Cybersecurity Headlines

Cisco IOS XE infections remain high, California sidelines GM's driverless cars, Canada accuses China of 'Spamouflage' campaign. Other topics include Okta compromise, AI risk management proposal, pipeline damage blamed on a Chinese ship, anchored investigation, AI email attacks, and USB drive encryption cracked.

Chrome testing IP Protection, Microsoft Security Copilot, Cisco patches IOS XE, chip-making secrets stolen by Huawei, export bans, Fanta trust management platform, energy ransomware attack, North Korean domain seizure, cybersecurity incidents, potential CEO mistakes

Okta system attacked, Cisco vulnerability discovered; Key player of Ragnar Locker arrested in Paris; Updates on various cybersecurity incidents including ICC cyber attack, Senator's request for breach details; Social engineering attack on law enforcement portal, unpatched squid proxy vulnerabilities, data breaches at Okta, Ampersand, quick trip, CDW; Super Cyber Friday event about third-party risk in the cloud.

Guest Andrew Wilder, CISO, Community Veterinary Partners, discusses the disappointment in Biden admin's decision to withdraw water cyber regs, zero-day attacks on Cisco, signal debunking zero-day claim. 'Sleeping Dragon' data vulnerability and solutions for vulnerability management and prioritization are also discussed.

Global law enforcement successfully dismantles the dark web portal RagnarLocker. 23andMe experiences another data leak. Casio discloses a significant data breach. The Muddy Water hacker group resurfaces. Trigona Ransomware and North Korean hackers pose ongoing threats. The security implications of quantum computing are underestimated by IT practitioners.

State-backed attackers exploit WinRAR zero-day, Five Eyes warns of Chinese IP theft, ServiceNow data exposure issue identified, UCA data review, WhatsApp and Amazon passkey support, CIA information channel vulnerability, ASIC's encryption cracking interest, MEM Computing's in-memory processing ASIC claim, Google Play Protect's real-time malware scanning, X testing subscriptions for posting on social network, Securities and Exchange Commission's new cyber rules

Zero-day attacks on Cisco devices, warning about Confluence vulnerability exploitation, D-Link data breach due to phishing attack, discussions on data for sale, blocking data collection, Malvertizing campaign, cybersecurity partnership, cooperation in cybersecurity, fake browser updates used for malware distribution, and CEO sentenced in IP address scheme.

Israeli government warns about securing home security cameras, Signal debunks zero-day report, Equifax fined for data breach, discussion on chip export bans, and a social network intentionally throttling link speed.

CDW possibly attacked by LockBit resulting in data leaks and an $80 million ransom. FBI and CSO publish joint advisory regarding AvosLocker ransomware. EPA rescinds cybersecurity audit requirements. Multiple cybersecurity news stories including Linux ransomware attacks, convenience store network incident, and Microsoft phasing out NTLM in Windows 11.

Guest Martin Choluj, VP Security ClickHouse, joins as they discuss DDoS attack scale, data breach at 23andMe, Magecart skimmers campaign, financial impact of cyberattack on Clorox, and implications of relying on Microsoft products.