Cybersecurity Crisis Unfolds: Trump Cuts CVE Funding and Russians Hack DOGE

HostsProfessor CyberRiskCyber CowboyLive Cyber MapsBitdefender Threat Map https://threatmap.bitdefender.com/Live Cyber threat map - https://threatmap.checkpoint.com/Kaspersky Cyber Threat Map - https://cybermap.kaspersky.com/Talos Intelligence - ebc_spam Map - https://talosintelligence.com/ebc_spamThreatbutt Internet Hacking Attack Attribution Map - https://threatbutt.com/map/Radware Live Threat Map - https://livethreatmap.radware.com/Episode InformationTitle: Cybersecurity Crisis Unfolds: Trump Cuts CVE Funding and Russians Hack DOGEEpisode Number: 3x03OverviewIn this episode, we explore the latest developments in cybersecurity with a focus on two major stories. First, we discuss how the Trump administration's decision to cut funding for the Cybersecurity and Infrastructure Security Agency (CISA) Critical Vulnerability Export (CVE) program could negatively impact the industry. Second, we delve into the hacking of the Decentralized Autonomous Organization (DAO) of Dogecoin (DOGE), highlighting the potential implications for decentralized finance and cybersecurity as a whole.Guest InformationNo guests this episode**Top Story:****Title:** Trump Administration Cuts Funding to Critical Vulnerability Export Program (CVE)* The CVE program, managed by the National Institute of Standards and Technology (NIST), helps disseminate information about newly discovered vulnerabilities in software.* In October 2020, President Trump's administration proposed eliminating funding for the CVE program as part of a larger budget proposal.* Without CVE support, vendors and organizations could face longer response times when dealing with cybersecurity vulnerabilities.* The proposed cuts may impact the broader cybersecurity community by reducing the overall visibility into newly discovered vulnerabilities, making it more difficult to prioritize and address them effectively.**Title:** Russian Hackers Target Decentralized Autonomous Organization (DAO) of Dogecoin (DOGE)* The DOGE DAO was exploited for approximately $30 million worth of cryptocurrency in a flash loan attack carried out by a group of hackers, believed to be of Russian origin.* The attack took advantage of a vulnerability in the smart contracts used by the DAO.* Decentralized finance (DeFi) platforms and their users must remain cautious as they continue to grow and mature, recognizing that they still face many of the same risks as traditional financial systems.---**Title:** Microsoft Warns of Actively Exploited iOS Flaws Used in Targeted Attacks* Microsoft Defender ATP Threat Intelligence Team discovered two new, actively exploited vulnerabilities (CVE-2021-37973 and CVE-2021-37974) in Apple's iOS operating system.* Targeted attacks have been observed against high-profile individuals, including those in the technology industry and government officials.* Affected devices include iPhone 6s and later, iPad Pro (all models), iPad Air 2, and iPad Mini 4 and later.---**Title:** CISA Warns of Increased Malicious Use of Open-Source Software (OSS) Components* The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the increased use of open-source software (OSS) components in attacks.* Attackers often exploit known vulnerabilities in popular OSS components to gain unauthorized access to systems and networks.* In 2021, CISA observed a significant increase in malicious activity related to OSS components, including the use of vulnerabilities in popular packages like Log4j, Apache Struts, and OpenSSL.Thrive with us!Subscribe: Stay updated on cybersecurity threats.Leave a Review: Let us know what you think.Join the Conversation: Follow our community and ask questions.Sponsor (if applicable)No sponsors this episodePodcast Socials & WebsiteWebsite: https://www.youvealreadybeenhacked.comX: @ProfCyberRiskYouTube: https://www.youtube.com/@YABHPodcastDiscord/Community Forum: coming soon