CyberWire Daily N2K Networks

The alleged operator of Incognito Market is collared at JFK. The UK plans new ransomware reporting regulations. Time to update your JavaScript PDF library. CISA adds a healthcare interface engine to its Known Exploited Vulnerabilities (KEV) catalog. HHS launches a fifty million dollar program to help secure hospitals. A Fluent Bit vulnerability impacts major cloud platforms. The EPA issues a cybersecurity alert for drinking water systems. BiBi Wiper grows more aggressive. Siren is a new threat intelligence platform for open source software. On our Industry Voices segment, guest Amit Sinha, CEO of DigiCert, joins N2K’s Rick Howard to discuss “Innovation: balancing the good with the bad.” And is it just me, or does that AI assistant sound awfully familiar?
Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
On our Industry Voices segment, guest Amit Sinha, CEO of DigiCert, joins N2K’s Rick Howard to discuss “Innovation: balancing the good with the bad.” Rick caught up with Amit at the recent RSA Conference in San Francisco. 

Selected Reading
“Incognito Market” Owner Arrested for Operating One of the Largest Illegal Narcotics Marketplaces on the Internet (United States Department of Justice)
Exclusive: UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments (The Record)
CVE-2024-4367 in PDF.js Allows JavaScript Execution, Potentially Affecting Millions of Websites: Update Now (SOCRadar)
CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw (SecurityWeek)
Fluent Bit flaw discovered that impacts every major cloud provider (Tech Monitor)
EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems (SecurityWeek)
New BiBi Wiper version also destroys the disk partition table (Bleeping Computer)
Enhancing Open Source Security: Introducing Siren by OpenSSF (OpenSSF)
HHS offering $50 million for proposals to improve hospital cybersecurity (The Record)
Scarlett Johansson Said No, but OpenAI’s Virtual Assistant Sounds Just Like Her (The New York Times)

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Germany’s BSI sues Microsoft for more information on recent security incidents. Julian Assange can appeal his U.S. extradition. AI chatbots may have itchy trigger fingers. CISA warns of vulnerabilities affecting Google Chrome and D-Link routers. Ham Radio’s association suffers a data breach. New underground marketplaces pop up to replace BreachForums. An updated banking trojan targets users in Central and South America. Cybercom’s founders share its origin story.  Examining gender bias in open source software contributors. For our Industry Voices segment, guest Chris Pierson, CEO at BlackCloak, met up with N2K’s Brandon Karpf at the 2024 RSA Conference to discuss personal cybersecurity risks for executives. College students unlock free laundering — no money required. 
Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
On our Industry Voices segment, guest Chris Pierson, CEO at BlackCloak, met up with N2K’s Brandon Karpf at the 2024 RSA Conference. Chris and Brandon discussed personal cybersecurity risks for executives.

Selected Reading
BSI sues Microsoft for disclosure of information on security disaster (Ground News)
Assange Can Appeal U.S. Extradition, English Court Rules (The New York Times)
ChatGPT likes to fight. For military AI researchers, that’s a problem (Tech Brew)
CISA warns of hackers exploiting Chrome, EoL D-Link bugs (Bleeping Computer)
American Radio Relay League Hit by Cyberattack (SecurityWeek)
FBI seizes BreachForums infrastructure — but successor sites are already popping up (ITPro)
Grandoreiro Banking Trojan is Back With Major Updates (Infosecurity Magazine)
(PDF) Gender bias in open source: Pull request acceptance of women versus men (ResearchGate)
The inside story of Cyber Command’s creation (CSO Online)
Two Santa Cruz students uncover security bug that could let millions do their laundry for free (TechCrunch) 

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

On this Special Edition podcast, Dave Bittner speaks with guest Dave Hickton, Founding Director, Institute for Cyber Law, Policy, and Security at the University of Pittsburgh, and former US Attorney, on this 10th Anniversary of the first indictment of Chinese PLA actors. Hear directly from Mr. Hickton what lead to the indictment, the emotions that went along with this unprecedented action, and the legacy of the event.
On May 19, 2014, a grand jury in the Western District of Pennsylvania (WDPA) indicted five Chinese military hackers for computer hacking, economic espionage and other offenses directed at six American victims in the U.S. nuclear power, metals and solar products industries. 
The indictment alleges that the defendants conspired to hack into American entities, to maintain unauthorized access to their computers and to steal information from those entities that would be useful to their competitors in China, including state-owned enterprises (SOEs). In some cases, it alleges, the conspirators stole trade secrets that would have been particularly beneficial to Chinese companies at the time they were stolen. In other cases, it alleges, the conspirators also stole sensitive, internal communications that would provide a competitor, or an adversary in litigation, with insight into the strategy and vulnerabilities of the American entity.
US Attorney Dave Hickton represented the Western District of Pennsylvania and was the signatory on the indictment. His team worked with the FBI Cyber Team in Pittsburgh, PA to bring about this historic action.
Resources:

Press Release: U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage

Indictment

This week, we are joined by Hosein Yavarzadeh from the University of California San Diego, as he is discussing his work on "Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor" This paper introduces new methods that let attackers read from and write to specific parts of high-performance CPUs, such as the path history register (PHR) and prediction history tables (PHTs).
These methods allow two main types of attacks. One can reveal a program's control flow history, as shown by recovering a secret image through the libjpeg routines. The other enables detailed transient attacks, demonstrated by extracting an AES encryption key, highlighting significant security risks for these systems.
The research can be found here:
Graph: Growing number of threats leveraging Microsoft API

Cyber Initiative and Special Projects Fellow at the Hewlett Foundation Monica Ruiz shares her career development from aspirations of being a weather woman to her current role as a grantmaker and connector in cybersecurity. Monica discusses how her international study experience changed her outlook and brought her to the field of security. She shares the difficulties she faced as a woman of color when when not that many people look like you, and how she used that as her reason to move forward and better the cybersecurity field through her work. Our thanks to Monica for sharing her story with us. 

Australia warns of a large-scale ransomware data breach. The justice department charges five with helping North Korean IT workers evade sanctions. The FCC wants to beef up BGP. Antidot is a new Android banking trojan. The SEC enhances disclosure obligations. Researchers uncover vulnerabilities in GE ultrasound devices. A Baltimore neo-nazi pleads guilty to conspiring to take down an electrical grid. On our Solution Spotlight: N2K’s Simone Petrella speaks with Alicja Cade, Director in Google Cloud's Office of the CISO, about the CISO role, board communication, and cyber workforce development. “Tanks” for the warm water, but you can keep the vulnerabilities.
Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
On our Solution Spotlight: N2K’s Simone Petrella speaks with Alicja Cade, Director in Google Cloud's Office of the CISO, about the CISO role, board communication, and cyber workforce development. Simone and Alicja spoke at the 2024 RSA Conference. 

Selected Reading
Australian government warns of 'large-scale ransomware data breach' (The Record)
US exposes scheme enabling North Korean IT workers to bypass sanctions (Help Net Security)
FCC proposes BGP security measures (Network World)
BGP: What is border gateway protocol, and how does it work? (Network World)
New 'Antidot' Android Trojan Allows Cybercriminals to Hack Devices, Steal Data (SecurityWeek)
SEC beefs up data privacy rules (Investment Executive)
GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft (DarkReading)
Baltimore County woman pleads guilty to conspiring with neo-Nazi leader to attack energy grid (The Baltimore banner)
How I upgraded my water heater and discovered how bad smart home security can be (Ars Technica)

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.