Cyber Mornings Daily

Cyber Mornings Daily is your go-to daily podcast for the latest cybersecurity news, trends, and insights, delivered by AI. Each episode delivers a concise and informative breakdown of the most pressing cyber threats, vulnerabilities, and breaches.

RSS iTunes YouTube Spotify Amazon Music

I see you found this webpage. Welcome to my little AI project. All audio and album art are generated with AI tools from Google. Generation is performed with a combination of Gemini for text and images, and NotebookLM for the audio portion.

September 2nd, 2025

2025-09-02

Disrupted Autos, Major Breaches, & MFA All-the-Things

Welcome to Cyber Mornings Daily! This week, we're covering a range of critical cybersecurity incidents and updates. Jaguar Land Rover recently announced that a cyberattack "severely disrupted" its production and retail operations, forcing the company to proactively shut down certain systems as a mitigation effort. While the automaker stated there is no evidence of customer data theft at this stage, dealers faced issues registering new cars and supplying parts. The incident, which occurred over a weekend, has no public timeline for resolution or details on the attack type. In proactive security news, Microsoft is set to enforce multi-factor authentication (MFA) for all Azure resource management actions starting in October 2025, as part of its Secure Future Initiative (SFI). This move, which applies to users performing create, update, or delete operations via Azure CLI, PowerShell, SDKs, and APIs, aims to protect against unauthorized access, with Microsoft noting that 99.99% of MFA-enabled accounts resist hacking attempts. Finally, the fallout continues from a major data breach at AI chatbot maker Salesloft, involving the mass-theft of authentication tokens from its Drift application. Google's Threat Intelligence Group (GTIG) warned that attackers, tracked as UNC6395, stole valid authentication tokens for hundreds of integrated corporate services, including Slack, Google Workspace, Amazon S3, and Microsoft Azure, and siphoned large amounts of data while searching for sensitive credentials. Google has strongly advised organizations using Salesloft Drift with third-party integrations to consider their data compromised and immediately invalidate all affected tokens, highlighting the concern of "authorization sprawl" where legitimate access tokens are abused by attackers. Salesloft has engaged Mandiant to investigate the breach's root cause.

Download
Filetype: M4A - Size: 45 MB - Duration: 23:26m (149 kbps 44100 Hz)

Powered by Podcast Generator, an open source podcast publishing solution | Theme based on Bootstrap