The NTLM bug that sees and steals.

CyberWire Daily

N2K Networks, Inc.

Technology, Tech News, Daily News, News

4.8 • 1.1K Ratings

🗓️ 6 December 2024

⏱️ 31 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Researchers uncover a critical Windows zero-day. An alleged Ukrainian cyberattack targets one of Russia’s largest banks. Russian group BlueAlpha exploits CloudFlare services. Microsoft flags Chinese hacking group Storm-0227 for targeting critical infrastructure and U.S. government agencies. SonicWall patches high-severity vulnerabilities in its secure access gateway. Atrium Health reports a data breach affecting over half a million individuals. Rockwell Automation discloses four critical vulnerabilities in its Arena software. U.S. authorities arrest an alleged member of the Scattered Spider gang. Our guest is Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox Contest and its new investment component. C3PO gets caught in the crypto mines. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joining Dave today is Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox Contest and its new investment component. Read more details in the press release. Selected Reading New Windows 7 To 11 Warning As Zero-Day With No Official Fix Confirmed (Forbes) Russian users report Gazprombank outages amid alleged Ukrainian cyberattack (The Record) BlueAlpha Russian hackers caught abusing CloudFlare services (SC Media) U.S. org suffered four month intrusion by Chinese hackers (Bleeping Computer) Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (The Register) SonicWall Patches 6 Vulnerabilities in Secure Access Gateway (SecurityWeek) Mitel MiCollab zero-day and PoC exploit unveiled (Help Net Security) Atrium Health Data Breach Impacts 585,000 People (SecurityWeek) Rockwell Automation Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News) US arrests Scattered Spider suspect linked to telecom hacks (Bleeping Computer) Nebraska Man pleads guilty to $3.5 million cryptojacking scheme (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:09.0	This Christmas, Lidl's spreading the chair, because we've gone on one Good Housekeeping Institute's best supermarket wine range of the year.
0:16.6	Pick up great wines like a Kianti Reserver, New Zealand Sauvignon Blanc, or Californian Zinfundel Rosee from 399.
0:24.4	Have a magical Christmas with Lidl.
0:26.9	Subject to availability, selected stores, GB only.
0:31.7	Now, a word about our sponsor, the Johns Hopkins University Information Security Institute.
0:41.3	The J.HU. ISI is home to world-class interdisciplinary experts dedicated to developing technologies to protect the world's vast online
0:47.3	systems and infrastructure and working closely with U.S. government research agencies and
0:52.9	industry partners. The Institute offers research agencies and industry partners.
1:00.0	The Institute offers dual degree and joint programs in computer science and health informatics and has been designated as a Center of Academic Excellence in Cyber Research.
1:05.7	Learn more at isi.j.j.u.edu. i s i dot j h u dot ed u researchers uncover a critical window zero day and alleged uk alleged Ukrainian cyber attack targets one of Russia's largest banks.
1:32.8	Russian group Blue Alpha exploits Cloudflare services, Microsoft flags Chinese hacking group Storm 027 for targeting critical infrastructure and U.S. government agencies.
1:43.6	Sonic Wall patches high severity vulnerabilities in its secure access gateway.
1:48.4	Atrium Health reports a data breach affecting over half a million individuals.
1:52.8	Rockwell Automation discloses four critical vulnerabilities in its arena software.
1:57.9	U.S. authorities arrest an alleged member of the scattered spider gang. Our guest is
2:02.5	Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox and its new
2:09.3	investment component. And C3PO gets caught in the crypto mines.
2:24.3	Thank you. in the Crypto Mines. It's Friday, December 6, 2024.
2:27.3	I'm Dave Bittner, and this is your Cyberwire Intel briefing.
2:44.3	Thank you. Intel briefing. Thanks for joining us here today and happy Friday.
2:47.3	It is great as always to have you with us.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.