This episode of Cyber Security Today is brought to you by CDW Canada Tech Talks. If you’re passionate about technology and innovation, this is the podcast for you.
Join host KJ Burke, as he and industry experts dive into the latest trends, insights, and strategies shaping the tech landscape in Canada. Visit cdw.ca/tech talks to tune in today. There’s a link in the show notes.
Microsoft Unveils New Cybersecurity Features at Ignite Conference, Survey Highlights Security Risks in Generative AI Use for Software Development and CrowdStrike Reveals LIMINAL PANDA, A New Chinese Cyber Threat to Telecoms
This is Cyber Security Today. I’m your host, Jim Love. Let’s get into it.
Microsoft Unveils New Cybersecurity Features at Ignite Conference
Microsoft is introducing a series of cybersecurity updates at its Ignite conference in Chicago, aiming to strengthen Windows security and improve device recovery capabilities. These enhancements are designed to reduce risks and prevent outages like the CrowdStrike incident in July.
Under the new Windows Resiliency Initiative, Microsoft is creating a recovery environment to help bricked Windows devices recover faster. Security vendors will now need to conduct more thorough compatibility testing to detect bugs before releasing updates. Additionally, Microsoft is developing tools for antivirus and security products to operate within user mode, reducing reliance on kernel access — the most sensitive layer of the Windows system.
Pavan Davuluri, Microsoft’s Corporate Vice President for Windows and Devices, emphasized that while some features stem from lessons learned after the CrowdStrike outage, much of this work began with the development of Windows 11.
Microsoft also announced broader security measures, including rolling out Security Exposure Management to monitor cyber threats, adding controls to Copilot to prevent data leaks, and improving secure password deployment in its Edge browser. The company is further extending its bug bounty program with Zero Day Quest, an in-person event offering $4 million in rewards for identifying vulnerabilities in its cloud and AI products.
These initiatives underscore Microsoft’s ongoing efforts to address cybersecurity challenges and enhance Windows reliability for businesses and users.
Sources include: Microsoft Ignite Announcements.
Survey Highlights Security Risks in Generative AI Use for Software Development
A new survey by Legit Security underscores the tension between innovation and risk as generative AI (GenAI) reshapes software development. Conducted by Regina Corso Consulting, the survey gathered insights from over 400 security professionals and software developers across industries in North America, including small startups and multinational organizations.
“As generative AI transforms software development and becomes increasingly embedded in the development lifecycle, there are some real security concerns among developers and security teams,” said Liav Caspi, Co-Founder and CTO at Legit Security. He added, “Our research found that teams are challenged with balancing the innovations of GenAI and the risks it introduces by exposing their applications and their software supply chain to new vulnerabilities.”
The survey reveals that 96% of respondents report their organizations use GenAI tools in development, and 79% say most or all of their teams rely on them. Despite its efficiency, 98% of respondents believe security teams need better visibility and control over how GenAI is used. Concerns include the risk of malicious or unknown code introduced through AI-powered code assistants, with 84% of security professionals identifying this as a significant issue.
A relatively small number of developers, only 8% think that AI will reduce their problem solving ability, although 98% predict a greater reliance on AI in the coming years.
Legit Security highlights the need for organizations to improve oversight and foster collaboration between development and security teams to safely integrate GenAI into their processes. Caspi notes, “While GenAI is undoubtedly the future of software development, organizations must be mindful of its new risks and ensure they have the appropriate visibility into and control over its use.”
There is a link to the report in the show notes. Registration is required.
Sources include: Legit Security, [Survey Report Link](https://info.legitsecurity.com/survey-report-use-and-security-of-genai-in-software-development)
CrowdStrike Reveals LIMINAL PANDA, A New Chinese Cyber Threat to Telecoms
CrowdStrike has identified a China-linked cyber adversary, LIMINAL PANDA, which has been targeting the telecommunications sector for a number of years but that is only now fully appreciated for the threat they may present. Adam Meyers, Senior Vice President of Counter Adversary Operations, unveiled the group during testimony before the U.S. Senate Judiciary Subcommittee on Privacy, Technology, and the Law.
Active since at least 2020, LIMINAL PANDA uses custom tools to exploit telecom networks, including protocols like the Global System for Mobile Communications (GSM) to steal subscriber data and enable command and control (C2). The group has also leveraged compromised telecom servers to infiltrate other providers across regions, demonstrating advanced knowledge of industry interconnectivity. According to Meyers, their activities align closely with intelligence collection objectives, posing a significant risk to telecoms globally.
CrowdStrike’s research indicates LIMINAL PANDA targets infrastructure linked to China’s Belt and Road Initiative, a way to connect with European and North American telecom providers. LIMINAL PANDA employs tools and infrastructure often associated with other China-based groups. Notable tactics include the use of proxy tools like Fast Reverse Proxy and backdoors like TinyShell, alongside sophisticated malware tailored to telecom systems.
CrowdStrike recommends measures such as implementing advanced endpoint detection and response (EDR) solutions, securing Secure Shell (SSH) authentication with robust methods, and closely monitoring network access logs to counter threats from LIMINAL PANDA and similar actors. These proactive steps are critical for protecting telecom infrastructure and sensitive subscriber data.
Sources include: CrowdStrike [Full Report](https://www.crowdstrike.com/blog)
U.S. Drinking Water Systems Face Critical Cybersecurity Gaps
A new report from the Environmental Protection Agency’s Office of Inspector General (EPA OIG) reveals significant cybersecurity vulnerabilities in the United States’ drinking water systems. The findings highlight weaknesses that could jeopardize the safety of water supplies for over 100 million Americans.
The report assessed 1,062 drinking water systems and found that nearly 30%, or 308 systems, have notable cybersecurity shortcomings. Among them, 97 systems serving 26.6 million people were classified as having critical or high-risk issues. Additionally, 211 systems were found with medium or low-risk vulnerabilities, including exposed digital portals, potentially exploitable by attackers.
Assistant Inspector General Adam Seefeldt emphasized the risks, stating that even low-risk vulnerabilities could be exploited to disrupt physical infrastructure or operations. Alarmingly, the study only included systems serving populations of 50,000 or more, leaving smaller systems unassessed. The report also criticized the EPA for lacking its own incident reporting system and relying on the Department of Homeland Security to identify cybersecurity issues.
The EPA has acknowledged the findings and agrees that robust cybersecurity measures are essential to protect public health. However, efforts to improve security have been hampered by legal challenges, including a lawsuit that blocked new cybersecurity evaluation rules last year. While the EPA is working to establish a Water Sector Cybersecurity Task Force, its current progress remains unclear.
The report underscores the urgency of securing critical infrastructure against cyber threats, especially as outdated systems become increasingly exposed to modern IT risks.
Sources include: EPA OIG Report.
And that’s our show for today.
Thanks to our sponsor, CDW and KJ Burke’s CDW Canada Tech Talks. Check it out if you get the chance. You can find it like us on Spotify, Apple or wherever you get your podcasts.
Reach me at editorial@technewsday.ca
I’m your host Jim Love, thanks for listening.