Understanding the FAIR Model for Risk Assessment

Patch Tuesday. The Matrix Foundation patches high-severity vulnerabilities in its open-source communications protocol. The “Curly COMrades” Russian-aligned APT targets critical infrastructure. Microsoft tells users to ignore new CertificateServicesClient (CertEnroll) errors.  Researchers uncover a malware campaign hiding the NjRat Remote Access Trojan in a fake Minecraft clone. Motorcycle manufacturer Royal Enfield suffers a ransomware attack. The DOJ details a major operation against the BlackSuit ransomware group. Our guest is Jack Jones, father of Factor Analysis of Information Risk (FAIR) and the FAIR Controls Analytics Model (FAIR-CAM), sharing insights on cyber risk quantification. Data Brokers’ digital hide-and-seek.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Jack Jones, father of Factor Analysis of Information Risk (FAIR) and the FAIR Controls Analytics Model (FAIR-CAM), as he is sharing insights on where he sees the cyber risk quantification market heading.

Selected Reading

Microsoft Patches Over 100 Vulnerabilities (SecurityWeek)

Adobe Patches Over 60 Vulnerabilities Across 13 Products (SecurityWeek)

Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia (SecurityWeek)

Fortinet, Ivanti Release August 2025 Security Patches (SecurityWeek)

ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities (SecurityWeek)

Alarm raised over 'high-severity' vulnerabilities in Matrix messaging protocol (The Record)

'Curly COMrades' APT Hackers Target Critical Organizations Across Multiple Countries (GB Hackers)

Microsoft asks users to ignore certificate enrollment errors (Bleeping Computer)

Fake Minecraft Installer Spreads NjRat Spyware to Steal Data (Hackread)

Motorcycle manufacturer Royal Enfield hit by ransomware attack published: yesterday (Beyond Machines)

US Authorities Seize $1m from BlackSuit Ransomware Group (Infosecurity Magazine)

We caught companies making it harder to delete your personal data online  (The Markup)

Audience Survey

Complete our annual audience survey before August 31.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices