Dialysis down, data out.

A ransomware attack exposes personal medical records of VA patients. New joint guidance from CISA and the NSA emphasizes asset inventory and OT taxonomy. The UK government reportedly spent millions to cover up a data breach. Researchers identified two critical flaws in a widely used print orchestration platform.  Phishing attacks increasingly rely on personalization. Rooting and jailbreaking frameworks pose serious enterprise risks. Fortinet warns of a critical command injection flaw in FortiSIEM. Estonian nationals are sentenced in a crypto Ponzi scheme. Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Meet the Blockchain Bandits of Pyongyang.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Michele Campobasso from Forescout joins us to unpack new research separating the hype from reality around “vibe hacking.” Their team tested open-source, underground, and commercial AI models on vulnerability research and exploit development tasks—finding high failure rates and significant limitations, even among top commercial systems.

Selected Reading

Medical records for 1 million dialysis patients breached in data hack of VA vendor (Stars and Stripes)

NSA Joins CISA and Others to Share OT Asset Inventory Guidance (NSA.gov)

CISA warns of N-able N-central flaws exploited in zero-day attacks (Bleeping Computer)

U.K. Secretly Spent $3.2 Million to Stop Journalists From Reporting on Data Breach (The New York Times)

From Support Ticket to Zero Day  (Horizon3.ai)

Personalization in Phishing: Advanced Tactics for Malware Delivery (Cofense)

The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device (Zimperium)

Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild (Bleeping Computer)

Estonians behind $577 million cryptomining fraud sentenced to 16 months (The Record)

Someone counter-hacked a North Korean IT worker: Here’s what they found (Cointelegraph)

Audience Survey

Complete our annual audience survey before August 31.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices