CyberWire Daily

Microsoft squashes windows server bug.

Apr 17, 2025

Rob Allen, Chief Product Officer at ThreatLocker, dives into the layered approach to zero trust, emphasizing its importance in today's cybersecurity landscape. He explains how this strategy helps mitigate risks from threat actors exploiting legitimate applications. The discussion also highlights Microsoft’s emergency updates for Windows Server and the pressing need for organizations to proactively address vulnerabilities, particularly in the wake of high-profile breaches. Allen's insights provide vital direction for navigating complex security challenges.

36:06

Creator website

Episode guests

Rob Allen

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Microsoft and Apple have released urgent security updates to address critical vulnerabilities, underscoring the importance of staying current with patches.

A layered approach to zero trust is essential for organizations to effectively combat cyber threats and safeguard sensitive information from both external and internal risks.

Deep dives

Emergency Security Updates Address Critical Vulnerabilities

Recent emergency security updates have been released by both Microsoft and Apple to address serious vulnerabilities in their systems. Microsoft patched a bug in Windows Server that affected container startups, ensuring stability and compatibility by updating system files that caused mismatches. Meanwhile, Apple urgently addressed two zero-day vulnerabilities in its operating systems, which were actively exploited in targeted attacks, allowing for remote code execution through malicious audio files. Users across a range of Apple devices are advised to update to mitigate risks, highlighting the ongoing necessity for organizations to stay current with security patches.

Intro

3min

Critical Security Updates and Ongoing Cyber Threats

3min

Unraveling Cybersecurity Breaches and Exposures

3min

Ransomware Revelations and Security Vulnerabilities

5min

Understanding Zero Trust Security

10min

Cybersecurity Essentials and Industry Insights

7min

Microsoft issues emergency updates for Windows Server. Apple releases emergency security updates to patch two zero-days. CISA averts a CVE program disruption. Researchers uncover Windows versions of the BrickStorm backdoor. Atlassian and Cisco patch several high-severity vulnerabilities. An Oklahoma cybersecurity CEO is charged with hacking a local hospital. A Fortune 500 financial firm reports an insider data breach. Researchers unmask IP addresses behind the Medusa Ransomware Group. CISA issues a warning following an Oracle data breach. On our Industry Voices segment, we are joined by Rob Allen, Chief Product Officer at ThreatLocker, to discuss a layered approach to zero trust. Former CISA director Chris Krebs steps down from his role at SentinelOne.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Industry Voices

On our Industry Voices segment, we are joined by Rob Allen, Chief Product Officer at ThreatLocker, to discuss a layered approach to zero trust.

Selected Reading

New Windows Server emergency updates fix container launch issue (Bleeping Computer)

Apple fixes two zero-days exploited in targeted iPhone attacks (Bleeping Computer)

CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension (Infosecurity Magazine)

MITRE Hackers' Backdoor Has Targeted Windows for Years (SecurityWeek)

Vulnerabilities Patched in Atlassian, Cisco Products (SecurityWeek)

Edmond cybersecurity CEO accused in major hack at hospital (KOCO News)

Fortune 500 firm's ex-employee exposes thousands of clients (Cybernews)

Researchers Deanonymized Medusa Ransomware Group's Onion Site (Cyber Security News)

CISA warns of potential data breaches caused by legacy Oracle Cloud leak (The Record)

Krebs Exits SentinelOne After Security Clearance Pulled (SecurityWeek)

The top 10 ThreatLocker policies for 2025 (ThreatLocker)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

Microsoft squashes windows server bug.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Emergency Security Updates Address Critical Vulnerabilities

Cybersecurity Breaches Highlight Internal Risks

The Importance of a Layered Approach to Zero Trust Security

Industry Voices

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts