Take a trip down regreSSHion lane.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 2 July 2024

⏱️ 29 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

A new OpenSSH vulnerability affects Linux systems. The Supreme Court sends social media censorship cases back to the lower courts. Chinese hackers exploit a new Cisco zero-day. HubSpot investigates unauthorized access to customer accounts. Japanese media giant Kadokawa confirmed data leaks from a ransomware attack. FakeBat is a popular malware loader. Volcano Demon is a hot new ransomware group. Google launches a KVM hypervisor bug bounty program. Johannes Ullrich from SANS Technology Institute discusses defending against API attacks. Goodnight, Sleep Tight, Don’t Let the Hackers Byte! Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Johannes Ullrich from SANS Technology Institute talking about defending against attacks affecting APIs and dangerous new attack techniques you need to know about. This conversation is based on Johannes’ presentations at the 2024 RSA Conference. You can learn more about them here: Attack and Defend: How to Defend Against Three Attacks Affecting APIs The Five Most Dangerous New Attack Techniques You Need to Know About Selected Reading New regreSSHion OpenSSH RCE bug gives root on Linux servers (Bleeping Computer) US Supreme Court sidesteps dispute on state laws regulating social media (Reuters) China’s ‘Velvet Ant’ hackers caught exploiting new zero-day in Cisco devices (The Record) HubSpot accounts breach under investigation (SC Media) Japanese anime and gaming giant admits data leak following ransomware attack (The Record) Exposing FakeBat loader: distribution methods and adversary infrastructure (Sekoia.io blog) Halcyon Identifies New Ransomware Operator Volcano Demon Serving Up LukaLocker (Halcyon) Google launches Bug Bounty Program for KVM Hypervisor (Stack Diary) How to Get Root Access to Your Sleep Number Bed (Dillan Mills) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	The IT world used to be simpler. You only had to secure and manage environments that you controlled.
0:20.0	Then came new technologies and new ways to work. Now employees, apps, and networks are everywhere.
0:27.0	This means poor visibility, security gaps, and added risk.
0:31.0	That's why Cloudflare created the first ever connectivity cloud.
0:35.6	Visit Cloud.com to protect your business everywhere you do business. A new open S.S.S.H vulnerability affects Linux systems, the Supreme Court sends social media
0:59.6	censorship cases back to the lower courts.
1:02.5	Chinese hackers exploit a new Cisco Zero Day.
1:05.7	HubSpot investigates unauthorized access to customer accounts.
1:09.5	Japanese media giant Katakawa confirmed data leaks from a ransomware attack.
1:14.8	Fake Bat is a popular malware loader.
1:17.1	Volcano Demon is a hot new ransomware group.
1:20.5	Google launches a KVM hypervisor bug bounty program.
1:24.0	Johannes Ulrich from the Sans Technology Institute discusses defending against API attacks.
1:29.0	And good night, sleep tight, don't let the hackers bite. It's Tuesday, July 2nd, 2024.
1:45.0	I'm Dave Bittner and this is your CyberWire Intel briefing. Thanks for joining us here once again. It is great to have you with us.
2:10.0	A new open S.S.S.S.H vulnerability, dubbed regression with a capital S.S.H in the middle of the word
2:18.0	regression allows unauthenticated remote code execution with root privileges on glibsy-based Linux systems.
2:26.7	Discovered by Kualis in May of this year, the flaw results from a race condition in the
2:32.0	SSHD signal handler.
2:34.0	It can be exploited if a client fails to authenticate within the default 120 second
2:39.6	login grace time, triggering unsafe,
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.