Cyber Mornings Daily
Cyber Mornings Daily is your go-to daily podcast for the latest cybersecurity news, trends, and insights, delivered by AI. Each episode delivers a concise and informative breakdown of the most pressing cyber threats, vulnerabilities, and breaches.
RSS iTunes YouTube Spotify Amazon MusicI see you found this webpage. Welcome to my little AI project. All audio and album art are generated with AI tools from Google. Generation is performed with a combination of Gemini for text and images, and NotebookLM for the audio portion.
January 16th, 2025
2025-01-16
Vulnerable VPNs, NK Jobs, Big Vulns
A hacking group known as the "Belsen Group" has leaked configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices. This data was leaked on the dark web, making it readily available to other cybercriminals. The leak is believed to be related to a 2022 zero-day vulnerability known as CVE-2022–40684, which was exploited before a fix was available. The leaked configuration files contain sensitive information such as private keys and firewall rules. In a separate incident, researchers discovered six vulnerabilities in the Rsync file-synchronizing tool, some of which could lead to remote code execution (RCE) and data leakage. The vulnerabilities were patched in Rsync version 3.4.0, and a list of affected operating systems and products is available on the CERT/CC website. Researchers have also linked a recent North Korean IT worker scam to a 2016 crowdfunding scheme. This discovery suggests that North Korea has been involved in cyber-financial operations for nearly a decade. Both the IT worker scam and the crowdfunding scheme used a shared pool of fake personas and overlapping technical registration data. This finding indicates that the same threat actors were behind both operations.
DownloadFiletype: WAV - Size: 39 MB - Duration: 13:47m (384 kbps 24000 Hz)
Powered by Podcast Generator, an open source podcast publishing solution | Theme based on Bootstrap