When the breachers get breached.

International law enforcement take down the Breachforums domains. Researchers link exploitation campaigns targeting Cisco, Palo Alto Networks, and Fortinet. Juniper Networks patches over 200 vulnerabilities. Apple and Google update their bug bounties. Evaluating AI use in application security (AppSec) programs. Microsegmentation can contain ransomware much faster and yield better cyber insurance terms. The new RondoDox botnet exploits over 50 vulnerabilities. Researchers tag 13 unpatched Ivanti Endpoint Manager flaws. Our guest is Jason Manar, CISO of Kaseya, sharing his insight into how the private and public sectors can work together for national security. Hackers mistake a decoy for glory. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by ⁠Jason Manar⁠, CISO of ⁠Kaseya⁠, sharing his insight into how the private and public sectors can/must work together for national security.

Selected Reading

FBI takes down BreachForums portal used for Salesforce extortion (Bleeping Computer)

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign (SecurityWeek)

Juniper Networks Patches Critical Junos Space Vulnerabilities (OffSeq)  

Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits (WIRED)

Google Launches AI Bug Bounty with $30,000 Top Reward (Infosecurity Magazine)

In AI We Trust? Increasing AI Adoption in AppSec Despite Limited Oversight (Fastly)

Reducing Risk: Microsegmentation Means Faster Incident Response, Lower Insurance Premiums for Organizations (Akamai)

RondoDox Botnet Takes ‘Exploit Shotgun’ Approach (SecurityWeek)

ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities (SecurityWeek)

Pro-Russian hackers caught bragging about attack on fake water utility (The Record)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices