Researchers at Tenable uncovered severe vulnerabilities in Microsoft’s Azure Health Bot Service. Scammers use deepfakes on Facebook and Instagram. Foreign influence operations target the Harris presidential campaign. An Idaho not-for-profit healthcare provider discloses a data breach. Research reveals a troubling trend of delayed and non-disclosure of ransomware attacks by organizations. Patch Tuesday roundup. Palo Alto Networks’ Unit 42 revealed a significant security risk in open-source GitHub projects. Enzo Biochem will pay $4.5 million to settle charges of inadequate security protocols. Our guest is Stephanie Schneider, Cyber Threat Intelligence Analyst at LastPass, joins us to discuss the ongoing Snowflake account attacks driven by exposed legitimate credentials.  Mining for profits on Airbnb. 

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Guest Stephanie Schneider, Cyber Threat Intelligence Analyst at LastPass, joins us to discuss the ongoing Snowflake account attacks driven by exposed legitimate credentials and how enterprises can boost their defenses against these types of attacks.

Selected Reading

Critical Vulnerability Found in Microsoft’s AI Healthcare Chatbot (Infosecurity Magazine)

UK Prime Minister Keir Starmer and Prince William deepfaked in investment scam campaign (Bitdefender)

FBI told Harris campaign it was target of 'foreign actor influence operation,' official says (Reuters)

3AM ransomware stole data of 464,000 Kootenai Health patients (Bleeping Computer)

Report reveals lag in disclosure of ransomware attacks in 2023 (Security Brief)

Fortinet, Zoom Patch Multiple Vulnerabilities (SecurityWeek)

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities 

Adobe Patches 72 Security Vulnerabilities Across Multiple Products (Cyber Security News)

Microsoft Fixes Nine Zero-Days on Patch Tuesday (Infosecurity Magazine)

ICS Patch Tuesday: Advisories Released by Siemens, Schneider, Rockwell, Aveva (SecurityWeek)

Are your GitHub Action artifacts leaking tokens? (SC Magazine)

Enzo Biochem to pay $4.5 mln over cyberattack, NY attorney general says (Reuters)

Airbnb host adds ‘no crypto mining’ rule after tenant installs 10 rigs (Protos) 

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices