PAN-ic mode: The race to secure PAN-OS.

Palo Alto Networks confirms a recently patched firewall vulnerability is being actively exploited. CISA warns of an actively exploited iOS vulnerability. Juniper Networks has issued a critical security advisory for an API authentication bypass vulnerability. The acting commissioner of the Social Security Administration (SSA) resigns after Elon Musk’s team sought access to sensitive personal data of millions of Americans. The EagerBee malware framework is actively targeting government agencies and ISPs across the Middle East. Proofpoint researchers document a new macOS infostealer. A new phishing kit uses timesheet notification emails to steal credentials and two-factor authentication codes. JPMorgan Chase will begin blocking Zelle payments to social media contacts to combat online scams. Our guest is Tim Starks from CyberScoop discussing his interview with former National Cyber Director Harry Coker. Transferring your digital legacy.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guest is Tim Starks from CyberScoop discussing his interview with former National Cyber Director Harry Coker. You can read more about Tim’s interview “National Cyber Director Harry Coker looks back (and ahead) on the Cyber Director office” and companion piece “Trump picks Sean Cairncross for national cyber director” on CyberScoop. 

Selected Reading

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability (SecurityWeek)

CISA Warns of Apple iOS Vulnerability Exploited in Wild (Cyber Security News)

Juniper Warns of Critical Authentication Bypass Vulnerability Affecting Multiple Products (Cyber Security News)

Top Social Security Official Leaves After Musk Team Seeks Data Access (New York Times)

EagerBee Malware Attacking Government Entities & ISPs To Deploy Backdoor (Cyber Security News)

Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer (Infosecurity Magazine)

Microsoft Warns of Improved XCSSET macOS Malware (SecurityWeek)

Fake Timesheet Report Emails Linked to Tycoon 2FA Phishing Kit (GB Hackers)

Chase will soon block Zelle payments to sellers on social media (Bleeping Computer)

Digital Estate Planning: How to Prepare Your Social Media Accounts (New York Times)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc

Learn more about your ad choices. Visit megaphone.fm/adchoices