CyberWire Daily N2K Networks

A Texas operator of rehab facilities faces multiple lawsuits after a ransomware attack. Microsoft warns Android developers to steer clear of the Dirty Stream. The Feds warn of North Korean social engineering. A flaw in the R programming language has been patched. Zloader borrows stealthiness from ZeuS. The GAO highlights gaps in NASA’s cybersecurity measures. Indonesia is a spyware hot-spot. Germany summons a top Russian envoy to address cyber-attacks linked to Russian military intelligence. An Israeli PI is arrested in London following allegations of a cyberespionage campaign. In our Industry Voices segment, Allison Ritter, Senior Product Manager from Cyberbit shares her career journey, off the bench and onto the court. A cybersecurity consultant allegedly attempts to extort a one-point-five million dollar exit package. 
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
On our Industry Voices segment, Allison Ritter, Senior Product Manager from Cyberbit, shares her cybersecurity journey: “Off the bench and onto the court.”

Selected Reading
Rehab Hospital Chain Hack Affects 101,000; Facing 6 Lawsuits (GovInfo Security)
Microsoft Warns of 'Dirty Stream' Vulnerability in Popular Android Apps (SecurityWeek)
U.S. Govt Warns of Massive Social Engineering Attack from North Korean Hackers (GB Hackers)
R-bitrary Code Execution: Vulnerability in R's Deserialization (HiddenLayer)
ZLoader Malware adds Zeus's anti-analysis feature (Security Affairs)
GAO report indicates that NASA should update spacecraft acquisition policies and standards for cybersecurity (Industrial Cyber) 
Indonesia is a Spyware Haven, Amnesty International Finds (InfoSecurity Magazine)
Germany summons Russian envoy over 2023 cyber-attacks (The Guardian)
Israeli private eye arrested in London over alleged hacking for US firm (Reuters)
Cybersecurity consultant arrested after allegedly extorting IT firm (Bleeping Computer) 

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Dropbox’s secure signature service suffers a breach. CISA is set to announce a voluntary pledge toward enhanced security. Five Eyes partners issue security recommendations for critical infrastructure. Microsoft acknowledges VPN issues after recent security updates. LockBit releases data from a hospital in France. One of REvil’s leaders gets 14 years in prison. An Phishing-as-a-Service provider gets taken down by international law enforcement. China limits Teslas over security concerns. In our Threat Vector segment, David Moulton from Unit 42 explores Adversarial AI and Deepfakes with two expert guests, Billy Hewlett, and Tony Huynh. NightDragon founder and CEO Dave Dewalt joins us with a preview of next week’s NightDragon Innovation Summit 2024 at RSAC. And celebrating the 60th  anniversary of the BASIC programming language.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
In our Threat Vector segment, David Moulton, Director of Thought Leadership at Unit 42, explores Adversarial AI and Deepfakes as part of the ongoing series “AI’s Impact in Cybersecurity'' with two expert guests, Billy Hewlett, Senior Director of AI Research at Palo Alto Networks, and Tony Huynh, a Security Engineer specializing in AI and deepfakes. They unpack the escalating risks posed by adversarial AI in cybersecurity. You can catch Threat Vector every other Thursday on the N2K CyberWire network and where you get all of your favorite podcasts. Listen to David’s full discussion with Billy and Tony here.

Plus, NightDragon Founder and CEO Dave Dewalt joins us with a preview of next week’s NightDragon Innovation Summit 2024 at RSAC including a look into his “State of the Cyber Union” keynote.

Selected Reading
Security Breach Exposes Dropbox Sign Users (Infosecurity Magazine)
The US Government Is Asking Big Tech to Promise Better Cybersecurity (WIRED)
CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog (Security Affairs)
Russian Hackers Target Industrial Systems in North America, Europe (SecurityWeek)
Microsoft says April Windows updates break VPN connections (Bleeping Computer)
LockBit publishes confidential data stolen from Cannes hospital in France (The Record)
Ukrainian sentenced to almost 14 years for infecting thousands with REvil ransomware (The Record)
LabHost Crackdown: 37 Arrested In Global Cybercrime Bust (Security Boulevard)
Tesla cars to be banned from Chinese government buildings amid security fears — report (Drive)
The BASIC programming language turns 60 (Ars Technica)

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

A breach at J.P. Morgan Chase exposes data of over 451,000 individuals. President Biden Signs a National Security Memorandum to Strengthen and Secure U.S. Critical Infrastructure. Verizon’s DBIR is out. Cornell researchers unveil a worm called Morris II. A prominent newspaper group sues OpenAI. Marriott admits to using inadequate encryption. A Finnish man gets six years in prison for hacking a psychotherapy center. Qantas customers had unauthorized access to strangers’ travel data. The Feds look to shift hiring requirements toward skills. In our Industry Voices segment, Steve Riley, Vice President and Field CTO at Netskope, discusses generative AI and governance. Major automakers take a wrong turn on privacy. 
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
Today on Industry Voices, Steve Riley, Vice President and Field CTO at Netskope, discusses generative AI and governance. For more of Steve’s insights into gen AI, check out his article in Forbes. 

Selected Reading
Breach at J.P. Morgan Exposes Data of 451,000 Plan Participants (PLANADVISER)
White House releases National Security Memorandum on critical infrastructure security and resilience (Industrial Cyber)
DBIR Report 2024 - Summary of Findings (Verizon)
Experimental Morris II worm can exploit popular AI services to steal data and spread malware (Computing)
Major U.S. newspapers sue OpenAI, Microsoft for copyright infringement (Axios)
Marriott admits it falsely claimed for five years it was using encryption during 2018 breach (CSO Online)
Finnish hacker imprisoned for accessing thousands of psychotherapy records and demanding ransoms (AP News)
Qantas Airways Says App Showed Customers Each Other's Data (GovInfo Security)
Agencies to turn toward ‘skill-based hiring’ for cyber and tech jobs, ONCD says (CyberScoop)
Carmakers lying about requiring warrants before sharing location data, Senate probe finds (The Record)

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

UnitedHealth’s CEO testimony before congress reveals details of the massive data breach. Major US mobile carriers are hit with hefty fines for sharing customer data. Muddling Meerkat manipulates DNS. A report from Sophos says ransomware payments skyrocketed this past year. The DOE addresses risks and benefits of AI. LightSpy malware targets macOS. A crucial Kansas City weather and traffic system is disabled by a cyberattack. A Canadian pharmacy chain shuts down temporarily following a cyberattack. Guest Kayla Williams, CISO from Devo, joins us to share CISO insights into the pressure of their roles they feel mounting on them and gives us a look into their plans for RSAC 2024. Pay attention - that AWS meter may be running. 
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
Guest Kayla Williams, CISO from Devo, joins us to share CISO insights into the pressure of their roles they feel mounting on them and gives us a look into their plans for RSAC 2024.

Selected Reading
Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO (TechCrunch)
FCC Fines Carriers $200m For Selling User Location Data (Infosecurity Magazine)
Muddling Meerkat hackers manipulate DNS using China’s Great Firewall (Bleeping Computer)
Ransom Payments Surge by 500% to an Average of $2m (Infosecurity Magazine)
US DOE rolls out initial assessment report on AI benefits and risks for critical energy infrastructure (Industrial Cyber) 
LightSpy malware has made a comeback, and this time it's coming after your macOS devices (ITPro)
Kansas City system providing roadside weather, traffic info taken down by cyberattack (The Record)
London Drugs pharmacy chain closes stores after cyberattack (Bleeping Computer)
An Empty S3 Bucket Can Make Your AWS Bills Explode (GB Hackers) - kicker
How an empty S3 bucket can make your AWS bill explode (Medium)

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Okta warns of a credential stuffing spike. A congressman looks to the EPA to protect water systems from cyber threats. CISA unveils security guidelines for critical infrastructure. Researchers discover a stealthy botnet-as-a-service coming from China. The UK prohibits easy IoT passwords. New vulnerabilities are found in Intel processors. A global bank CEO shares insights on cybersecurity. Users report mandatory Apple ID resets. A preview of N2K CyberWire activity at RSA Conference. Police in Japan find a clever way to combat gift card fraud. 
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
It’s the week before the 2024 RSA Conference. Today, we have N2K’s own Rick Howard, Brandon Karpf, and Dave Bittner previewing N2K’s upcoming activities and where you can find our team at RSAC 2024.

Special Edition: Threat Vector
Understanding the Midnight Eclipse Activity and CVE 2024-3400: Host David Moulton and Andy Piazza, Sr. Director of Threat Intelligence at Unit 42, dive into the critical vulnerability CVE-2024-3400 found in PAN-OS software of Palo Alto Networks, emphasizing the importance of immediate patching and mitigation strategies for such vulnerabilities, especially when they affect edge devices like firewalls or VPNs. 

Selected Reading
Okta warns customers about credential stuffing onslaught (Help Net Security)
Crawford puts forward bill on cybersecurity risks to water systems (The Arkansas Democrat-Gazette) 
CISA unveils guidelines for AI and critical infrastructure (FedScoop)
Chinese Botnet As-A-Service Bypasses Cloudflare & Other DDoS Protection Services (GB Hackers)
UK becomes first country to ban default bad passwords on IoT devices (The Record)
Researchers unveil novel attack methods targeting Intel's conditional branch predictor (Help Net Security)
Standard Chartered CEO on why cybersecurity has become a 'disproportionately huge topic' at board meetings (The Record)
Security Bite: Did Apple just declare war on Adload malware? (9to5Mac)
Apple users are being locked out of their Apple IDs with no explanation (9to5Mac)
Japanese police create fake support scam payment cards to warn victims (Bleeping Computer)

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Host of Darknet Diaries podcast Jack Rhysider shares his experiences from studying computer engineering at university to his strategy of using gamification on his career that led to him landing in the security space. Jack talks about how his wide experiences came together in security and what prompted him to learn podcasting. Jack endeavors to share the whole story through his podcasts while making them entertaining, enlightening and inspirational. Our thanks to Jack for sharing his story with us.