President Biden signs EO for port security, Apple's new encryption, LockBit ransomware exposed, Varonis notes Salesforce flaws, $1 billion piracy verdict overturned, NSA's Rob Joyce retires, dark web data sale, sponsored segment on healthcare cloud transition, hackers against Flipper Zero ban.
Enhancing cybersecurity at US ports via a new executive order empowering the Coast Guard and implementing specific security measures against vulnerabilities.
Introducing the PQ3 post-quantum cryptographic protocol in iMessage to bolster encryption security, surpassing features of other messaging apps.
Malwarebytes uncovers the Isune data leak, revealing Chinese hacking tools used for surveillance by the Ministry of Public Security, impacting global entities.
Law enforcement disrupts Lockbit Ransomware Group, seizing their platform, making arrests, freezing cryptocurrency accounts, and disabling criminal operations.
Deep dives
Bolstering Maritime Port Security with Executive Order
President Biden's executive order strengthens cybersecurity in U.S. maritime ports by granting the Coast Guard new cyber threat-tackling powers and enforcing enhanced cyber requirements, including specific security measures against vulnerabilities like those posed by Chinese-manufactured cranes.
Post-Quantum Encryption in iMessage with PQ3 Protocol
Apple introduces the PQ3 post-quantum cryptographic protocol in iMessage to enhance encryption and security, surpassing features of other messaging apps. The protocol, aiming to deter quantum computer attacks, secures messages, key exchanges with end-to-end encryption, and plans to replace current standards across iMessage conversations.
Malwarebytes Analysis Reveals Isune Data Leak Concerns
Malwarebytes examines the Isune data leak, exposing hacking tools and services by the Chinese cybersecurity firm for China's Ministry of Public Security. The leak reveals a variety of capabilities, including Twitter stealers, remote access Trojans, network attacking devices, and more, affecting governments and organizations in various countries.
Lockbit Ransomware Group Infra Sold Out in Operation Chronos
Law enforcement dismantles Lockbit Ransomware Group, seizing their dark web platform and exposing their data to disrupt criminal activities. The operation leads to arrests, cryptocurrency account freezes, and gathering decryption keys and source code, signaling a notable win against cybercriminals.
Vulnerabilities in Apex Pose Risks to Salesforce Platforms
Veronus Threat Labs uncovers misconfigurations in Apex, a language similar to Java used for Salesforce platform customization. These misconfigurations, found in Fortune 500 companies and government agencies, risk data leaks and operational disruptions, emphasizing the need for secure Apex classes and proper security measures.
A federal appeals court overturns a $1 billion piracy verdict against Cox Communications, dismissing direct profit claims but upholding willful contributory infringement findings. The ruling prompts a new trial for damages, impacting ISP management of copyright infringement claims and potential consequences for user disconnections.
NSA's Rob Joyce Announces Retirement, Succession by David Luber
NSA Cybersecurity Director Rob Joyce announces retirement after a 34-year tenure, highlighting key engagements in cybersecurity accountability and cyber warfare. David Luber assumes the role in a critical period of heightened security concerns, bridging cybersecurity and technological policy under the Biden administration to safeguard national interests.
President Biden to sign EO to bolster maritime port security. Apple announces post-quantum encryption for iMessage. Malwarebytes examines the i-Soon data leak. Law enforcement airs LockBit’s dirty laundry. Varonis highlights vulnerabilities affecting Salesforce platforms. An appeals court overturns a $1 billion piracy verdict. NSA’s Rob Joyce announces his retirement. Anne Neuberger chats with WIRED. A leading staffing firm finds its data for sale on the dark web. In our sponsored Industry Voices segment, Navneet Singh, VP of Marketing Network Security at Palo Alto Networks, discusses the transition to the cloud and shares some examples from healthcare. Hackers and hobbyists push back on the proposed Flipper Zero ban.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Industry Voices segment, Navneet Singh, VP of Marketing Network Security at Palo Alto Networks, discusses the transition to the cloud and shares some examples in healthcare.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
