Podcasts
CyberWire Daily
Ep 2281
The CyberWire Daily Podcast 4.7.25
Ep 2281 | 4.7.25

UK Apple showdown gonna be public.

Show Notes
Transcript

UK court blocks government's attempt to keep Apple encryption case secret. Port of Seattle says last year's breach affected 90,000 people. Verizon Call Filter App flaw exposes millions of call records. Hackers hit Australian pension funds. A global threat hiding in plain sight. Cybercriminals are yelling CAPTCH-ya! Meta retires U.S. fact-checking program. Our guest today is Rob Boyce from Accenture and he’s discussing Advanced Persistent Teenagers (APTeens). And Google’s AI Goes Under the Sea.

Today is April 7th, 2025. I’m Maria Varmazis, host of T-Minus Space Daily in for Dave Bittner. And this is your CyberWire Intel Briefing.

UK court blocks government's attempt to keep Apple encryption case secret.

The UK Investigatory Powers Tribunal has blocked the British government's effort to keep secret a case involving its request to circumvent Apple's encrypted iCloud services, reported by Bloomberg. The court, which hears complaints related to government surveillance, ruled that the government's efforts were a "fundamental interference with the principle of open justice." The Tribunal's ruling, which also publicly confirmed the existence of the case for the first time, said it would have been "a truly extraordinary step to conduct a hearing entirely in secret without any public revelation of the fact that a hearing was taking place."

Port of Seattle says last year's breach affected 90,000 people.

The Port of Seattle, the agency that oversees Seattle's seaport and airport, has disclosed that the ransomware attack it sustained in August affected data belonging to approximately 90,000 people, according to BleepingComputer. Around 71,000 of the victims are residents of Washington state. The Port says the breached information included "some combination of names, dates of birth, Social Security numbers (or last four digits of Social Security number), driver’s license or other government identification card numbers, and some medical information."

The agency previously disclosed that the Rhysida ransomware gang posted the stolen data to its leak site after the Port refused to pay the ransom.

Verizon Call Filter App flaw exposes millions' call records.

Cybersecurity researcher Evan Connelly discovered a vulnerability in Verizon's Call Filter iOS app that could have allowed unauthorized access to users' incoming call records. The flaw involved API requests lacking proper verification, enabling attackers to retrieve call data by specifying arbitrary phone numbers. This exposed phone numbers and timestamps of incoming calls, potentially affecting millions of users. Verizon, which has over 140 million subscribers, addressed the issue with a patch in mid-March 2025, following responsible disclosure.

Hackers hit Australian pension funds.

Hackers have recently targeted multiple Australian superannuation funds, attempting to access and steal members' retirement savings. The Association of Superannuation Funds of Australia (ASFA) reported that while most attempts were thwarted, some breaches did occur. AustralianSuper, managing over AU$365 billion for more than 3.5 million members, confirmed that stolen passwords were used to access 600 member accounts, resulting in four members losing a combined AU$500,000. The company responded by locking the affected accounts and notifying the impacted members. Prime Minister Anthony Albanese acknowledged the incident, noting that cyberattacks occur in Australia approximately every six minutes. ​

A global threat hiding in plain sight.

​Neptune RAT is a sophisticated Remote Access Trojan (RAT) actively targeting Windows users worldwide. Distributed through platforms like GitHub, Telegram, and YouTube, it is often marketed as the "Most Advanced RAT." The malware employs stealthy infection techniques using PowerShell commands to bypass traditional security measures. Once installed, Neptune RAT can exfiltrate credentials from over 270 applications, deploy ransomware, monitor desktops in real-time, and disable antivirus software. It establishes persistence via scheduled tasks and registry modifications. 

Cybercriminals are yelling CAPTCH-ya!

​Cybercriminals are employing deceptive tactics involving fake CAPTCHAs and Cloudflare Turnstile to distribute LegionLoader malware. This campaign targets users searching for PDF documents online. Victims encounter a fake CAPTCHA; upon interaction, they are led through a series of steps, including browser notification requests, culminating in the download of an MSI installer. Executing this installer initiates a complex infection chain, ultimately installing a malicious browser extension designed to steal sensitive information such as cookies, browsing history, and Bitcoin activities. The malware affects multiple browsers, including Chrome, Edge, Brave, and Opera.

Meta retires U.S. fact-checking program.

​Meta has officially ended its third-party fact-checking program in the United States as of April 7, 2025. This initiative, which previously involved external organizations to assess the accuracy of content on Facebook, Instagram, and Threads, has been replaced by a user-driven system called "Community Notes." This model allows users to collaboratively add context to posts, aiming to enhance information accuracy through collective input. Meta's CEO, Mark Zuckerberg, stated that this shift is intended to promote free expression and reduce perceived biases associated with traditional fact-checking methods. The company plans to continue its third-party fact-checking efforts outside the U.S. and intends to expand the Community Notes system internationally in the future.

Florida man pleads guilty to involvement with Scattered Spider.

A 20-year-old Florida man named Noah Urban has pleaded guilty to his involvement in the Scattered Spider cybercriminal group, SecurityWeek reports. Urban, who was arrested in January 2024, was accused of launching phishing and SIM swapping attacks that led to the theft of millions of dollars worth of cryptocurrency.

Urban pleaded guilty to conspiracy to commit wire fraud, wire fraud, and aggravated identity theft. As part of the deal, he's agreed to pay $13 million in restitution to fifty-nine victims.

 

 

Stick around after the break to hear Dave’s conversation with Rob Boyce, Global Lead for Cyber Resilience at Accenture, as they discuss Advanced Persistent Teenagers (APTeens). And fishal recognition could help save the planet? 

Advanced Persistent Teenagers (APTeens) have rapidly become a significant enterprise risk by demonstrating capabilities once limited to organized ransomware groups, the threat from juvenile, homegrown threat-actors has risen steadily. Rob Boyce, Global Lead for Cyber Resilience at Accenture, joins Dave to discuss Advanced Persistent Teenagers (APTeens). Here’s their conversation.

 

That was Dave Bittner sitting down with Rob Boyce, Global Lead for Cyber Resilience at Accenture, to discuss Advanced Persistent Teenagers (APTeens). 

 

Google’s AI Goes Under the Sea 

In a move that’s part sci-fi, part seafood sustainability, Google’s secretive X lab has unveiled TidalX, an underwater AI system designed to transform fish farming.

Equipped with smart cameras and machine learning, TidalX monitors farmed fish like salmon in real time—tracking their movements, behavior, and even individual fish health. Think fishal recognition—yes, facial recognition for fish.

Why does this matter? Overfeeding in aquaculture wastes food and pollutes the water, while underfeeding or missing early signs of disease can hurt both fish and farmers. TidalX aims to strike a balance, offering farmers insights to feed just the right amount, reduce waste, and catch health issues early—all without disrupting the watery ecosystem.

After five years in stealth mode, the project is now swimming into the spotlight with the goal of making aquaculture more efficient, sustainable, and scalable. As global demand for seafood rises, tech like this could be the key to meeting it responsibly.

So yes, the fish are getting their close-ups—and it just might help save the planet.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re privileged that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K makes it easy for companies to optimize your biggest investment, your people. We make you smarter about your teams, while making your teams smarter. Learn how at n2k.com.

N2K’s senior producer is Alice Carruth. Our CyberWire producer is Liz Stokes. We’re mixed by Tré Hester, with original music and sound design by Elliott Peltzman. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher, and I’m Maria Varmazis. Thanks for listening.

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: CyberWire, Inc.