Patch Tuesday notes. Mr. Mudge goes to Washington. Joint warning of IRGC cyber activity. No major developments in the cyber phases of Russia’s hybrid war (but Ukraine is sounding confident).

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 14 September 2022

⏱️ 32 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Patch Tuesday notes. The US Senate Judiciary Committee hears from the Twitter whistleblower. Joint warning of IRGC cyber activity. Rob Boyce from Accenture on cybercriminals weaponizing leaked ransomware data. Chris Novak from Verizon describes his participation in the CISA Advisory Board. And Ukraine reiterates confidence in its resiliency. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/177 Selected reading. Adobe Patches 63 Security Flaws in Patch Tuesday Bundle (SecurityWeek) Microsoft Releases September 2022 Security Updates (CISA) Microsoft's September Patch Tuesday fixes five critical bugs (Computing) Microsoft Raises Alert for Under-Attack Windows Flaw (SecurityWeek) SAP Security Patch Day September 2022 (Onapsis) Apple Releases Security Updates for Multiple Products (CISA) Apple fixes eighth zero-day used to hack iPhones and Macs this year (BleepingComputer) Apple Will Let You Remove Rapid Security Response Updates in iOS 16 (Mac Rumors) Data Security at Risk: Testimony from a Twitter Whistleblower (United States Senate Committee on the Judiciary) Twitter Employees Have Too Much Access to Data, Whistleblower Says (Wall Street Journal) Twitter whistleblower reveals employees concerned China agent could collect user data (Reuters) Security failures cause ‘real harm to real people’ (Washington Post) Twitter whistleblower testifies to Congress, calls for tech regulation reforms (The Record by Recorded Future) The Search for Dirt on the Twitter Whistle-Blower (The New Yorker) Whistle-Blower Says Twitter ‘Chose to Mislead’ on Security Flaws (New York Times) Twitter whistleblower says site put growth over security (Computing) Written Statement of Peiter (“Mudge”) Zatko United States Senate Judiciary Committee September 13, 2022 (Katz Banks Kumin) What we learned when Twitter whistleblower Mudge testified to Congress (TechCrunch) How China became big business for Twitter (Reuters) Twitter whistleblower exposes limits of FTC’s power (Washington Post) Twitter Whistle-Blower Testimony Spurs Calls for Tech Regulator (Bloomberg) Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations (CISA) Ukraine’s Cyberwar Chief Sounds Like He’s Winning (WIRED) DDoS attacks on financial sector surge during war in Ukraine, new FCA data reveals (PR Newswire)

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Today's episode is sponsored by SRM, your first call for cybersecurity and
0:18.1	investigations. Threats today are evolving faster than ever before and since 2005 SRM has pioneered
0:25.3	tailored security solutions for global corporations and their executives.
0:29.5	Whether it's defending against cyber attacks with their award-winning team of ethical hackers and incident response specialists,
0:36.4	or navigating the murky waters of compliance and ESG challenges,
0:40.9	SRMs, Insight and Straight straightforward advice will help you navigate complex risks
0:46.4	and emerge more resilient.
0:48.4	Their secret, a culture that nurtures the sharpest minds, giving them access to the newest technologies and the freedom
0:55.3	to solve problems in new ways, enabling them to craft simple effective solutions for your
1:01.4	unique cyber challenges.
1:03.7	Search your first call to discover how SRM can help your business. And now a word from our sponsor, Six Cents.
1:23.2	Six Cents provides award-winning cloud-based automated endpoint and vulnerability management solutions
1:29.5	to streamline IT and security operations. With its advanced platform, businesses gain complete visibility and control over their infrastructure, reducing IT and security risks, and optimizing operational efficiency.
1:43.0	With 6 cents, you'll get real-time alerts,
1:46.0	risk-based vulnerability prioritization and remediations,
1:49.0	and an intuitive automation and orchestration engine
1:52.0	so you can focus on your core business goals
1:55.0	confident in the knowledge that your enterprise is secure,
1:58.0	compliant and running smoothly.
2:00.0	Visit 6Cence.com
2:02.0	to learn why enterprises choose them. Patch Tuesday notes, the U.S. Senate Judiciary Committee hears from the Twitter
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.