CyberWire Daily

SharePoint springs a leak.

32 snips
Jul 23, 2025
In this discussion, guest Tim Starks, a senior reporter at CyberScoop, delves into the recent Microsoft SharePoint zero-day vulnerability affecting organizations like the National Nuclear Security Administration. He highlights the rising threat of cyberattacks on critical infrastructure and the urgent need for improved operational technology security. The conversation also covers the UK's sanctions against Russian cyber operatives and Clorox's costly lawsuit against its former IT service provider, illustrating the growing stakes in cybersecurity.
Ask episode
AI Snips
Chapters
Books
Transcript
Episode notes
INSIGHT

Critical infrastructure security risks

  • The National Nuclear Security Administration was breached via a SharePoint zero-day, linked to Chinese state actors.
  • Operational technology in critical infrastructure lags IT security, leaving systems vulnerable to ransomware and state threats.
ADVICE

Strengthen OT security urgently

  • Reauthorize cybersecurity laws like the Cybersecurity Information Sharing Act to boost defense.
  • Emphasize OT-specific security rather than general IT approaches and foster public-private collaboration.
INSIGHT

Emerging ransomware threats

  • The FBI warns of Interlock ransomware, targeting healthcare and critical infrastructure using drive-by downloads and fake browser updates.
  • The group demands ransom payments in Bitcoin and may be linked to the RISEDA group.
Get the Snipd Podcast app to discover more snips from this episode
Get the app