Podcasts
CyberWire Daily
Ep 2377
The CyberWire Daily Podcast 8.22.25
Ep 2377 | 8.22.25

A free speech showdown.

Show Notes
Transcript

The FTC warns one country’s “online safety” may be another’s “censorship.” A new bipartisan bill aims to reduce barriers to federal cyber jobs. MURKY PANDA targets government, technology, academia, legal, and professional services in North America. MITRE updates their hardware weaknesses list. Customs and Border Protection conducts a record number of device searches at U.S. borders. A recent hoax exposes weaknesses in the cybersecurity community’s verification methods. A Houston man gets four years in prison for sabotaging his employer’s computer systems. A Florida-based provider of sleep apnea equipment suffers a data breach. Interpol dismantles a vast cybercriminal network spanning Africa. Brandon Karpf shares his experience with fake North Korean job applicants. Being a smooth-talking English speaker can land you a gig in the cybercrime underworld. 

Today is Friday August 22nd 2025. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

The FTC warns one country’s “online safety” may be another’s “censorship.”

The Federal Trade Commission (FTC) warned U.S. tech companies that complying with European and U.K. online content rules could violate American law. FTC Chairman Andrew Ferguson said following foreign “censorship” efforts, including the EU’s Digital Services Act and Britain’s Online Safety Act, may breach Section 5 of the FTC Act, which prohibits unfair or deceptive practices. He argued Americans do not expect platforms to restrict speech to satisfy foreign governments and warned against weakening encryption protections. Ferguson cited British attempts to access Apple iCloud data as an example. The warning comes amid broader U.S. criticism of Europe’s regulation of online speech. Ferguson invited tech executives to discuss how they will balance global pressures with their legal obligations to American consumers.

A new bipartisan bill aims to reduce barriers to federal cyber jobs. 

Lawmakers on the House cybersecurity subcommittee introduced the Cybersecurity Hiring Modernization Act, aiming to reduce barriers to federal cyber jobs by prioritizing skills over degrees. Sponsored by Rep. Nancy Mace (R-S.C.) and Rep. Shontel Brown (D-Ohio), the bipartisan bill seeks to expand the talent pool at a time of rising cyber threats. Mace said the bill would “cut red tape” and allow skilled applicants without four-year diplomas to serve, while Brown called expanding the workforce “imperative” for secure systems. The bill directs the Office of Personnel Management to track and report changes to education requirements and collect data on new hires’ backgrounds. Agencies could still require degrees if mandated by law or if education is directly tied to job competencies.

MURKY PANDA targets government, technology, academia, legal, and professional services in North America. 

Since 2023, CrowdStrike has tracked MURKY PANDA, a China-linked cyber adversary targeting government, technology, academia, legal, and professional services in North America. The group is highly cloud-focused, conducting trusted-relationship compromises and exploiting internet-facing appliances for initial access. They rapidly weaponize n-day and zero-day vulnerabilities, including Citrix and Commvault flaws, and use tools like the Neo-reGeorg web shell and their custom malware CloudedHope to maintain persistence. MURKY PANDA has compromised SaaS providers and Microsoft cloud solution partners to move laterally into downstream customers, often exfiltrating emails and sensitive documents. They employ strong operational security by altering logs and timestamps to avoid detection. CrowdStrike assesses their activity as espionage-driven, aimed at intelligence collection, and warns that cloud-heavy organizations remain especially vulnerable to these advanced operations.

MITRE updates their hardware weaknesses list. 

MITRE has released an updated CWE Most Important Hardware Weaknesses (MIHW) list, first published in 2021, to reflect evolving hardware security challenges. The 2025 version highlights 11 key weaknesses, including six new entries, while retaining five persistent flaws such as improper debug access and memory protection issues. Topping the list is CWE-226: Sensitive Information in Resource Not Removed Before Reuse, which risks exposing data if memory or resources aren’t properly cleared. MITRE stresses that hardware flaws propagate upward, limiting software and firmware mitigations.

Customs and Border Protection conducts a record number of device searches at U.S. borders. 

Customs and Border Protection (CBP) is conducting record numbers of electronic device searches at U.S. borders, Wired reports. Between April and June 2025, officials searched 14,899 devices, a 16.7% increase over the previous high in early 2022. CBP can inspect phones, laptops, and cameras without a warrant, with searches divided into “basic” manual checks and more invasive “advanced” forensic extractions. Civil liberties advocates warn this unchecked authority has a chilling effect on travelers, including journalists and lawyers with sensitive data. Device searches have risen steadily over the past decade, from 8,503 in 2015 to 46,362 in 2024. While CBP stresses searches affect less than 0.01% of travelers, critics say new investments in forensic tools may expand advanced inspections, raising further privacy concerns.

A recent hoax exposes weaknesses in the cybersecurity community’s verification methods. 

A recent hoax has exposed weaknesses in how the cybersecurity community verifies information. A Telegram channel impersonating Europol announced a fake $50,000 reward for details on Qilin ransomware operators “Haise” and “XORacle.” Many researchers and journalists initially reported the claim before Europol confirmed it was false. The impostors later admitted the stunt was designed to troll the community and highlight poor fact-checking. The incident shows how easily misinformation can spread on platforms like Telegram and the risks of relying on unverified sources. While Europol quickly debunked the claim, the episode underscored the need for stronger verification practices, better communication from law enforcement, and closer collaboration among journalists, researchers, and officials to prevent future disinformation campaigns from misleading the cybersecurity ecosystem.

A Houston man gets four years in prison for sabotaging his employer’s computer systems. 

A Houston man, Davis Lu, 55, was sentenced to four years in prison and three years of supervised release for sabotaging his employer’s computer systems. Prosecutors said Lu, a longtime employee of Eaton Corporation, deployed malicious code in 2018–2019 after his role was reduced. He deleted coworkers’ profiles, caused system crashes, and created a “kill switch” named after himself that locked out thousands of users worldwide. The sabotage caused hundreds of thousands in damages. Lu faced up to 10 years and plans to appeal.

A Florida-based provider of sleep apnea equipment suffers a data breach. 

CPAP Medical Supplies and Services, a Florida-based provider of sleep apnea equipment, has disclosed a data breach affecting over 90,000 people, including U.S. military members and families. Hackers accessed its systems in December 2024 for more than a week, potentially stealing Social Security numbers and protected health information. CPAP reported the breach to state authorities and HHS but says there’s no evidence of misuse. No ransomware group has claimed responsibility, raising speculation attackers may avoid publicity or CPAP paid to prevent data leaks.

Interpol dismantles a vast cybercriminal network spanning Africa. 

Interpol’s Operation Serengeti 2.0 dismantled a vast cybercriminal network spanning Africa, leading to 1,209 arrests, the seizure of $97.4 million, and the takedown of 11,432 malicious infrastructures. Running from June to August 2025, the operation involved law enforcement from 18 African nations, the UK, private cybersecurity firms, and nonprofits. Authorities estimate the network defrauded nearly 88,000 victims, causing $485 million in losses through ransomware, scams, and business email compromise. Highlights included dismantling illegal crypto-mining centers in Angola, a $300 million investment scam in Zambia, and a multimillion-dollar inheritance fraud in Côte d’Ivoire. Interpol praised growing global cooperation, noting the operation not only disrupted cybercrime but also boosted prevention through partnerships like the InterCOP cybercrime prevention network.

 

Being a smooth-talking English speaker can land you a gig in the cybercrime underworld. 

Turns out, being a smooth-talking English speaker can now land you a gig in the cybercrime underworld—no resume required, just a knack for sounding like IT support. ReliaQuest says demand for English-language social engineering has more than doubled since last year, with job ads hawking “impersonation-as-a-service” packages: coaching, scripts, even tech support for your scams. Gangs like Scattered Spider and ShinyHunters have been perfecting the art, tricking Dior, Chanel, Google, and others into handing over Salesforce credentials. With AI lending crooks “superpowers” and nation-state tactics trickling down to the masses, phishing calls have evolved far beyond prank territory. Instead of “Is your refrigerator running?” it’s more like, “This is Workday IT, can I have your password?” Unfortunately, people keep saying yes.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

We'd love to hear from you. We're conducting our annual audience survey to learn more about our listeners. We're collecting your insights until August 31, 2025. There's a link in the show notes.

 

N2K’s senior producer is Alice Carruth. Our producer is Liz Stokes. We’re mixed by Elliott Peltzman and Tré Hester, with original music by Elliott Peltzman. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.

CyberWire Daily
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Schedule: Monday-Friday
Creator: N2K Networks, Inc.