Unveiling the Shadow Strike: A zero-day assault on Ivanti VPN users.
A zero-day hits Ivanti VPN customers. CISA highlights an active MS Sharepoint Server flaw. Cisco patches a critical vulnerability. Atomic Stealer gets updates. Sensitive school emergency planning documents are exposed online. The FCC reports on risky communications equipment. The White House will introduce new cybersecurity requirements for hospitals. Mandiant explains their X-Twitter hack. Our guest is Palo Alto Networks’ Unit 42’s David Moulton, host of the new Threat Vector podcast. And we are shocked - shocked! - to learn that an online sex for money scheme is a scam.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Guest David Moulton from Palo Alto Networks joins us to talk about Threat Vector. It’s Unit 42’s segment turned podcast on the N2K media network.
Selected Reading
Ivanti customers urged to patch vulnerabilities allegedly exploited by Chinese state hackers (The Record)
CISA Urges Patching of Exploited SharePoint Server Vulnerability (SecurityWeek)
Critical Cisco Unity Connection flaw gives attackers root privileges. Patch now! (CVE-2024-20272) (Help Net Security)
Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload (The Hacker News)
FCC's Reimbursement Program shows progress in removing national security risks from communication networks (Industrial Cyber)
After Barrage of Hacks, Hospitals Will Face New Federal Cybersecurity Rules Tied to Funding (The Messenger)
US School Shooter Emergency Plans Exposed in a Highly Sensitive Database Leak (WIRED)
Mandiant’s X Account Was Hacked in Brute-Force Password Attack (Infosecurity Magazine)
Believing they would be paid a fortune for having sex with women, hundreds of Indian men scammed out of cash (Graham Cluely)
Threat Vector Links.
To get more information on Medusa ransomware, listen to this episode of Threat Vector.
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices