A joint advisory labels Fast Flux a national security threat. Europol shuts down a major international CSAM platform. Oracle verifies a data breach. A new attack targets Apache Tomcat servers. The Hunters International group pivots away from ransomware. Hackers target Juniper routers using default credentials. A controversy erupts over a critical CrushFTP vulnerability. Johannes Ullrich, Dean of Research at SANS Technology Institute unpacks Next.js. Abracadabra, alakazam — poof! Your credentials are gone.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Johannes Ullrich, Dean of Research at SANS Technology Institute, is discussing Next.js and how similar problems have led to vulnerabilities recently.
Selected Reading
Fast Flux: A National Security Threat (CISA)
Don’t cut CISA personnel, House panel leaders say, as they plan legislation giving the agency more to do (CyberScoop)
CSAM platform Kidflix shut down by international operation (The Record)
AI Image Site GenNomis Exposed 47GB of Underage Deepfakes (Hackread)
Oracle tells clients of second recent hack, log-in data stolen, Bloomberg News reports (Reuters)
Hackers Exploiting Apache Tomcat Vulnerability to Steal SSH Credentials & Gain Server Control (Cyber Security News)
Hunters International Ransomware Gang Rebranding, Shifting Focus (SecurityWeek)
Hackers Actively Scanning for Juniper’s Smart Router With Default Password (Cyber Security News)
Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability (SecurityWeek)
New Malware Attacking Magic Enthusiasts to Steal Login Credentials (Cyber Security News)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices
CyberWire Daily