The CyberWire Daily Podcast 2.5.25
Ep 2239 | 2.5.25

DOGE days numbered?

Show Notes

The DOGE team faces growing backlash. The Five Eyes release guidance on protecting edge devices. A critical macOS kernel vulnerability allows privilege escalation, memory corruption, and kernel code execution. Google and Mozilla release security updates for Chrome and Firefox. Multiple Veeam backup products are vulnerable to man-in-the-middle attacks. Zyxel suggests you replace those outdated routers. A former Google engineer faces multiple charges for alleged corporate espionage. CISA issues nine new advisories for ICS vulnerabilities. A house Republican introduces a cybersecurity workforce scholarship bill. On our CertByte segment, a look at ISC2’s CISSP exam. Google updates its stance on AI weapons. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CertByte Segment

Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K’s suite of industry-leading certification resources, and a study tip to help you achieve the professional certifications you need to fast-track your career growth in IT, cyber security, or project management.

In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Steven Burnley to break down a question targeting ISC2®'s CISSP - Certified Information Systems Security Professional) exam. Today’s question comes from N2K’s ISC2® CISSP - Certified Information Systems Security Professional Practice Test.

The CISSP is regarded as the premier global cybersecurity certification. It is geared towards experienced security practitioners, executives, and managers who want to prove their knowledge across a variety of security practices and principles. To learn more about this and other related topics under this objective, please refer to the following resource: CISSP Cert Guide (4th Edition), Chapter 1: Security and Risk Management.

For the past 25 years, N2K's practice tests have helped more than half a million IT and cyber security professionals reach certification success. Have a question that you’d like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro

Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.

Additional sources: 

https://www.isc2.org/certifications/cissp 

Selected Reading

Federal Workers Sue to Disconnect DOGE Server (WIRED)

Treasury says DOGE review has ‘read-only’ access to federal payments system (The Record)

‘Things Are Going to Get Intense:’ How a Musk Ally Plans to Push AI on the Government (404 Media)

Cybersecurity, government experts are aghast at security failures in DOGE takeover (CyberScoop)

Five Eyes Launch Guidance to Improve Edge Device Security (Infosecurity Magazine)

Apple's MacOS Kernel Vulnerability Let Attackers Escalate Privileges - PoC Released (Cyber Security News) 

Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities (SecurityWeek)

Critical Veeam Vulnerability (CVE-2025-23114) Exposes Backup Servers to Remote Code Execution (SOCRadar)

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers (TechCrunch)

US cranks up espionage charges against ex-Googler accused of trade secrets heist (The Register)

CISA Releases Nine Advisories Detailing vulnerabilities and Exploits Surrounding ICS (Cyber Security News)

CISA hires former DHS CIO into top cyber position (Federal News Network)

Proposal for federal cyber scholarship, with service requirement, returns in House (The Record)

Google drops pledge not to use AI for weapons or surveillance (Washington Post)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.