PHP flaw sparks global attack wave.

PHP exploits are active in the wild. Security researchers discover undocumented commands in a popular Wi-Fi and Bluetooth-enabled microcontroller. The ONCD could gain influence in this second Trump administration. The Akira ransomware gang leverages an unsecured webcam. Mission, Texas declares a state of emergency following a cyberattack. The FBI and Secret Service confirm crypto-heists are linked to the 2022 LastPass breach. A popular home appliance manufacturer suffers a cyberattack. Switzerland updates reporting requirements for critical infrastructure operators.  Our guest is Errol Weiss, Chief Security Officer at the Health-ISAC, who warns “the cavalry isn’t coming—why the private sector must take the lead in critical infrastructure cybersecurity.” A termination kill switch leads to potential jail time. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, we have Errol Weiss, Chief Security Officer at the Health-ISAC, sharing his take “the cavalry isn’t coming—why the private sector must take the lead in critical infrastructure cybersecurity.”

Selected Reading

Mass Exploitation of Critical PHP Vulnerability Begins (SecurityWeek)

Undocumented commands found in Bluetooth chip used by a billion devices (Bleeping Computer)

White House cyber director’s office set for more power under Trump, experts say (The Record)

Ransomware gang encrypted network from a webcam to bypass EDR (Bleeping Computer)

Texas border city declares state of emergency after cyberattack on government systems (The Record)

Feds Link $150M Cyberheist to 2022 LastPass Hacks (Krebs on Security)

Home appliance company Presto says cyberattack causing delivery delays (The Record)

Switzerland Mandates Cyber-Attack Reporting for Critical Infrastructure (Infosecurity Magazine)

Developer sabotaged ex-employer IT systems with kill switch (The Register) 

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices