Okta warns of a credential stuffing spike. A congressman looks to the EPA to protect water systems from cyber threats. CISA unveils security guidelines for critical infrastructure. Researchers discover a stealthy botnet-as-a-service coming from China. The UK prohibits easy IoT passwords. New vulnerabilities are found in Intel processors. A global bank CEO shares insights on cybersecurity. Users report mandatory Apple ID resets. A preview of N2K CyberWire activity at RSA Conference. Police in Japan find a clever way to combat gift card fraud. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

It’s the week before the 2024 RSA Conference. Today, we have N2K’s own Rick Howard, Brandon Karpf, and Dave Bittner previewing N2K’s upcoming activities and where you can find our team at RSAC 2024.

Special Edition: Threat Vector

Understanding the Midnight Eclipse Activity and CVE 2024-3400: Host David Moulton and Andy Piazza, Sr. Director of Threat Intelligence at Unit 42, dive into the critical vulnerability CVE-2024-3400 found in PAN-OS software of Palo Alto Networks, emphasizing the importance of immediate patching and mitigation strategies for such vulnerabilities, especially when they affect edge devices like firewalls or VPNs. 

Selected Reading

Okta warns customers about credential stuffing onslaught (Help Net Security)

Crawford puts forward bill on cybersecurity risks to water systems (The Arkansas Democrat-Gazette) 

CISA unveils guidelines for AI and critical infrastructure (FedScoop)

Chinese Botnet As-A-Service Bypasses Cloudflare & Other DDoS Protection Services (GB Hackers)

UK becomes first country to ban default bad passwords on IoT devices (The Record)

Researchers unveil novel attack methods targeting Intel's conditional branch predictor (Help Net Security)

Standard Chartered CEO on why cybersecurity has become a 'disproportionately huge topic' at board meetings (The Record)

Security Bite: Did Apple just declare war on Adload malware? (9to5Mac)

Apple users are being locked out of their Apple IDs with no explanation (9to5Mac)

Japanese police create fake support scam payment cards to warn victims (Bleeping Computer)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices