Cybersecurity Headlines Week in Review: Microsoft Trust abuse, 23andMe bankruptcy risks, NIST's growing backlog
13 snips
Mar 28, 2025 Jonathan Waldrop, CISO at The Weather Company, dives into the alarming misuse of Microsoft’s Trust Signing Service for malware and the looming bankruptcy risks of 23andMe, raising concerns about the fate of personal DNA records. The conversation shifts to the vulnerabilities in renewable energy systems, emphasizing the ever-evolving nature of cybersecurity threats. Waldrop also highlights the urgent need for accountability and improved privacy protections as data breaches continue to escalate, underscoring the critical need for vigilance in an increasingly digital world.
AI Snips
Chapters
Transcript
Episode notes
Trust, but Verify
- Exploiting trusted certificates is an ongoing security challenge, similar to past issues with passwords and MFA.
- Identifying legitimate software is increasingly difficult, requiring vigilance and environmental awareness.
Renewable Energy Security
- Connecting renewable energy systems, like solar panels, to the internet introduces security risks similar to other IoT devices.
- Securing these systems is crucial due to their connection to power grids and homes, requiring manufacturers to prioritize security in their design.
Cooperation and Mitigation
- Organizations should cooperate with regulators and take proactive steps to mitigate risks after a cyberattack.
- This responsible approach can lead to reduced fines and demonstrates a commitment to improvement.