You're listening to the Cyberwire Network, powered by N2K.

And now a word from our sponsor, SpyCloud. Identity is the new battleground, and attackers are

exploiting stolen identities to infiltrate your organization.

Traditional defenses can't keep up.

SpyCloud's holistic identity threat protection helps security teams uncover and automatically

remediate hidden exposures across your users, from breaches, malware and fishing to neutralize

identity-based threats like account takeover, fraud, and ransomware.

Don't let invisible threats compromise your business.

Get your free corporate darknet exposure report at spycloud.com slash cyberwire and see what

attackers already know. That's spycloud.com slash cyberwire.

Hello everyone and welcome to the CyberWires Research Saturday.

I'm Dave Bittner and this is our weekly conversation with researchers and analysts tracking

down the threats and vulnerabilities, solving some of the hard problems and protecting

ourselves in a rapidly evolving cyberspace.

Thanks for joining us.

If we see that in a strange or new or different application or program that we don't typically see, we start to get the hunch. Hey, there might be some weaknesses. There's a flaw

or potential vulnerability in that software. And truth be told, that was

the very beginning of the story here. When we saw this detector fire, well, that pointed us

towards that center stack application. And then after we did our homework, did a little bit of research,

we see, oh, this has just recently been added to the known exploited vulnerabilities database that SISA maintains.

And we're thinking, okay, yeah, we're on to something here.

That's John Hammond, principal security researcher at Huntress.

...