CyberWire Daily cover image

CyberWire Daily

PAN-ic mode: The race to secure PAN-OS.

Feb 18, 2025
Tim Starks, a senior cybersecurity reporter at CyberScoop, discusses urgent cybersecurity threats, including a critical vulnerability in Palo Alto Networks' firewall that’s actively exploited. He highlights emerging phishing tactics, particularly the new deceptive timesheet emails targeting sensitive data. The conversation reflects on struggles in cybersecurity governance, especially regarding inexperienced appointments in key roles. Tim also explores the need for digital estate planning, emphasizing strategies for securing online assets.
35:23

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

  • The exploitation of recently patched vulnerabilities in firewall systems and iOS underscores the urgent need for timely security updates and proactive measures.
  • Harry Coker's insights reveal the critical gaps in cybersecurity governance and funding that hinder effective protection for state and local governments.

Deep dives

Emerging Malware Threats

The Eager B malware framework is currently targeting government agencies and ISPs in the Middle East, showcasing advanced techniques such as DLL hijacking and process hollowing. Security agencies like the UAE Cybersecurity Council have urged organizations to patch vulnerabilities in their exchange servers and monitor for modified DLLs to mitigate risks. Furthermore, a new macOS info stealer called Frigid Steeler has been tied to a group known for its deceptive strategies, including fake update pages that trick users into downloading malware. These developments highlight the ongoing and evolving threats posed by cybercriminals, necessitating proactive defenses from organizations.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner