Federal agencies and Five Eyes partners list the past year’s most exploited vulnerabilities. U.S. authorities hand down indictments in the Snowflake customer breach. Patch Tuesday updates. Zoom discloses multiple vulnerabilities. A China-linked hacker group has compromised Tibetan media and university websites. A cyberattack on a Dutch company affects over 2,000 U.S. grocery stores. Sheboygan suffers a ransomware attack. The White House plans to support a controversial UN cybercrime treaty. On today’s CertByte segment, N2K’s Chris Hare is joined by Dan Neville to break down a question from the CompTIA® Security+ certification Practice Test.  Bitcoin Jesus faces $48 million in tax fraud charges.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment On CertByte, host Chris Hare, content developer and project management specialist at N2K, shares practice questions and a study tip to help you achieve the professional certifications you need to fast-track your career growth in IT, cyber security, or project management. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Dan Nevllie to break down a question targeting the CompTIA® Security+ (SY0-701) certification. Today’s question comes from N2K’s CompTIA® Security+ Practice Test. According to CompTIA®, Security+ is "the most widely adopted ISO/ANSI-accredited early career cybersecurity certification on the market." The exam is geared towards anyone who already holds a Network+ cert, and has two years of experience in a security or a systems admin role.To learn more about this and other related topics under this objective, please refer to the following resources: CompTIA Security+ Study Guide with over 500 Practice Test Questions (Sybex Study Guide), Chapter 17: Risk Management and Privacy and CompTIA Security+ Get Certified Get Ahead: SY0-701 Study Guide Chapter 11: Implementing Policies to Mitigate Risk. Have a question that you’d like to see covered? Email us at [email protected]. Please note: The questions and answers provided here and on our site are not actual current or prior questions and answers from these certification publishers or providers. Additional sources: www.comptia.org Selected Reading FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 (Bleeping Computer) Here’s the indictment against two men allegedly responsible for Snowflake customer breach (CyberScoop) Microsoft Patch Tuesday, November 2024 Edition (Krebs on Security) ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell (SecurityWeek) Zoom App Vulnerability Let Attackers Execute Remote Code (Cyber Security News) China-linked group hacked Tibetan media and university sites to distribute Cobalt Strike payload (The Record) Dutch company behind Hannaford, Stop & Shop says cyber issue affecting US network (The Record) City of Sheboygan hit by apparent ransomware attack (WPR) Biden Administration to Support UN Cyber Treaty Despite Concerns Over Misuse (Bloomberg) ‘Bitcoin Jesus’ Fights IRS Tax Evasion Case From Spanish Island (Bloomberg) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices