A snapshot of security woes.

Microsoft's recall raises red flags. SolarWinds fixes flaws unearthed by NATO. Ukraine's CERT sounds alarm. Russian hacktivists cause trouble in EU elections. DEVCORE uncovers critical code execution flaw. LastPass leaves users locked out. Apple commits to five years of iPhone security. An AI mail fail. Inside the FCC's plan to strengthen BGP protocol. Dave sits down with our guest Camille Stewart Gloster, Former Deputy National Cyber Director at the White House, as she shares a retrospective of her public service career. And let’s all Cheers to cybersecurity.
Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
Guest Camille Stewart Gloster, Former Deputy National Cyber Director at the White House, shares a retrospective of her public service career. Camille’s full conversation with Dave can be found on our weekly cybersecurity law, policy and privacy podcast, Caveat. You can listen to it here. 

Selected Reading
Microsoft’s Recall Feature Is Even More Hackable Than You Thought (WIRED)
Microsoft Research scientist gives non-answer when asked about Windows Recall privacy concerns (TechSpot) 
TotalRecall: A New Tool that Extracts Data From Windows 11 Recall Feature (Cyber Security News)
Exclusive: Senators express "serious concern" with Pentagon's Microsoft plan (Axios)
SolarWinds Patches High-Severity Vulnerability Reported by NATO Pentester (SecurityWeek) 
UAC-0020 used SPECTR Malware to target Ukraine defense forces (Security Affairs) 
Russian hacktivists vow mass attacks against EU elections (The Register)
Ransomware Actor Exploited CoinMiner Attacker's Proxy Server (Cyber Security News)
Critical PHP Remote Code Execution Flaw let Attackers Inject Malicious Scripts (Cyber Security News)
Users furious after LastPass down for hours (Cybernews)
Apple Says iPhones Will Get Security Updates for at Least 5 Years (SecurityWeek) 
EmailGPT Exposed to Prompt Injection Attacks (Infosecurity Magazine)
FCC Proposes BGP Security Reporting for Broadband Providers (SecurityWeek)
Unpacking the SEC 10-K cyber disclosures (PwC) 
Apple set to launch Passwords app, taking on LastPass and 1Password (TechSpot)
Wineloader Mimic As Ambassador Of India To Start The Infection Chain (Cyber Security News) 

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices