Deny by Default: A Cybersecurity Paradigm

A joint advisory warns of Fancy Bear targeting Western logistics and technology firms. A nonprofit hospital network in Ohio suffers a disruptive ransomware attack. The Consumer Financial Protection Bureau (CFPB) drops plans to subject data brokers to tighter regulations. KrebsOnSecurity and Google block a record breaking DDoS attack. A phishing campaign rerouted employee paychecks. Atlassian patches multiple high-severity vulnerabilities. A Wisconsin telecom provider confirms a cyberattack caused a week-long outage.  VMware issues a Security Advisory addressing multiple high-risk vulnerabilities.  Prosecutors say a 19-year-old student from Massachusetts will plead guilty to hacking PowerSchool. Our guest is Rob Allen, Chief Product Officer at ThreatLocker, discussing deliberate simplicity of fundamental controls around zero trust. Oversharing your call location data.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, today we are joined by Rob Allen, Chief Product Officer at ThreatLocker from RSAC 2025. Rob is discussing the deliberate simplicity of fundamental controls around zero trust. Token theft and phishing attacks bypass traditional MFA protections, letting attackers impersonate users and access critical SaaS platforms — without needing passwords. Listen to Rob’s interview here.

Learn more from the ThreatLocker team here.

Selected Reading

Russian GRU Targeting Western Logistics Entities and Technology Companies ( CISA)

Ransomware attack disrupts Kettering Health Network in Ohio (Beyond Machines)

America’s CFPB bins proposed data broker crackdown (The Register)

Krebs on Security hit by 'test run' DDoS attack that peaked at 6.3 terabits of data per second (Metacurity)

SEO poisoning campaign swipes direct deposits from employees (SC Media)

Atlassian Warns of Multiple High-Severity Vulnerabilities Hits Data Center Server (Cybersecurity News)

Cellcom Service Disruption Caused by Cyberattack (SecurityWeek)

VMware releases patches for security flaws in multiple virtualization products (Beyond Machines)

Massachusetts man will plead guilty in PowerSchool hack case (CyberScoop)

O2 VoLTE: locating any customer with a phone call  (Mast Database)

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices