The bug that let anyone in.

Sudo patch your Linux systems. Cisco has removed a critical backdoor account that gave remote attackers root privileges. The Hunters International ransomware group rebrands and closes up shop. The Centers for Medicare and Medicaid Services (CMS) notifies 103,000 people that their personal data was compromised. NimDoor is a sophisticated North Korean cyber campaign targeting macOS. Researchers uncover a massive phishing campaign using thousands of fake retail websites. The FBI’s top cyber official says Salt Typhoon is largely contained. Microsoft tells customers to ignore Windows Firewall error warnings. A California jury orders Google to pay $314 million for collecting Android user data without consent. Ben Yelin shares insights from this year’s Supreme Court session. Ransomware negotiations with a side of side hustle.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today our guest is Ben Yelin from UMD CHHS, who is sharing a wrap up of this year’s Supreme Court session. If you want to hear more from Ben, head on over to the Caveat podcast, where he is co-host with Dave as they discuss all things law and privacy. 

Selected Reading

Linux Users Urged to Patch Critical Sudo CVE (Infosecurity Magazine)

Cisco warns that Unified CM has hardcoded root SSH credentials (Bleeping Computer)

Hunters International ransomware shuts down after World Leaks rebrand (Bleeping Computer)

Feds Notify 103,000 Medicare Beneficiaries of Scam, Breach (Data Breach Today)

N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates (Hackread)

China-linked hackers spoof big-name brand websites to steal shoppers' payment info (The Record)

Top FBI cyber official: Salt Typhoon ‘largely contained’ in telecom networks (CyberScoop)

Microsoft asks users to ignore Windows Firewall config errors (Bleeping Computer)

California jury orders Google to pay $314 million over data transfers from Android phones (The Record)

US Probes Whether Negotiator Took Slice of Hacker Payments (Bloomberg)

Audience Survey

Complete our annual audience survey before August 31.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices