Cybersecurity Headlines

Yaron Levi, CISO at Dolby, discusses the GoFetch vulnerability in Apple's Silicon M series chips, espionage tactics by APT 31 using family surveillance, evolution of military forces into cyberspace, rising vulnerabilities from bad input and zero-day exploits, consumer influence on online services, and empowering consumers for privacy advocacy.

Data breaches soar in 2023 with 17 billion personal records exposed, US Treasury warns of AI threats, Hot Topic faces credential stuffing attacks

The podcast discusses the rise of zero-day exploits fueled by spyware, a Microsoft SharePoint vulnerability being actively exploited, and Facebook analysis of unencrypted Snapchat traffic. It also covers advancements in data minimization laws, Veronis' data risk assessment offer, Windtell's AI PC release, a phishing operation targeting consumers, and HSBC's GoldToken launch.

APT31 targeting family members for surveillance, ransomware attack on UK newspaper, Apple MFA bombing. Cyber Security Threats discussed include Shadow Ray campaign, Apple security bug, and ransomware propagation.

EU targets tech giants with DMA, China bans US tech in government systems, US think tank calls for military cyber service, recent cyber attacks on Japan, phishing campaigns in US and EU, evolving threats like Strela Stiehler, UK blames China for voter hack, challenges for CSOs

Topics discussed include Kimsuky using HTML Help files for cyberattacks, KDE Linux warning, critical flaw in Atlassian Bamboo, cybersecurity legislation, Pwn2Own Vancouver 2024 exploits, 'go fetch' chip vulnerability, and Biden's cybersecurity nomination.

Exploring McDonald's outage from a third-party vendor's change, spyware agreements, and e-sports hacking incidents. Bug bounty programs, IoT security specs, and consumer awareness discussed. Enhancing software security with AI, addressing water sector vulnerabilities, and insights into Simply Cyber connection.

Microsoft Server crashes, npm package discrepancies, Nemesis darknet marketplace raid - Cybersecurity Incidents and Allegations Against Apple - Hackathon Results Revealed in Las Vegas

Topics discussed include a Water Sector Cybersecurity Task Force, Loop DoS attacks exploiting UDP, and GitHub's AI tool for vulnerability fixes. The episode also covers the challenges of compliance and security programs, automated compliance with Vanta, and data leaks from misconfigured Google Firebase sites.

ESports league postponed due to mid-stream hack, bank loses $40 million to system glitch, LockBit ransomware gang resurfaces with vengeance. LockBit leader aims to target 1 million companies, Acid-poor malware targets Linux, and APT groups target government agencies. Threat actors exploit digital document publishing platforms, IoT device security concerns addressed.