Now Playing
Icarus OAuth Attack, Council of Europe Breach & AryStinger Botnet
Audio is available on Spreaker — see link below.
Nine security firms breached via stolen OAuth tokens, ShinyHunters publishes 297GB of Council of Europe data after a missed ransom deadline, and the AryStinger botnet silently maps infrastructure through thousands of unpatched D-Link routers. Today's briefing connects all three to one structural blind spot defenders can't afford to ignore.
Audio is available on Spreaker — see link below.
Nine cybersecurity firms just got breached through a vendor they trusted. That's the sharpest signal from the past twenty-four hours, and it tells us something important about where the real exposure sits right now.
Connected to the same pressure point is a critical Oracle PeopleSoft vulnerability that's now been exploited across more than one hundred organizations. Oracle provided no advance warning.
ShinyHunters set a ransom deadline of June sixteenth. The Council of Europe didn't pay.
The third significant development is quieter but worth watching carefully. A botnet called AryStinger has compromised more than four thousand three hundred D-Link routers, most of them models that shipped between two thousand and thirteen and two thousand and fifteen.
The thread connecting all three incidents is the same. Attackers are exploiting the gap between trusted access and monitored access.
Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.