New reports shed light on both Volt and Salt Typhoons. Tenable updates faulty Nessus Agents and resumes plugin updates. A new infostealer campaign targets gamers on Discord. A fake version of a popular browser extension has been discovered stealing login credentials and conducting phishing attacks. ESET warns Windows 10 users of a potential “security fiasco.” A vulnerability in Nuclei allows attackers to bypass template signature verification and inject malicious code. An Indiana dental practice pays a $350,000 settlement over an alleged ransomware coverup. Tim Starks, Senior Reporter from CyberScoop, joins us today to discuss a new United Nations cybercrime treaty and his outlook for 2025. Farewell to a visionary leader. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Tim Starks, Senior Reporter from CyberScoop, joins us today to discuss a new United Nations cybercrime treaty and his outlook for 2025. Read Tim’s article on the UN cybercrime treaty here. 

Selected Reading

The US’s Worst Fears of Chinese Hacking Are on Display in Guam (Bloomberg)

How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons (Wall Street Journal)

China protests US sanctions for its alleged role in hacking, complains of foreign hacker attacks (AP News)

Tenable Disables Nessus Agents Over Faulty Updates (SecurityWeek)

New Infostealer Campaign Uses Discord Videogame Lure (Infosecurity Magazine)

Beware! Malicious EditThisCookie Chrome Extension Steals Login Credentials (Cyber Security News)

Windows 10 users urged to upgrade to avoid "security fiasco" (Bleeping Computer)

Nuclei flaw lets malicious templates bypass signature verification (Bleeping Computer)

Dental Practice Pays State in Alleged Data Breach 'Cover Up' (GovInfo Security)

Tenable CEO Amit Yoran Dead at 54 (SecurityWeek)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices