Joint advisory warns of Truebot. Operation Brainleaches in the supply chain. API key reset at Jumpcloud. More MOVEit vulnerability exploitation.
CyberWire Daily · N2K Networks
Audio is streamed directly from the publisher (pdst.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
US and Canadian agencies warn of Truebot. A look at "Operation Brainleaches." Jumpcloud resets API keys. An update on the MOVEit vulnerability exploitation. Andrea Little Limbago from Interos shares insights on rising geopolitical instability. Our guest is Mike Hamilton from Critical Insight discussing what you need to know about NIST 2.0. OSCE trains Ukrainian students in cybersecurity.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/128
Selected reading.
CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants (Cybersecurity and Infrastructure Security Agency CISA)
Increased Truebot Activity Infects U.S. and Canada Based Networks | CISA (Cybersecurity and Infrastructure Security Agency CISA)
Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks (ReversingLabs)
Mandatory JumpCloud API Key Rotation (JumpCloud)
JumpCloud resets admin API keys amid ‘ongoing incident’ (BleepingComputer)
JumpCloud Says All API Keys Invalidated to Protect Customers (SecurityWeek)
More organizations confirm MOVEit-related breaches as hackers claim to publish stolen data (TechCrunch)
Important information about MOVEit Transfer cyber security incident | Shell Global (Shell Global)
Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data (SecurityWeek)
Learn more about your ad choices. Visit megaphone.fm/adchoices