The U.S. considers a ban on Chinese made routers. More than 200 Cleo managed file-transfer servers remain vulnerable. The Androxgh0st botnet expands. Schneider Electric reports a critical vulnerability in some PLCs. A critical Apache Struts 2 vulnerability is being actively exploited. Malicious campaigns are targeting Chinese-branded IoT devices. A Nebraska-based healthcare insurer discloses a data breach affecting over 225,000 individuals. IntelBroker leaks 2.9GB of data from Cisco’s DevHub environment. CISA issues a Binding Operational Directive requiring federal agencies to enhance cloud security. On today’s CERTByte segment, Chris Hare and Dan Neville unpack a question targeting the Network+ certification. INTERPOL says, “Enough with the pig butchering.“

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CertByte Segment

This week, Chris is joined by Dan Neville to break down a question targeting the Network+ certification (N10-008 expires on 12/20/24 and the N10-009 update launched on June 20th of this year). Today’s question comes from N2K’s CompTIA® Network+ Practice Test, both exam versions of which are offered on our site.

Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.

Please note: The questions and answers provided here and on our site are not actual current or prior questions and answers from these certification publishers or providers.

Selected Reading

U.S. Weighs Ban on Chinese-Made Router in Millions of American Homes (Wall Street Journal)

Attack Exposure: Unpatched Cleo Managed File-Transfer Software (BankInfo Security)

Androxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities (Hackread)

Schneider Electric reports critical flaw in Modicon Programmable Logic Controllers (Beyond Machines)

RATs can sniff out your Chinese-made web cameras: here’s how to defend yourself (Cybernews)

Regional Care Data Breach Impacts 225,000 People (SecurityWeek)

Hacker IntelBroker Leaked 2.9GB of Data Stolen From Cisco DevHub Instance (Cyber Security News)

New critical Apache Struts flaw exploited to find vulnerable servers (Bleeping Computer)

CISA Issues Binding Operational Directive for Improved Cloud Security (SecurityWeek)

Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure (CISA)

INTERPOL urges end to 'Pig Butchering' term, cites harm to online victims (INTERPOL) 

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices