Patch Tuesday. Mozilla  patches two critical FireFox security flaws. A critical flaw in Salesforce OmniStudio exposes sensitive customer data stored in plain text. The Badbox botnet continues to evolve. AI-powered “ghost students” enrolling in online college courses to steal government funds. Hackers steal nearly 300,000 vehicle crash reports from the Texas Department of Transportation. ConnectWise rotates its digital code signing certificates. The chair of the House Homeland Security Committee announces his upcoming retirement. Our guest is Matt Radolec, VP of Incident Response, Cloud Operations & SE EU from Varonis, wondering if AI may be the Cerberus of our time. Friendly skies…or friendly spies? 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, we have Matt Radolec, VP of Incident Response, Cloud Operations & SE EU from Varonis, sharing insights on AI: The Cerberus of our time. You can hear Matt’s full interview here. The State of Data Security: Quantifying AI’s Impact on Data Risk report from Varonis reveals how much sensitive data is exposed and at risk in the AI era. Learn more and get State of Data Security Report.

Selected Reading

Microsoft warns of 66 flaws to fix for this Patch Tuesday, and two are under active attack (The Register)

Microsoft slows Windows 11 24H2 Patch Tuesday due to a 'compatibility issue'  (The Register)

ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, CISA (SecurityWeek)

Firefox Patches Multiple Vulnerabilities That Could Lead to Browser Crash (Cyber Security News)

Salesforce OmniStudio Vulnerabilities Exposes Sensitive Customer Data in Plain Text (Cyber Security News)

CISO who helped unmask Badbox warns: Version 3 is coming (The Register)

How Scammers Are Using AI to Steal College Financial Aid  (SecurityWeek)

300K Crash Reports Stolen in Texas DOT Hack (BankInfoSecurity)

ConnectWise rotating code signing certificates over security concerns (Bleeping Computer)

House Homeland Chairman Mark Green’s departure could leave congressional cyber agenda in limbo (CyberScoop)

Airlines Don't Want You to Know They Sold Your Flight Data to DHS (404 Media)

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices