CyberWire Daily

Tomcat got your server?

Mar 18, 2025

A critical vulnerability in Apache Tomcat is actively being exploited, putting various sectors at risk. Lawmakers are addressing cyber threats to rural water systems, while significant data breaches continue to affect many. The emerging BitM cyberattack method can bypass multi-factor authentication, and a Chinese group is targeting Central European diplomats. A lawsuit against a securities firm highlights the importance of customer data protection. Meanwhile, the evolving landscape of cybercriminal tactics illustrates the need for unified security capabilities.

30:57

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The Apache Tomcat vulnerability signifies a major security risk, enabling attackers to exploit remote code execution and control servers urgently.

Legislation like the Cybersecurity for Rural Water Systems Act aims to enhance cybersecurity support for essential utilities, addressing critical gaps in protection.

Deep dives

Exploited Vulnerabilities in Apache Tomcat

A significant remote code execution vulnerability in Apache Tomcat has been actively exploited, posing severe security risks. This vulnerability allows attackers to gain server control via simple requests, with exploits appearing soon after the issue was disclosed. Security measures struggle to detect these attacks due to encoded payloads and the multi-step execution process utilized by attackers. Organizations are urged to update their systems immediately, disable partial put support, and restrict sensitive file storage to mitigate this threat.

Intro

3min

Cybersecurity Updates and Threats

6min

Reassessing Cybersecurity in a Cloud-First World

6min

Navigating Microsegmentation Challenges

4min

Evolving Cybersecurity: Government Influence and Ransomware Tactics

7min

An Apache Tomcat vulnerability is under active exploitation. CISA rehires workers ousted by DOGE. Lawmakers look to protect rural water systems from cyber threats. Western Alliance Bank notifies 22,000 individuals of a data breach. A new cyberattack method called BitM allows hackers to bypass multi-factor authentication. A Chinese cyberespionage group targets Central European diplomats. A new cyberattack uses ChatGPT infrastructure to target the financial sector and U.S. government agencies. Australia sues a major securities firm over inadequate protection of customer data. Our Threat Vector segment examines how unifying security capabilities strengthens cyber resilience. Cybercriminals say, “Get me Edward Snowden on the line!”

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector Segment

Security platformization is transforming the way organizations defend against cyber threats. In this episode of Threat Vector, host David Moulton speaks with Carlos Rivera, Senior Analyst at Forrester, about how unifying security capabilities strengthens cyber resilience. To listen to the full discussion, please check out the episode here or on your favorite podcast app, and tune in to new episodes of Threat Vector by Palo Alto Networks every Thursday.

Selected Reading

Critical Apache Tomcat RCE Vulnerability Exploited in Just 30hrs of Public Exploit (Cyber Security News)

CISA Rehires Fired Employees, Immediately Puts Them on Leave (GovInfo Security)

Western Alliance Bank Discloses Data Breach Linked to Cleo Hack (SecurityWeek)

New BitM Attack Lets Hackers Steal User Sessions Within Seconds (Cyber Security News)

US Lawmakers Reintroduce Bill to Boost Rural Water Cybersecurity (SecurityWeek)

Chinese Hackers Target European Diplomats with Malware (GovInfo Security)

Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week (Hackread)

Australia Sues FIIG Investment Firm in Cyber 'Wake-Up Call' (GovInfo Security)

Extortion crew threatened to inform Edward Snowden (?!) if victim didn't pay up (The Register)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

Tomcat got your server?

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Exploited Vulnerabilities in Apache Tomcat

Protecting Rural Water Systems from Cyber Threats

Innovative Cyber Attack Tactics and Responses

Threat Vector Segment

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts