CyberWire Daily

Houken blends stealth and chaos.

French authorities report multiple entities targeted by access brokers. A ransomware group extorts a German hunger charity. AT&T combats SIM swapping and account takeover attacks. A Missouri physician group suffers a cyber attack. Qantas doesn’t crash, but their computers do. Researchers uncover multiple critical vulnerabilities in Agorum Core Open. A student loan administrator in Virginia gets hit by the Akira ransomware group. The Feds sanction a Russian bulletproof hosting service. Johnson Controls notifies individuals of a major ransomware attack dating back to 2023. Will Markow, CEO of FourOne Insights and N2K CyberWire Senior Workforce Analyst shares the latest technology workforce trends. The ICEBlock app warms up to users.

Transcript

North Korea’s covert coders caught.

The Feds shut down a covert North Korean IT operation. Google releases an emergency update to fix a new Chrome zero-day. A major U.S. trade show and event marketing firm suffers a data breach. NetScaler patches a pair of critical vulnerabilities. A sophisticated cyber attack targets The Hague. An Iran-linked hacking group threatens to release emails allegedly stolen from aides to President Trump. A ransomware attack exposes sensitive data linked to multiple Swiss federal government offices. The U.S. Treasury Department faces scrutiny after a string of cyberattacks. The FBI’s phone security tips draw fire from Senator Wyden. Tim Starks from CyberScoop describes how ubiquitous surveillance turned deadly. AI proves its pentesting prowess.

Transcript

U.S. braces for Iranian cyber intrusions.

CISA warns organizations of potential cyber threats from Iranian state-sponsored actors.Scattered Spider targets aviation and transportation. Workforce cuts at the State Department raise concerns about weakened cyber diplomacy. Canada bans Chinese security camera vendor Hikvision over national security concerns.Cisco Talos reports a rise in cybercriminals abusing Large Language Models. MacOS malware Poseidon Stealer rebrands.Researchers discover multiple vulnerabilities in Bluetooth chips used in headphones and earbuds. The FDA issues new guidance on medical device cybersecurity. Our guest is Debbie Gordon, Co-Founder of Cloud Range, looking “Beyond the Stack - Why Cyber Readiness Starts with People.” An IT worker’s revenge plan backfires.

Transcript

Turbulence in the cloud.

Hawaiian Airlines reports a cybersecurity incident. Microsoft updates its Windows Resiliency Initiative after the 2024 CrowdStrike crash. CitrixBleed 2 is under active exploitation in the wild. Researchers disclose a critical vulnerability in Open VSX. Malware uses prompt injection to evade AI analysis. A new report claims Cambodia turns a blind eye to scam compounds. Senators propose a ban on AI tools from foreign adversaries. An NSA veteran is named top civilian at U.S. Cyber Command. Maria Varmazis speaks with Ian Itz from Iridium Communications on allowing IoT devices to communicate directly with satellites. One Kansas City hacker’s bold marketing campaign ends with a guilty plea.

Transcript

No panic—just patch.

Patches, patches and more patches.A patient death has been linked to the 2023 ransomware attack on an NHS IT provider. U.S. authorities indict the man known online as “IntelBroker”. A suspected cyberattack disrupts Columbia University’s computer systems. A major license plate reader company restricts cross-state data access after reports revealed misuse of its network by police agencies. Our guest is Andy Boyd, former Director of CIA's Center for Cyber Intelligence (CCI) and currently an operating partner at AE Industrial Partners. Discounted parking as a gateway cybercrime.

Transcript