When retaliation turns digital. - CyberWire Daily

Summary7 min read

CyberWire Daily: Episode Summary – "When Retaliation Turns Digital"

Release Date: January 10, 2025

Host: N2K Networks

Episode Overview

In this episode of CyberWire Daily, host Dave Bittner delivers a comprehensive briefing on the latest developments in the cybersecurity landscape. The episode delves into significant cyber threats, breaches, and defenses, followed by an insightful interview with Casey Marks, ISC²’s Chief Qualifications Officer, discussing the evolving landscape of cybersecurity certifications. The episode concludes with a light-hearted register story highlighting an unexpected software glitch.

Cybersecurity News Highlights

1. Chinese Hackers Breach U.S. Treasury Department

Chinese cyber actors have successfully breached the U.S. Treasury Department's unclassified systems, specifically targeting its sanctions office. The intrusion also impacted the Committee on Foreign Investment in the U.S. (CFIUS), which now wields increased authority over real estate deals near military bases—a hotspot for potential espionage.

Treasury Secretary Janet Yellen remarked at [04:30]: "This breach is a significant setback for U.S.-China relations and underscores the urgent need for enhanced cybersecurity measures."

The breach raises suspicions of retaliation following the sanctions imposed on a Chinese company for prior cyberattacks.

2. Supreme Court Considers TikTok Ban

The Supreme Court is evaluating a law that seeks to ban TikTok in the United States unless its Chinese parent company, ByteDance, divests by January 19th. The legislation, supported by both political parties, aims to mitigate national security risks associated with potential Chinese government influence over the platform.

TikTok's legal representative argued at [05:15]: "Banning TikTok without evidence of direct Chinese control infringes upon First Amendment rights and is akin to shutting down a U.S. newspaper under foreign pressure."

3. Zero Day Exploit in Ivanti Connect Secure VPN

Mandiant reports that Chinese threat group Silk Typhoon has exploited a zero-day vulnerability in Ivanti Connect Secure VPN appliances since December. The attackers deployed malware variants like Spawn, Phase Jam, and Dryhook to exfiltrate credentials, API keys, and VPN session data.

Cybersecurity Analyst at Mandiant noted at [06:45]: "The exploitation of this zero-day highlights the critical need for timely patching and robust network defenses."

CISA has mandated remediation by January 15th to prevent widespread exploitation.

4. WordPress Checkout Page Malware Skimmer

A sophisticated credit card skimmer malware has been identified targeting WordPress checkout pages. The malware injects malicious JavaScript into the database's WP options table, bypassing theme files and plugins to stealthily capture payment information in real-time.

Security Expert explained at [07:30]: "This method of injection allows attackers to remain undetected while siphoning off sensitive financial data, making it imperative for site administrators to frequently audit their HTML widgets and plugins."

5. Banshee macOS Info Stealer Update

The Banshee macOS Info Stealer has been updated to specifically target Russian-language systems. Originally launched in 2024, the malware gathers data such as passwords, browser information, and cryptocurrency wallet details.

Check Point Reports at [08:20]: "Despite improved antivirus detection post-source code leak, new variants risk further exploitation, particularly through phishing websites and counterfeit GitHub repositories."

6. California Health Services Data Breach

Baymark Health Services in California disclosed a data breach impacting nearly 3,000 patients. The compromised information includes names, Social Security numbers, insurance details, and treatment records.

Baymark Secured Systems stated at [09:10]: "We have enhanced our security measures post-incident and are providing one year of free credit monitoring to affected individuals."

7. Florida HIPAA Settlement

USR Holdings, a Florida-based firm, has settled for $337,000 following a 2018 breach that exposed personal information of nearly 3,000 patients. The breach stemmed from a firewall misconfiguration, leading to unauthorized access and data deletion.

HHS Representative at [09:55]: "This settlement underscores the critical importance of robust data backup and proactive monitoring to avert similar incidents."

8. Samsung Patches Android Devices

Samsung released a January 2025 security update addressing critical vulnerabilities in Android and its own devices. The patch resolves five high-priority vulnerabilities that could allow unauthorized code execution and data breaches.

Samsung Security Team urged at [10:30]: "Users are strongly encouraged to apply these updates promptly to safeguard their devices against potential threats."

9. ProtonMail Outage

ProtonMail experienced a global service outage on January 9th due to network issues, affecting services like Calendar, VPN, Drive, Pass, and Wallet. The outage was resolved within a few hours, with ProtonMail apologizing for the inconvenience.

ProtonMail Representative at [11:00]: "We are investigating the root cause to prevent future disruptions and ensure the reliability of our services."

10. Malware on GroupGreeting.com

Malwarebytes uncovered the ZQXQ cyberattack campaign targeting GroupGreeting.com, a popular e-card service used by enterprises like Airbnb and Coca-Cola. The attackers injected obfuscated JavaScript to redirect users to phishing sites or deploy malware.

Adam Gaudiak, CEO of Ag Security Research, highlighted at [12:15]: "The exploitation strategy leverages seasonal traffic spikes, making it a potent tool for large-scale infections."

11. Microsoft PlayReady DRM Vulnerabilities Exposed

Adam Gaudiak exposed vulnerabilities in Microsoft's PlayReady DRM technology that allow unauthorized access to streaming content keys. Despite initial dismissal from Microsoft, the disclosure has raised concerns over bug bounty programs and responsible disclosure practices.

Casey Marks mentioned at [12:50]: "This incident exemplifies the ongoing challenges in balancing researcher incentives with corporate accountability."

12. Facebook Awards Bug Bounty for Ad Platform Vulnerability

Facebook rewarded researcher Ben Sadaginpour with a $100,000 bug bounty for discovering a critical vulnerability in its ad platform linked to an unpatched Chrome bug. This flaw permitted command execution on Facebook's internal servers, granting extensive system access.

Facebook Security Team at [13:30]: "Prompt addressing of such vulnerabilities is crucial to maintaining the integrity and security of our infrastructure."

Featured Interview: Casey Marks, ISC²’s Chief Qualifications Officer

Section Timestamp: [16:07 – 25:16]

In an enlightening segment, host Chris Hare engages with Casey Marks, ISC²'s Chief Qualifications Officer, to explore the future of cybersecurity certifications.

a. Role of Chief Qualifications Officer

Casey Marks elaborates on her responsibilities, which include maintaining and developing ISC²’s certification portfolio, ensuring exam integrity, and upholding the organization’s code of professional conduct.

Casey Marks at [16:13]: "We ensure exams are fair, reliable, and valid, providing every candidate an equal opportunity to demonstrate their knowledge and skills."

b. Trends in Certification Growth

Marks observes a global surge in the demand for cybersecurity certifications, driven by increased governmental interest and the need for standardized qualifications in the cybersecurity profession.

Casey Marks at [17:49]: "There's a noticeable uptick in certifications like CISSP and CCSP, reflecting the industry's shift towards robust, validated qualifications."

c. ISC²’s 1 Million Certified in Cybersecurity Program

ISC² has launched an ambitious initiative to certify one million cybersecurity professionals through the free Certified in Cybersecurity (CC) program. This effort aims to bridge the experience gap for newcomers entering the field.

Casey Marks at [21:17]: "Our CC program provides a foundational certification that helps individuals demonstrate their commitment and readiness to enter the cybersecurity profession."

d. Continuing Professional Education Credits (CPEs)

Marks emphasizes the importance of CPEs in maintaining certifications and outlines various avenues for earning these credits, including courses, certifications, training, events, webinars, and volunteer opportunities.

Casey Marks at [22:39]: "There are myriad opportunities for certified members to earn CPEs, from attending webinars to contributing as subject matter experts. It's a way to continue professional growth and give back to the community."

Register Story: Chrome’s Overzealous Translation Feature Causes Chaos

In an amusing yet cautionary tale, Mac, a developer for a SASE business management suite targeting non-English European markets, encountered an unexpected glitch when a user reported the app displaying English—a language not supported by the application.

After an exhaustive investigation, the team discovered that Chrome’s automatic translation feature was inadvertently triggered by the user, leading to the display anomaly.

Narrative at [26:00]: "Had the app been sabotaged by rogue translators? After much sleuthing, the culprit emerged: Chrome's overly helpful Translate to English feature accidentally triggered by the user."

Takeaway: While helpful features aim to enhance user experience, they can sometimes lead to unintended consequences, underscoring the importance of thorough testing and user education.

Conclusion

This episode of CyberWire Daily provides a thorough overview of pressing cybersecurity issues, from state-sponsored breaches to emerging malware threats. The in-depth interview with Casey Marks offers valuable insights into the evolving certification landscape, highlighting ISC²’s initiatives to bolster the cybersecurity workforce. The light-hearted register story serves as a reminder of the unexpected challenges that can arise even from well-intentioned software features.

For those interested in staying ahead in cybersecurity, this episode delivers essential updates and professional perspectives to navigate the complex digital threat environment effectively.

Stay informed with CyberWire Daily for the latest in cybersecurity news and expert analysis.

Loading summary

Transcript28 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire Network. Powered by n2k.
[00:10]
Amazon Sponsor
This episode is brought to you by Amazon. Sometimes the most painful part of getting sick is the getting better part. Waiting on hold for an appointment, sitting in crowded waiting rooms, standing in line at the pharmacy that's painful. Amazon One Medical and Amazon Pharmacy remove those painful parts of getting better with things like 24. 7 virtual visits and prescriptions delivered to your door. Thanks to Amazon Pharmacy and Amazon One Medical Healthcare just got less painful.
[00:40]
Dave Bittner
Ransomware, supply chain attacks and zero day exploits can strike without warning, leaving your business's sensitive data and digital assets vulnerable. But imagine a world where your cybersecurity strategy could prevent these threats. That's the power of the Threat Locker Zero Trust Endpoint Protection Platform Robust cybersecurity is a non negotiable to safeguard organizations from cyberattacks, ThreatLocker implements a proactive deny by default approach to cybersecurity, blocking every action process end user unless specifically authorized by your team. This least privilege methodology mitigates the exploitation of trusted applications and ensures protection for your organization. 247365 IT professionals are empowered by ThreatLocker application allowance listing, Ring Fencing, Network Control and EDR solutions, enhancing their cybersecurity posture and streamlining internal IT and security operations. To learn more about how ThreatLocker can help mitigate unknown threats in your digital environment and align your organization with respected compliance frameworks, visit threatlocker.com New details emerge about Chinese hackers breaching the US Treasury Department the Supreme Court considers the TikTok ban Chinese hackers exploit a zero day flaw in Avanti Connect Secure VPN A new credit card skimmer malware targets WordPress checkout pages the Banshee macOS Info Stealer has been updated A California health services organization reports a data breach A Florida Firm pays a 337,000 HIPAA settlement following a 2018 breach Samsung patches Android devices A Proton mail outage hits users worldwide A popular E Card site recovers from malware Certbyte segment host Chris Hare interviews our guest Casey Marks, ISC2's chief qualifications officer, about the future of certifications and that's a feature not a HAC.
[03:01]
Chris Hare
Foreign.
[03:05]
Dave Bittner
It'S Friday, January 10, 2025. I'm Dave Bittner and this is your Cyberwire Intel Briefing. Happy Friday and thanks for joining us here today. It is great to have you with us. New details have emerged about Chinese hackers breaching the U.S. treasury Department's unclassified systems, revealing they targeted its sanctions office. In addition to the previously reported hack of other treasury systems. CNN reports the sanctions office had recently penalized a Chinese company for cyberattacks, raising questions about whether the hack was retaliatory. The breach also affected the Committee on Foreign investment in the U.S. which oversees foreign investments for national security risks. This comes as the committee gained new authority over real estate deals near military bases, an area of growing concern for potential Chinese espionage. While no classified information was accessed, officials worry that the stolen, unclassified data could still provide useful intelligence for Beijing. Treasury Secretary Janet Yellen called the breach a blow to U. S China relations, emphasizing the need for stronger cybersecurity measures. The Supreme Court is considering whether to block a law that could ban TikTok in the US if its China based owner ByteDance, doesn't divest by January 19th. The law, enacted with bipartisan support, aims to address national security concerns over potential Chinese government influence on the platform. TikTok and users argue the ban violates First Amendment rights. During oral arguments, TikTok's attorney denied direct Chinese control and compared the divestment to shutting down a US Newspaper under foreign pressure. Mandiant reports that Chinese hackers have exploited a zero day flaw in Ivanti Connect secure VPN appliances since December, deploying malware such as Spawn, Phase Jam and Dryhook to steal credentials, API keys, and VPN session data. CISA has mandated remediation by January 15th. Researchers warn of widespread exploitation, targeting credentials and deploying Web shells for future access. The attacks linked to Chinese Silk Typhoon hackers follow recent breaches of the Treasury Department's systems. A new credit card skimmer malware targets WordPress checkout pages, injecting malicious JavaScript into the database's WP options table to steal sensitive payment details. This approach evades detection by bypassing theme files and plugins, enabling covert operation. The malware dynamically creates fake payment forms or intercepts real ones, capturing credit card information in real time. Data is encrypted and sent to attacker controlled domains to mitigate risks. Experts recommend checking HTML widgets for malicious scripts, applying security updates, and using firewalls and two factor authentication. The Banshee macOS Infostealer has been updated to target systems using the Russian language, according to Check Point. Initially launched in 2024 and sold for $3,000 a month, the malware collects data such as passwords, browser information, and cryptocurrency wallets. After its source code leaked In November of 2024, antivirus detection improved, but concerns grew over new variants. Recent updates removed restrictions on targeting Russian systems and Banshee is still spread via phishing websites and fake GitHub repositories, likely by former customers or new actors. California's Baymark Health Services reported a data breach affecting patients personal information, including names, Social Security numbers, insurance details and treatment information. The breach, linked to a cyberattack between September 24 and October 14, 2024, was discovered on October 11. Baymark Secured Systems launched an investigation with forensic experts and notified law enforcement. Impacted individuals received formal notifications and one year of free credit monitoring. Baymark says they've since enhanced their security measures to prevent future incidents. Florida based USR holdings has paid a $337,000 HIPAA settlement following a 2018 breach exposing the personal information of nearly 3,000 patients. The breach occurred after a firewall misconfiguration allowed unauthorized access, resulting in data deletion. HHS found multiple HIPAA violations, including insufficient risk analysis and backup procedures. USR agreed to implement a corrective action plan and will be monitored for compliance. Experts emphasize robust data backup, disaster recovery plans and proactive monitoring to prevent similar incidents. This marks HHS's largest HIPAA find in 2025 so far. Samsung Mobile has released its January 2025 security maintenance release addressing critical vulnerabilities in Android and Samsung devices. The update resolves five high priority common vulnerabilities and exposures that could allow execute arbitrary code, risking sensitive data and device control. It also includes 22 Samsung specific patches. Samsung urges users to update promptly for improved safety, device performance and longevity. Proton experienced a major worldwide outage yesterday, disrupting services like ProtonMail, Calendar, VPN Drive Pass and Wallet due to network issues. The outage began at 10am Eastern time, leaving many users unable to access their accounts. Just after 12:30pm ProtonMail was restored with all services back online right around 1:30pm ProtoN apologized for the disruption and continues to investigate the issue. Users initially reported error messages when attempting to access affected services during the outage. Malwarebytes uncovered a cyber attack dubbed the ZQXQ campaign, targeting GroupGreeting.com, a popular e card site used by major enterprises like Airbnb and Coca Cola. Exploiting seasonal traffic spikes, attackers injected obfuscated JavaScript to redirect users to phishing sites or malware. The campaign shares traits with the ndsw, NDSX and TDS Parrot malware known for large scale infections and traffic distribution system tactics. Over 2,800 websites have been affected. Group greeting quickly resolved the breach. Adam Gaudiak, CEO of Ag Security Research, has exposed vulnerabilities in Microsoft's PlayReady DRM technology enabling unauthorized access to streaming content keys. His research highlights flaws in Microsoft's Protected Media Path and Warbird compiler, raising concerns about unauthorized downloads from services like Netflix and HBO Max. While Microsoft initially dismissed the findings as implementation issues, Gaudiak advocated for compensation outside the bug bounty program, citing extensive effort and intellectual property concerns. When no agreement was reached, Gaudiak provided technical details to Microsoft in November of last year without seeking payment later, disclosing limited public details to raise awareness. Critics argue this case underscores flaws in bug bounty programs and responsible disclosure practices. Casey Ellis of bugcrowd stressed the need for standardized terms and coordinated disclosure, warning against tactics resembling extortion. The incident highlights ongoing challenges in balancing researcher incentives, corporate responses, and public accountability. Elsewhere, Facebook awarded a $100,000 bug bounty to researcher Ben Sadaginpour for discovering a critical vulnerability in its ad platform. The flaw, linked to an unpatched Chrome bug, allowed Sadegunpour to execute commands on Facebook's internal server, granting extensive access to its infrastructure. Working with Alex Chapman, he reported the issue in October of last year, prompting Meta to address it within an hour. Coming up after the break, Chris Hare interviews our Guest Casey Marks, ISC2's chief qualifications officer, about the future of certifications and that's a feature, not a hack. Stay with us.
[13:12]
KnowBe4 Sponsor
And now a word from our sponsor, Know before. It's all connected, and we're not talking conspiracy theories when it comes to infosec tools, effective integrations can make or break your security stack. The same should be true for security awareness training. KnowBeFor, provider of the world's largest library of security awareness training, provides a way to integrate your existing security stack tools to help you strengthen your organization's security culture. KnowBeFor's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike and Cisco 35. Vendor integrations and Counting Security Coach analyzes your Security Stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint, identity, or web security vendors. Then coach your users at the moment the risky behavior occurs with contextual security tips delivered via Microsoft Teams, Slack or email. Learn more@knowbe4.com SecurityCoach that's knowbe4.com SecurityCoach and we thank knowbe4 for sponsoring our show.
[14:46]
Dave Bittner
Do you know the status of your compliance controls right now? Like right now we know that real Time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off. Chris Hare is host of our recurring Certbyte segments and today she sits down with Casey Marks, ISC2's chief qualifications officer, to discuss the future of certifications.
[16:08]
Casey Marks
So, I love your title, by the way, Chief Qualifications Officer. Can you tell me a little bit about your role?
[16:14]
Chris Hare
So, in my role at ISD2, what I'm responsible for is the maintenance and the development of our certification portfolio, our certification schemes, the examinations, the prerequisites, the CPE requirements. In addition to that, some of the foundational elements at ISC2 with regard to our definition of practice through our certified bodies of knowledge, and then of course, how we engage in practice and through our code of professional conduct and so our ethical canons. So all of the elements that require a member to be able to demonstrate their knowledge, skills and ability kind of roll up into the qualifications area.
[16:52]
Casey Marks
Great. And you also have a background as a psychometrician, which involves test design and analysis, correct?
[16:58]
Chris Hare
That is correct, yes. I am not a psychologist and I don't prescribe to drugs or conduct therapy. But what I do is crunch a lot of numbers and I've been doing it for almost 30 years and across a number of different disciplines, including nursing and language testing and what have you. And so psychometricians are slightly a rare breed, but what we do is we ensure that exams are fair, reliable and valid, which really means that every candidate who takes an exam has an equal opportunity to pass the exam, does what it's supposed to do and we can prove it, and it does it repeatedly. And so that's exactly what a candidate expects 10 years ago and 10 years hence. And so we just keep doing that to ensure that we have fairness for all, for all who participate.
[17:43]
Casey Marks
So what are you seeing in terms of trends and shifts in certification growth?
[17:49]
Chris Hare
Right now we're seeing a tremendous amount of uptake. We're Seeing a lot of interest across the spectrum, whether it be in industry, academia or from a government perspective. And I would say that in particular governmental interest with regard to professional qualifications is growing quite rapidly within the cyberspace. And so traditionally security issues around cyber has been thought of more. More from, from an industry standpoint is a product issue and certainly privacy issues around that. But the, the actual qualifications and standards for individuals who engage in security activities within cyber has become growing, has become important, growing in, in a number of different areas. Not just with here within the United States with things like 8140 at the DOD, but in the European Union, attestation schemes for, for certified professionals, licensure schemes in the United Kingdom and a burgeoning interest with regard to professional qualifications and professionalization in Singapore. And so you're seeing a very global shift towards ensuring that the people who apply this trade have demonstrated their qualifications in a robust and valid way.
[19:05]
Casey Marks
Are there any specific ISE2 SERPs that you see a particular uptick in currently?
[19:11]
Chris Hare
Yeah, so I think everyone, and everyone and anyone who knows about ISD2 certainly knows about CISSP, which is as strong as ever, continues to grow and you know, day by day continues to become the defining gold standard for the cybersecurity professional. But we have a couple other certs that certainly have been growing in popularity and probably the most notable over the last few years has been our ccsp which is our cloud certification. Cloud obviously has been important, continues to be important and will continue to be important as the demand grows. We have our new certified in cybersecurity and CC certification which has just exploded on the scene and so that needs to grow. But across the entire portfolio we're seeing a tremendous amount of interest in growth and we don't see signs of that slowing down anytime soon.
[20:01]
Casey Marks
So you don't see any signs of it slowing down. Does that mean it's going to stay pretty steady throughout 2025?
[20:09]
Chris Hare
We expect that it will. You know, ISC2 does a number of research studies, including our annual workforce study, which is, you know, a survey of professionals in the field and assessing their opinions with regard to readiness and availability and the ability for their workplace to be able to respond. And there's definitely an interest and an express preference among professionals that they need help, they need more people, they need more people, their teams need to be bigger, they need more tooling, they need more resources. The threats don't slow down, they only increase. Today's world, with ever increasing mechanization and in automation, whether it be through AI or Otherwise is only increasing the amount of activity that professionals have to deal with. And so there's definitely an expressed preference and expressed understanding that we need more people. And so more people. We can't just throw anybody at this problem. Cyber is an identified profession. We need certified people and we need good people who have already demonstrated that they know how to do the job before they get there.
[21:17]
Casey Marks
Then your ISC2 team has also undertaken a BHAG with your 1 million certified in cybersecurity program that you mentioned with the free certification in Cybersecurity or cc, which I'm happy to say I am a holder. How did that goal come about and how is it coming along?
[21:32]
Chris Hare
Yeah, the CC has been a tremendous, maybe one of the most significant things that this ISC2 has done in a number of years. So we identified a pretty significant problem in the field. And that was, so how do you get a job without experience? How do you get an experience without a job? Classic conundrum. What we did is we developed an entry level certification. It's a real professional certification that allows individuals who are starting off the novice practitioner to be able to demonstrate to a third party their seriousness with their pursuit of the profession. And so the certification, we have a program around it, the 1 million cc program that allows people to get free education and a free examination voucher to become professionally certified. And so what we're trying to do is provide that base that the future generation of cyber professionals and giving a good starting off point.
[22:30]
Casey Marks
And so Kasey, you mentioned continuing professional education credits. So what are some of the best ways you recommend members can earn CPEs?
[22:39]
Chris Hare
Excellent. Yes, thank you. So CPE being a core requirement of all of our certification schemes, Every single member at ISE2 that holds one of our certifications is required to be able to do this. Like many certification programs and in the best ways. Oh boy. I mean, the good news is, yes, there's a lot of CPEs required. Yes, it's an annual requirement. Yes, it's on your three year cycle. However, the amount of opportunities are tremendous. You can take courses, you can take certifications, you can take training at ISE2 alone. There are events to be able to attend, there are webinars, there are volunteer opportunities of which there are many and don't have time to go into all of them today. But I can tell you, for the certified member, you have a right and I would hope a responsibility to give back. And as I said before, in terms of developing these certifications, we need experts, we need subject matter experts of all types, please consider giving back. You get CPE credits for that. We also have a couple of initiatives I can talk about at a very high level. We are right now endeavoring in an activity in terms of taking our individual certification bodies of knowledge and creating a unified body of knowledge which requires expertise from the field of the volunteer opportunities are available there and we are engaging on a review of a code of professional conduct. And so we have a call for experts and volunteers in the field again for which you get volunteer credits and CPEs. And I'd say lastly is if I was to promote a little bit at ISC2, ISC2 does have a charitable arm. Our center for Cyber Safety and Security also has a number of different volunteer opportunities which are always a really good way to give back CPEs. At ISC2 we have a couple different schedules of CPEs. So I would suggest that anyone who is interested in these opportunities take a look at the handbook that's available on the website@isc2.org and you can see a multitude of opportunities and a super number of freely available CPE opportunities. So there's a lot to go after.
[24:47]
Casey Marks
That's great. Well, I have to promote my I have a segment called certbite that I host and what I do is I break down a single practice test question from our basic certification offerings and ISE2 is featured in some of our upcoming episodes in January. So I look forward to hearing what you think of them when they come out.
[25:07]
Chris Hare
Excellent. So on the website right now.
[25:09]
Casey Marks
Oh, okay, great. Thank you for sharing that and thanks so much for taking the time with us today. Casey. I hope you come back.
[25:14]
Chris Hare
Yes, thank you. I appreciate your time.
[25:17]
Dave Bittner
That's N2K's Chris Hare speaking with Casey Marks from Istanbul C2.
[25:36]
KnowBe4 Sponsor
And now a message from our sponsor, Zscaler. The leader in cloud security. Enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security. Zscaler Zero Trust plus AI stops attackers by hiding your attack surface making apps and IPs invisible eliminating lateral movement Connecting users only to specific apps, not the entire network Continuously verifying every request based on identity and context Simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions. Hackers can't attack what they can't see. Protect your organization with Zscaler, Zero Trust and AI. Learn more@Zscaler.com Security.
[26:56]
Dave Bittner
And finally, the Register describes Mac, a developer for a SASE business management suite catering to non English speaking European markets. One uneventful Wednesday Mac's day took a twist when a user reported the app mysteriously displaying English, a language the app didn't even support. Cue the panic. Logs and deployment history were combed for signs of sabotage. Had the app been kidnapped by rogue translators? After much sleuthing, the culprit emerged Chrome's overly helpful Translate to English feature accidentally triggered by the user. The fix explaining how to disable the translation. The takeaway Helpful features can cause chaos too. Mac and his team chuckled and sighed as they filed this one under Crisis Averted. Glad it wasn't a hack, just Chrome being a bit too helpful. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing@thecyberwire.com be sure to check out this weekend's Research Saturday and my conversation with Kyla Cardona and Aurora Johnson from Spy Cloud. We're discussing their research. China's surveillance state is selling citizen data as a side hustle. That's Research Saturday. Check it out. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com this episode was produced by Liz Stokes. Our mixer is Trey Hester, with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Our executive editor is Brandon Karp. Simone Petrella is our president, Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here next week.