CyberWire Daily

Take a trip down regreSSHion lane.

Jul 2, 2024

Cybersecurity expert Johannes Ullrich talks defending against API attacks and new ransomware threats like Volcano Demon. They discuss a new OpenSSH vulnerability, Chinese hackers exploiting a Cisco zero-day, and unauthorized access at HubSpot. Google launches a KVM bug bounty program while addressing dangerous attack techniques and the impact of AI on cybersecurity.

34:34

Creator website

Episode guests

Johannes Ullrich

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The new OpenSSH vulnerability Regression allows unauthenticated remote code execution on Linux systems.

The US Supreme Court's decision sends back laws limiting social media content moderation powers for further analysis.

Deep dives

New Open SSH Vulnerability on Linux Systems

A new open SSH vulnerability labeled Regression allows unauthenticated remote code execution, affecting Linux systems using glibc. The flaw, discovered by Qalis, is due to a race condition in the SSHD signal handler that could lead to complete system takeover. Qualys recommends updating to version 9.8 P1 or adjusting SSHD configurations to mitigate the issue.

Intro

3min

Security Flaws and Cyber Threats

6min

Cyber Attack by Volcano Demon and Google's Bug Bounty Program

4min

Innovations and Challenges in Cybersecurity

9min

Blockchain Chain of Custody and AI Washing in Cybersecurity

8min

A new OpenSSH vulnerability affects Linux systems. The Supreme Court sends social media censorship cases back to the lower courts. Chinese hackers exploit a new Cisco zero-day. HubSpot investigates unauthorized access to customer accounts. Japanese media giant Kadokawa confirmed data leaks from a ransomware attack. FakeBat is a popular malware loader. Volcano Demon is a hot new ransomware group. Google launches a KVM hypervisor bug bounty program. Johannes Ullrich from SANS Technology Institute discusses defending against API attacks. Goodnight, Sleep Tight, Don’t Let the Hackers Byte!

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Guest is Johannes Ullrich from SANS Technology Institute talking about defending against attacks affecting APIs and dangerous new attack techniques you need to know about. This conversation is based on Johannes’ presentations at the 2024 RSA Conference. You can learn more about them here:

Selected Reading

New regreSSHion OpenSSH RCE bug gives root on Linux servers (Bleeping Computer)

US Supreme Court sidesteps dispute on state laws regulating social media (Reuters)

China’s ‘Velvet Ant’ hackers caught exploiting new zero-day in Cisco devices (The Record)

HubSpot accounts breach under investigation (SC Media)

Japanese anime and gaming giant admits data leak following ransomware attack (The Record)

Exposing FakeBat loader: distribution methods and adversary infrastructure (Sekoia.io blog)

Halcyon Identifies New Ransomware Operator Volcano Demon Serving Up LukaLocker (Halcyon)

Google launches Bug Bounty Program for KVM Hypervisor (Stack Diary)

How to Get Root Access to Your Sleep Number Bed (Dillan Mills)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

Take a trip down regreSSHion lane.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

New Open SSH Vulnerability on Linux Systems

Supreme Court's Handling of Social Media Censorship Cases

Exploitation of Cisco Zero-Day by Chinese Hackers

Podcast Episode Summary

CyberWire Guest

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts