• Cyber Bites

  • 著者: Edwin Kwan
  • ポッドキャスト

Cyber Bites

著者: Edwin Kwan
無料で聴く

  • サマリー

  • Your weekly dose of cyber security news by Edwin Kwan Stay sharp in the digital world! "Cyber Bites" delivers cybersecurity insights, industry trends, and personal experiences to keep you informed and protected.

    edwinkwan.substack.com
    Edwin Kwan
    続きを読む 一部表示

あらすじ・解説

Your weekly dose of cyber security news by Edwin Kwan Stay sharp in the digital world! "Cyber Bites" delivers cybersecurity insights, industry trends, and personal experiences to keep you informed and protected.

edwinkwan.substack.com
Edwin Kwan
政治・政府
続きを読む 一部表示
エピソード
  • Cyber Bites - 9th May 2025

    Cyber Bites - 9th May 2025
    2025/05/08
    * Banks at Risk: Nearly 100 Staff Logins Stolen by Cybercriminals* 'AirBorne' Vulnerabilities Expose Apple Devices to Remote Code Execution Attacks* WhatsApp Introduces 'Private Processing' for Secure Cloud-Based AI Features* Microsoft Warns Default Kubernetes Helm Charts Create Security Vulnerabilities* Security Concerns Grow Over Electric Vehicles as Potential Surveillance PlatformsBanks at Risk: Nearly 100 Staff Logins Stolen by Cybercriminalshttps://www.abc.net.au/news/2025-05-01/bank-employee-data-stolen-with-malware-and-sold-online/105232872Cyber criminals have stolen almost 100 staff logins from Australia's "Big Four" banks, potentially exposing these financial institutions to serious cyber threats including data theft and ransomware attacks, according to recent findings from cyber intelligence firm Hudson Rock.The compromised credentials belong to current and former employees and contractors at ANZ, Commonwealth Bank, NAB, and Westpac, with ANZ and Commonwealth Bank experiencing the highest number of breaches. All stolen credentials included corporate email addresses with access to official bank domains."There are around 100 compromised employees that are related to those four banks," said Hudson Rock analyst Leonid Rozenberg. While this number is significantly smaller than the 31,000 customer banking passwords recently reported stolen, the security implications could be more severe."Technically, [attackers] need only one [login] to do a lot of damage," Rozenberg warned.The credentials were stolen between 2021 and April 2025 using specialized "infostealer" malware designed to harvest sensitive data from infected devices. These stolen credentials have subsequently appeared on Telegram and dark web marketplaces.Security experts explain that these breaches could potentially give hackers "initial access" to the banks' corporate networks. While banks employ additional security measures such as Multi-Factor Authentication (MFA), specialized cybercriminals known as "initial access brokers" focus on finding ways around these protections, often targeting employees working from home.The investigation also uncovered a concerning number of compromised third-party service credentials connected to these banks, with ANZ having more than 100 such breaches and NAB more than 70. These compromised services could include critical communication and project management tools like Slack, JIRA, and Salesforce.All four banks have responded by stating they have multiple safeguards in place to prevent unauthorized access. NAB reports actively scanning cybercrime forums to monitor threats, while CommBank noted investing over $800 million in cybersecurity and financial crime prevention last financial year.The Australian Signals Directorate has already warned that infostealer infections have led to successful attacks on Australian businesses, highlighting that this threat extends beyond the banking sector to organizations across all industries.'AirBorne' Vulnerabilities Expose Apple Devices to Remote Code Execution Attackshttps://www.oligo.security/blog/airborneSecurity researchers at Oligo Security have uncovered a serious set of vulnerabilities in Apple's AirPlay protocol and software development kit (SDK) that could allow attackers to remotely execute code on affected devices without user interaction. These flaws, collectively dubbed "AirBorne," affect millions of Apple and third-party devices worldwide.The security team discovered 23 distinct vulnerabilities that enable various attack vectors, including zero-click and one-click remote code execution, man-in-the-middle attacks, denial of service attacks, and unauthorized access to sensitive information. Perhaps most concerning are two specific flaws (CVE-2025-24252 and CVE-2025-24132) that researchers demonstrated could create "wormable" zero-click attacks, potentially spreading from device to device across networks.Another critical vulnerability (CVE-2025-24206) enables attackers to bypass the "Accept" prompt normally required for AirPlay connections, creating a pathway for truly zero-interaction compromises when combined with other flaws."This means that an attacker can take over certain AirPlay-enabled devices and do things like deploy malware that spreads to devices on any local network the infected device connects to," warned Oligo. "This could lead to the delivery of other sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more."While exploitation is limited to attackers on the same network as vulnerable devices, the potential impact is extensive. Apple reports over 2.35 billion active devices worldwide, and Oligo estimates tens of millions of additional third-party AirPlay-compatible products like speakers, TVs, and car infotainment systems could be affected.Apple released security updates on March 31 to address these vulnerabilities across their product line, including patches for iOS 18.4, iPadOS 18.4, macOS versions (Ventura 13.7.5...
    続きを読む 一部表示
    12 分
  • Cyber Bites - 2nd May 2025

    Cyber Bites - 2nd May 2025
    2025/05/01
    We hit a milestone today as this is our 50th Podcast Episode! A Big thank you to You, our listeners for your continued support!* Kali Linux Users Face Update Issues After Repository Signing Key Loss* CISOs Advised to Secure Personal Protections Against Scapegoating and Whistleblowing Risks* WhatsApp Launches Advanced Chat Privacy to Safeguard Sensitive Conversations* Samsung Confirms Security Vulnerability in Galaxy Devices That Could Expose Passwords* Former Disney Menu Manager Sentenced to 3 Years for Malicious System AttacksKali Linux Users Face Update Issues After Repository Signing Key Losshttps://www.kali.org/blog/new-kali-archive-signing-key/Offensive Security has announced that Kali Linux users will need to manually install a new repository signing key following the loss of the previous key. Without this update, users will experience system update failures.The company recently lost access to the old repository signing key (ED444FF07D8D0BF6) and had to create a new one (ED65462EC8D5E4C5), which has been signed by Kali Linux developers using signatures on the Ubuntu OpenPGP key server. OffSec emphasized that the key wasn't compromised, so the old one remains in the keyring.Users attempting to update their systems with the old key will encounter error messages stating "Missing key 827C8569F2518CC677FECA1AED65462EC8D5E4C5, which is needed to verify signature."To address this issue, the Kali Linux repository was frozen on February 18th. "In the coming day(s), pretty much every Kali system out there will fail to update," OffSec warned. "This is not only you, this is for everyone, and this is entirely our fault."To avoid update failures, users are advised to manually download and install the new repository signing key by running the command: sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpgFor users unwilling to manually update the keyring, OffSec recommends reinstalling Kali using images that include the updated keyring.This isn't the first time Kali Linux users have faced such issues. A similar incident occurred in February 2018 when developers allowed the GPG key to expire, also requiring manual updates from users.CISOs Advised to Secure Personal Protections Against Scapegoating and Whistleblowing Riskshttps://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1727392520218001o5wvhttps://www.theregister.com/2025/04/28/ciso_rsa_whistleblowing/Chief Information Security Officers should negotiate personal liability insurance and golden parachute agreements when starting new roles to protect themselves in case of organizational conflicts, according to a panel of security experts at the RSA Conference.During a session on CISO whistleblowing, experienced security leaders shared cautionary tales and strategic advice for navigating the increasingly precarious position that has earned the role the nickname "chief scapegoat officer" in some organizations.Dd Budiharto, former CISO at Marathon Oil and Philips 66, revealed she was once fired for refusing to approve fraudulent invoices for work that wasn't delivered. "I'm proud to say I've been fired for not being willing to compromise my integrity," she stated. Despite losing her position, Budiharto chose not to pursue legal action against her former employer, a decision the panel unanimously supported as wise to avoid industry blacklisting.Andrew Wilder, CISO of veterinarian network Vetcor, emphasized that security executives should insist on two critical insurance policies before accepting new positions: directors and officers insurance (D&O) and personal legal liability insurance (PLLI). "You want to have personal legal liability insurance that covers you, not while you are an officer of an organization, but after you leave the organization as well," Wilder advised.Wilder referenced the case of former Uber CISO Joe Sullivan, noting that Sullivan's Uber-provided PLLI covered PR costs during his legal proceedings following a data breach cover-up. He also stressed the importance of negotiating severance packages to ensure whistleblowing decisions can be made on ethical rather than financial grounds.The panelists agreed that thorough documentation is essential for CISOs. Herman Brown, CIO for San Francisco's District Attorney's Office, recommended documenting all conversations and decisions. "Email is a great form of documentation that doesn't just stand for 'electronic mail,' it also stands for 'evidential mail,'" he noted.Security leaders were warned to be particularly careful about going to the press with complaints, which the panel suggested could result in even worse professional consequences than legal action. Similarly, Budiharto cautioned against trusting internal human resources departments or ethics panels, reminding attendees that HR ultimately works to protect the company, not individual employees.The panel underscored that proper governance, documentation, and clear ...
    続きを読む 一部表示
    14 分
  • Cyber Bites - 25th April 2025

    Cyber Bites - 25th April 2025
    2025/04/24

    I'm currently on a break and instead of sharing the latest cybersecurity news, I'll be doing a replay of an episode from our sister podcast, AppSec Unlocked. It's an interview episode with seasoned CISO Saut on Executive Security Awareness - Speaking the Board's language. We'll be returning next week with out normal programming of weekly cyber security news. Enjoy the show.



    This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
    続きを読む 一部表示
    23 分

Cyber Bitesに寄せられたリスナーの声

カスタマーレビュー:以下のタブを選択することで、他のサイトのレビューをご覧になれます。

Audible.co.jp

Amazon.co.jp
レビューはまだありません。