The White House preps a major overhaul of U.S. cybersecurity policy. A key Commerce security office loses staff as regulatory guardrails weaken. Lawmakers Press AT&T and Verizon after months of silence on Salt Typhoon. A vulnerability in the React Native Metro development server is under active exploitation. Amaranth Dragon leverages a WinRAR flaw. A coordinated reconnaissance campaign targets Citrix NetScaler infrastructure. CISA warns a SolarWinds Web Help Desk flaw is under active exploitation. Zach Edwards, Senior Threat Researcher at Silent Push, is discussing a hole in the kill chain leaving law enforcement empty-handed. Cops in Northern Ireland get an unwanted data breach encore.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Zach Edwards, Senior Threat Researcher at Silent Push, discussing a hole in the kill chain leaving law enforcement empty-handed. You can read more from Zach’s team here.
Selected Reading
White House Cyber Director Charts New Course for Digital Defense Through Private Sector Partnership (Web Pro News)
Another Misstep in U.S.-China Tech Security Policy (Lawfare)
Cantwell claims telecoms blocked release of Salt Typhoon report (Cyberscoop)
Hackers exploit critical React Native Metro bug to breach dev systems (Bleeping Computer)
New Amaranth Dragon cyberespionage group exploits WinRAR flaw (Bleeping Computer)
Wave of Citrix NetScaler scans use thousands of residential proxies (Bleeping Computer)
Fresh SolarWinds Vulnerability Exploited in Attacks (SecurityWeek)
‘It defies belief’: Names of PSNI officers published on court website in new breach (Belfast Telegraph)
Share your feedback.
What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.
Want to hear your company in the show?
N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices
CyberWire Daily