CyberWire Daily

Buckets of trouble.

Dec 10, 2024

In this discussion, Jason Lamar, Senior Vice President of Product at Cobalt and an expert in offensive security, sheds light on the evolving landscape of cyber threats. He emphasizes the importance of proactive measures like penetration testing and red teaming. The conversation reveals how organizations can tailor their security strategies based on maturity, focusing on collaboration and compliance. They also delve into the role of industry standards in fortifying defenses against ever-increasing cyber risks.

37:20

Creator website

Episode guests

Jason Lamar

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The large-scale hacking operation attributed to ShinyHunters demonstrates the alarming effectiveness of automated tools in compromising sensitive information globally.

The identification of a critical vulnerability in Dell Power Manager highlights the essential need for timely software updates to prevent unauthorized access and potential system exploitation.

Deep dives

Large-scale Hacking Operations Uncovered

A significant hacking operation linked to the notorious Shiny Hunters has been recently uncovered, revealing how hackers exploited vulnerabilities to access sensitive information such as AWS keys and cryptocurrency wallets. Researchers utilized automated tools like FF and HTTPX to target millions of websites worldwide, selling stolen data on platforms like Telegram. This operation traces back to French-speaking attackers, with connections to previously convicted cybercriminals, demonstrating the ongoing threat posed by these sophisticated syndicates. Collaborative efforts with AWS have resulted in mitigation of impacts and notifications to affected parties, underlining the need for constant vigilance in cybersecurity.

Intro

6min

Cybersecurity Crisis: Theft and Threats

6min

Strategic Leadership in Cybersecurity: CISA Candidates and Security Insights

4min

The Importance of Offensive Security

4min

Navigating Offensive Security Standards and Provider Selection

2min

Enhancing Testing Through Collaboration

5min

Breakthroughs and Challenges in Quantum Computing

5min

Researchers uncover a large-scale hacking operation tied to the infamous ShinyHunters. A Dell Power Manager vulnerability lets attackers execute malicious code. TikTok requests a federal court injunction to delay a U.S. ban. Radiant Capital attributed a $50 million cryptocurrency heist to North Korea. Japanese firms report ransomware attacks affecting their U.S. subsidiaries. WhatsApp’s “ViewOnce” feature faces continued scrutiny. SpyLoan malware targets Android users through deceptive loan apps. A major Romanian electricity distributor is investigating an ongoing ransomware attack. A critical flaw in OpenWrt Sysupgrade has been fixed. Contenders for top cyber roles in the next Trump administration visit Mar-a-Lago. On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Google’s new quantum chip promises scaling without failing.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Check out Cobalt’s GigaOm Radar Report for PTaaS 2024 to learn more.

Selected Reading

ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket (Hackread)

Dell Power Manager Vulnerability Let Attackers Execute Malicious Code (Cyber Security News)

TikTok Asks Court To Suspend Ban Ahead of Supreme Court Appeal (The Information)

Radiant links $50 million crypto heist to North Korean hackers (Bleeping Computer)

US subsidiaries of Japanese water treatment company, green tea maker hit with ransomware (The Record)

WhatsApp View Once Vulnerability Let Attackers Bypass The Privacy Feature (Cyber Security News)

SpyLoan Malware: A Growing Threat to Android Users (Security Boulevard)

Romanian energy supplier Electrica hit by ransomware attack (Bleeping Computer)

OpenWrt Sysupgrade flaw let hackers push malicious firmware images (Bleeping Computer)

Homeland Security veteran to be interviewed for Trump administration cyber role (The Record)

Google claims ‘breakthrough’ with new quantum chip (Silicon Republic)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

Buckets of trouble.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Large-scale Hacking Operations Uncovered

Critically Exploited Vulnerabilities in Dell Systems

Emerging Threats from Spy Loan Malware

CyberWire Guest

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts