ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. “AuthQuake” allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophisticated variant of the Snake Keylogger malware. Adobe addresses critical vulnerabilities across their product line. Chinese law enforcement has been using spyware to collect data from Android devices since 2017. A new report highlights the gaps in hardware and firmware security management. A Krispy Kreme cyberattack creates a sticky situation. N2K’s Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and Innovation Officer at the FS-ISAC discussing cryptographic agility. Do Not Track bids a fond farewell. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, N2K’s Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and Innovation Officer at the FS-ISAC discussing cryptographic agility. You can learn more in their new white paper "Building Cryptographic Agility in the Financial Sector." We will share the extended version of this conversation over our winter break. Stay tuned. 

Selected Reading

ChatGPT Down Globally, Services Restored After Hours Of Outage (Cyber Security News)

Facebook, Instagram and other Meta apps go down due to 'technical issue' (CNBC)

Unfinished business for Trump: Ending the Cyber Command and NSA 'dual hat' (The Record)

Apache issues patches for critical Struts 2 RCE bug (The Register)

Microsoft MFA Bypassed via AuthQuake Attack (SecurityWeek)

Nova Keylogger – A Snake Malware Steal Credentials and Capture Screenshorts From Windows (Cyber Security News)

Adobe releases December 2024 patches for flaws in multiple products, including critical (Beyond Machines)

Mobile Surveillance Tool EagleMsgSpy Used by Chinese Law Enforcement (SecurityWeek)

Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge (Infosecurity Magazine)

Krispy Kreme cyberattack impacts online orders and operations (Bleeping Computer)

Firefox, one of the first “Do Not Track” supporters, no longer offers it (Ars Technica) 

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices