A new Mirai-based botnet. - CyberWire Daily

Summary8 min read

CyberWire Daily: A New Mirai-Based Botnet

Release Date: January 8, 2025

Host: Dave Bittner & Chris Hare
Produced by: N2K Networks

Introduction

On the January 8, 2025 episode of CyberWire Daily, hosts Dave Bittner and Chris Hare delve into a spectrum of pressing cybersecurity issues, ranging from emerging botnets and sophisticated phishing attacks to critical software vulnerabilities and innovative government initiatives. This comprehensive summary encapsulates the key discussions, insights, and expert analyses presented in the episode.

1. Emergence of the "Gay Femboy" Mirai-Based Botnet

Timestamp: [05:00]

Security researchers from Quanxin XLab unveiled a new Mirai-based botnet named Gay Femboy, which marks a significant evolution from its predecessors. Originating in February 2024, this botnet leverages over 20 vulnerabilities, including several zero-day exploits, to compromise industrial routers and smart home devices.

Key Points:

Sophistication and Reach: The botnet operates through approximately 15,000 active IP addresses spanning China, Russia, the U.S., Iran, and Turkey.
Targets: It primarily targets sectors involving industrial routers and smart home devices, exploiting devices like Faith, Niterbit routers, and Weimar home devices.
Impact on Researchers: Even the XLab researchers faced attacks while analyzing the botnet’s command and control domains, ultimately halting their investigation to prevent further disruptions.

Notable Quote:

"The sophistication of Gay Femboy represents a significant leap in botnet capabilities, making mitigation increasingly challenging," said a Quanxin XLab spokesperson at [05:30].

2. Google’s Android Security Update for 2025

Timestamp: [07:15]

Google released its first security update for Android in 2025, addressing 36 vulnerabilities, including five critical remote code execution (RCE) bugs affecting Android versions 12 through 15.

Key Points:

Patch Details: The update is divided into two parts—fixing 24 issues in the Framework, Media Framework, and System components, and resolving 12 additional vulnerabilities in components from Imagination Technologies, MediaTek, and Qualcomm.
Pixel Devices: A critical RCE bug in the Pixel Devices’ baseband subcomponent was also patched.
Urgency: Google has not detected any active exploitation in the wild but urges users to update promptly to safeguard against potential threats.

Notable Quote:

"Promptly applying these updates is crucial to protect your devices from evolving threats," advised a Google spokesperson at [07:45].

3. Sophisticated Voice Phishing Attacks Exploit Apple and Google Services

Timestamp: [09:30]

Cybercriminals have intensified their voice phishing (vishing) strategies by exploiting legitimate Apple and Google services, making these attacks more convincing and harder to detect.

Key Points:

Methods: Scammers send notifications, emails, and account recovery prompts using spoofed identities to deceive users into believing they are interacting with official Apple or Google channels.
Notable Incidents: A cryptocurrency investor lost $4.7 million after being tricked through Google Assistant and fake recovery emails. Additionally, a musician’s Apple credentials were compromised, and billionaire Mark Cuban fell victim to a $43,000 scam orchestrated by the Crypto Chameleon group.
Techniques: The use of leaked data, phishing kits, and tools like autodockers enhances the precision and effectiveness of these scams.

Notable Quote:

"The integration of legitimate platform functionalities into phishing attacks significantly blurs the lines, making user vigilance more critical than ever," noted Krebs on Security at [10:10].

4. Chinese Hacking Group "Mirror Face" Targets Japan

Timestamp: [12:15]

Japan has attributed over 200 cyberattacks since 2019 to the Chinese hacking group Mirror Face, which focuses on national security and advanced technology sectors.

Key Points:

Targets: Included foreign and defense ministries, the space agency JAXA, Nagoya's port, and Japan Airlines.
Tactics: Utilizes phishing emails referencing geopolitical topics and exploits vulnerabilities in VPN systems.
Response: Experts are urging Japan to bolster its cybersecurity infrastructure, especially as it strengthens defense cooperation with the U.S. and other allies.

Notable Quote:

"Strengthening cybersecurity is paramount as Japan enhances its defense collaborations," stated a Japanese cybersecurity expert at [12:50].

5. Cassio Ransomware Attack Compromises Sensitive Data

Timestamp: [14:00]

In October, the ransomware attack on Cassio compromised the personal data of nearly 8,500 individuals, including employees, business partners, and customers.

Key Points:

Data Compromised: Names, email addresses, taxpayer IDs, and birth dates were exposed.
Attribution: A Russia-linked underground ransomware gang claimed responsibility, stealing over 200 gigabytes of data.
Response: Cassio attributed the breach to phishing attacks and has declined to negotiate with the attackers. While most systems have been restored, some services remain offline. Importantly, no credit card data was compromised.

Notable Quote:

"Our priority is restoring services and ensuring such breaches do not recur," affirmed a Cassio spokesperson at [14:30].

6. Fortinet Uncovers Advanced PayPal Phishing Scam

Timestamp: [15:20]

Fortinet's FortiGuard Labs identified a sophisticated phishing scam targeting PayPal users by exploiting the platform’s legitimate functionalities.

Key Points:

Scam Mechanics: Scammers send authentic-looking emails from legitimate sender addresses, directing users to counterfeit PayPal login pages under the guise of investigating payment requests.
Technical Exploits: Utilizes Microsoft 365’s sender rewriting scheme and genuine URLs to bypass traditional phishing detection.
Preventative Measures: Fortinet CISO Carl Windsor emphasized the importance of verifying URLs, avoiding unsolicited links, and enabling two-factor authentication (2FA).

Notable Quote:

"Enhanced vigilance and robust authentication methods are essential to counter these increasingly sophisticated phishing tactics," advised Carl Windsor at [15:50].

7. SonicWall Addresses Critical Vulnerabilities in SonicOS

Timestamp: [16:45]

SonicWall has issued a security advisory addressing four critical vulnerabilities within its SonicOS software, which affects various firewall models and cloud platforms.

Key Points:

Vulnerabilities: Include a weak pseudo-random number generator, improper authentication in SSL VPN, server-side request forgery (SSRF), and privilege escalation in Gen7 cloud platforms, with CVSS scores ranging from 6.5 to 8.2.
Impact: Potential for attackers to bypass authentication, escalate privileges, or establish unauthorized connections.
Recommendations: SonicWall urges immediate software updates and limiting SSL VPN and SSH management access to trusted sources.

Notable Quote:

"Immediate action is required to mitigate these vulnerabilities and safeguard your network infrastructure," warned a SonicWall representative at [17:25].

8. CISA Warns of Exploitation in Mitel MyCollab

Timestamp: [18:00]

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding active exploitation of two vulnerabilities in Mitel MyCollab.

Key Points:

Vulnerabilities:
- Critical: A path traversal flaw with a CVSS score of 9.8, allowing unauthorized administrative actions.
- Low Severity: Requires admin credentials but cannot modify files or escalate privileges.
Mitigation: Mitel addressed the critical flaw and patched the other vulnerability in MyCollab version 9.8 SP2.
Directive: Organizations are urged to apply patches by January 28 to comply with federal mandates.

Notable Quote:

"Timely patching is crucial to prevent unauthorized administrative access and ensure system integrity," emphasized CISA at [18:20].

9. US Launches Cyber Trustmark Initiative

Timestamp: [19:40]

The US government has initiated the Cyber Trustmark Initiative, a voluntary labeling program designed to help consumers identify smart devices with robust cybersecurity protections.

Key Points:

Purpose: To reduce vulnerabilities in connected devices such as baby monitors, security cameras, fitness trackers, and smart appliances.
Features: The label includes a shield logo and a QR code providing detailed security information, including software update provisions.
Participation: Major brands like Amazon, Google, and Samsung are on board, with labeled products expected to roll out later in the year.
Inspiration: Modeled after the Energy Star program, it aims to inform consumers and incentivize manufacturers to enhance device security.

Notable Quote:

"With the average home containing 21 connected devices, Cyber Trustmark aims to significantly reduce potential entry points for cybercriminals," explained a US government spokesperson at [20:10].

10. CertBytes Segment: Understanding Networking Protocols

Timestamp: [21:00]

In the CertBytes segment, Chris Hare and Stephen Burnley discuss a practice test question from N2K's ISC2 certified cybersecurity exam, focusing on identifying protocols based on well-known TCP ports.

Practice Question:

You use a computer on a TCP/IP network and transfer data through well-known TCP port 80. Which protocol is most likely being used to transfer data?

Options: FTP, POP3, SMTP, HTTP

Discussion Highlights:

Correct Answer: HTTP, as it is assigned to port 80 and used to transfer data between browsers and servers on the web.
Study Tips: Utilizing mnemonics and focusing on key aspects of acronyms to aid memorization.
Expert Insights: Both hosts emphasize the importance of understanding protocols and their associated ports for certification exams.

Notable Quote:

"When dealing with acronym soup, focus on singular, memorable elements to aid recall," advised Chris Hare at [21:50].

11. Privacy Concerns over Motorola’s Automated License Plate Readers

Timestamp: [24:00]

Motorola’s automated license plate readers (ALPRs) have unintentionally become live-streaming surveillance tools due to misconfigurations, raising significant privacy concerns.

Key Points:

Exposure: ALPRs were found broadcasting video and license plate data online without requiring login credentials.
Research Findings: Security researcher Matt Brown utilized the IoT search engine Census to locate exposed streams, including color and infrared footage.
Privacy Implications: Privacy advocate Will Freeman developed a tool that decodes and timestamps car movements, allowing for real-time tracking of individuals.
Response: Motorola has committed to releasing a firmware update to address these vulnerabilities, though some devices remain insecure until then.

Notable Quote:

"The unintended streaming capabilities of ALPRs pose a significant threat to personal privacy, transforming them into tools for potential surveillance abuses," stated Will Freeman at [24:20].

Conclusion

The January 8, 2025 episode of CyberWire Daily underscores the ever-evolving landscape of cybersecurity threats and defenses. From the sophistication of new botnets and phishing scams to critical software vulnerabilities and proactive government initiatives, the episode provides valuable insights for industry leaders, IT professionals, and cybersecurity enthusiasts. Staying informed and vigilant remains paramount in navigating the complexities of digital security.

For more detailed information and updates, listeners are encouraged to visit thecyberwire.com and engage with the CyberWire community.

This summary was crafted based on the transcript provided and aims to highlight the essential discussions and expert insights shared during the podcast episode.

Loading summary

Transcript28 lines

[00:02]
Dave Bittner
You're listening to the CyberWire Network.
[00:04]
Chris Hare
Powered by N2K.
[00:10]
Sponsor Voice
This episode is brought to you by Indeed. We're driven by the Search for Better. But when it comes to hiring, the best way to search for a candidate isn't to search at all. Don't search. Match with Indeed. Use Indeed for scheduling, screening and messaging Search so you can connect with candidates faster. Listeners of this show will get a $75 sponsored job credit to get your jobs More visibility@ Indeed.com SBO terms and conditions apply.
[00:41]
Dave Bittner
Ransomware, supply chain attacks and zero day exploits can strike without warning, leaving your business's sensitive data and digital assets vulnerable. But imagine a world where your cybersecurity strategy could prevent these threats. That's the power of the ThreatLocker zero trust endpoint protection platform. Robust cybersecurity is a non negotiable to safeguard organizations from cyberattacks. ThreatLocker implements a proactive, deny by default approach to cybersecurity, blocking every action process end user unless specifically authorized by your team. This least privilege methodology mitigates the exploitation of trusted applications and ensures protection for your organization. 2473655 IT professionals are empowered by Threat Locker Application Allow Listing, Ring Fencing, Network control and EDR solutions, enhancing their cybersecurity posture and streamlining internal IT and security operations. To learn more about how ThreatLocker can help mitigate unknown threats in your digital environment and align your organization with respected compliance frameworks, visit threatlocker.com Researchers ID a new Mirai based botnet Android devices get their first round of updates for the new year. Criminals exploit legitimate Apple and Google services in sophisticated voice phishing attacks. Japan attributes over 200 cyberattacks to the Chinese hacking group Mirror Face. A PayPal phishing scam exploits legitimate platform functionality. SonicWall addresses critical vulnerabilities in its Sonic OS software. CISA warns of active exploitation of vulnerabilities in Mitel mycollab, a new government backed labeling program hopes to help consumers choose more secure devices. On today's certbyte segment, Chris Hare and Steven Burnley unpack a question from N2K's ISC2 certif certified in cybersecurity Practice Test and streaming license plate readers. No password required. It's Wednesday, January 8, 2025. I'm Dave Buettner and this is your CyberWire Intel Brief. Thank you for joining us here once again today. Great to have you with us. Security researchers have identified a new Mirai based botnet offensively named Gay Femboy, which uses zero Day exploits to target industrial routers and smart home devices. Discovered by Quanxin XLab In February of 2024, the botnet evolved from a standard Mirai variant to a sophisticated threat. IT exploits over 20 vulnerabilities, including a zero day flaw in four faith routers and unassigned vulnerabilities in Niterbit routers and Weimar home devices. With about 15,000 active IPs across China, Russia, the U.S. iran and Turkey, the botnet launches frequent DDoS attacks, peaking in late 2024. Its targets span multiple sectors and even XLAB researchers were attacked after registering command and control domains for analysis. Lacking DDoS mitigation, XLAB eventually ceased their investigation to avoid further disruptions. Google has released its first Android security updates for 2025 addressing 36 vulnerabilities, including five critical remote code execution bugs in the system component. The Update, split into two parts, begins with fixing 24 issues in Android's Framework, Media Framework and System components. The critical RCE flaws affect Android versions 12 through 15. The second patch resolves an additional 12 vulnerabilities in Imagination Technologies, MediaTek and Qualcomm components, covering all 36 flaws. Google also patched a critical RCE bug in Pixel Devices baseband subcomponent. While there's no evidence of exploitation in the wild, Google urges users to update promptly. Android Automotive OS and Wear OS devices will also receive patches. Cybercriminals are exploiting legitimate Apple and Google services in sophisticated voice phishing attacks, as revealed by Krebs on Security. These scammers trick users into believing they're interacting with Apple or Google by sending notifications, emails, and account recovery prompts using spoofed identities. One case involved a cryptocurrency investor who lost $4.7 million after scammers used Google Assistant and fake recovery emails to deceive him. The scammers leveraged Apple's support line to generate legitimate account confirmation prompts, reinforcing their authenticity. A leaked phishing panel video demonstrates how scammers tricked a musician into revealing his Apple credentials. A phishing group dubbed Crypto Chameleon also targeted cryptocurrency exchanges and high profile individuals, including billionaire Mark Cuban, who lost $43,000 in crypto. These groups rely on leaked data, phishing kits, and tools like autodoczers to refine targets. Despite their innovation, internal betrayal and law enforcement remain persistent threats to these criminal operations. Japan has attributed over 200 cyber attacks since 2019 to the Chinese hacking group Mirror Face, targeting national security and advanced technology data. The attacks focused on the foreign and defense ministries, the space agency and private sector entities, using tactics like phishing emails, referencing geopolitical topics and exploiting VPN vulnerabilities. Notable incidents include breaches at JAXA and disruptions at Nagoya's port and Japan Airlines. Experts urged Japan to strengthen cybersecurity as it enhances defense cooperation with the US and allies elsewhere in Japan. Cassio confirmed a ransomware attack in October compromised the personal data of nearly 8500 individuals, including 6500 employees, 1900 business partners and 91 customers. Data exposed included names, email addresses and sensitive information like taxpayer IDs and birth dates. The Russia linked underground ransomware gang claimed responsibility, stealing over 200 gigabytes of data. Cassio attributed the breach to phishing and declined to negotiate with the attackers. While most systems are restored, some services remain offline. No credit card data was compromised. Fortinet's FortiGuard Labs has uncovered a sophisticated PayPal phishing scam exploiting legitimate platform functionality. Scammers use genuine looking emails with valid sender addresses to direct users to PayPal's login page under the guise of investigating a payment request. The attack leverages a Microsoft 365 test domain and distribution lists to send legitimate PayPal money requests, bypassing traditional phishing checks through Microsoft 365's sender rewriting scheme. Victims unknowingly link their PayPal accounts to the scammers, granting attackers potential control over finances. Unlike traditional phishing, this scam uses authentic emails and URLs, making detection harder. Fortinet's CISO Carl Windsor emphasized the need for vigilance, urging users to verify URLs, avoid unsolicited links, and enable two factor authentication. The scam highlights the critical role of cybersecurity awareness in protecting against increasingly sophisticated attacks. SonicWall has issued a security advisory addressing four critical vulnerabilities in its Sonic OS software, affecting various firewall models and cloud platforms. These include a weak pseudo random number generator, improper authentication in SSL vpn, a server side request forgery flaw, and Privilege escalation in Gen7 cloud platforms with CVSS scores ranging from 6.5 to 8.2. These vulnerabilities could allow attackers to bypass authentication, escalate privileges, or establish unauthorized connections. SonicWall urges immediate updates and limiting SSL VPN and SSH management access to trusted sources. No exploitation in the wild has been reported. CISA has warned of active exploitation of two vulnerabilities in Mitel MyCollab, the first a critical path traversal flaw with a CVSS of 9.8, the second a low severity issue with a score of 2.7. The critical bug allows unauthorized administrative actions, while the low severity flaw requires admin credentials and cannot modify files or escalate privileges. Mitel addressed the critical flaw and mitigated the other in MyCollab version 9.8 SP2. CISA urges organizations to patch by January 28, per federal mandates. To mitigate potential risks, the US government is launching the Cyber Trustmark Initiative, a voluntary labeling program to help consumers identify smart devices with robust cybersecurity protections. Devices like baby monitors, security cameras, fitness trackers, and smart appliances can carry the label if they meet federal cybersecurity standards. The label includes a shield logo and QR code for detailed security information, such as whether manufacturers provide software updates. Major brands like Amazon, Google and Samsung are participating with labeled products expected later this year. The initiative, led by the FCC and inspired by the Energy Star program, aims to inform consumers while encouraging manufacturers to improve device security. With the average home containing 21 connected devices, this program seeks to reduce vulnerabilities that cybercriminals could exploit. Coming up after the break on today's CertBytes segment, Chris Hare Stephen Burnley Unpack a question from N2K's ISC2 certified in cybersecurity practice test and streaming license plate readers. No password required. Stay with us.
[12:49]
Sponsor Voice
If you need three new reasons to love Jack Wraps at Jack in the Box even more, here they are. Chicken fajita, Chicken Caesar and delicious starting at $3. Coincidentally, those are the same three reasons you should come to Jack in the Box right now at Jack. Every bite's a big deal.
[13:12]
And now a word from our sponsor. Know before it's all connected and we're not talking conspiracy theories when it comes to infosec tools, effective integrations can make or break your security stack. The same should be true for security awareness training. KnowBeFor, provider of the world's largest library of security awareness training, provides a way to integrate your existing security stack tools to help you strengthen your organization's security culture. KnowBe4's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike and Cisco 35. Vendor integrations and Counting Security Coach analyzes your Security Stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint identity or web security vendors. Then coach your users. At the moment, the risky behavior occurs with contextual security tips delivered via Microsoft Teams, Slack or email. Learn more@knowbe4.com SecurityCoach that's knowbe4.com SecurityCoach and we thank knowbe4 for sponsoring our show.
[14:38]
Chris Hare
Foreign.
[14:46]
Dave Bittner
Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off it's time for our recurring Certbyte segment and in today's edition, N2K's Chris Hare teams up with Stephen Burnley to unpack a question from N2K's ISC2 certified in Cybersecurity Practice Test.
[16:11]
Steven Burnley
Hi everyone, it's Chris. I'm a content developer and project management specialist here at N2K Networks. I'm also your host for this week's edition of Certbyte, where I share a practice test question from our suite of industry leading content and a study tip to help you achieve the professional certifications you need to fast track your career growth in IT, cybersecurity and project management. Today's question targets the ISE2 Certified in Cybersecurity or CC exam, which launched on August 31, 2022. This exam is targeted for those candidates who are college students or grads, IT professionals or career changers wanting to pivot to the cybersecurity industry. ISC2 also reports that their members earn 35% higher salaries than non members. I have a new guest host here to help us out today, Stephen, who is our resident ISE2 expert. Welcome Stephen. How are you today?
[17:10]
Chris Hare
I'm doing great Chris. Thanks for inviting me. I feel like I spent my entire life either taking practice exams for certification exams or now writing certification exam questions. So I'm really happy to be here.
[17:22]
Steven Burnley
We are happy to have you. So if you've been listening to our episodes, you know that we are going to be turning the tables. And Steven, you're going to be asking me today's question. But first, while I corral some courage, I understand you have a 10 second study bit for this test. So what do you have for us today, Stephen?
[17:41]
Chris Hare
Well, I want to remind everyone that when you're practicing to take a certification exam that the practice tests are not the actual questions. So one of the things that we do at N2k in our practice exams is make sure all of the incorrect answers are also plausible answers on the real exam for other types of questions. So make sure you study the wrong answers and read those descriptive links in the bottom of practice exam tips.
[18:06]
Steven Burnley
That is a really great tip. So Steven, what do you have for me today?
[18:11]
Chris Hare
All right, this is networking, Chris, so prepare yourself. So here we go. Okay, you use a computer on a TCP IP network and you transfer data through well known TCP port 80. Which protocol is most likely being used to transfer data. Now this is a multiple choice question. You don't have to have these memorized. So let me tell you what your four choices are. Your choices are FTP, POP3, SMTP or HTTP.
[18:43]
Steven Burnley
All right, Steven, so this falls under the network security objective and understand computer networking sub objective. Is that correct?
[18:54]
Chris Hare
That's correct. And it's a good idea for you to place these exam in the appropriate objectives so you know you've studied all parts of the exam.
[19:01]
Steven Burnley
That's right. So not my strong suit. But I admit I have studied for, taken and passed this CC test and it was no easy feat even though it's targeted for beginners. So it was a tough test. And for our listeners out there, it's 100 multiple choice questions and you get two hours. It sounds like I'm stalling, which I am. So I should know this. And I do recall this answer as I did a memorization technique for this, which I will discuss in a bit. So my answer is D. HTTP.
[19:30]
Chris Hare
All right, we're off to a good start. That is correct. The Hypertext Transfer Protocol HTTP is assigned to port 80 and that is a well known port number that you do need to know for the CC exam. HTTP is used to transfer data between browsers and servers on the web. HTTP is a stateless protocol, which means the server and the client do not collect any information about each other. Now, in terms of studying the incorrect answers, those may be plausible correct answers on other questions. So let's make sure we know those as well. The FTP stands for the file transfer protocol and that uses the well known TCP ports 20 and 21. FTP is used to transfer files or data between FTP clients and servers on a TCP IP network. Now the next one is related to email. It is the POP3 or Post Office Protocol 3 and that uses TCP port 110. POP3 is used to transfer email messages from email servers to clients. And there's another final option there that was smtp, which is also related to mail. It's called the Simple Mail Transfer Protocol that uses well known TCP Port 25. SMTP is used to transfer email messages between email servers and then sometimes transfer messages from clients to servers in older environments. So I'm curious now you used a memorization technique to remember these ports. What is your trick?
[21:02]
Steven Burnley
So there are a lot of mnemonics out there that you can use, as you very well know, Stephen. And for port 80 I've seen everything from mapping port 80 to the part acronym part phrase. Hold the phone, I see a ghost since the number 80 looks like a sideways ghost face I guess, which is foreboding since it's a non encrypted port. But I just associated 80 with the HTTP protocol coming out in 1989, so that's what I used. And there are so many techniques. Can you share some of what you've heard that have been helpful?
[21:36]
Chris Hare
Well, when you take a certification exam related to technology concepts like this, it can be acronym soup. So one of my tips is I don't try to remember all of the words in the acronym. For example HTTP I would just think of that one as H. The SMTP I would think of as simple. And then that way I'm only trying to remember one word that's easily pronounced rather than an acronym or the whole thing pronounced all the way out.
[22:03]
Steven Burnley
That is very helpful. So I'd love to hear from our listeners what techniques they've used as well, so leave us a comment. Also, Steven, this is one of those tests where you are not allowed to mark items for review, which makes the exam even more challenging. Is that due to the fact that it's adaptive, which means it supplies subsequent questions based on your previous answers?
[22:26]
Chris Hare
Actually, no. On this particular exam, the exam questions will be balanced according to the percentage of the questions that are stated in the exam summary. So it's a really good idea as a student to make sure that you study all the parts of the exam and those percentage weighting will give you an idea about how many questions you'll get on each topic.
[22:45]
Steven Burnley
Excellent. Great question. Appreciate your being here today Steven. Are there any upcoming ISE2 or other practice tests you'd like to promote here.
[22:54]
Chris Hare
We do actually. We have an update coming for the CISSP Exam in early 2025 and just recently updated the framework for the Cisco Certified Network Associate or CCNA exam this past September. We also have a ton more Microsoft, Comptia and Amazon exam updates coming, so keep a lookout for those on our website.
[23:16]
Steven Burnley
Excellent. Thank you so much, Steven.
[23:18]
Chris Hare
Thank you for having me, Chris.
[23:20]
Steven Burnley
Absolutely. And thank you for joining me for this week's Circ Bite. If you're actively studying for this certification and have any questions about study tips or even future certification questions you'd like to see, please feel free to email me at certbite2k.com that's C-E-R-T B Y T E2K.com if you'd like to learn more about N2K's practice test, visit our website at n2k.com certify for more resources, including our N2K Pro offerings. Check out thecyberwire.com pro for sources and citations for this question, please check out our show Notes. Happy certifying.
[24:09]
Dave Bittner
And of course we will have links to N2K's ISE2 certified in cybersecurity practice test in our show notes. And finally, Motorola's automated license plate readers are unintentionally moonlighting as live streaming surveillance tools, thanks to misconfigurations exposing them to the unsecured Internet. Security researcher Matt Brown found that some of these cameras, intended for private networks, are accidentally broadcasting video and license plate data online for anyone with the right tools to access. Using the IoT search engine census, Brown located streams showing color and infrared footage along with real time plate data. No login required. Privacy advocate Will Freeman turned this oversight into a proof of concept nightmare, crafting a tool that decodes and timestamps car movements into spreadsheets. Want to track a stranger's daily commute? There's an app for that. Theoretically, Freeman warns, this exposure underscores how risky automatic license plate readers are to privacy. Despite claims they're harmless unless you're a criminal, Motorola promises a firmware update to address these issues. Until then, some cameras remain accidental live streamers mapping our every move. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com this episode was produced by Liz Stokes. Our mixer is Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Iban. Our executive editor is Brandon Karp. Simone Petrella is our president. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.