Podcasts News Tech News CyberWire Daily An unprecedented surge in credential stuffing.

An unprecedented surge in credential stuffing.

Published: April 29, 2024, 8:10 p.m.

Okta warns of a credential stuffing spike. A congressman looks to the EPA to protect water systems from cyber threats. CISA unveils security guidelines for critical infrastructure. Researchers discover a stealthy botnet-as-a-service coming from China. The UK prohibits easy IoT passwords. New vulnerabilities are found in Intel processors. A global bank CEO shares insights on cybersecurity. Users report mandatory Apple ID resets. A preview of N2K CyberWire activity at RSA Conference. Police in Japan find a clever way to combat gift card fraud.\xa0\nRemember to leave us a 5-star rating and review in your favorite podcast app.\nMiss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you\u2019ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.\n\nCyberWire Guest\nIt\u2019s the week before the 2024 RSA Conference. Today, we have N2K\u2019s own Rick Howard, Brandon Karpf, and Dave Bittner previewing N2K\u2019s upcoming activities and where you can find our team at RSAC 2024.\n\nSpecial Edition: Threat Vector\nUnderstanding the Midnight Eclipse Activity and CVE 2024-3400: Host David Moulton and Andy Piazza, Sr. Director of Threat Intelligence at Unit 42, dive into the critical vulnerability CVE-2024-3400 found in PAN-OS software of Palo Alto Networks, emphasizing the importance of immediate patching and mitigation strategies for such vulnerabilities, especially when they affect edge devices like firewalls or VPNs.\xa0\n\nSelected Reading\nOkta warns customers about credential stuffing onslaught (Help Net Security)\nCrawford puts forward bill on cybersecurity risks to water systems (The Arkansas Democrat-Gazette)\xa0\nCISA unveils guidelines for AI and critical infrastructure (FedScoop)\nChinese Botnet As-A-Service Bypasses Cloudflare & Other DDoS Protection Services (GB Hackers)\nUK becomes first country to ban default bad passwords on IoT devices (The Record)\nResearchers unveil novel attack methods targeting Intel's conditional branch predictor (Help Net Security)\nStandard Chartered CEO on why cybersecurity has become a 'disproportionately huge topic' at board meetings (The Record)\nSecurity Bite: Did Apple just declare war on Adload malware? (9to5Mac)\nApple users are being locked out of their Apple IDs with no explanation (9to5Mac)\nJapanese police create fake support scam payment cards to warn victims (Bleeping Computer)\n\nShare your feedback.\nWe want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.\xa0\n\nWant to hear your company in the show?\nYou too can reach the most influential leaders and operators in the industry. Here\u2019s our media kit. Contact us at cyberwire@n2k.com to request more info.\nThe CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. \xa9 2023 N2K Networks, Inc.\nLearn more about your ad choices. Visit megaphone.fm/adchoices