Take a trip down regreSSHion lane.

A new OpenSSH vulnerability affects Linux systems. The Supreme Court sends social media censorship cases back to the lower courts. Chinese hackers exploit a new Cisco zero-day. HubSpot investigates unauthorized access to customer accounts. Japanese media giant Kadokawa confirmed data leaks from a ransomware attack. FakeBat is a popular malware loader. Volcano Demon is a hot new ransomware group. Google launches a KVM hypervisor bug bounty program.  Johannes Ullrich from SANS Technology Institute discusses defending against API attacks. Goodnight, Sleep Tight, Don’t Let the Hackers Byte!

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Guest is Johannes Ullrich from SANS Technology Institute talking about defending against attacks affecting APIs and dangerous new attack techniques you need to know about. This conversation is based on Johannes’ presentations at the 2024 RSA Conference. You can learn more about them here: 

• Attack and Defend: How to Defend Against Three Attacks Affecting APIs
• The Five Most Dangerous New Attack Techniques You Need to Know About

Selected Reading

New regreSSHion OpenSSH RCE bug gives root on Linux servers (Bleeping Computer)

US Supreme Court sidesteps dispute on state laws regulating social media (Reuters)

China’s ‘Velvet Ant’ hackers caught exploiting new zero-day in Cisco devices (The Record)

HubSpot accounts breach under investigation (SC Media)

Japanese anime and gaming giant admits data leak following ransomware attack (The Record)

Exposing FakeBat loader: distribution methods and adversary infrastructure (Sekoia.io blog)

Halcyon Identifies New Ransomware Operator Volcano Demon Serving Up LukaLocker (Halcyon)

Google launches Bug Bounty Program for KVM Hypervisor (Stack Diary)

How to Get Root Access to Your Sleep Number Bed (Dillan Mills)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices