Beware of BADBOX.

The DOJ files to seize over $7 million linked to illegal North Korean IT workers. The FBI warns of BADBOX 2.0 malware targeting IoT devices. Researchers uncover a major security flaw in Chrome extensions. ESET uncovers Iranian hackers targeting Kurdish and Iraqi government officials. Hitachi Energy, Acronis and Cisco patch critical vulnerabilities. 20 suspects are arrested in a major international CSAM takedown. Hackers exploit a critical flaw in Roundcube webmail. Today’s guest is Ian Bramson, Global Head of Industrial Cybersecurity at Black & Veatch, exploring how organizations can close the cyberattack readiness gap.  ChatGPT logs are caught in a legal tug-of-war. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today’s guest is Ian Bramson, Global Head of Industrial Cybersecurity at Black & Veatch. Ian joins us to explore how organizations can close the cyberattack readiness gap in industrial environments—especially as cyber threats grow more sophisticated and aggressive.

Selected Reading

Department Files Civil Forfeiture Complaint Against Over $7.74M Laundered on Behalf of the North Korean Government (U.S. Department of Justice)

FBI: BADBOX 2.0 Android malware infects millions of consumer devices (Bleeping Computer)

Chrome Extensions Vulnerability Exposes API Keys, Secrets, and Tokens (Cyber Security News)

Iran-linked hackers target Kurdish and Iraqi officials in long-running cyberespionage campaign (The Record)

CISA reports critical flaw in Hitachi Energy Relion devices (Beyond Machines)

Critical security vulnerabilities discovered in Acronis Cyber Protect software (Beyond Machines)

Cisco Patches Critical ISE Vulnerability With Public PoC (SecurityWeek)

Police arrests 20 suspects for distributing child sexual abuse content  (Bleeping Computer)

Hacker selling critical Roundcube webmail exploit as tech info disclosed (Bleeping Computer)– mentioning this in the Briefing

OpenAI slams court order to save all ChatGPT logs, including deleted chats (Ars Technica)

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices