New Hak5 Video: Threatwire Episode on Cybersecurity Updates
This content is an AI-generated summary. If you encounter any misinformation or problematic content, please report it to cyb.hub@proton.me.
In this new video from the @hak5 channel, Alli Diamond presents an episode of Threatwire that covers several crucial topics in the field of cybersecurity. The video begins with an update on the MITRE CVE program, an essential system for identifying cybersecurity vulnerabilities. On April 15, 2025, an alarming letter was sent to the program's board of directors, announcing that the U.S. government's contract with MITRE, which maintained the program, would not be renewed. This news shook the cybersecurity community, as MITRE, although founded in the 1990s, has recently faced difficulties, including mass layoffs planned for June 2025.
However, a glimmer of hope emerged with the creation of the new CVE Foundation, a non-profit organization formed to take over the responsibilities of the CVE program. This foundation, although not formally affiliated with MITRE, is composed of members from the original program's board of directors. Kent Lanfield, a member of this new foundation, emphasized the crucial importance of the CVE program for the global cybersecurity community. In a last-minute twist, CISA decided to extend its funding of MITRE for a period of 11 months, thus ensuring the continuity of CVE services.
Despite this extension, MITRE still faces imminent layoffs, and the new CVE Foundation is preparing to take over. The video also addresses security concerns related to the company Doge, led by Elon Musk. A whistleblower, Dan Barulis, revealed worrying practices within the Doge team, including requests for root access to government cloud instances, unregistered accounts, disabled logs, and disabled security tools. These actions led to spikes in outgoing data traffic of over 10 gigabytes, indicating data exfiltration.
Additionally, IP addresses located in Russia attempted to connect to these newly created accounts, raising questions about the security and loyalty of the Doge team. These data exfiltrations resulted in an 8% increase in Azure billing costs for the government. Finally, the video mentions Donald Trump's revocation of security clearances for all Sentinel 1 employees, as part of his investigation into Chris Krebs, the former director of CISA. Krebs had been fired in November 2020 after disputing the idea that the 2020 elections were rigged.
After leaving CISA, Krebs joined Sentinel 1, which was acquired by the company in 2023. In response to Trump's executive order, Sentinel 1 stated that they would cooperate with any review of security clearances, but that it would not have a material impact on their activities. Krebs has since resigned from his position at Sentinel 1 to focus on combating the situation created by the Trump administration. The video concludes with a call for objectivity and respect for viewers, encouraging them to consider stories impartially and to recognize the objective issues presented in the news.