The CyberWire Daily Podcast 8.27.24
Ep 2138 | 8.27.24

Cyber revolt or just digital ruckus?

Show Notes

Hacktivists respond to the arrest of Telegram’s CEO in France. Stealthy Linux malware stayed undetected for two years. Versa Networks patches a zero-day vulnerability. Google has patched its tenth zero-day vulnerability of 2024. Researchers at Arkose labs document Greasy Opal. A flaw in Microsoft 365 Copilot allowed attackers to exfiltrate sensitive user data. Gafgyt targets crypto mining in cloud native environments. Microsoft investigates an Exchange Online message quarantine issue. Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Kentucky Prisoners Trick Tablets to Generate Fake Money. 

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Available on GitHub, AI Goat is an intentionally vulnerable AI environment built in Terraform that includes numerous threats and vulnerabilities for testing and learning purposes. Learn more

Selected Reading

Arrest of Telegram CEO sparks cyberattacks against French websites (SC Media)

Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules (AON)

Stealthy 'sedexp' Linux malware evaded detection for two years (Bleeping Computer)

Google tags a tenth Chrome zero-day as exploited this year (Bleeping Computer)

Versa fixes Director zero-day vulnerability exploited in attacks (Bleeping Computer)

Greasy Opal: Greasing the Skids for Cybercrime (Arkose Labs)

Microsoft Copilot Prompt Injection Vulnerability Let Hackers Exfiltrate Personal Data (Cyber Security News)

Gafgyt Botnet: Weak SSH Passwords Targeted For GPU Mining (Security Boulevard)

Microsoft: Exchange Online mistakenly tags emails as malware (Bleeping Computer)

Kentucky prisoners hack state-issued computer tablets to digitally create $1M. How’d they do it? (Union Bulletin)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.