	I'm Dave Bittner, and this is your Cyberwire Intel briefing. Thank you. Thanks for joining us here today.
1:35.4	It's great to have you with us.
1:37.8	A ransomware attack on Davita, a major dialysis provider contracting with the Department
1:43.6	of Veterans Affairs,
1:45.4	exposed about 1 million medical records, including veterans' social security numbers,
1:50.6	lab results, and insurance details.
1:53.7	The breach affected VA patients receiving dialysis and lab services
1:58.1	through the Veteran Community Care Program.
2:01.2	Additional data, such as names, check images, and tax IDs may have been compromised.
2:07.3	The VA paid DeVita $206 million in early 2025 for services, but its internal systems were not impacted.
2:16.3	Forensic teams and the FBI are investigating.
2:19.9	DeVita has restored affected systems and will offer 12 months of free credit monitoring to victims.
2:26.2	Kidney disease is more prevalent among veterans, with the VA caring for about 600,000 affected individuals nationwide.
	...

Transcript will be available on the free plan in 23 days. Upgrade to see the full transcript now.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.