Squarespace's square off with hijacked domains.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 16 July 2024

⏱️ 31 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Some Squarespace users see their domains hijacked. Kaspersky Lab is shutting down US operations. BackPack APKs break malware analysis tools. Hackers use 7zip files to deliver Poco RAT malware. CISA’s red-teaming reveals security failings at an unnamed federal agency. Microsoft fixes an Outlook bug triggering false security alerts. Switzerland mandates open source software in the public sector. On our Industry Voices segment, N2K’s Rick Howard speaks with Alex Lawrence and Matt Stamper from Sysdig about their 555 Cloud Security Benchmark. Bellingcat sleuths pinpoint an alleged cartel member. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, N2K’s Rick Howard speaks with Alex Lawrence and Matt Stamper from Sysdig about their 555 Cloud Security Benchmark. Learn more about the /555 benchmark. Selected Reading Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks (Krebs on Security) Kaspersky Lab Closing U.S. Division; Laying Off Workers (Zero Day) Beware of BadPack: One Weird Trick Being Used Against Android Devices (Palo Alto Networks Unit 42) New Poco RAT Weaponizing 7zip Files Using Google Drive (GB Hackers) CISA broke into a US federal agency, and no one noticed for a full 5 months (The Register) Organizations Warned of Exploited GeoServer Vulnerability (Security Week) Microsoft finally fixes Outlook alerts bug caused by December updates (Bleeping Computer) New Open Source law in Switzerland (Joinup) Exploring the Skyline: How we Located an Alleged Cartel Member in Dubai (Bellingcat) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Attention.
0:10.0	Attention all security professionals want real-time IP intelligence at your
0:17.4	fingertips. Sign up for Scout Insights free trial today. Get immediate insights into threats.
0:24.0	Search any IP with no training required
0:27.0	and enjoy intuitive graphical results.
0:30.0	Whether you need to identify compromised hosts
0:32.0	or enrich
0:33.4	Splunk Queries, Scout Insight has you covered.
0:36.7	Don't wait, accelerate your threat response now.
0:40.4	Visit team cumri.com slashiberwire to start your free trial. Some Squarespace users see their domains hijacked. Caspurski Lab is shutting down U.S. operations.
1:05.1	Backpack APKs break malware analysis tools.
1:08.9	Hackers use 7 zip files to deliver Poco Rat malware.
1:13.0	CISA's red teaming reveals security failings at an unnamed federal agency.
1:18.0	Microsoft fixes an outlook bug triggering false security alerts.
1:22.0	Switzerland mandates open source software in the public sector.
1:25.0	On our industry voices segment, N2K's Rick Howard speaks with Alex Lawrence and Matt
1:30.8	Stamper from Sistig about their 555 Cloud Security benchmark.
1:35.0	And Bellingat's sleuths pinpoint an alleged cartel member. It's Tuesday, July 16, 2024. I'm Dave Bitner and this is your CyberWire Intel briefing. Thanks for joining us here today. It is great to have you with us.
2:15.0	Last week, over a dozen organizations using Squarespace had their domains hijacked.
2:21.0	Squarespace, which acquired Google domains a year ago, is migrating those domains.
2:27.2	Many customers haven't set up new accounts yet, allowing hackers to exploit this by registering migrated domains using existing email addresses.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.