Season 10 Episode 2374
A researcher uncovers vulnerabilities across Intel’s internal websites that exposed sensitive employee and supplier data. The Kimsuky group (APT43) targets South Korean diplomatic missions. A new DDoS vulnerability bypasses the 2023 “Rapid Reset” fix. Drug development firm Inotiv reports a ransomware attack to the SEC. The UK drops their demand that Apple provide access to encrypted iCloud accounts. Hackers disguise the PipeMagic backdoor as a fake ChatGPT desktop app. The source code for a powerful Android banking trojan was leaked online. A Nebraska man is sentenced to prison for defrauding cloud providers to mine nearly $1 million in cryptocurrency. On this week’s Threat Vector, David Moulton speaks with Liz Pinder and Patrick Bayle for a no holds barred look at context switching in the SOC. A UK police force fails to call for backup.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector
Security analysts are drowning in tools, alerts, and tabs. On today's Threat Vector segment from Palo Alto Networks, we offer a snapshot from host David Moulton's conversation with Liz Pinder and Patrick Bayle. Together they take a no holds barred look at context switching in the SOC, what it costs, why it's getting worse, and how smarter design can fix it. You can listen to David, Patrick, and Liz's conversation here. It’s a must-listen for anyone building or managing a modern SOC. New episodes of Threat Vector drop each Thursday on the N2K CyberWire network and in your favorite podcast app.
Selected Reading
Intel data breach: employee data could be accessed via API (Techzine Global)
North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware (GB Hackers)
Internet-wide Vulnerability Enables Giant DDoS Attacks (Dark Reading)
Drug development company Inotiv reports ransomware attack to SEC (The Record)
UK ‘agrees to drop’ demand over Apple iCloud encryption, US intelligence head claims (The Record)
Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft (The Record)
ERMAC Android malware source code leak exposes banking trojan infrastructure (Bleeping Computer)
Nebraska man gets 1 year in prison for $3.5M cryptojacking scheme (Bleeping Computer)
If you like Podbriefly.com, please consider donating to support the ongoing development.
Donate