CISO Talk by James Azar
CyberHub Podcast
Chinese Threat Actors Target US ISPs, OpenAI Shocks and Changes, Gen AI Risks and Insights, CrowdStrike Mea Culpa
0:00
Current time: 0:00 / Total time: -19:02
-19:02

Chinese Threat Actors Target US ISPs, OpenAI Shocks and Changes, Gen AI Risks and Insights, CrowdStrike Mea Culpa

Today’s top cybersecurity news and the latest threats from Practicing CISO James Azar, tune in to hear how practitioner’s breakdown the latest to bolster their cybersecurity programs

The CyberHub Podcast delivered a packed episode covering major cybersecurity developments and emerging threats. The show, led by the energetic host and practitioner James Azar, highlighted a critical new attack by China-linked actors, AI's growing influence in business, and recent ransomware trends.

Please take a moment to say hello to our 👀 SHOW Supporters:

Today's episode is supported by our friends at Nudge Security. All CyberHub Podcast community members can get a free 14-day trial of their solution for securing SaaS and genAI at https://www.nudgesecurity.com/cyberhub

Salt Typhoon Cyber Attack

A China-linked group, dubbed Salt Typhoon, has been breaching U.S. internet service providers (ISPs), targeting critical infrastructure to gather sensitive information. The FBI is investigating, with speculation that the attackers may have exploited routers or core network components. Cisco and Microsoft are also involved in assessing the situation. Experts agree that China’s cyber-espionage operations are expanding globally, posing a severe threat to U.S. national security.

Investigations suggest that the threat actors targeted critical infrastructure, potentially using routers and core network components to access sensitive data. Although Cisco has denied any involvement, both Microsoft and the FBI are actively investigating the breach. This attack mirrors China’s consistent efforts to infiltrate networks globally, from Southeast Asia to Europe, in pursuit of intelligence on internet traffic patterns and individual behaviors. Experts like Glenn Grestel and Chris Krebs agree this is part of China’s broader cyber espionage agenda, posing an ongoing threat to U.S. national security.

AI Risks in Organizations

The host highlighted concerns about AI adoption in companies, especially with OpenAI transitioning from a nonprofit to a for-profit model, signaling a shift in the AI landscape. Meanwhile, Google’s AI assistant Gemini, integrated into Workspace, faces security risks from indirect prompt injections, which could enable phishing attacks or malicious AI model manipulation.

AI Tool Visibility and Risk Management

Jaime Blasco, co-founder and CTO of Nudge Security, joined the show to discuss the risks associated with AI adoption in organizations. He emphasized that most companies lack visibility into the AI tools used by their employees, which increases the risk of security vulnerabilities. Jaime recommended that organizations establish clear AI usage policies and deploy guardrails to manage these risks, as tools can quickly proliferate without proper oversight.

He recommended that organizations implement clear AI policies, establish guardrails, and leverage tools like Nudge to gain visibility into the AI tools employees are using. Without proper oversight, unauthorized AI use can introduce security vulnerabilities.

CISO Talk by James Azar is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

CISA Warns of ICS and OT Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about cyber attackers targeting internet-exposed industrial control systems (ICS) and operational technology (OT). These attackers are exploiting brute force attacks and default credentials, particularly in water and wastewater facilities. CISA urged companies to adopt better security practices, including changing default passwords and segmenting critical networks.

Ransomware: LockBit and Conti Variants in Dragon Force Attacks

A new cybercriminal group, DragonForce, is using modified versions of the LockBit and *Conti* ransomware variants to target manufacturing, real estate, and transportation sectors. These ransomware groups are decentralized, making it harder to prevent attacks, as various actors modify and reuse older ransomware tools for their campaigns.

Action Item for Cybersecurity Professionals

Cybersecurity and IT teams should immediately audit their networks for AI tools and develop a comprehensive AI usage policy. Ensure that all tools are inventoried, properly authorized, and monitored. Deploying visibility platforms like Nudge Security can help identify risks associated with unauthorized AI tools and protect the organization from AI-based security vulnerabilities.

These stories collectively highlight the escalating risks in both cyber espionage and the broader cybersecurity landscape, urging professionals to be proactive in securing their networks and monitoring emerging threats.

Thanks for reading CISO Talk by James Azar! This post is public so feel free to share it.

Share

✅ Story Links: 

https://www.wsj.com/politics/national-security/china-cyberattack-internet-providers-260bd835?mod=hp_lead_pos11

https://www.wsj.com/tech/ai/openai-chief-technology-officer-resigns-7a8b4639?mod=hp_lead_pos2

https://www.securityweek.com/openai-exec-mira-murati-says-shes-leaving-artificial-intelligence-company/

https://www.securityweek.com/ai-security-firm-shows-how-threat-actors-could-abuse-google-gemini-for-workspace/

https://www.bleepingcomputer.com/news/security/cisa-hackers-target-industrial-systems-using-unsophisticated-methods/

https://therecord.media/cybercriminals-target-transportation-logistics-companies-north-america-malware

https://www.darkreading.com/cyberattacks-data-breaches/crowdstrike-offers-mea-culpa-house-committee

https://therecord.media/lockbit-conti-dragonforce-ransomware-cybercrime

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Substack:

👉Listen here: https://linktr.ee/cyberhubpodcast   

Stay Connected With Us.

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.

Discussion about this podcast

CISO Talk by James Azar
CyberHub Podcast
Today’s top cybersecurity news and the latest from Practicing CISO James Azar, tune in to hear how practitioners read, view and work after hearing the latest headlines and how these stories help keep practitioners sharp and ready.