The CyberWire Daily Podcast 7.25.23
Ep 1870 | 7.25.23

Norway continues to investigate a cyberattack. The view from Russia. Trends in data breaches, ransom payments, and security self-perception. Apple patches iOS.

Show Notes

A zero-day attack of undetermined origin targets government offices in Norway. Russia accuses the US of cyber aggression. Data breaches exact a rising cost. 74% of survey respondents say their company would pay ransom to recover stolen or encrypted data. Executives and security teams differ in their perception of cyber threat readiness. Mr. Security Answer Person John Pescatore looks at risk metrics. Joe Carrigan on a new dark market AI tool called Worm GPT. And Apple issues urgent patches.

Selected reading.

Norway says Ivanti zero-day was used to hack govt IT systems (BleepingComputer)

Norway investigates cyberattack affecting 12 government ministries (Record)

Norwegian government IT systems hacked using zero-day flaw (BleepingComputer)

Putin ally accuses US of planning cyberattacks on Russian critical infrastructure (Al Arabiya English) 

Cost of a Data Breach Report 2023 (IBM Security)

Ransom Monetization Rates Fall to Record Low Despite Jump In Average Ransom Payments (Coveware) 

2023 Cyber Threat Readiness Report (Swimlane) 

Apple Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA)

Apple fixes 16 security flaws with iOS 16.6, two actively exploited (9to5Mac)

Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs (The Hacker News)

Apple fixes new zero-day used in attacks against iPhones, Macs (BleepingComputer) 

iOS 16.6: Apple Suddenly Releases Key iPhone Update With Urgent Fixes (Forbes)