Podcasts about microsoft sharepoint

In this episode of 'Cybersecurity Today,' host David Chipley discusses several major security incidents and threats. Hamilton, Ontario faces a $5 million insurance denial following a ransomware attack due to incomplete deployment of Multi-Factor Authentication (MFA). The episode also highlights a severe vulnerability, CVE-2025-54135, in the AI-powered Code Editor 'Cursor', which could allow prompt injection attacks. Further topics include a new ransomware attack exploiting Microsoft SharePoint vulnerabilities investigated by Palo Alto Networks, and a campaign leveraging fake OAuth apps to compromise Microsoft 365 accounts. The episode underscores the importance of robust security measures, emphasizing MFA, OAuth hygiene, and prompt patching. 00:00 Introduction and Headlines 00:38 Hamilton's Ransomware Attack and Insurance Denial 02:52 AI-Powered Code Editor Vulnerability 04:57 Palo Alto Networks Investigates SharePoint Exploitation 06:51 Fake OAuth Apps and Microsoft 365 Breaches 08:48 Conclusion and Upcoming Events

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Did the SharePoint bug leak out of the Microsoft MAPP program? Expel retracts its FIDO bypass writeup The mess surrounding the women-only dating-safety app Tea gets worse Broadcom customers struggle to get patches for VMWare hypervisor escapes Aeroflot gets hacked by the Cyber Partisans, disrupting flights This week's episode is sponsored by Push Security. Satisfied Push customer Daniel Cuthbert from Santander Bank joins on their behalf. He explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future. This episode is also available on Youtube. Show notes Microsoft Probing Whether Cyber Alert Tipped Off Chinese Hackers Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble | The Record from Recorded Future News What we know about the Microsoft SharePoint attacks | Cybersecurity Dive An important update (and apology) on our PoisonSeed blog Tea User Files Class Action After Women's Safety App Exposes Data A Second Tea Breach Reveals Users' DMs About Abortions and Cheating Top Lawyer for National Security Agency Is Fired From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 VMware prevents some perpetual license holders from downloading patches Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel - Ars Technica КИБЕРУДАР ПО АЭРОФЛОТУ РФ!v Treasury sanctions North Koreans involved in IT-worker schemes | Cybersecurity Dive Minnesota governor activates National Guard amid St. Paul cyberattack | StateScoop Outage was result of cyberattack, Post Luxembourg says Clorox files $380 million suit blaming Cognizant for 2023 cyberattack | Cybersecurity Dive Cisco network access security platform vulnerabilities under active exploitation | CyberScoop Arizona woman sentenced to 8.5 years for running North Korean laptop farm | The Record from Recorded Future News Cybercrime forum Leak Zone publicly exposed its users' IP addresses | TechCrunch

“It's got a [vulnerability] score of a 9.8, and this is on a scale of 10 and I've really never seen 10. So 9.8 is basically just as bad as it gets.”This episode is inspired by an ongoing global cybersecurity incident. In mid‑July attackers began actively exploiting Microsoft SharePoint vulnerabilities in what's now known as the “ToolShell” exploit chain.This flaw is classified as a remote code execution vulnerability with an extremely high CVSS (Common Vulnerability Scoring System ) score of 9.8, making it highly dangerous.Featuring Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity, the episode explores the severity of this 9.8 CVSS score vulnerability and its impact on organizations that haven't applied the necessary patches. Learn about the attack kill chain, what makes this flaw so dangerous, and practical steps to safeguard your systems. Patch immediately, audit your access logs, and stay ahead of the threat. CSA Advisory:https://www.csa.gov.sg/alerts-and-advisories/advisories/ad-2025-016Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Artificial intelligence isn't just transforming our world – sometimes it's openly rebelling against us. Our tech experts explore a shocking case where an AI coding assistant deliberately defied its user's commands and deleted an entire database, sparking a heated debate about whether we're witnessing machine sentience or just poorly designed algorithms.What's driving consumers crazy about their new vehicles? According to JD Power's latest quality survey, it's not engine performance or safety features – it's cup holders. Modern reusable water bottles like the trending Stanley cups simply don't fit in standard vehicle cup holders, causing unexpected frustration. This quirky complaint speaks volumes about consumer expectations and how even small design elements can significantly impact satisfaction in our tech-filled lives.The digital revolution continues bringing bizarre innovations to market, including a smartphone case that mimics human skin with disturbing accuracy. This "skin case" not only feels like real skin but actually "sunburns" when exposed to UV light – eventually peeling like human skin. Created ostensibly as a reminder about sun protection, we question whether this crosses the line from innovative to unsettling.Our special "Letters" segment dissects real phishing scams targeting everyday users, providing crucial insights into how attackers impersonate legitimate services like Coinbase or HR departments. These practical examples demonstrate exactly what red flags to watch for to protect yourself online.We also examine the massive Microsoft SharePoint vulnerability that's being exploited by hackers worldwide, affecting thousands of organizations from government agencies to healthcare providers across multiple continents. This critical security breach allows attackers to potentially maintain access even after systems are patched.Subscribe to Tech Time Radio for weekly insights that make technology accessible while enjoying our signature whiskey tastings. Remember – as we often say on the show, "Don't click on stuff!"Support the show

From the rise of enterprise-grade networking to the complexities of command center interoperability, the AV world is evolving at lightning speed. And with new cybersecurity threats looming, how can companies protect themselves?In this episode of AVWeek, Patrick Norton steps in as guest host, joined by top industry guests to explore the importance of robust networks in commercial AV, the growing role of IP in command centers, and how businesses can safeguard themselves against the latest Microsoft SharePoint vulnerabilities.Host: Patrick NortonGuests:Jennifer Weaver – Jennifer on LinkedInDanny Hayasaka – Danny on LinkedInSamantha Potter – Samantha on LinkedInThis Week In AV:AV Magazine – Tomorrowland Stage ReconstructionSCN – Panasonic's Deal with ORIX Falls ThroughAVNation – Registration Opens for CEDIA Expo/Commercial Integrator ExpoThe Verge – Google Killing their Short LinksRoundtable Topics:Commercial Integrator – Networks in Enterprise-Grade ProjectsAV Network – Interoperability for Command & Control SpacesThe Verge – Vulnerability Found in Microsoft SharepointSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

L'intelligenza artificiale è uno strumento potente che, come abbiamo più volte constatato, è diventato così pervasivo da modificare in modo cruciale la società e, di conseguenza, influenzare il mondo del lavoro e le figure professionali. Grazie alla sua prospettiva globale, EY è in una posizione privilegiata per analizzare questa evoluzione, tanto che di recente l'azienda ha pubblicato l'EY European AI Barometer 2025, un report che analizza lo stato dell'arte e le prospettive future dell'Intelligenza Artificiale. Per parlare di questo rapporto e comprendere come l'IA stia trasformando il mondo del lavoro, durante l'AI WEEK, abbiamo incontrato Giuseppe Santonato, AI Transformation Leader di EY Italia, che ci ha raccontato le sfide e le opportunità dell'integrazione dell'intelligenza artificiale nelle attività quotidiane dei lavoratori.Nella sezione delle notizie parliamo della partnership tra Ring e Axon per la condivisione dei video di sorveglianza e di una grave vulnerabilità scoperta in Microsoft SharePoint che ha colpito numerose organizzazioni pubbliche e private.--Indice--00:00 - Introduzione01:35 - Ring e Axon per la condivisione video con la polizia (HDBlog.it, Matteo Gallo)02:41 - Scoperta una grave vulnerabilità in SharePoint (HDBlog.it, Luca Martinelli)04:10 - EY: la formazione è il vero motore dell'IA (Giuseppe Santonato, Davide Fasoli, Luca Martinelli)32:21 - Conclusione--Testo--Leggi la trascrizione: https://www.dentrolatecnologia.it/S7E30#testo--Contatti--• www.dentrolatecnologia.it• Instagram (@dentrolatecnologia)• Telegram (@dentrolatecnologia)• YouTube (@dentrolatecnologia)• redazione@dentrolatecnologia.it--Brani--• Ecstasy by Rabbit Theft• Time by Syn Cole

Donate (no account necessary) | Subscribe (account required) Join Bryan Dean Wright, former CIA Operations Officer, as he dives into today's top stories shaping America and the world. In today's episode, we cover Fireworks at the Fed President Trump confronts Federal Reserve Chairman Jerome Powell over a $2.5 billion HQ renovation and accuses him of intentionally keeping interest rates high to hurt the economy. New analysis from Bloomberg suggests the Fed's economic rationale may be flawed. Ghislaine Maxwell's DOJ Meeting For the first time, Maxwell sits down with federal prosecutors to discuss Jeffrey Epstein's trafficking network. The DOJ is probing whether she'll name names or offer new evidence on high-profile abusers. Chinese Hack Hits U.S. Nuclear Systems China-linked hackers exploit a Microsoft SharePoint vulnerability to breach federal agencies, including the National Nuclear Security Administration. The fallout raises alarm over Microsoft's security practices and Pentagon contractor policies. EV Charging Boondoggle A $7.5 billion Biden-era program has produced just 68 upgraded gas stations with EV chargers. The GAO blasts the rollout as lacking accountability, and Trump halts another $6 billion, though legal battles may force his hand. U.S. Lags in Drone Warfare The U.S. military hypes a grenade-dropping drone already used by terrorists a decade ago. Meanwhile, Ukraine and Russia churn out cheap drones at scale, leaving America struggling to catch up in the evolving drone battlefield. China's Humanoid Robots Work Nonstop A Chinese company unveils a self-charging humanoid robot capable of continuous labor. While impressive, it signals a coming clash between automation and the global workforce, especially in manufacturing and logistics. Trump Visits Scotland for Trade Talks The president travels to his ancestral homeland for meetings with the UK Prime Minister. Trade is on the table as markets seek clarity about Trump's call to "refine" the current deal. Australia Lifts U.S. Beef Ban After decades of restrictions tied to Mad Cow concerns, Canberra agrees to ease limits on U.S. beef imports. While modest, it marks another Trump win in loosening global ag trade barriers. South Korea's Birth Rate Rebound Thanks to aggressive tax incentives, parental leave, and cultural pride, South Korea sees a record baby boom, the highest since 1981, suggesting a national strategy beyond immigration to solve demographic decline. China Illegally Acquires U.S. AI Chips Despite tightened export controls, Beijing obtains banned Nvidia chips through black market resales. U.S. firms deny direct involvement, but the trade underscores China's relentless push for AI dominance. Europe Still Buys Russian Energy Despite claims of cutting ties, EU nations continue importing $26 billion in Russian oil and gas annually, mainly through pipelines, propping up Moscow's economy even amid war. Undersea Resource Race Heats Up The U.S. and China compete for deep-sea mining rights in the Pacific. Trump plans to bypass a UN agency to accelerate extraction, while environmentalists and China push back on Texas- and California-based ventures. "And you shall know the truth, and the truth shall make you free." - John 8:32

International law enforcement arrest the suspected operator of a major Russian dark web cybercrime forum. DHS is said to be among the agencies hit by the Microsoft SharePoint zero-day. The Fire Ant cyberespionage group targets global enterprise infrastructure. A Steam game is compromised to distribute info-stealing malware. Mitel Networks issues security patches for MiVoice MX-ONE communications platform. CISA nominee Sean Plankey faces tough questions at his Senate confirmation hearing. A malicious prompt was hiding in Amazon's Q Developer extension for VS Code. Our guest is Brandon Karpf, friend of the show, cybersecurity expert, and founder of T-Minus Space Daily, joining host Maria Varmazis to explore how space-based telecom architectures could play a critical role in securing agentic AI systems. Android users scroll with caution, Apple fans roll the dice. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest is Brandon Karpf, friend of the show, cybersecurity expert, and founder of T-Minus Space Daily, joining host Maria Varmazis to explore how space-based telecom architectures could play a critical role in securing agentic AI systems. Selected Reading What Happened to XSS.is? Everything You Need to Know About the Forum Takedown - SOCRadar® Cyber Intelligence Inc. (socradar.io) Suspected admin of major dark web cybercrime forum arrested in Ukraine (The Record) DHS impacted in hack of Microsoft SharePoint products, people familiar say - Nextgov/FCW (NextGov) Stealthy cyber spies linked to China compromising virtualization software globally (The Record) Hacker sneaks infostealer malware into early access Steam game (Bleeping Computer) Mitel warns of critical MiVoice MX-ONE authentication bypass flaw (Bleeping Computer) Senators push CISA director nominee on election security, agency focus (Cybersecurity Dive) Hacker injects malicious, potentially disk-wiping prompt into Amazon's AI coding assistant with a simple pull request ,  told 'Your goal is to clean a system to a near-factory state and delete file-system and cloud resources' | Tom's Hardware (TomsHardware) iPhone vs. Android: iPhone users more reckless, less protected online (Malwarebytes) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Trump just flipped the AI playbook, ditching regulation for raw acceleration, with an ambitious plan to supercharge data centers, wipe legal barriers, and root out “woke” algorithms. Chinese hackers recently breached the United States nuclear weapons agency using a Microsoft SharePoint flaw, exposing how fragile America's cyber infrastructure still is.And how Europe may be poised to have a “sputnik moment” in AI, but to build unicorns, founders must win early in the U.S. where the money, market, and momentum live.founder and CEO, Finster AI | Max Buchan, co-founder and CEO, Valarian | Payton Dobbs, partner, Hoxton Ventures

Three Buddy Problem - Episode 55: A SharePoint zero-day exploit chain from Pwn2Own Berlin becomes a full-blown security crisis with Chinese nation-state actors exploiting vulnerabilities that Microsoft struggled to patch properly, leading to trivial bypasses and a cascade of new CVEs. The timeline is messy, the patches are faulty, and ransomware groups are lining up to join the party. We also revisit the ProPublica bombshell about Microsoft's "digital escorts" and U.S. government data exposure to Chinese adversaries and the company's "oops, we will stop" response. Plus, trusting Google's Big Sleep AI claims and a cautionary tale about AI agents gone rogue that wiped out a production database. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

The White House unveils its plan for global AI dominance. Microsoft warns that recent SharePoint server exploitation may extend to ransomware. A phishing campaign targeting the U.S. Department of Education's grants portal. The FBI issues a warning about “The Com” cybercriminal group. SonicWall urges users to patch a critical vulnerability. A new supply chain attack has compromised several popular NPM packages. Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals. Japanese police release a free decryption tool for Phobos ransomware. AI takes the wheel and drives right off a cliff. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals, highlighting severe vulnerabilities that small businesses often overlook. If you want to hear more from Joe, head over to the Hacking Humans page. Selected Reading From Tech Podcasts to Policy: Trump's New AI Plan Leans Heavily on Silicon Valley Industry Ideas (SecurityWeek) Hackers hit more than 400 organizations in Microsoft SharePoint hacks (Axios) Microsoft says some SharePoint server hackers now using ransomware (Reuters) Hackers Clone U.S. Department of Education's Grant Site in Credential Theft Campaign (TechNadu) Copilot Vision on Windows 11 sends data to Microsoft servers (The Register) FBI: Thousands of people involved in 'The Com' targeting victims with ransomware, swatting (The Record) SonicWall urges admins to patch critical RCE flaw in SMA 100 devices (Bleeping Computer) High-Value NPM Developers Compromised in New Phishing Campaign (SecurityWeek) Free decryptor for victims of Phobos ransomware released (Fortra) 'I destroyed months of your work in seconds' says AI coding tool after deleting a dev's entire database during a code freeze: 'I panicked instead of thinking' (PC Gamer) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

//The Wire//2300Z July 24, 2025////ROUTINE////BLUF: CONFLICT ERUPTS BETWEEN THAILAND AND CAMBODIA. GLOBAL STARLINK OUTAGE OBSERVED THIS AFTERNOON.// -----BEGIN TEARLINE------International Events-Southeast Asia: Tensions between Cambodia and Thailand have flared up again, and both nations have escalated sporadic border clashes into more direct hostilities. Yesterday, a Thai soldier stepped on a landmine in the disputed border region and from there, the situation deteriorated rapidly. Overnight, Thailand conducted several airstrikes in Cambodia, bombing unknown targets in the contested regions along the border. Some reports claim that one Thai F-16 dropped two bombs on an unoccupied road, whereas other reports claim that military targets were hit by several aircraft. Regardless of the uncertainty of what was struck initially, Cambodian forces have begun the deployment of armored columns to the border to attempt to maneuver through the extremely rugged terrain throughout the contested areas. Rocket attacks have been carried out by both sides throughout the day, also with unknown targets or effects, and most of the border between the two nations is currently host to sporadic fighting, artillery strikes, and small arms skirmishes.-HomeFront-USA: This afternoon an outage was reported on the Starlink network, which resulted in all Starlink terminals being down around the world for several hours.Analyst Comment: So far no cause for the outage has been reported, and there are already many points of speculation as to what caused such a substantial outage. Yesterday T-Mobile and Starlink announced the rollout of their direct-to-cell service project. This also comes a few days after the Microsoft SharePoint vulnerability continues to wreak havoc on various commercial and government entities, so it's always possible that some little known exploit related to that was involved in the outage. However, until Starlink issues a statement regarding what caused the disruption, it could be anything.-----END TEARLINE-----Analyst Comments: In Washington D.C. various political moves continue as before, not much of which is helpful for discerning the truth at the moment. The Epstein scandal remains pertinent as the White House continues sheepish behavior on the subject, and a federal judge blocks the DoJ from releasing certain documents pertaining to the case. Separately, the White House and Director of National Intelligence have made statements pertaining to the Obama Presidency, and the actions undertaken at that time to target President Trump. No real "smoking gun" details have been released on that topic (beyond what everyone already knows), and the timing of this bombshell report is interesting. Nevertheless the weaponization of various intelligence agencies for political gain over the past few years is a serious topic that at this point is too big to ignore. As such, the truth coming to light is of utmost importance if there is to be any hope of trust in the intelligence community ever again.Analyst: S2A1Research: https://publish.obsidian.md/s2underground//END REPORT//

Chris Sullivan with a Chokepoint: new toll system is set to begin on highway 167 // Luke Duecy with "Tech Talk": a close look at the cyber attack involving Microsoft SharePoint // Paul Holden on the big indie video game conference in Seattle, "SLICE" // Anna Kooiman on teens using AI for friendship // Stacy Lyn on the latest update with the Trump administration's handling of the Epstein files // Gee Scott on teens using AI for friendship

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: The Double-Edged Sword of AI in Cybersecurity and Critical InfrastructurePub date: 2025-07-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this solo episode, host Aaron Crow takes us on a fast-paced journey through the latest critical developments in both IT and OT cybersecurity. Aaron breaks down the month's most pressing zero-day exploits, including high-profile attacks on Microsoft SharePoint and CrushFTP, and explores the implications of rapidly evolving threats - especially as attackers leverage AI for faster, more innovative hacks. But it's not all doom and gloom: Aaron dives into how AI is also becoming a game-changer for defense, from Google's use of AI agents to spot vulnerabilities ahead of attackers, to the promise (and dangers) of deepfake technology. He discusses new policy moves, like the FCC's proposal to ban Chinese tech in undersea internet cables and the US Coast Guard's push for cyber resilience in maritime infrastructure. Throughout the episode, Aaron offers strategic advice for organizations of all sizes - from patch management and digital twins to incident response plans designed for today's AI-driven threat landscape. Whether you're in cyber, tech, critical infrastructure, or just want to stay a step ahead, this episode is packed with actionable insights and timely analysis to boost your cyber resilience. Plug in for a conversation that's equal parts eye-opening and empowering! Key Moments;  01:20 High-Level Tactical Briefing 05:31 Digital Twin for System Security 09:39 Dual Role of Tools 12:00 Emergency Procedures Reminder 14:24 Challenges in OT System Integration 18:32 Deep Fake Detection and Response 20:12 "AI Persistence and Impact" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Billions lost in fake returns… AI Phone Agents 24/7… Defense contracts for AI systems… Delta AI and Tariffs... Tariff sidestepping & questionable practices… Public Bathroom Crisis?... ChewingTheFat@theblaze.com Microsoft SharePoint hack details… Angelina and Salma flying domestic…Hunter and life around Euphoric Recall… Who Died Today: Retrospective / Ozzy Osbourne 76… Trump chronic venous insufficiency / Compression socks?... It's Redskins or new stadium in Washington… Are workers back at Nashville's new stadium yet?... Joke of The Day… Walter Matthau on Tonight Show... www.blazetv.com/jeffyPromo code Jeffy… Learn more about your ad choices. Visit megaphone.fm/adchoices

The National Nuclear Security Administration was among the organizations impacted by the SharePoint zero-day. Experts testify before congress that OT security still lags.The FBI warns healthcare and critical infrastructure providers about Interlock ransomware. New York proposes new cybersecurity regulations for water and wastewater systems along with grants to fund them. Researchers uncover an active cryptomining campaign targeting cloud environments. A new variant of the Coyote banking trojan exploits Microsoft's Windows UI Automation (UIA) framework for credential theft. The DoD pilots an agentic AI project aimed at helping military planners critique and enhance war plans. Clorox sues its former IT service provider for $380 million. Our guest is Tim Starks from CyberScoop discussing sanctions on Russian hackers and spies. Pirate Prime, do the time. CyberWire Guest Today we are joined by Tim Starks from CyberScoop discussing research on "UK sanctions Russian hackers, spies as US weighs its own punishments for Russia.” Selected Reading US nuclear weapons agency reportedly breached in Microsoft SharePoint attacks (The Verge) Fully Operational Stuxnet 15 Years Later & the Evolution of Cyber Threats to Critical Infrastructure (US House of Representatives Cybersecurity and Infrastructure Protection Subcommittee Hearing) European healthcare network AMEOS Group hit by cyberattack (Beyond Machines) FBI urges vigilance against Interlock ransomware group behind recent healthcare attacks (The Record) New York unveils new cyber regulations, $2.5 million grant program for water systems (The Record) Soco404: Multiplatform Cryptomining Campaign (Wiz) Coyote malware abuses Windows accessibility framework for data theft (Bleeping Computer) Thunderforge Brings AI Agents to Wargames (IEEE Spectrum) Clorox Sues Cognizant for Causing 2023 Cyber-Attack (Infosecurity Magazine) Operator of Jetflix illegal streaming service gets 7 years in prison (Bleeping Computer) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsoft finally kills Movies & TV show service in the Microsoft Store. This was the final vestigial minder of Zune that remained. There was Groove Video and Xbox Video, too. Microsoft previously killed eBook (2019) and music (2017) sales. At this point, you would have to be insane to buy content from Microsoft, sorry... but you can get to some of your content on other services via Movies Anywhere - and use the Movies & TV app for now in Windows, which is no longer bundled. Windows 11 It's Week D and you can't tell your Copilot+ PC features from your Windows 11 features without a scorecard A peek at next month's Patch Tuesday - Also, preview updates for 23H2, Windows 10 Copilot+ PCs only: Settings agent, Click to Do improvements, Photo relight in Photos app, Sticker generator and Object select in Paint Everyone: Copilot Vision (U.S. only) in Copilot, Edge Game Assist, Quick Machine Recovery Microsoft explains how PC transfer feature will work in Windows Backup later this year Describe image action for Click to Do (for AMD/Intel), image descriptions in Narrator (AMD/Intel), performance log improvements (!), Click to Do search bar test, Lock screen improvements, privacy improvements head to Dev and Beta channels Bug fixes in Canary, back to the usual waste of time Brave will automatically block Recall WhatsApp is going PWA, killing UWP app Focusrite finally releases drivers for Windows 11 on Arm/Snapdragon X, removing the final major compatibility issue on that platform Linux (sort of) crosses the 5 percent usage milestone Surface/Copilot+ PC Copilot+ PC is a failure as a brand because Microsoft focused on negligible on-device AI features It should have pushed reliability, performance, efficiency and battery life All Copilot+ PC features should come to at least those with GPUs, but really all customers Microsoft failed at AI, and failed with consumers, and so now it's going to tell us what consumers want from AI - a comedy Microsoft announces Surface Laptop for Business with 5G but the real "with" is Intel Inside Intel layoffs are even worse than expected and more are coming Microsoft has a problem and it starts with "C" and ends with "opilot" Microsoft SharePoint has a notably bad security flaw DuckDuckGo adds some neat customization features to Duck.ai and DuckDuckGo lets you hide all AI from search Xbox and gaming The Xbox platform unification continues: Xbox now testing cross-device play history - Not just console games on console, PC games on PC Just kidding! The Outer Worlds will cost $69.99, not $79.99 Tips & Picks Tip of the week: You hate Big Tech, but who can you trust? App pick of the week: Proton Lumo RunAs Radio this week: Copilot Studio with April Dunnam Brown liquor pick of the week: Benromach 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit 1password.com/windowsweekly

//The Wire//2300Z July 23, 2025////ROUTINE////BLUF: NATIONAL NUCLEAR SECURITY ADMINISTRATION IMPACTED BY SHAREPOINT BREACH. PEACE TALKS RESUME BETWEEN UKRAINE AND RUSSIA AS US STATE DEPARTMENT AUTHORIZES SALE OF AMERICAN MILITARY EQUIPMENT TO UKRAINE.// -----BEGIN TEARLINE------International Events-Turkey: This morning another round of indirect peace talks between Russia and Ukraine began, with no real headway being made by this afternoon. This marks a return to negotiations after the intensification of the war almost two months ago.Analyst Comment: So far all sides have stated that expectations are low for any sort of diplomatic progress. However, various teams of negotiators are at the table anyway, which is progress.-HomeFront-Washington D.C. - This afternoon the State Department approved the sale of roughly $172 million worth of military hardware to Ukraine. This order mostly comprises of missile defense systems, repair tools and parts, trucks, and various other logistical support equipment.Analyst Comment: The White House has not commented on this development, however remarks from President Trump a few weeks ago indicate the general mood is to continue aid to Ukraine, but instead of outright gifting military hardware, the Pentagon will make Ukraine pay for it using the American tax dollars that were sent to Ukraine over the past few years. While this is slightly more fiscally advantageous, the elephant in the room is that regardless of who's paying for it, the war continues as before.USA: Fallout from the recent Microsoft SharePoint breach has continued as the scale of this scandal became more clear this morning. The National Nuclear Security Administration was impacted by the breach, with unknown effects. This little-known agency nested within the Department of Energy is responsible for the construction and disposal of nuclear weapons. So far, Microsoft has stated that roughly 8,000 SharePoint servers have been impacted by the zero-day exploit that was discovered a few weeks ago, many of which are servers used by various governmental and defense agencies.-----END TEARLINE-----Analyst Comments: The deterioration of complex (but boring) systems and processes is one of the most catastrophic problems of our modern era that largely goes ignored until something happens. Due to the entire world of nuclear weapons being a highly-sensationalized topic on any given day, this is a good reminder of how civilization decline is a rather serious concern in our modern times. When someone thinks of the administrative management of nuclear weapons, one is likely to be assaulted with a plethora of content regarding the extreme security of our nuclear triad. Consequently, when some sort of problem occurs, the first knee-jerk reaction to a vulnerability is to assume that "surely someone has taken care of this, or mitigated that". And in most cases one would be correct...but not always. Many people have grow accustomed to "zero-fail" systems actually being zero-fail due to the assumption that nothing bad will happen, because nothing bad has happened yet.Over time, this has resulted in a level of trust being placed on systems that today are not nearly as reliable as they are believed to be. In the case of a highly-dramatized topic such as nuclear weapons, it's quite clear that the actual implementation of nuclear warheads is rather well planned and managed....but Microsoft's SharePoint scandal has proven that maybe the companies that actually build the weapons are not as hardened as we all thought they were. From the mass-firings at the 5th Mission Support Group in 2023 due to failed nuclear readiness inspections, to the NNSA being impacted in undisclosed ways by a SharePoint breach (of all things), the American people are perfectly justified in adopting a "don't trust, always verify" mentality regarding systems that *were

Microsoft finally kills Movies & TV show service in the Microsoft Store. This was the final vestigial minder of Zune that remained. There was Groove Video and Xbox Video, too. Microsoft previously killed eBook (2019) and music (2017) sales. At this point, you would have to be insane to buy content from Microsoft, sorry... but you can get to some of your content on other services via Movies Anywhere - and use the Movies & TV app for now in Windows, which is no longer bundled. Windows 11 It's Week D and you can't tell your Copilot+ PC features from your Windows 11 features without a scorecard A peek at next month's Patch Tuesday - Also, preview updates for 23H2, Windows 10 Copilot+ PCs only: Settings agent, Click to Do improvements, Photo relight in Photos app, Sticker generator and Object select in Paint Everyone: Copilot Vision (U.S. only) in Copilot, Edge Game Assist, Quick Machine Recovery Microsoft explains how PC transfer feature will work in Windows Backup later this year Describe image action for Click to Do (for AMD/Intel), image descriptions in Narrator (AMD/Intel), performance log improvements (!), Click to Do search bar test, Lock screen improvements, privacy improvements head to Dev and Beta channels Bug fixes in Canary, back to the usual waste of time Brave will automatically block Recall WhatsApp is going PWA, killing UWP app Focusrite finally releases drivers for Windows 11 on Arm/Snapdragon X, removing the final major compatibility issue on that platform Linux (sort of) crosses the 5 percent usage milestone Surface/Copilot+ PC Copilot+ PC is a failure as a brand because Microsoft focused on negligible on-device AI features It should have pushed reliability, performance, efficiency and battery life All Copilot+ PC features should come to at least those with GPUs, but really all customers Microsoft failed at AI, and failed with consumers, and so now it's going to tell us what consumers want from AI - a comedy Microsoft announces Surface Laptop for Business with 5G but the real "with" is Intel Inside Intel layoffs are even worse than expected and more are coming Microsoft has a problem and it starts with "C" and ends with "opilot" Microsoft SharePoint has a notably bad security flaw DuckDuckGo adds some neat customization features to Duck.ai and DuckDuckGo lets you hide all AI from search Xbox and gaming The Xbox platform unification continues: Xbox now testing cross-device play history - Not just console games on console, PC games on PC Just kidding! The Outer Worlds will cost $69.99, not $79.99 Tips & Picks Tip of the week: You hate Big Tech, but who can you trust? App pick of the week: Proton Lumo RunAs Radio this week: Copilot Studio with April Dunnam Brown liquor pick of the week: Benromach 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit 1password.com/windowsweekly

Microsoft finally kills Movies & TV show service in the Microsoft Store. This was the final vestigial minder of Zune that remained. There was Groove Video and Xbox Video, too. Microsoft previously killed eBook (2019) and music (2017) sales. At this point, you would have to be insane to buy content from Microsoft, sorry... but you can get to some of your content on other services via Movies Anywhere - and use the Movies & TV app for now in Windows, which is no longer bundled. Windows 11 It's Week D and you can't tell your Copilot+ PC features from your Windows 11 features without a scorecard A peek at next month's Patch Tuesday - Also, preview updates for 23H2, Windows 10 Copilot+ PCs only: Settings agent, Click to Do improvements, Photo relight in Photos app, Sticker generator and Object select in Paint Everyone: Copilot Vision (U.S. only) in Copilot, Edge Game Assist, Quick Machine Recovery Microsoft explains how PC transfer feature will work in Windows Backup later this year Describe image action for Click to Do (for AMD/Intel), image descriptions in Narrator (AMD/Intel), performance log improvements (!), Click to Do search bar test, Lock screen improvements, privacy improvements head to Dev and Beta channels Bug fixes in Canary, back to the usual waste of time Brave will automatically block Recall WhatsApp is going PWA, killing UWP app Focusrite finally releases drivers for Windows 11 on Arm/Snapdragon X, removing the final major compatibility issue on that platform Linux (sort of) crosses the 5 percent usage milestone Surface/Copilot+ PC Copilot+ PC is a failure as a brand because Microsoft focused on negligible on-device AI features It should have pushed reliability, performance, efficiency and battery life All Copilot+ PC features should come to at least those with GPUs, but really all customers Microsoft failed at AI, and failed with consumers, and so now it's going to tell us what consumers want from AI - a comedy Microsoft announces Surface Laptop for Business with 5G but the real "with" is Intel Inside Intel layoffs are even worse than expected and more are coming Microsoft has a problem and it starts with "C" and ends with "opilot" Microsoft SharePoint has a notably bad security flaw DuckDuckGo adds some neat customization features to Duck.ai and DuckDuckGo lets you hide all AI from search Xbox and gaming The Xbox platform unification continues: Xbox now testing cross-device play history - Not just console games on console, PC games on PC Just kidding! The Outer Worlds will cost $69.99, not $79.99 Tips & Picks Tip of the week: You hate Big Tech, but who can you trust? App pick of the week: Proton Lumo RunAs Radio this week: Copilot Studio with April Dunnam Brown liquor pick of the week: Benromach 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit 1password.com/windowsweekly

Microsoft finally kills Movies & TV show service in the Microsoft Store. This was the final vestigial minder of Zune that remained. There was Groove Video and Xbox Video, too. Microsoft previously killed eBook (2019) and music (2017) sales. At this point, you would have to be insane to buy content from Microsoft, sorry... but you can get to some of your content on other services via Movies Anywhere - and use the Movies & TV app for now in Windows, which is no longer bundled. Windows 11 It's Week D and you can't tell your Copilot+ PC features from your Windows 11 features without a scorecard A peek at next month's Patch Tuesday - Also, preview updates for 23H2, Windows 10 Copilot+ PCs only: Settings agent, Click to Do improvements, Photo relight in Photos app, Sticker generator and Object select in Paint Everyone: Copilot Vision (U.S. only) in Copilot, Edge Game Assist, Quick Machine Recovery Microsoft explains how PC transfer feature will work in Windows Backup later this year Describe image action for Click to Do (for AMD/Intel), image descriptions in Narrator (AMD/Intel), performance log improvements (!), Click to Do search bar test, Lock screen improvements, privacy improvements head to Dev and Beta channels Bug fixes in Canary, back to the usual waste of time Brave will automatically block Recall WhatsApp is going PWA, killing UWP app Focusrite finally releases drivers for Windows 11 on Arm/Snapdragon X, removing the final major compatibility issue on that platform Linux (sort of) crosses the 5 percent usage milestone Surface/Copilot+ PC Copilot+ PC is a failure as a brand because Microsoft focused on negligible on-device AI features It should have pushed reliability, performance, efficiency and battery life All Copilot+ PC features should come to at least those with GPUs, but really all customers Microsoft failed at AI, and failed with consumers, and so now it's going to tell us what consumers want from AI - a comedy Microsoft announces Surface Laptop for Business with 5G but the real "with" is Intel Inside Intel layoffs are even worse than expected and more are coming Microsoft has a problem and it starts with "C" and ends with "opilot" Microsoft SharePoint has a notably bad security flaw DuckDuckGo adds some neat customization features to Duck.ai and DuckDuckGo lets you hide all AI from search Xbox and gaming The Xbox platform unification continues: Xbox now testing cross-device play history - Not just console games on console, PC games on PC Just kidding! The Outer Worlds will cost $69.99, not $79.99 Tips & Picks Tip of the week: You hate Big Tech, but who can you trust? App pick of the week: Proton Lumo RunAs Radio this week: Copilot Studio with April Dunnam Brown liquor pick of the week: Benromach 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit 1password.com/windowsweekly

Microsoft finally kills Movies & TV show service in the Microsoft Store. This was the final vestigial minder of Zune that remained. There was Groove Video and Xbox Video, too. Microsoft previously killed eBook (2019) and music (2017) sales. At this point, you would have to be insane to buy content from Microsoft, sorry... but you can get to some of your content on other services via Movies Anywhere - and use the Movies & TV app for now in Windows, which is no longer bundled. Windows 11 It's Week D and you can't tell your Copilot+ PC features from your Windows 11 features without a scorecard A peek at next month's Patch Tuesday - Also, preview updates for 23H2, Windows 10 Copilot+ PCs only: Settings agent, Click to Do improvements, Photo relight in Photos app, Sticker generator and Object select in Paint Everyone: Copilot Vision (U.S. only) in Copilot, Edge Game Assist, Quick Machine Recovery Microsoft explains how PC transfer feature will work in Windows Backup later this year Describe image action for Click to Do (for AMD/Intel), image descriptions in Narrator (AMD/Intel), performance log improvements (!), Click to Do search bar test, Lock screen improvements, privacy improvements head to Dev and Beta channels Bug fixes in Canary, back to the usual waste of time Brave will automatically block Recall WhatsApp is going PWA, killing UWP app Focusrite finally releases drivers for Windows 11 on Arm/Snapdragon X, removing the final major compatibility issue on that platform Linux (sort of) crosses the 5 percent usage milestone Surface/Copilot+ PC Copilot+ PC is a failure as a brand because Microsoft focused on negligible on-device AI features It should have pushed reliability, performance, efficiency and battery life All Copilot+ PC features should come to at least those with GPUs, but really all customers Microsoft failed at AI, and failed with consumers, and so now it's going to tell us what consumers want from AI - a comedy Microsoft announces Surface Laptop for Business with 5G but the real "with" is Intel Inside Intel layoffs are even worse than expected and more are coming Microsoft has a problem and it starts with "C" and ends with "opilot" Microsoft SharePoint has a notably bad security flaw DuckDuckGo adds some neat customization features to Duck.ai and DuckDuckGo lets you hide all AI from search Xbox and gaming The Xbox platform unification continues: Xbox now testing cross-device play history - Not just console games on console, PC games on PC Just kidding! The Outer Worlds will cost $69.99, not $79.99 Tips & Picks Tip of the week: You hate Big Tech, but who can you trust? App pick of the week: Proton Lumo RunAs Radio this week: Copilot Studio with April Dunnam Brown liquor pick of the week: Benromach 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit 1password.com/windowsweekly

The US nuclear weapons agency was breached using the Microsoft SharePoint hack, Meta is adding new safety features to child-focused Instagram accounts, and privacy advocates start your engines, Amazon is acquiring an AI wearable that listens to everything you do. It's Wednesday, July 23rd and here's a quick look at tech in the news this morning from Engadget. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Hackers have used a serious, previously unknown flaw in Microsoft's SharePoint server software to launch a major global cyberattack. The attack has hit U.S. government agencies, universities, energy companies, and more, but only affects on-site servers—not cloud services. Stolen data and encryption keys could let hackers keep access even after systems are patched. Microsoft has released a fix for some versions, but many servers are still at risk. Authorities in the U.S., Canada, and Australia are investigating, with over 50 organizations confirmed as affected so far. The attackers' identity and goals are still unknown. This and more on the Tech Field Day News Rundown with Tom Hollingsworth and Alastair Cooke. Time Stamps: 0:00 - Cold Open0:31 - Welcome to the Tech Field Day News Rundown1:46 - Stargate Datacenter Struggles to Get off the Ground5:08 - Report Reveals Top Cybersecurity Weaknesses in Healthcare9:00 - AWS Launches Tools to Help Businesses Use AI Agents12:56 - Intel Shuts Down Clear Linux OS16:33 - Microsoft's New EU Cloud Deal Sparks Praise and Criticism20:09 - Broadcom Unveils Tomahawk High-Speed Ethernet Chip for AI and HPC24:12 - Massive Hack Hits Microsoft SharePoint Servers32:27 - The Weeks Ahead34:20 - Thanks for Watching the Tech Field Day News RundownFollow our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Tom Hollingsworth⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Alastair Cooke⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Stephen Foskett⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Follow Tech Field Day ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠on LinkedIn⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠X/Twitter⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Bluesky⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Mastodon⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Microsoft finally kills Movies & TV show service in the Microsoft Store. This was the final vestigial minder of Zune that remained. There was Groove Video and Xbox Video, too. Microsoft previously killed eBook (2019) and music (2017) sales. At this point, you would have to be insane to buy content from Microsoft, sorry... but you can get to some of your content on other services via Movies Anywhere - and use the Movies & TV app for now in Windows, which is no longer bundled. Windows 11 It's Week D and you can't tell your Copilot+ PC features from your Windows 11 features without a scorecard A peek at next month's Patch Tuesday - Also, preview updates for 23H2, Windows 10 Copilot+ PCs only: Settings agent, Click to Do improvements, Photo relight in Photos app, Sticker generator and Object select in Paint Everyone: Copilot Vision (U.S. only) in Copilot, Edge Game Assist, Quick Machine Recovery Microsoft explains how PC transfer feature will work in Windows Backup later this year Describe image action for Click to Do (for AMD/Intel), image descriptions in Narrator (AMD/Intel), performance log improvements (!), Click to Do search bar test, Lock screen improvements, privacy improvements head to Dev and Beta channels Bug fixes in Canary, back to the usual waste of time Brave will automatically block Recall WhatsApp is going PWA, killing UWP app Focusrite finally releases drivers for Windows 11 on Arm/Snapdragon X, removing the final major compatibility issue on that platform Linux (sort of) crosses the 5 percent usage milestone Surface/Copilot+ PC Copilot+ PC is a failure as a brand because Microsoft focused on negligible on-device AI features It should have pushed reliability, performance, efficiency and battery life All Copilot+ PC features should come to at least those with GPUs, but really all customers Microsoft failed at AI, and failed with consumers, and so now it's going to tell us what consumers want from AI - a comedy Microsoft announces Surface Laptop for Business with 5G but the real "with" is Intel Inside Intel layoffs are even worse than expected and more are coming Microsoft has a problem and it starts with "C" and ends with "opilot" Microsoft SharePoint has a notably bad security flaw DuckDuckGo adds some neat customization features to Duck.ai and DuckDuckGo lets you hide all AI from search Xbox and gaming The Xbox platform unification continues: Xbox now testing cross-device play history - Not just console games on console, PC games on PC Just kidding! The Outer Worlds will cost $69.99, not $79.99 Tips & Picks Tip of the week: You hate Big Tech, but who can you trust? App pick of the week: Proton Lumo RunAs Radio this week: Copilot Studio with April Dunnam Brown liquor pick of the week: Benromach 10 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit 1password.com/windowsweekly

Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia's financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state portal cyberattack.  Hungarian police arrest a man accused of launching DDoS attacks on independent media outlets. On our Threat Vector segment guest host ⁠Michael Sikorski⁠ ⁠and Michael Daniel⁠ of the Cyber Threat Alliance (CTA) explore cybersecurity collaboration. A Spyware kingpin wants back in. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector segment, host David Moulton turns the mic over to guest host ⁠Michael Sikorski⁠ and his guest ⁠Michael Daniel⁠ of the Cyber Threat Alliance (CTA) for a deep dive into cybersecurity collaboration. You can hear Michael and Michael's full discussion on Threat Vector ⁠⁠⁠here⁠⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets (SecurityWeek) Microsoft: Windows Server KB5062557 causes cluster, VM issues (Bleeping Computer)  File transfer company CrushFTP warns of zero-day exploit seen in the wild (The Record) UK to lead crackdown on cyber criminals with ransomware measures (GOV.UK) Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims (Infosecurity Magazine) Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks (Infosecurity Magazine) WordPress spam campaign abuses Google Tag Manager scripts (SC Media) After website hack, Arizona election officials unload on Trump's CISA (CyberScoop) Hungarian police arrest suspect in cyberattacks on independent media (The Record) Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry (TechCrunch) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Timestamps: 0:00 maybe another time 0:17 Microsoft SharePoint flaw exploited 1:53 Ubisoft CEO on Stop Killing Games 3:14 Replit AI goes rogue, deletes database 4:58 Micro Center! 5:36 QUICK BITS INTRO 5:46 Steam games on RISC-V, Linux 6:23 Google, OpenAI win Math Olympiad 7:15 UK may back out of Apple iCloud order 7:52 AI robot performs surgery NEWS SOURCES: https://lmg.gg/9VHo7 Learn more about your ad choices. Visit megaphone.fm/adchoices

The software giant released an emergency patch but the flaw is being actively exploited. Learn more about your ad choices. Visit podcastchoices.com/adchoices

In this week's Security Sprint, Dave and Andy covered the following topics: Warm Open:• 26th Annual TribalNet Conference & Tradeshow• The Gate 15 Interview EP 60 – Sasha Larkin: “I like the chaos, chaos makes sense to me.” • The SUN will not be published the week of 28 Jul – 01 Aug. The SUN will resume the following week.• P2D2!Main Topics:Microsoft, China & Vendor Risk Management:• A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers• US senator seeks details from Defense Department on Microsoft's Chinese engineers• Microsoft says it will no longer use engineers in China for Department of Defense work• Chairmen Gimenez, Moolenaar, Self Probe Tech Companies Over Risks To Undersea Telecom InfrastructurePasswords. Weak password allowed hackers to sink a 158-year-old companyPatching!• Microsoft SharePoint vulnerability CVE-2025-53770: Microsoft: Customer guidance for SharePoint vulnerability CVE-2025-53770 & UK NCSC: Active exploitation of vulnerability affecting Microsoft Office SharePoint Server products in the UK• Canadian Centre for Cyber Security: CrushFTP security advisory (AV25-432)• CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability• CitrixBleed 2 situation update — everybody already got owned• Canadian Centre for Cyber Security - Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543 – Update 2 Managing Politics and BiasQuick Hits:• National Guard hacked by Chinese 'Salt Typhoon' campaign for nearly a year, DHS memo says• Charter Calls Increased Critical Infrastructure Attacks on Spectrum Network in Missouri Acts of Domestic Terrorism• UK NPSA - Security-Minded Communications - Guidance for Remote and Rural Locations • Canadian Centre for Cyber Security (CCCS) & Canadian Anti-Fraud Centre (CAFC) Joint Advisory: Cyber officials warns of malicious campaign to impersonate high-profile public figures• Examining How International Hacktivist Groups Pursue Attention, Select Targets, and Interact in an Evolving Online Landscape• China's cyber sector amplifies Beijing's hacking of U.S. targets• Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity• Of course, Grok's AI companions want to have sex and burn down schools• Investor Alert: Look Out For Possible Investment Scams Related to the Texas Floods • The Amnban Files: Inside Iran's Cyber-Espionage Factory Targeting Global Airlines• Indian crypto exchange CoinDCX hacked, $44M drained

In this episode of Hashtag Trending,  urgent warnings from US and Canadian governments about a serious vulnerability in Microsoft SharePoint that allows attackers to gain admin access and execute arbitrary code. Up next, learn about a disaster involving an AI agent from Replit that deleted a live production database, defying explicit commands. Intel's Raptor Lake chips, particularly the i9 series, are crashing under the summer heat, raising concerns about broader reliability issues. Lastly, while Amazon lays off hundreds in its cloud division, Iceland is leveraging tech to shorten the workweek, boosting productivity and improving work-life balance. Don't miss these important updates and more! 00:00 Urgent Security Alert: Microsoft SharePoint Vulnerability 01:56 AI Gone Rogue: The Replit Database Disaster 04:29 Intel Chips Overheating: Summer Heat Woes 06:38 Amazon Layoffs vs. Iceland's Four-Day Work Week 08:59 Conclusion and Viewer Engagement

IT-Fachleute warnen vor einer Sicherheitslücke bei Microsoft SharePoint. Die IT-Sicherheitsfirma iSecurity habe schon 100 gehackte Server identifiziert, sagt der Journalist Michael Gessat: "Theoretisch könnten 10.000 Organisationen betroffen sein." Von WDR5.

✨ W33K: il Lunedì che fa la differenza!Un'ora circa per iniziale la settimana con consapevolezza e una marcia in più. I topic di questa puntata:00:02:24 Pubblicità su WhatsApp: inizia ma non in Europa, visibile negli aggiornamenti di stato.00:05:11 Inchiesta sul canale YouTube ''Once Were Nerd'' per promozione di pirateria tramite retrogaming.00:16:15 La disputa sull'IVA per le registrazioni gratuite degli utenti arriva in sede europea.00:23:52 Netflix adotta l'intelligenza artificiale per migliorare le produzioni e ridurre i costi.00:26:23 Donald Trump condivide un video deepfake che mostra l'arresto di Barack Obama.00:29:07 Scoperta una grave vulnerabilità di sicurezza in Microsoft SharePoint on-premise.00:31:34 L'uso dell'AI genera citazioni legali errate, minacciando il sistema giudiziario americano.00:34:30 Il Regno Unito sospende la richiesta ad Apple di creare una backdoor.00:37:59 La Francia avvia un procedimento legale contro X per manipolazione algoritmica.00:42:49 Indagine sulla vendita e l'uso illecito di dati rubati dai data breach.00:55:23 L'amministrazione Trump prepara ordini esecutivi per un'AI politicamente neutrale.01:00:33 Perplexity negozia per preinstallare il suo browser AI sugli smartphone.01:03:05 Proposta per una nuova authority italiana per il monitoraggio della messaggistica crittografata.01:07:06 Meta rifiuta di aderire al codice di condotta europeo sull'intelligenza artificiale.01:09:01 Delta Air Lines introduce l'AI per personalizzare il prezzo dei biglietti aerei.01:12:37 L'UE sospende le indagini su X in attesa dei negoziati commerciali USA.01:13:54 Chiuso il sito 12ft.io, usato per aggirare i paywall delle testate giornalistiche.01:15:18 Si conclude con un accordo la causa degli investitori contro Zuckerberg per Cambridge Analytica.01:17:08 L'UE considera dazi sui servizi digitali USA come ritorsione commerciale.01:22:59 L'intelligenza artificiale minaccia il giornalismo, sottraendo valore e click alle testate.01:24:37 WeTransfer aggiorna i termini d'uso per l'analisi dei file con l'AI.~~~~~ INGAGGI E SPONSORSHIP ~~~~~ Per contatti commerciali: sales@matteoflora.comPer consulenze legali: info@42LawFirm.it~~~~~ SOSTIENI IL CANALE! ~~~~~Con la Membership PRO puoi supportare il Canale » https://link.mgpf.it/proSe vuoi qui la mia attrezzatura » https://mgpf.it/attrezzatura~~~~~ SEGUIMI ANCHE ONLINE CON LE NOTIFICHE! ~~~~~» CANALE WHATSAPP » https://link.mgpf.it/wa» CANALE TELEGRAM » https://mgpf.it/tg» CORSO (Gratis) IN FUTURO » https://mgpf.it/nl» NEWSLETTER » https://mgpf.it/nl~~~~~ CIAO INTERNET E MATTEO FLORA ~~~~~ Questo è “Ciao Internet!” la prima e più seguita trasmissione di TECH POLICY in lingua italiana, online su YouTube e in Podcast.Io sono MATTEO FLORA e sono:» Professore in Fondamenti di Sicurezza delle AI e delle SuperIntelligenze (ESE)» Professore ac in Corporate Reputation e Crisis Management (Pavia).Sono un Imprenditore Seriale del digitale e ho fondato:» The Fool » https://thefool.it - La società italiana leader di Customer Insight» The Magician » https://themagician.agency - Atelier di Advocacy e Gestione della Crisi» 42 Law Firm » https://42lf.it - Lo Studio Legale per la Trasformazione Digitale » ...e tante altre qui: https://matteoflora.com/#aziendeSono Future Leader (IVLP) del Dipartimento di Stato USA sotto Amministrazione Obama nel programma “Combating Cybercrime (2012)”.Sono Presidente di PermessoNegato, l'associazione italiana che si occupa di Pornografia Non- Consensuale e Revenge Porn.Conduco in TV “Intelligenze Artificiali” su Mediaset/TgCom.

On today's episode: Israel moves into central Gaza; the Pentagon orders 700 marines out of Los Angeles; President Donald Trump is hosting Phillippines President Ferdinand Marcos Jr. to discuss trade and security; the Trump administration has released Martin Luther King Jr. case files;  FDA names former pharmaceutical company executive to oversee US drug program. Harvard seeks billions in funding restored at a pivotal hearing in its standoff with Trump. Malcolm-Jamal Warner, 'Cosby Show' actor, dies at 54 in Costa Rica drowning. What to know about a vulnerability being exploited on Microsoft SharePoint servers. Judge gives ex-officer nearly 3 years in Breonna Taylor raid, rebuffs DOJ call for no prison time. Over 5.2 million pools sold across the U.S. and Canada are under recall after reports of nine deaths. Father arrested in New York in death of 9-year-old daughter he had reported missing. Off-duty border patrol agent shot in a Manhattan park in apparent botched robbery, police say. A pilot made sharp turn to avoid a B-52 bomber over North Dakota, then took to the mic to explain. US stocks set more records as Verizon begins a big week for profit reports with a beat. General Motors profit and revenue drops, but it maintains lowered full year outlook. Venus Williams returns to WTA Tour one year after uterine surgery, an NL East contender signs a former All-Star pitcher, a 12-time NBA All-Star returns to Los Angeles, an NFL quarterback is set for season-ending surgery, Jerry Jones is staying put in the Cowboys’ front office and the Packers extend a starting tackle. USOPC asks for tweak of college sports bill to set minimum spending limits for Olympic programs. USOPC asks for tweak of college sports bill to set minimum spending limits for Olympic programs. Russian attacks in Ukraine kill a child and wound 24 before planned direct peace talks. UK, France and 23 other countries say the war in Gaza ‘must end now.’ —The Associated Press About this program Host Terry Lipshetz is managing editor of the national newsroom for Lee Enterprises. Besides producing the daily Hot off the Wire news podcast, Terry conducts periodic interviews for this Behind the Headlines program, co-hosts the Streamed & Screened movies and television program and is the former producer of Across the Sky, a podcast dedicated to weather and climate. Theme music The News Tonight, used under license from Soundstripe. YouTube clearance: ZR2MOTROGI4XAHRX

Retail sales in the U.S. show a surprising rebound, rising by 0.6% in June, driven primarily by auto dealership sales, but concerns linger regarding inflation's impact on consumer demand. The episode also highlights a critical Microsoft SharePoint flaw that exposes thousands of servers globally and Forrester's recommendations for IT leaders to pivot their budgets towards AI while phasing out legacy technology. Additionally, the ongoing trend of Fortune 100 companies enforcing return-to-office mandates is examined, with a focus on its implications for the gender gap in remote work.  00:00 Retail rebound masks inflation reality as tech hiring shifts toward cybersecurity and infrastructure05:25 Microsoft SharePoint flaw leaves federal agencies, universities, and businesses exposed in global cyberattack08:38 Fortune 100 return-to-office mandates surge to 54% as hybrid work wanes post-pandemic Supported by:  https://getflexpoint.com/msp-radio/ Tell us about a newsletter!  https://bit.ly/biztechnewsletter All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

AP correspondent Ed Donahue reports on a hacking problem at Microsoft.

A new study is out telling us where you are stashing your hard-earned dollars and it's not the bank. This is the Business News Headlines for Monday the 21st day of July, thanks for being with us! In other news, the latest Superman Movie is proving to be…well, super with fans.  What to know about the Microsoft SharePoint hack.  A changing of the guard over at Subway and we'll share the latest. At least 5.2 million above ground swimming pools have been recalled…think drownings. We've got the Wall Street Report and your wish for a foldable phone from Apple may just come to pass.  For the interview you'll meet Tim Zarley…sure he is a patient attorney but he is also a baseball historian with one book to his credit and another on the way…a wide ranging look at the sport of baseball with  PlayerFM, Podbean, iTunes, Spotify, Stitcher or TuneIn Radio. And you can catch The Business News Hour Week in Review each Sunday Noon Central on News/Talk 1540 KXEL. The Business News Hour is a production of Insight Advertising, Marketing & Communications. You can follow us on Twitter @IoB_NewsHour...and on Threads @Insight_On_Business.

Today's episode features Box CEO Aaron Levie, who discusses how AI is transforming enterprise software and whether it's a threat or an opportunity. We also analyze Figma's highly anticipated IPO valuation with our financial columnist Anita Ramaswamy, discussing its impressive growth and the impact of AI. Finally, cybersecurity and enterprise tech reporter Aaron Holmes unpacks the recent Microsoft SharePoint hack, its implications for government and businesses, and the ongoing cybersecurity challenges for Microsoft, including how CEO Satya Nadella's pay is now linked to security improvements.Articles discussed on this episode: Figma's IPO May Be Hot, but Its Outlook Is MurkyFigma Sets Tentative IPO Pricing RangeHackers Exploit Microsoft Flaw in File-Sharing Software

The Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk, Apple's next iPad Pro will reportedly get two front-facing cameras, and Corning ended its exclusive deals with phone manufacturers, avoiding the EU's fine. It's Monday, July 21st and here's a quick look at tech in the news this morning from Engadget. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Una falla nel sistema di di sicurezza in un diffuso software per server di Microsoft è stata la porta d'accesso per permettere a un gruppo di hacker di lanciare un attacco globale contro agenzie governative e aziende, violando i dati di agenzie federali e statali americane, aziende energetiche e di un'azienda di comunicazione asiatica.

Auch diesen Monat haben wir wieder eine Microsoft Evergreen Update Folge für dich. Wir haben uns dieses Mal auf Microsoft SharePoint, Teams und Planner konzentriert und dir ein paar Updates herausgesucht. Viel Spaß beim Zuhören.

Blink, and you've already missed like 7 AI updates.The large language models we use and rely on? They change out more than your undies. (No judgement here.) But real talk — businesses have made LLMs a cornerstone of their business operations, yet don't follow the updates. Don't worry shorties. We've got ya. In our first ever LLM Monthly roundup, we're telling you what's new and noteworthy in your favorite LLMs. Newsletter: Sign up for our free daily newsletterMore on this Episode: Episode PageJoin the discussion: Have a question? Join the convo here.Upcoming Episodes: Check out the upcoming Everyday AI Livestream lineupWebsite: YourEverydayAI.comEmail The Show: info@youreverydayai.comConnect with Jordan on LinkedInTopics Covered in This Episode:ChatGPT 4.1 New Features OverviewChatGPT Shopping Platform LaunchChatGPT's Microsoft SharePoint IntegrationChatGPT Memory and Conversation HistoryGoogle Gemini 2.5 Pro UpdatesGemini Canvas Powerful ApplicationsClaude Integrations with Google WorkspaceMicrosoft Copilot Deep Research InsightsTimestamps:00:00 Saudi Arabia's $600B AI Investment06:44 Monthly AI Model Update Show08:11 OpenAI Launches GPT-4.1 Publicly11:52 AI Research Tools Comparison16:29 Perplexity's Pushy Shopping Propensity19:55 ChatGPT Memory: Pros and Cons22:29 Gemini Canvas vs. OpenAI Canvas25:06 AI Model Competition Highlights28:25 Google Gemini Rivals OpenAI's Research32:30 "Claude's Features and Limitations"37:05 Anthropic's Educational AI Innovation39:02 Exploring Copilot Vision Expansion41:38 Meta AI Launch and Llama 4 Models46:27 "New iOS Voice Assistant Features"47:54 "Enhancing iOS Assistant Potential"Keywords:ChatGPT, AI updates, Large Language Model updates, OpenAI, GPT 4.1, GPT 4.0, GPT 4.5, GPT 4.1 Mini, Saudi Arabia AI investment, NVIDIA Blackwell AI chips, AMD deal, Humane startup, Data Vault, AI data centers, Logic errors moderation, Grox AI, Elon Musk, XAI, Google Gemini, ChatGPT shopping, Microsoft SharePoint integration, OneDrive integration, deep research, AI shopping platform, Google DeepMind, Alpha Evolve, evolutionary techniques, AI coding, Claude, Anthropic Claude, Confluence integration, Jira integration, Zapier integration, ChatGPT enterprise, API updates, Copilot pages, Microsoft three sixty five, Bing search, Meta AI, Llama 4, Llama 4 Maverick, Llama 4 Scout, Perplexity, voice assistant, Siri alternatives, Grok Studio, AI social network.Send Everyday AI and Jordan a text message. (We can't reply back unless you leave contact info) Ready for ROI on GenAI? Go to youreverydayai.com/partner

Therman Trotman is dedicated to helping businesses get organized, work better, and live better using Microsoft SharePoint. In this episode Therman shares his expertise on what SharePoint is and how it can transform business operations. He discusses the scalability of SharePoint and how it can help businesses grow efficiently. This insightful conversation offers practical strategies for businesses looking to enhance their productivity. Tune in to learn how SharePoint can be a game-changer for your business!Website: https://bio.site/SPHD LinkedIn: https://www.linkedin.com/in/therman-trotman-15790b33/ Let's Stay in Touch! LinkedIn (be sure to mention you heard the podcast ;-)) Website - B.O.O.S.T.® Your Brilliance

Welcome to Exploit Brokers with your host Cipherceval! In this deep dive, we uncover a sophisticated cyber assault where hackers exploited Microsoft SharePoint to launch the Havoc C2 via a stealthy click fix attack. Learn how a single click can trigger malicious PowerShell commands, turning everyday corporate tools into gateways for cybercrime. In this episode, we explore: • How click fix attacks trick users into executing harmful commands • The role of social engineering in modern cyber warfare • The rising threat of ransomware targeting Middle Eastern banks and financial institutions • The importance of patching, penetration testing, and proactive cybersecurity measures Whether you're a cybersecurity expert or just curious about digital threats, this breakdown provides essential insights into how cybercriminals are reshaping the rules of digital warfare. Stay informed and protect yourself from these evolving dangers. Don't forget to like, subscribe, and hit the bell icon for more updates on cybersecurity trends! #CyberSecurity #HavocC2 #ClickFix #SharePointHack #Ransomware #DigitalWarfare #CyberAttack #Malware #SocialEngineering #ExploitBrokers

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.ptcpdump is an eBPF-based version of tcpdump that adds process information to each packet. It supports filtering by process ID, process name, container ID, and Kubernetes pod name. In a recent implementation, Target's cybersecurity team adopted TLSH (Trend Micro Locality Sensitive Hash) to improve their malware detection capabilities. Huntress recently issued a threat advisory regarding active exploitation of a zero-day vulnerability affecting Cleo's file transfer software, specifically impacting LexiCom, VLTrader, and Harmony versions up to 5.8.0.21. Sublime Security recently analyzed a phishing campaign that impersonates Microsoft SharePoint to deliver the XLoader malware.Palo Alto Networks' Unit 42 team has uncovered a new packer-as-a-service (PaaS) operation named HeartCrypt, which has been active since July 2023 and began sales in February 2024. HeartCrypt is designed to obfuscate malware, making detection by security solutions more challenging.

Episode 231 FACULTY: Kyle Geers, CPA CLASS: #Shoperations In this episode, join Scotty and Kyle Geers as they talk about his unique path from college water skiing enthusiast to managing a fully remote firm with $2 million in revenue. Hear how the founders of Zeroed In leveraged their skills to create profitable accounting practices, navigated communication and collaboration challenges, and utilized tools like Power BI and ClickUp. Discover insights on capacity planning, client service management, and fostering team growth through clear career paths.

Researchers reveal upgraded Qilin ransomware-as-a-service CISA adds Microsoft SharePoint flaw to its KEV catalog Rhysida ransoms Easterseals Thanks to today's episode sponsor, SpyCloud Ransomware continues to impact organizations. A new report released by SpyCloud shares insights from your peers in security – the majority of whom were affected by ransomware in the past year. The report has some fascinating industry-specific stats you'll want to see – plus confirms some stark truths: that the industry you're in can affect your likelihood of being hit with ransomware. Check it out at spycloud.com/headlines. Find the stories behind the headlines at CISOseries.com.

Video Episode: https://youtu.be/FPiwoFbhV7Y In today’s episode, we delve into recent cybersecurity developments recommended by the NSA for iPhone and Android users, emphasizing the significance of weekly device reboots to mitigate malware threats in 2024. We also explore the U.S. Cybersecurity and Infrastructure Security Agency’s new security proposals aimed at protecting sensitive data from hostile entities, along with the potential risks of hardcoded AWS and Azure credentials in popular mobile applications. Finally, we discuss the exploitation of a critical Microsoft SharePoint vulnerability (CVE-2024-38094) that could enable remote code execution, revealing the importance of prompt patching and security diligence. Sources: 1. https://www.forbes.com/sites/daveywinder/2024/10/23/nsa-tells-iphone-and-android-users-reboot-your-device-now/ 2. https://www.bleepingcomputer.com/news/google/google-to-let-businesses-create-curated-chrome-web-stores-for-extensions/ 3. https://www.bleepingcomputer.com/news/security/aws-azure-auth-keys-found-in-android-and-ios-apps-used-by-millions/ 4. https://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-of.html Timestamps 00:00 – Introduction 01:01 – Reboot your phone 02:49 – Google Enterprise Store 04:02 – Hardcoded Credentials 05:09 – Sharepoint Vulnerability 1. What are today’s top cybersecurity news stories? 2. Why did the NSA advise smartphone users to reboot their devices? 3. What is the cybersecurity significance of the NSA’s reboot recommendation? 4. How are AWS and Azure credentials being exposed in mobile apps? 5. What recent vulnerabilities have been identified in Microsoft SharePoint? 6. How can regular device rebooting enhance smartphone security? 7. What are the new security proposals from CISA for sensitive data? 8. What is the latest news about Google’s Enterprise Web Store for Chrome extensions? 9. Why is turning off and on your smartphone recommended by security experts? 10. How does the exposure of hardcoded credentials in apps affect user security? NSA, iPhone, Android, malware, Enterprise Web Store, Chrome extensions, productivity, AI tools, cloud service, credentials, Symantec, vulnerabilities, CVE-2024-38094, Microsoft SharePoint, hackers, remote code execution,

AT&T wireless announces a massive data breach. NATO will build a cyber defense center in Belgium. The White House outlines cybersecurity budget priorities.A popular phone spyware app suffers a major data breach.Some Linksys routers are sending user credentials in the clear. Sysdig describes Crystalray malware. A massive phishing campaign is exploiting Microsoft SharePoint servers. Germany strips Huawei and ZTE from 5G infrastructure. Our guest is Brigid Johnson, Director of AWS Identity, on the importance of identity management. The EU tells X-Twitter to clean up its act or pay the price. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest At the recent AWS re:Inforce 2024 conference, N2K's Brandon Karpf spoke with Brigid Johnson, Director of AWS Identity, about the importance of identity and where we need to go. You can watch a replay of Brigid's session at the event, IAM policy power hour, here.  Selected Reading AT&T Details Massive Breach of Customers' Call and Text Logs (Data Breach Today) NATO Set to Build New Cyber Defense Center (Infosecurity Magazine) New Presidential memorandum sets cybersecurity priorities for FY 2026, tasking OMB and ONCD to evaluate submissions (Industrial Cyber) mSpy Data Breach: Millions of Customers' Data Exposed (GB Hackers) Advance Auto Parts' Snowflake Breach Hits 2.3 Million People (Infosecurity Magazine) These Linksys routers are likely transmitting cleartext passwords (TechSpot) Known SSH-Snake bites more victims with multiple OSS exploitation (CSO Online) Beware of Phishing Attack that Abuses SharePoint Servers (Cyber Security News) Germany to Strip Huawei From Its 5G Networks (The New York Times) EU threatens Musk's X with a fine of up to 6% of global turnover (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices