The Biden administration is finalizing an executive order to bolster U.S. cybersecurity. Ivanti releases emergency updates to address a critical zero-day vulnerability. A critical vulnerability is discovered in Kerio Control firewall software. Palo Alto Networks patches multiple vulnerabilities in its retired migration tool. Fake exploits for Microsoft vulnerabilities lure security researchers. A medical billing company data breach affects over 360,000. A cyberattack disrupts the city of Winston-Salem. CrowdStrike identifies a phishing campaign exploiting its recruitment branding. Our guest is Danny Allen, CTO from Snyk, sharing how a balanced approach between AI and human oversight can strengthen cybersecurity. The worst of the worst from CES.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Danny Allen, CTO from Snyk, sharing how a balanced approach between AI and human oversight can strengthen cybersecurity. Learn more in Snyk’s AI Readiness Report about how some companies are still hesitant to adopt AI, despite its clear benefits in addressing human error and keeping up with fast-evolving technology. Selected Reading White House Rushes to Finish Cyber Order After China Hacks (Bloomberg) Zero-Day Patch Alert: Ivanti Connect Secure Under Attack (GovInfo Security) GFI KerioControl Firewall Vulnerability Exploited in the Wild (SecurityWeek)  Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool (SecurityWeek)  Security pros baited by fake Windows LDAP exploits (The Register) Major US medical billing firm breached, 360K+ customers' healthcare data leaked (Cybernews) Recruitment Phishing Scam Imitates CrowdStrike Hiring Process (CrowdStrike) Some Winston-Salem city services knocked offline by cyberattack (The Record) Excelsior Orthopaedics Data Breach Impacts 357,000 People (SecurityWeek)  The 'Worst in Show' CES Products Put Your Data at Risk and Cause Waste, Privacy Advocates Say (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices