Undoing the undo bug.

Microsoft releases emergency out-of-band (OOB) Windows updates. Trump targets NSA’s leading AI and cyber expert in clearance revocations. A breach may have compromised the privacy of Ohio medical marijuana patients. Cybercriminals exploit an AI website builder to rapidly create phishing sites. Warlock ransomware operators target Microsoft’s SharePoint ToolShell vulnerability. Google and Mozilla patch Chrome and Firefox. European officials report two cyber incidents targeting water infrastructure. A federal appeals court has upheld fines against T-Mobile and Sprint for illegally selling customer location data. Authorities dismantle DDoS powerhouse Rapper Bot. On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, speaking about ShinyHunters and the problems with securing Salesforce. Microsoft Copilot gets creative with compliance. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, who is speaking about ShinyHunters and the problems with securing Salesforce. You can hear more from Matt here.

Selected Reading

Microsoft releases emergency updates to fix Windows recovery (Bleeping Computer)

Trump Revokes Security Clearances of 37 Former and Current Officials (The New York Times)

Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database (WIRED)

AI Website Builder Lovable Abused for Phishing and Malware Scams (Hackread)

Warlock Ransomware Hitting Victims Globally Through SharePoint ToolShell Exploit (InfoSecurity Magazine)

High-Severity Vulnerabilities Patched in Chrome, Firefox (SecurityWeek)

Russia-linked European attacks renew concerns over water cybersecurity (CSO Online)

T-Mobile claimed selling location data without consent is legal, judges disagree (Ars Technica)

Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator (CyberScoop)

Copilot Broke Your Audit Log, but Microsoft Won’t Tell You (Pistachio Blog)

Audience Survey

Complete our annual audience survey before August 31.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices