Ghost accounts haunt GitHub.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 24 July 2024

⏱️ 34 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Stargazer Goblin hosts malicious code repositories on GitHub. Crowdstrike blames buggy validations checks for last week’s major incident. The Breachforums database reveals threat actor OPSEC. Windows Hello for Business (WHfB) was found vulnerable to downgrade attacks. A medical center in the U.S. Virgin Islands is hit with ransomware. Interisle analyzes the phishing landscape. The FTC orders eight companies to explain algorithmic pricing. Meta cracks down on the Nigerian Yahoo Boys. A fake IT worker gets caught in the act. My conversation with Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast.” Researchers wonder if proving you’re human proves profitable for Google. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast," talking about what to expect on Bluehat on the N2K media network. You can catch the podcast every other Wednesday. Their latest episode launching today can be found here. Selected Reading A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub (WIRED) CrowdStrike blames test software for taking down 8.5 million Windows machines (The Verge) BreachForums v1 database leak is an OPSEC test for hackers (Bleeping Computer) Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication (Dark Reading) Schneider Regional Medical Center hit by ransomware attack (Beyond Machines) New phishing report names and shames TLDs, registrars (The Verge) FTC Issues Orders to Eight Companies Seeking Information on Surveillance Pricing (FTC) Meta bans 63,000 accounts belonging to Nigeria’s sextortionist Yahoo Boys (The Record) How a North Korean Fake IT Worker Tried to Infiltrate Us (KnowBe4) Forget security – Google's reCAPTCHA v2 is exploiting users for profit (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Quick. Quick question. Do your end users always work on company-owned devices and IT approved
0:20.4	apps? If the answer is no, then my next question is, how do you keep company
0:26.1	data safe on all those unmanaged apps and devices? One password has an answer to this
0:32.1	question, extended access management
0:34.9	One Password extended access management helps you secure every sign-in for every
0:40.7	app on every device because it solves the problem traditional IAM and
0:45.6	MDM can't touch. Check it out at one password.com slash
0:50.8	x-am that's one password.com slash
0:55.0	X AM. StarGazer Goblin hosts malicious code repositories on GitHub.
1:15.0	Crowd strike blames buggy validation checks for last week's major incident.
1:20.0	The Breach Forum's database reveals Threat Actor Opset.
1:23.4	Windows Hello for Business was found vulnerable to downgrade attacks.
1:27.5	A medical center in the U.S. Virgin Islands is hit with ransomware.
1:31.4	Inter Isle analyzes the fishing landscape.
1:34.4	The FTC orders eight companies to explain algorithmic pricing.
1:38.8	Meta cracks down on the Nigerian Yahoo boys.
1:42.0	A fake IT worker gets caught in the act. My conversation with Nick
1:46.1	Fillingham and Wendy Zononi, co-hosts of Microsoft Securities The Blue Hat Podcast. And researchers wonder if proving your human proves profitable for Google. It's Wednesday, July 24th, 2024.
2:07.0	I'm Dave Bitner, and this is your CyberWire Intel briefing. Thank you for once again joining us. It is great as always to have you here with us.
2:32.2	A secret network of around 3,000 ghost accounts
2:36.6	on GitHub has been manipulating the platform to promote malware and fishing links, as revealed by research from cybersecurity firm Checkpoint.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.