CyberWire Podcast: PHP flaw sparks global attack wave

Sharing his take “the cavalry isn’t coming—why the private sector must take the lead in critical infrastructure cybersecurity,” Errol Weiss, Chief Security Officer at Health-ISAC, speaks with Dave Bittner.
CyberWire podcast powered by N2K. Listen Here
PHP exploits are active in the wild. Security researchers discover undocumented commands in a popular Wi-Fi and Bluetooth-enabled microcontroller. The ONCD could gain influence in this second Trump administration. The Akira ransomware gang leverages an unsecured webcam. Mission, Texas declares a state of emergency following a cyberattack. The FBI and Secret Service confirm crypto-heists are linked to the 2022 LastPass breach. A popular home appliance manufacturer suffers a cyberattack. Switzerland updates reporting requirements for critical infrastructure operators.
Pulled quotes:
“Information Sharing and Analysis Centers (ISACs) were formed in 1998 to encourage each critical infrastructure sector to share and collaborate around new threats. Those who engage within an ISAC understand the benefit of information sharing to not just better protect their organization but also to better understand the technologies and vulnerabilities and to learn and grow from a professional development standpoint.”
“Health-ISAC is not an extension of the US Government. Most ISACs are non-profit and entirely funded by member-fee revenue. We are not impacted by the current budget cuts and are still providing services to our Members. Business as usual.”
- Related Resources & News
- New Cybersecurity Policies Could Protect Patient Health Data
- Health-ISAC Hacking Healthcare 3-14-2025
- HSCC Aiming to Identify Healthcare Workflow Chokepoints
- New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
- Are Efforts to Help Secure Rural Hospitals Doing Any Good?
- CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
- 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
- Cobalt Strike takedown effort cuts cracked versions by 80%
- Denise Anderson recognized on Cyber25 Women of Impact list
- The ISAC Advantage for Collective Threat Intelligence