New sandbox escape looks awfully familiar.

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 28 March 2025

⏱️ 30 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Mozilla patches Firefox flaw similar to actively exploited Chrome vulnerability. Russia-based RedCurl gang deploys ransomware for the first time. Ukraine's railway operator recovers from cyberattack. India cracks down on Google’s billing monopoly. Morphing Meerkat's phishing kit abuses DNS mail exchange records. 300,000 attacks in three weeks. Our guest is Chris Wysopal, Founder and Chief Security Evangelist of Veracode, who sits down with Dave to discuss the increase in the average fix time for security flaws. And Liz Stokes joins with another Fun Fact Friday. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Chris Wysopal, Founder and Chief Security Evangelist of Veracode, discussing increase in the average fix time for security flaws and percent of organizations that carry critical security debt for longer than a year. Selected Reading After Chrome patches zero-day used to target Russians, Firefox splats similar bug (The Register) Microsoft fixes Remote Desktop issues caused by Windows updates (Bleeping Computer) Firefox fixes flaw similar to Chrome zero-day used against Russian organizations (The Record) RedCurl's Ransomware Debut: A Technical Deep Dive (Bitdefender) Ukraine’s state railway restores online ticket sales after major cyberattack (The Record) Google App Store Billing Policy Anti-Competitive, India Court Rules (Bloomberg) Morphing Meerkat PhaaS Platform Spoofs 100+ Brands - Infosecurity Magazine (Infosecurity Magazine) Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe (SecurityWeek) Malware distributed via fake DeepSeek ads on Google (SC Media) GorillaBot Attacks Windows Devices With 300,000+ Attack Commands Across 100+ Countries (Cyber Security News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:12.0	Investigating is hard enough. Your tools shouldn't make it harder.
0:16.6	Maltigo brings all your intelligence into one platform and gives you curated data,
0:21.4	along with a full suite of tools to handle any digital investigation.
0:25.5	Plus, with on-demand courses and live training, your team won't just install the platform.
0:30.6	They'll actually use it and connect the dots so fast,
0:34.4	cybercriminals won't realize they're already in cuffs.
0:38.2	Maltigo is trusted by global law enforcement, financial institutions, and security teams worldwide.
0:44.3	See it in action now at Maltigo.com. Mozilla Patches'
1:02.0	similar to actively exploited chrome vulnerability.
1:07.0	Russia-based Red Curl Gang deploys ransomware for the first time. Ukraine's railway operator recovers from cyber attack.
1:13.6	India cracks down on Google's billing monopoly.
1:16.6	Morphing Mirkatz fishing kit abuses DNS mail exchange records.
1:20.6	300,000 attacks in three weeks.
1:23.6	Our guest is Chris Wysopal, founder and chief security evangelist of Veracode, who sits down with
1:30.0	Dave to discuss the increase in the average fixed time for security flaws. And Liz Stokes joins us with another Fun Fact Friday. Today is Friday, March 28, 2025.
1:51.0	I'm Maria Vermazes in for Dave Bittner,
1:53.5	and this is your Cyberwire Intel briefing.
1:55.8	Thank you. Happy Friday, everybody. Let's get into it.
2:10.4	Mozilla has issued a patch for a critical Firefox vulnerability that could allow attackers to perform sandbox escapes on Windows, the register reports.
2:19.3	The flaw is similar to an actively exploited vulnerability patched by Google in the Chrome
2:23.8	browser earlier this week. The Chrome vulnerability, which Kaspersky says was being exploited to
	...

Transcript will be available on the free plan in -4 days. Upgrade to see the full transcript now.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.