CyberWire Daily

Mini-breach, mega-hype.

Sep 13, 2024

Tim Starks, a cybersecurity journalist from CyberScoop, dives into alarming threats in the digital landscape. He discusses a recent Fortinet data breach and the arrest of a teenager linked to a Transport for London attack. The conversation highlights Russian hackers mimicking spyware vendors, exploiting eye-tracking technology for password theft. Starks emphasizes the critical need for improved hiring practices in the cybersecurity field as new vulnerabilities arise, underlining the ongoing challenges faced by the industry.

31:34

Creator website

Episode guests

Tim Starks

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Fortinet's recent data breach highlights the severe risks associated with unauthorized access to cloud storage, specifically affecting Asia-Pacific users.

The emergence of the Gazeploit attack method demonstrates critical vulnerabilities in biometric technologies, emphasizing the need for enhanced awareness of privacy issues.

Deep dives

CMMC 2.0 Compliance and KiteWorks

Defense contractors face considerable challenges in meeting the CMMC 2.0 security standards due to the high compliance demands. KiteWorks offers a solution that is authorized under FedRAMP moderate, effectively supporting nearly 90% of the requirements for CMMC 2.0 Level 3. This platform enhances compliance efforts by providing a user-friendly experience alongside a robust Zero Trust framework, enabling swift security compliance while ensuring the protection of defense-related data. With features like an intuitive user interface, mobile applications, and centralized policy management, KiteWorks streamlines the administration of security protocols for defense contractors.

Intro

3min

Cyber Threats and Security Updates

5min

Military Contracts and Cybersecurity Challenges

6min

Evolving Cyber Threats: The Spyware Connection

7min

Exploring New Cybersecurity Threats and Innovations

4min

Fortinet reveals a data breach. The feds sanction a Cambodian senator for forced labor scams. UK police arrest a teen linked to the Transport for London cyberattack. New Linux malware targets Oracle WebLogic. Citrix patches critical Workspace app flaws. Microsoft unveils updates to prevent outages like the CrowdStrike incident. U.S. Space Systems invests in secure communications. Illegal gun-conversion sites get taken down. Tim Starks of CyberScoop tracks Russian hackers mimicking spyware vendors. Cybersecurity hiring gaps persist. Hackers use eye-tracking to steal passwords.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, we welcome back Tim Starks, senior reporter from CyberScoop, to discuss “Google: apparent Russian hackers play copycat to commercial spyware vendors.” You can read the article Tim refers to here.

Selected Reading

Fortinet Data Breach: What We Know So Far (SOCRadar)

Cambodian senator sanctioned by US over cyber-scams (The Register)

UK NCA arrested a teenager linked to the attack on Transport for London (Security Affairs)

New 'Hadooken' Linux Malware Targets WebLogic Servers (SecurityWeek)

Citrix Workspace App Vulnerabilities Allow Privilege Escalation Attacks (Cyber Security News)

Microsoft Vows to Prevent Future CrowdStrike-Like Outages (Infosecurity Magazine)

Space Systems Command Awards $188M Contract for meshONE-T Follow-on (Space Systems Command)

Domains seized for allegedly importing Chinese gun switches (The Register)

Why Breaking into Cybersecurity Isn’t as Easy as You Think (Security Boulevard)

Apple Vision Pro’s Eye Tracking Exposed What People Type (WIRED)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

Mini-breach, mega-hype.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

CMMC 2.0 Compliance and KiteWorks

Recent Cybersecurity Breaches and Vulnerabilities

Eye Tracking Vulnerabilities in Wearable Tech

CyberWire Guest

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts