CyberWire Daily Prosper’s not so prosperous week.
31 snips
Oct 17, 2025 Danny Jenkins, CEO and co-founder of ThreatLocker, dives deep into the intricacies of zero trust security. He discusses how AI is reshaping cybersecurity, noting the rise of AI-generated malware and sophisticated phishing tactics. Jenkins explains why zero trust is more important today, particularly as organizations grapple with the rapid deployment of AI tools. He emphasizes that cybersecurity is not just about technology but also about cultivating a mindset focused on least privilege. Expect insightful predictions on the future of zero trust in a world increasingly influenced by AI.
AI Snips
Chapters
Transcript
Episode notes
Massive Prosper Data Exposure
- Prosper's breach potentially exposed 17.6 million email addresses plus extensive PII including SSNs and government IDs.
- Prosper's investigation remains ongoing and the company cannot yet validate the full scope reported by Have I Been Pwned.
Certificate Revocations Disrupt Ransomware
- Microsoft revoked over 200 certificates used to sign malicious Teams installers tied to Vanilla Tempest.
- The attackers fraudulently signed loaders and backdoors using legitimate code-signing services to increase trust.
ZeroDisco Targets Old Cisco Switches
- Attackers exploited a Cisco SNMP vulnerability to deploy Linux rootkits dubbed ZeroDisco on older switches.
- There's no universal automated detection, and Cisco TAC should be engaged for low-level firmware and ROM investigation.