CyberWire Daily

CyberWire Daily

By N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Episodes

FBI untangles the web that is Scattered Spider.

The FBI untangles Scattered Spider. The RansomHub group puts a deadline on Christie’s. Prescription services warn customers of data breaches. Personal data from public sector workers in India is leaked online. Check Point says check your VPNs. The Internet Archive suffers DDoS attacks. A Minesweeper clone installs malicious scripts. N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guest Carrie Hernandez Marshall, CEO and Co-Founder from Rebel Space Technologies, about the need to extend cybersecurity into space. If you can’t beat ‘em, troll ‘em.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guest Carrie Hernandez Marshall, CEO and Co-Founder from Rebel Space Technologies, about the need to extend cybersecurity into space. Selected Reading Potent youth cybercrime ring made up of 1,000 people, FBI official says (CyberScoop) Christie’s given Friday ransom deadline after threat group claims responsibility for cyber attack (ITPro) Data Stolen From MediSecure for Sale on Dark Web (SecurityWeek) 2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx (SecurityWeek) Data leak exposes personal data of Indian military and police (CSO Online) Check Point warns of threat actors targeting its VPNs (TechMonitor) Internet Archive Hit With DDoS Attack (PCMag) Hackers phish finance orgs using trojanized Minesweeper clone (bleepingcomputer) Cops Are Just Trolling Cybercriminals Now (WIRED) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
28/05/2439m 14s

Memorial Day special.

Rick Howard, N2K CyberWire’s Chief Analyst, CSO, and Senior Fellow, commemorates Memorial Day. References: Abraham Lincoln, 1863. The Gettysburg Address [Speech]. Abraham Lincoln Online. Amanda Onion, Original 2009, Updated 2023. Memorial Day 2022: Facts, Meaning & Traditions [Essay]. HISTORY. Brent Hugh, 2021. A Brief History of “John Brown’s Body” [Essay]. Digital History. Bob Zeller, 2022. How Many Died in the American Civil War? [Essay]. HISTORY. General George Marshall, 2014. President Lincoln’s Letter to Mrs Bixby [Movie Clip - Saving Private Ryan]. YouTube. JOHN LOGAN, 1868. Logan’s Order Mandating Memorial Day [Order]. John A. Logan College. John Williams, Chicago Symphony Orchestra, 2012. The People’s House: Lincoln (Original Motion Picture Soundtrack) [Song]. Apple Music. John Williams, Chicago Symphony Orchestra, 2012. The Blue and the Grey: Lincoln (Original Motion Picture Soundtrack) [Song]. Apple Music - Web Playe. Livia Albeck-Ripka, 2023. A Brief History of Memorial Day [Essay]. The New York Times. Paul Robeson, 2021. John Brown’s Body [Song]. YouTube. Robert Rodat (Writer), Steven Spielberg (Director), Harve Presnell (Actor), 1998. Saving Private Ryan [Movie]. IMDb. Staff, 2020. A Brief Biography of General John A. Logan [Biography]. John A. Logan College. Staff, 2024. Civil War Timeline [WWW Document], American Battlefield Trust. Thomas Jefferson, 1776. Declaration of Independence: [Transcription]. National Archives. Winston Churchil, 1940. Never was so much owed by so many to so few - Winston Churchill Speeches [Speech]. YouTube.
27/05/2419m 54s

Encore: Richard Torres: Getting that level of experience is going to be crucial. [Security Operations] [Career Notes]

Director of security operations at Syntax Richard Torres talks about his path leading him working in juvenile justice to becoming a private investigator to physical security at a nuclear power plant to cybersecurity presently. Always a fan of police shows, Richard became a member of the Air Force Junior ROTC in high school and began his path there. Richard shares the challenges of working in several facets of the security industry including his transition from SWAT team member to cybersecurity. He notes the role that diplomacy plays when you're trying to get honesty and be steered in the right direction. Our thanks to Richard for sharing his story with us.
26/05/248m 14s

International effort dismantles LockBit. [Research Saturday]

Jon DiMaggio, a Chief Security Strategist at Analyst1, is sharing his work on "Ransomware Diaries Volume 5: Unmasking LockBit." On February 19, 2024, the National Crime Agency (NCA), a UK sovereign law enforcement agency, in collaboration with the FBI, Europol, and nine other countries under "Operation Cronos," disrupted the LockBit ransomware gang’s data leak site used for shaming, extorting, and leaking victim data. The NCA greeted visitors to LockBit’s dark web leak site with a seizure banner, revealing they had been controlling LockBit’s infrastructure for some time, collecting information, acquiring victim decryption keys, and even compromising the new ransomware payload intended for LockBit 4.0. The research can be found here: Ransomware Diaries Volume 5: Unmasking LockBit
25/05/2430m 59s

Cybercriminals target London drugs.

LockBit drops 300 gigabytes of data from London Drugs. Video software used in courtrooms worldwide contains a backdoor. Google patches another Chrome zero-day. The EU seeks collaboration between research universities and intelligence agencies. Atlas Lion targets retailers with gift card scams. Researchers explore an Apple reappearing photo bug. Hackers access a Japanese solar power grid. Congress floats a bill to enhance cyber workforce diversity. Ben Yelin joins us with a groundbreaking legal case involving AI generated CSAM. Whistling past the expired domain graveyard.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin, co host of our Caveat podcast and Program Director for Public Policy & External Affairs at the University of Maryland Center for Health and Homeland Security, discusses "FBI Arrests Man For Generating AI Child Sexual Abuse Imagery." Selected Reading Hackers release corporate data stolen from London Drugs, company says (The Star) Crooks plant backdoor in software used by courtrooms around the world (Ars Technica) Google fixes eighth actively exploited Chrome zero-day this year (Bleeping Computer) EU wants universities to work with intelligence agencies to protect their research (The Record) US retailers under attack by gift card-thieving cyber gang (Help Net Security) Apple wasn’t storing deleted iOS photos in iCloud after all (Bleeping Computer) Hijack of monitoring devices highlights cyber threat to solar power infrastructure (CSO Online) New Diverse Cybersecurity Workforce bill to promote inclusivity, provide CISA with millions for outreach (Industrial Cyber) When privacy expires: how I got access to tons of sensitive citizen data after buying cheap domains (INTI) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
24/05/2429m 49s

Checkmate at check in.

Spyware is discovered on U.S. hotel check in systems. A Microsoft outage affects multiple services. Bitdefender uncovers Unfading Sea Haze. University of Maryland researchers find flaws in Apple’s Wi-Fi positioning system. Scotland’s NRS reveals a sensitive data leak. Rapid7 tracks the rise in zero-day exploits and mass compromise events. The SEC hits the operator of the New York Stock Exchange with a ten million dollar fine. Operation Diplomatic Specter targets political entities in the Middle East, Africa, and Asia. The FCC considers AI disclosure rules for political ads. N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guests Brianna Bace and Unal Tatar PhD sharing their work on Legal Perspectives on Cyberattacks Targeting Space Systems. Tone-blasting underwater data centers.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guests Brianna Bace and Unal Tatar PhD sharing their work on their paper: Law in Orbit: International Legal Perspectives on Cyberattacks Targeting Space Systems. You can learn more about their work in this post. Check out T-Minus Space Daily for your daily space intelligence.  Selected Reading Spyware found on US hotel check-in computers ( TechCrunch) Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search (Bleeping Computer) Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea (Bitdefender)  Apple’s Wi-Fi Positioning Can Be System Abused To Track Users (GB Hackers)  National Records of Scotland Data Breached in NHS Cyber-Attack (Infosecurity Magazine) Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report (SecurityWeek) NYSE Operator Intercontinental Exchange Gets $10M SEC Fine Over 2021 Hack (SecurityWeek) Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia (Palo Alto Networks Unit 42 Intel) FCC chair proposes requirement for political ads to disclose when AI content is used (The Record) Acoustic attacks could be a serious threat to the future of underwater data centers (TechSpot) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
23/05/2439m 42s

Privacy nightmare or useful tool?

Some say Microsoft’s Recall should be. A breach of a Texas healthcare provided affects over four hundred thousand. Police in the Philippines shut down services following a breach. Ivanti patches multiple products. GitHub fixes a critical authentication bypass vulnerability. Researchers discover critical vulnerabilities in Honeywell’s ControlEdge Unit Operations Controller. The DoD releases their Cybersecurity Reciprocity Playbook. Hackers leak a database with millions of Americans’ criminal records. Mastercard speeds fraud detection with AI. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey, diving into Domain 5: Identity and Access Management. Remembering a computing visionary.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Joe and Sam dive into Domain 5: Identity and Access Management (IAM) and tackle a question together about biometric configuration. Try the question yourself before listening to the discussion! You are configuring a biometric hand scanner to secure your data center. Which of the following practices is BEST to follow? Decrease the reader sensitivity Increase the FAR Decrease the FRR Increase the reader sensitivity Selected Reading UK watchdog looking into Microsoft AI taking screenshots (BBC) How the new Microsoft Recall feature fundamentally undermines Windows security (DoublePulsar) CentroMed Confirms Data Breach Affecting an Estimated 400k | Console and Associates, P.C. (JDSupra) PNP suspends online services amid data breach probe (Philippine News Agency) Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager (SecurityWeek) Critical SAML Auth Bypass Vulnerability Found in GitHub Enterprise Server (Heimdal Security) Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution (SecurityWeek) DoD CIO debuts cybersecurity reciprocity playbook to streamline system authorizations, boost cybersecurity efficiency (Industrial Cyber) Criminal record database of millions of Americans dumped online (Malwarebytes) Mastercard Doubles Speed of Fraud Detection with Generative AI (Infosecurity Magazine) Gordon Bell, Legendary Designer of Computers, Dies at 89 (Gizmodo)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
22/05/2431m 48s

The secrets of a dark web drug lord.

The alleged operator of Incognito Market is collared at JFK. The UK plans new ransomware reporting regulations. Time to update your JavaScript PDF library. CISA adds a healthcare interface engine to its Known Exploited Vulnerabilities (KEV) catalog. HHS launches a fifty million dollar program to help secure hospitals. A Fluent Bit vulnerability impacts major cloud platforms. The EPA issues a cybersecurity alert for drinking water systems. BiBi Wiper grows more aggressive. Siren is a new threat intelligence platform for open source software. On our Industry Voices segment, guest Amit Sinha, CEO of DigiCert, joins N2K’s Rick Howard to discuss “Innovation: balancing the good with the bad.” And is it just me, or does that AI assistant sound awfully familiar? Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, guest Amit Sinha, CEO of DigiCert, joins N2K’s Rick Howard to discuss “Innovation: balancing the good with the bad.” Rick caught up with Amit at the recent RSA Conference in San Francisco.  Selected Reading “Incognito Market” Owner Arrested for Operating One of the Largest Illegal Narcotics Marketplaces on the Internet (United States Department of Justice) Exclusive: UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments (The Record) CVE-2024-4367 in PDF.js Allows JavaScript Execution, Potentially Affecting Millions of Websites: Update Now (SOCRadar) CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw (SecurityWeek) Fluent Bit flaw discovered that impacts every major cloud provider (Tech Monitor) EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems (SecurityWeek) New BiBi Wiper version also destroys the disk partition table (Bleeping Computer) Enhancing Open Source Security: Introducing Siren by OpenSSF (OpenSSF) HHS offering $50 million for proposals to improve hospital cybersecurity (The Record) Scarlett Johansson Said No, but OpenAI’s Virtual Assistant Sounds Just Like Her (The New York Times) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
21/05/2439m 31s

Double key encryption debate.

Germany’s BSI sues Microsoft for more information on recent security incidents. Julian Assange can appeal his U.S. extradition. AI chatbots may have itchy trigger fingers. CISA warns of vulnerabilities affecting Google Chrome and D-Link routers. Ham Radio’s association suffers a data breach. New underground marketplaces pop up to replace BreachForums. An updated banking trojan targets users in Central and South America. Cybercom’s founders share its origin story.  Examining gender bias in open source software contributors. For our Industry Voices segment, guest Chris Pierson, CEO at BlackCloak, met up with N2K’s Brandon Karpf at the 2024 RSA Conference to discuss personal cybersecurity risks for executives. College students unlock free laundering — no money required.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, guest Chris Pierson, CEO at BlackCloak, met up with N2K’s Brandon Karpf at the 2024 RSA Conference. Chris and Brandon discussed personal cybersecurity risks for executives. Selected Reading BSI sues Microsoft for disclosure of information on security disaster (Ground News) Assange Can Appeal U.S. Extradition, English Court Rules (The New York Times) ChatGPT likes to fight. For military AI researchers, that’s a problem (Tech Brew) CISA warns of hackers exploiting Chrome, EoL D-Link bugs (Bleeping Computer) American Radio Relay League Hit by Cyberattack (SecurityWeek) FBI seizes BreachForums infrastructure — but successor sites are already popping up (ITPro) Grandoreiro Banking Trojan is Back With Major Updates (Infosecurity Magazine) (PDF) Gender bias in open source: Pull request acceptance of women versus men (ResearchGate) The inside story of Cyber Command’s creation (CSO Online) Two Santa Cruz students uncover security bug that could let millions do their laundry for free (TechCrunch)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
20/05/2445m 19s

Encore: Monica Ruiz: Moving ahead when not many look like you. [Policy] [Career Notes]

Cyber Initiative and Special Projects Fellow at the Hewlett Foundation Monica Ruiz shares her career development from aspirations of being a weather woman to her current role as a grantmaker and connector in cybersecurity. Monica discusses how her international study experience changed her outlook and brought her to the field of security. She shares the difficulties she faced as a woman of color when when not that many people look like you, and how she used that as her reason to move forward and better the cybersecurity field through her work. Our thanks to Monica for sharing her story with us.
19/05/247m 41s

From secret images to encryption keys. [Research Saturday]

This week, we are joined by Hosein Yavarzadeh from the University of California San Diego, as he is discussing his work on "Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor" This paper introduces new methods that let attackers read from and write to specific parts of high-performance CPUs, such as the path history register (PHR) and prediction history tables (PHTs). These methods allow two main types of attacks. One can reveal a program's control flow history, as shown by recovering a secret image through the libjpeg routines. The other enables detailed transient attacks, demonstrated by extracting an AES encryption key, highlighting significant security risks for these systems. The research can be found here: Graph: Growing number of threats leveraging Microsoft API
18/05/2422m 14s

10 years on: The 10th anniversary of the first indictment of Chinese PLA actors. [Special Edition]

On this Special Edition podcast, Dave Bittner speaks with guest Dave Hickton, Founding Director, Institute for Cyber Law, Policy, and Security at the University of Pittsburgh, and former US Attorney, on this 10th Anniversary of the first indictment of Chinese PLA actors. Hear directly from Mr. Hickton what lead to the indictment, the emotions that went along with this unprecedented action, and the legacy of the event. On May 19, 2014, a grand jury in the Western District of Pennsylvania (WDPA) indicted five Chinese military hackers for computer hacking, economic espionage and other offenses directed at six American victims in the U.S. nuclear power, metals and solar products industries.  The indictment alleges that the defendants conspired to hack into American entities, to maintain unauthorized access to their computers and to steal information from those entities that would be useful to their competitors in China, including state-owned enterprises (SOEs). In some cases, it alleges, the conspirators stole trade secrets that would have been particularly beneficial to Chinese companies at the time they were stolen. In other cases, it alleges, the conspirators also stole sensitive, internal communications that would provide a competitor, or an adversary in litigation, with insight into the strategy and vulnerabilities of the American entity. US Attorney Dave Hickton represented the Western District of Pennsylvania and was the signatory on the indictment. His team worked with the FBI Cyber Team in Pittsburgh, PA to bring about this historic action. Resources: Press Release: U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage Indictment
18/05/2444m 33s

MediSecure data breach hits Aussie healthcare.

Australia warns of a large-scale ransomware data breach. The justice department charges five with helping North Korean IT workers evade sanctions. The FCC wants to beef up BGP. Antidot is a new Android banking trojan. The SEC enhances disclosure obligations. Researchers uncover vulnerabilities in GE ultrasound devices. A Baltimore neo-nazi pleads guilty to conspiring to take down an electrical grid. On our Solution Spotlight: N2K’s Simone Petrella speaks with Alicja Cade, Director in Google Cloud's Office of the CISO, about the CISO role, board communication, and cyber workforce development. “Tanks” for the warm water, but you can keep the vulnerabilities. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight: N2K’s Simone Petrella speaks with Alicja Cade, Director in Google Cloud's Office of the CISO, about the CISO role, board communication, and cyber workforce development. Simone and Alicja spoke at the 2024 RSA Conference.  Selected Reading Australian government warns of 'large-scale ransomware data breach' (The Record) US exposes scheme enabling North Korean IT workers to bypass sanctions (Help Net Security) FCC proposes BGP security measures (Network World) BGP: What is border gateway protocol, and how does it work? (Network World) New 'Antidot' Android Trojan Allows Cybercriminals to Hack Devices, Steal Data (SecurityWeek) SEC beefs up data privacy rules (Investment Executive) GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft (DarkReading) Baltimore County woman pleads guilty to conspiring with neo-Nazi leader to attack energy grid (The Baltimore banner) How I upgraded my water heater and discovered how bad smart home security can be (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
17/05/2434m 21s

FBI strikes against a cybercrime syndicate.

The FBI seizes BreachForums. NCSC rolls out a 'Share and Defend' initiative. ESports gaming gets a level up in their security. The spammer becomes the scammer. Bitdefender is sounding the alarm. The city of Wichita gets a wake-up call. In our Threat Vector segment, host David Moulton discusses the challenges and opportunities of AI adoption with guest Mike Spisak, the Managing Director of Proactive Security at Unit 42. And no one likes a cyber budgeting blunder. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In our Threat Vector segment, David Moulton, Director of Thought Leadership at Unit 42, discusses the challenges and opportunities of AI adoption with guest Mike Spisak, Managing Director of Proactive Security at Unit 42. They emphasize the importance of early security involvement in the AI development lifecycle and the crucial role of inventorying AI usage to tailor protection measures. You can listen to the full episode here.  Selected Reading FBI seize BreachForums hacking forum used to leak stolen data (Bleeping Computer)  New UK system will see ISPs benefit from same protections as government networks (The Record) Riot Games, Cisco to Connect and Protect League of Legends Esports Through Expanded Global Partnership (Cisco)  To the Moon and back(doors): Lunar landing in diplomatic missions (WeLiveSecurity) New Black Basta Social Engineering Scheme (ReliaQuest) IoT Cameras Exposed by Chainable Exploits, Millions Affected (HackRead) Kimsuky APT Using Newly Discovered Gomir Linux Backdoor (Decipher) Law enforcement data stolen in Wichita ransomware attack (The Record)  Nigeria Halts Cybersecurity Tax After Public Outrage (Dark Reading)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
16/05/2430m 56s

A bipartisan blueprint for American leadership.

U.S. Senators look to enhance American leadership in AI. Federal Agencies Warn of Rising Cyberattacks on Civil Society. The Pentagon says they’re satisfied with Microsoft’s post-breach security pivots. Patch Tuesday updates. A Mississippi health system alerts users of a post-ransomware data breach. The FTC cautions automakers over data collection. CISOs feel pressure to understate cyber risks. On the Learning Layer, Sam and Joe continue their certification journey. Guest Sarah Powazek of UC Berkeley's Center for Long-Term Cybersecurity (CLTC) speaks with N2K’s Brandon Karpf about cyber civil defense clinics. A crypto mixing service developer finds himself behind bars. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Sarah Powazek of UC Berkeley's Center for Long-Term Cybersecurity (CLTC) speaks with N2K’s Brandon Karpf at 2024 RSA Conference about cyber civil defense clinics and the CLTC. Learn about their upcoming Cyber Civil Defense Summit being held at the International Spy Museum in Washington DC next month.  Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe discuss how to use the midterm exam and Test Day Strategy video.  Selected Reading Senators Propose $32 Billion in Annual A.I. Spending but Defer Regulation (The New York Times) Civil society under increasing threats from 'malicious' state cyber actors, US warns (The Record) Post-data breach, DOD held 'very candid discussions' with Microsoft (DefenseScoop) Microsoft issues patches for over 60 software vulnerabilities (Tech Monitor) Adobe releases May 2024 fixes for critical issues in Reader, Acrobat, Illustrator and other products (BeyondMachines.net) CISA issues ICS advisories on hardware vulnerabilities from Rockwell, SUBNET, Johnson Controls, Mitsubishi Electric (Industrial Cyber) 900k Impacted by Data Breach at Mississippi Healthcare Provider (SecurityWeek) FTC fires 'shot across the bow' at automakers over connected-car data privacy (The Record) Security leaders report pressure from boards to downplay cyber risks (​​ITPro) Tornado Cash Developer Jailed for Laundering Billions of Dollars (GB Hackers) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
15/05/2442m 19s

Google strikes back.

Google patches another Chrome zero-day. UK insurance agencies and the NCSC team up to reduce ransom payments. The FCC designates a robocall scam group. Vermont passes strong data privacy laws. A malicious Python package targets macOS users. ESET unpacks Ebury malware. Don’t answer Jenny’s email. Guest is author Barbara McQuade discussing her book "Attack from Within: How Disinformation is Sabotaging America.”  The White House says, “Keep your crypto mining away from our missile silos!”  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Barbara McQuade joins us to discuss her book "Attack from Within: How Disinformation is Sabotaging America" with Caveat co host Ben Yelin. You can hear Barbara and Ben’s full conversation on last week’s episode of Caveat here. You can catch Caveat on your favorite podcast app each Thursday where hosts Dave and Ben examine the latest in surveillance, digital privacy, cybersecurity law and policy.  Selected Reading Google Patches Second Chrome Zero-Day in One Week (SecurityWeek) UK Insurance and NCSC Join Forces to Fight Ransomware Payments (Infosecurity Magazine) FCC Warns of 'Royal Tiger' Robocall Scammers (SecurityWeek) Vermont passes data privacy law allowing consumers to sue companies (The Record) PyPi package backdoors Macs using the Sliver pen-testing suite (Bleeping Computer) Apple backports fix for RTKit iOS zero-day to older iPhones (Bleeping Computer) Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain (WeLiveSecurity) Security Experts Issue Jenny Green Email Warning For Millions (Forbes) US government shuts down Chinese-owned cryptomine near nuclear missile base in Wyoming (Data Centre Dynamics) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
14/05/2434m 26s

A battle for digital sovereignty.

IntelBroker claims to have breached a Europol online platform. The U.S. and China are set to discuss AI security. U.S. agencies warn against BlackBasta ransomware operators. A claimed Russian group attacks British local newspapers. Cinterion cellular modems are vulnerable to malicious SMS attacks. A UK IT contractor allegedly failed to report a major data breach for months. Generative AI is a double edged sword for CISOs. Reality Defender wins the RSA Conference's Innovation Sandbox competition. Our guest is Chris Betz, CISO of AWS, discussing how to build a strong culture of security. Solar storms delay the planting of corn.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Chris Betz, CISO of AWS, discussing how to build a strong culture of security. In his blog, Chris writes about how AWS’s security culture starts at the top, and it extends through every part of the organization.  Selected Reading Europol confirms web portal breach, says no operational data stolen (Bleeping Computer) US and China to Hold Discussions on AI Risks and Security (BankInfo Security) CISA, FBI, HHS, MS-ISAC warn critical infrastructure sector of Black Basta hacker group; provide mitigations (Industrial Cyber) 'Russian' hackers deface potentially hundreds of local British news sites (The Record) Cinterion IoT Cellular Modules Vulnerable to SMS Compromise (GovInfo Security) MoD hack: IT contractor concealed major hack for months (Computing) AI's rapid growth puts pressure on CISOs to adapt to new security risks (Help Net Security) Reality Defender Wins RSAC Innovation Sandbox Competition (Dark Reading) Solar Storms are disrupting farmer GPS systems during critical planting time (The Verge)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
13/05/2434m 16s

Encore: Brandon Robinson: Built from the ground up. [Sales Engineer] [Career Notes]

Cybersecurity Sales Engineer Brandon Robinson shares how he built his career in technology and the barriers he experienced along the way. He talks about how his job involves him interacting with customers at the highest levels making sure their solution is meeting needs. In addition, Brandon describes how as a black man and a trailblazer, he's been met with resistance. His positive spin on moving ahead involves relying on himself. Brandon's advice: find your passion, don't be intimidated and you will be met with success. Our thanks to Brandon for sharing his story with us.
12/05/247m 0s

The double-edged sword of cyber espionage. [Research Saturday]

Dick O'Brien from Symantec Threat Hunter team is discussing their research on “Graph: Growing number of threats leveraging Microsoft API.” The team observed an increasing number of threats that have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services. The research states "the technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes." The research can be found here: Graph: Growing number of threats leveraging Microsoft API
11/05/2420m 19s

Treasury's offensive in financial defense.

Project Fortress looks to protect the US financial system. News from San Francisco as RSA Conference winds down. Dell warns customers of compromised data. Google updates Chrome after a zero day is exploited in the wild. Colleges in Quebec are disrupted by a cyberattack. CopyCop uses generative AI for misinformation. The FBI looks to snag members of Scattered Spider. Betsy Carmelite, Principal at Booz Allen, shares our final Woman on the Street today from the 2024 RSA Conference. Guest Deepen Desai, Chief Security Officer at Zscaler, joins us to offer some highlights on their AI security report. A solar storm’s a-comin’. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Betsy Carmelite, Principal at Booz Allen, shares our final Woman on the Street today. N2K’s Brandon Karpf caught up with Betsy to share insights from the 2024 RSA Conference.  Guest Deepen Desai, Chief Security Officer at Zscaler, joins us to offer some highlights on their AI security report. Selected Reading Treasury launches ‘Project Fortress,’ an alliance with banks against hackers (CNN Business) Cyberthreat landscape permanently altered by Chinese operations, US officials say (The Record) White House to Push Cybersecurity Standards on Hospitals (Bloomberg) Dell warns of “incident” that may have leaked customers’ personal info (Ars Technica) Google fixes fifth Chrome zero-day exploited in attacks this year (Bleeping Computer) Cyberattack shuts down 4 Quebec CEGEPs, cancelling classes and exams (CBC News) AI-Powered Russian Network Pushes Fake Political News (Infosecurity Magazine) University System of Georgia: 800K exposed in 2023 MOVEit attack (Bleeping Computer) FBI working towards nabbing Scattered Spider hackers, official says (Reuters) Severe solar storm threatens power grids and navigation systems (Financial Post) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
10/05/2446m 6s

Healthcare in the crosshairs.

Ascension healthcare shuts down systems following a cybersecurity event. Updates from RSA Conference. The FDA recalls an insulin pump app. Polish officials blame Russia for recent cyber attacks. IntelBroker claims to have compromised a pair of UK banks. New Mexico’s top cop accuses Meta of failing to protect kids. British Columbia reports "sophisticated cybersecurity incidents" on government networks. Researchers uncover a vulnerability in UPS software affecting critical infrastructure. Zscaler investigates a claimed data breach. On the Learning Layer, host Sam Meisenberg and N2K’s Urban Alliance Intern, David Nguyen, discuss David's AZ-900 exam experience. The Library of Congress stands strong. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Caleb Barlow, CEO at Cyberbit, is our Man on the Street today. N2K’s Brandon Karpf caught up with Caleb to talk about the 2024 RSA Conference.  Learning Layer On our bonus Learning Layer segment, host Sam Meisenberg and N2K’s Urban Alliance Intern, David Nguyen, discuss David's AZ-900 exam experience, including some remote proctoring issues. David gives tips and strategies for those gearing up for their own exam.  Selected Reading Ascension healthcare takes systems offline after cyberattack (Bleeping Computer) With nation-state threats in mind, nearly 70 software firms agree to Secure by Design pledge (The Record) CISA starts CVE "vulnrichment" program (Help Net Security) Cyber director sees potential for a new era in White House office (The Record) FDA recalls defective iOS app that injured over 200 insulin pump users (The Verge) Poland says it was targeted by Russian military intelligence hackers (The Record) IntelBroker Hacker Leaks Alleged HSBC & Barclays Bank Data (Hack Read) Undercover operation nets arrests as New Mexico's top prosecutor blames Meta for online predators (AP News) B.C. government hit by ’sophisticated cybersecurity incidents’ (Vancouver Sun) Cyble detects critical vulnerabilities in CyberPower PowerPanel Business Software used in critical infrastructure (Industrial Cyber) Zscaler is investigating data breach claims (Industrial Cyber) Thwarted cyberattack targeted Library of Congress in tandem with October British Library breach (Nextgov/FCW)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
09/05/2447m 30s

The takedown of a ransomware ringleader.

International law enforcement put a leash on a LockBit leader. Updates from RSA Conference, including our Man on the Street Rob Boyce, Managing Director at Accenture. TikTok sues the U.S. government. The Commerce Department restricts chip sales to Huawei. A third-party breach exposes payroll records of Britain’s armed forces. BogusBazaar operates over 75,000 fake webshops. Android security updates address 26 vulnerabilities. A Philadelphia real estate investment trust gets hit with ransomware. BetterHelp will pay $7.8 million to settle FTC charges of health data misuse. On the Learning Layer, Sam and Joe dive into CISSP Domain 4, Communication and Network Security, and discuss networking, the OSI model, and firewalls. AI steals the Met Gala spotlight. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Rob Boyce, Managing Director at Accenture is our Man on the Street today. Rob stops by to share his thoughts on the 2024 RSA Conference.  Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe dive into CISSP Domain 4, Communication and Network Security, and discuss networking, the OSI model, and firewalls, which includes: 4.1 Assess and implement secure design principles in network architectures 4.2 Secure network components 4.3 Implement secure communication channels according to design Selected Reading International law enforcement put a leash on a LockBit leader. Updates from RSA Conference, including our Man on the Street Rob Boyce, Managing Director at Accenture. TikTok sues the U.S. government. The Commerce Department restricts chip sales to Huawei. A third-party breach exposes payroll records of Britain’s armed forces. BogusBazaar operates over 75,000 fake webshops. Android security updates address 26 vulnerabilities. A Philadelphia real estate investment trust gets hit with ransomware. BetterHelp will pay $7.8 million to settle FTC charges of health data misuse. On the Learning Layer, Sam and Joe dive into CISSP Domain 4, Communication and Network Security, and discuss networking, the OSI model, and firewalls. AI steals the Met Gala spotlight. Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
08/05/2441m 7s

Hack-proofing the future to shape cyberspace.

Secretary Blinken and Senator Warner weigh in on cybersecurity at RSA Conference. Ransomware profits are falling. Proton Mail is under scrutiny for information sharing. A senior British lawmaker blames China for a UK cyberattack. Medstar Health notifies patients of a potential data breach. A study finds cybersecurity education programs across the U.S vary wildly. Brandon Karpf, N2K Man on the Street, stops by to share his thoughts on the 2024 RSA Conference. An Australian pension fund gets lost in the clouds. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Brandon Karpf, N2K Man on the Street, stops by to share his thoughts on the 2024 RSA Conference.  Selected Reading Blinken unveils State Dept. strategy for ‘vibrant, open and secure technological future’ (The Record) Warner: Lawmakers 'in process' of finding Section 702 fix (The Record) Ransomware operations are becoming less profitable (Help Net Security) Proton Mail Discloses User Data Leading to Arrest in Spain (Restore Privacy) UK says defence ministry targeted in cyberattack (Digital Journal) Novel attack against virtually all VPN apps neuters their entire purpose (Ars Technica) MedStar Health data breach affects 183,079 patients (WUSA9) Researchers say cybersecurity education varies widely in US (Tech Xplore) System outage affecting UniSuper services (UniSuper)  UniSuper private cloud, secondary systems taken out by "rare" Google Cloud "issues" (iTnews) Superannuation: What It Is, How It Works, Types of Plans (Investopedia) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
07/05/2432m 10s

Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us by Eugene Spafford, Leigh Metcalf, Josiah Dykstra and Illustrated by Pattie Spafford. [CSOP]

Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, interviews Eugene Spafford about his 2024 Cybersecurity Canon Hall of Fame book: “Cybersecurity Myths and Misconceptions.” References: Eugene Spafford, Leigh Metcalf, Josiah Dykstra, Illustrator: Pattie Spafford. 2023. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us [Book]. Goodreads. Helen Patton, 2024. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us [Book Review]. Cybersecurity Canon Project. Staff, 2024. CERIAS - Center for Education and Research in Information Assurance and Security [Homepage]. Purdue University. Rick Howard Cybersecurity Canon Concierge Cybersecurity Canon Committee members will be in the booth outside the RSA Conference Bookstore to help anybody interested in the Canon’s Hall of Fame and Candidate books. If you’re looking for recommendations, we have some ideas for you. RSA Conference Bookstore JC Vega: May 6, 2024  | 02:00 PM PDT Rick Howard: May 7, 2024  | 02:00 PM PDT Helen Patton: May 8, 2024  | 02:00 PM PDT Rick Howard RSA Birds of a Feather Session:  I'm hosting a small group discussion called  “Cyber Fables: Debating the Realities Behind Popular Security Myths.” We will be using Eugene Spafford’s Canon Hall of Fame book, “ “Cyber Fables: Debating the Realities Behind Popular Security Myths” as the launchpad for discussion. If you want to engage in a lively discussion about the infosec profession, this is the event for you.  May. 7, 2024 | 9:40 AM - 10:30 AM PT Rick Howard RSA Book Signing I published my book at last year’s RSA Conference. If you’re looking to get your copy signed, or if you just want to tell me how I got it completely wrong, come on by. I would love to meet you. RSA Conference Bookstore May 8, 2024 | 02:00 PM PDT Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Rick Howard Cyware Panel:  The Billiard Room at the Metreon | 175 4th Street | San Francisco, CA 94103 May 8, 2024 | 8:30am-11am PST Simone Petrella and Rick Howard RSA Presentation:  Location: Moscone South Esplanade level May. 9, 2024 | 9:40 AM - 10:30 AM PT Simone Petrella, Rick Howard, 2024. The Moneyball Approach to Buying Down Risk, Not Superstars [Presentation]. RSA 2024 Conference.
07/05/2416m 21s

Charting the course: Biden's blueprint for global cybersecurity.

Secretary of State Antony Blinken is set to unveil a new international cybersecurity strategy at the RSA Conference in San Francisco. Paris prepares for Olympic-sized cybersecurity threats. Wichita, Kansas is recovering from a ransomware attack. A massive data breach hits citizens of El Salvador. Researchers steal cookies to bypass authentication. Cuckoo malware targets macOS systems. Iranian threat actors pose as journalists to infiltrate network targets. A former Microsoft insider analyzes the company’s recommitment to cybersecurity. Guest Mark Terenzoni, Director of Risk Management at AWS, joins N2K’s Rick Howard to discuss the benefits of security lakes in a post-AI world. Ukrainian officials introduce an AI generated spokesperson.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Mark Terenzoni, Director of Risk Management at AWS, joins N2K’s Rick Howard to discuss the benefits of security lakes and other security considerations for a post-AI world. Read Mark's blog on the subject. Selected Reading Biden administration rolls out international cybersecurity plan (POLITICO) Paris 2024 gearing up to face unprecedented cybersecurity threat (Reuters) Wichita government shuts down systems after ransomware incident (The Record) El Salvador suffered a massive leak of biometric data (Security Affairs) Stealing cookies: Researchers describe how to bypass modern authentication (CyberScoop) Malware: Cuckoo Behaves Like Cross Between Infostealer and Spyware (Kandji) Iranian hackers pose as journalists to push backdoor malware (Bleeping Computer) Breaking down Microsoft’s pivot to placing cybersecurity as a top priority (DoublePulsar) Ukraine unveils AI-generated foreign ministry spokesperson | Artificial intelligence (AI) (The Guardian) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
06/05/2433m 3s

Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Tracers in the Dark by Andy Greenberg. [CSOP]

Rick Howard, N2K’s CSO and The Cyberwire’s Chief Analyst and Senior Fellow, interviews Andy Greenberg about his 2024 Cybersecurity Canon Hall of Fame book: “Tracers in the Dark.” References: Andy Greenberg, 2022. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book]. Goodreads. Larry Pesce, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. Rick Howard, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. Ben Rothke, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. TheScriptVEVO, 2012. The Script - Hall of Fame (Official Video) ft. will.i.am [Music Video]. YouTube. Satoshi Nakamoto, 2008. Bitcoin: A Peer-to-Peer Electronic Cash System [Historic and Important Paper]. Bitcoin. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. RSA Presentation:  May. 9, 2024 | 9:40 AM - 10:30 AM PT Rick Howard, Simone Petrella , 2024. The Moneyball Approach to Buying Down Risk, Not Superstars [Presentation]. RSA 2024 Conference.
06/05/2418m 21s

Encore: Elizabeth Wharton: Strong shoulders for someone else to stand on. [Legal] [Career Notes]

Technology attorney and startup chief of staff Elizabeth Wharton shares her experiences and how she came to work with companies in technology. Elizabeth talks about how she always liked solving problems and Nancy Drew mysteries, but not litigation. These morphed finding into her home in the policy legal world and some time later, technology law. Elizabeth describes how she loves planning and strategy in her work and encourages others to ask questions and absorb all of the information. Our thanks to Elizabeth for sharing her story with us.
05/05/246m 58s

Geopolitical tensions rise with China. [Research Saturday]

Adam Marré, CISO at Arctic Wolf, is diving deep into geopolitical tension with China including APT31, iSoon and TikTok with Dave this week. They also discuss some of the history behind China cyber operations. Adam shares information on how different APT groups are able to create spear phishing campaigns, and provides info on how to combat these groups.
04/05/2435m 22s

Ransomware attack turns legal attack.

A Texas operator of rehab facilities faces multiple lawsuits after a ransomware attack. Microsoft warns Android developers to steer clear of the Dirty Stream. The Feds warn of North Korean social engineering. A flaw in the R programming language has been patched. Zloader borrows stealthiness from ZeuS. The GAO highlights gaps in NASA’s cybersecurity measures. Indonesia is a spyware hot-spot. Germany summons a top Russian envoy to address cyber-attacks linked to Russian military intelligence. An Israeli PI is arrested in London following allegations of a cyberespionage campaign. In our Industry Voices segment, Allison Ritter, Senior Product Manager from Cyberbit shares her career journey, off the bench and onto the court. A cybersecurity consultant allegedly attempts to extort a one-point-five million dollar exit package.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Allison Ritter, Senior Product Manager from Cyberbit, shares her cybersecurity journey: “Off the bench and onto the court.” Selected Reading Rehab Hospital Chain Hack Affects 101,000; Facing 6 Lawsuits (GovInfo Security) Microsoft Warns of 'Dirty Stream' Vulnerability in Popular Android Apps (SecurityWeek) U.S. Govt Warns of Massive Social Engineering Attack from North Korean Hackers (GB Hackers) R-bitrary Code Execution: Vulnerability in R's Deserialization (HiddenLayer) ZLoader Malware adds Zeus's anti-analysis feature (Security Affairs) GAO report indicates that NASA should update spacecraft acquisition policies and standards for cybersecurity (Industrial Cyber)  Indonesia is a Spyware Haven, Amnesty International Finds (InfoSecurity Magazine) Germany summons Russian envoy over 2023 cyber-attacks (The Guardian) Israeli private eye arrested in London over alleged hacking for US firm (Reuters) Cybersecurity consultant arrested after allegedly extorting IT firm (Bleeping Computer)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
03/05/2439m 41s

Dropbox sign breach exposes secrets.

Dropbox’s secure signature service suffers a breach. CISA is set to announce a voluntary pledge toward enhanced security. Five Eyes partners issue security recommendations for critical infrastructure. Microsoft acknowledges VPN issues after recent security updates. LockBit releases data from a hospital in France. One of REvil’s leaders gets 14 years in prison. An Phishing-as-a-Service provider gets taken down by international law enforcement. China limits Teslas over security concerns. In our Threat Vector segment, David Moulton from Unit 42 explores Adversarial AI and Deepfakes with two expert guests, Billy Hewlett, and Tony Huynh. NightDragon founder and CEO Dave Dewalt joins us with a preview of next week’s NightDragon Innovation Summit 2024 at RSAC. And celebrating the 60th  anniversary of the BASIC programming language. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In our Threat Vector segment, David Moulton, Director of Thought Leadership at Unit 42, explores Adversarial AI and Deepfakes as part of the ongoing series “AI’s Impact in Cybersecurity'' with two expert guests, Billy Hewlett, Senior Director of AI Research at Palo Alto Networks, and Tony Huynh, a Security Engineer specializing in AI and deepfakes. They unpack the escalating risks posed by adversarial AI in cybersecurity. You can catch Threat Vector every other Thursday on the N2K CyberWire network and where you get all of your favorite podcasts. Listen to David’s full discussion with Billy and Tony here. Plus, NightDragon Founder and CEO Dave Dewalt joins us with a preview of next week’s NightDragon Innovation Summit 2024 at RSAC including a look into his “State of the Cyber Union” keynote. Selected Reading Security Breach Exposes Dropbox Sign Users (Infosecurity Magazine) The US Government Is Asking Big Tech to Promise Better Cybersecurity (WIRED) CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog (Security Affairs) Russian Hackers Target Industrial Systems in North America, Europe (SecurityWeek) Microsoft says April Windows updates break VPN connections (Bleeping Computer) LockBit publishes confidential data stolen from Cannes hospital in France (The Record) Ukrainian sentenced to almost 14 years for infecting thousands with REvil ransomware (The Record) LabHost Crackdown: 37 Arrested In Global Cybercrime Bust (Security Boulevard) Tesla cars to be banned from Chinese government buildings amid security fears — report (Drive) The BASIC programming language turns 60 (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
02/05/2440m 39s

Retirement plan breach shakes financial giant.

A breach at J.P. Morgan Chase exposes data of over 451,000 individuals. President Biden Signs a National Security Memorandum to Strengthen and Secure U.S. Critical Infrastructure. Verizon’s DBIR is out. Cornell researchers unveil a worm called Morris II. A prominent newspaper group sues OpenAI. Marriott admits to using inadequate encryption. A Finnish man gets six years in prison for hacking a psychotherapy center. Qantas customers had unauthorized access to strangers’ travel data. The Feds look to shift hiring requirements toward skills. In our Industry Voices segment, Steve Riley, Vice President and Field CTO at Netskope, discusses generative AI and governance. Major automakers take a wrong turn on privacy.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on Industry Voices, Steve Riley, Vice President and Field CTO at Netskope, discusses generative AI and governance. For more of Steve’s insights into gen AI, check out his article in Forbes.  Selected Reading Breach at J.P. Morgan Exposes Data of 451,000 Plan Participants (PLANADVISER) White House releases National Security Memorandum on critical infrastructure security and resilience (Industrial Cyber) DBIR Report 2024 - Summary of Findings (Verizon) Experimental Morris II worm can exploit popular AI services to steal data and spread malware (Computing) Major U.S. newspapers sue OpenAI, Microsoft for copyright infringement (Axios) Marriott admits it falsely claimed for five years it was using encryption during 2018 breach (CSO Online) Finnish hacker imprisoned for accessing thousands of psychotherapy records and demanding ransoms (AP News) Qantas Airways Says App Showed Customers Each Other's Data (GovInfo Security) Agencies to turn toward ‘skill-based hiring’ for cyber and tech jobs, ONCD says (CyberScoop) Carmakers lying about requiring warrants before sharing location data, Senate probe finds (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
01/05/2439m 57s

Ransomware is just a prescription for chaos.

UnitedHealth’s CEO testimony before congress reveals details of the massive data breach. Major US mobile carriers are hit with hefty fines for sharing customer data. Muddling Meerkat manipulates DNS. A report from Sophos says ransomware payments skyrocketed this past year. The DOE addresses risks and benefits of AI. LightSpy malware targets macOS. A crucial Kansas City weather and traffic system is disabled by a cyberattack. A Canadian pharmacy chain shuts down temporarily following a cyberattack. Guest Kayla Williams, CISO from Devo, joins us to share CISO insights into the pressure of their roles they feel mounting on them and gives us a look into their plans for RSAC 2024. Pay attention - that AWS meter may be running.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Kayla Williams, CISO from Devo, joins us to share CISO insights into the pressure of their roles they feel mounting on them and gives us a look into their plans for RSAC 2024. Selected Reading Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO (TechCrunch) FCC Fines Carriers $200m For Selling User Location Data (Infosecurity Magazine) Muddling Meerkat hackers manipulate DNS using China’s Great Firewall (Bleeping Computer) Ransom Payments Surge by 500% to an Average of $2m (Infosecurity Magazine) US DOE rolls out initial assessment report on AI benefits and risks for critical energy infrastructure (Industrial Cyber)  LightSpy malware has made a comeback, and this time it's coming after your macOS devices (ITPro) Kansas City system providing roadside weather, traffic info taken down by cyberattack (The Record) London Drugs pharmacy chain closes stores after cyberattack (Bleeping Computer) An Empty S3 Bucket Can Make Your AWS Bills Explode (GB Hackers) - kicker How an empty S3 bucket can make your AWS bill explode (Medium) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
30/04/2430m 36s

An unprecedented surge in credential stuffing.

Okta warns of a credential stuffing spike. A congressman looks to the EPA to protect water systems from cyber threats. CISA unveils security guidelines for critical infrastructure. Researchers discover a stealthy botnet-as-a-service coming from China. The UK prohibits easy IoT passwords. New vulnerabilities are found in Intel processors. A global bank CEO shares insights on cybersecurity. Users report mandatory Apple ID resets. A preview of N2K CyberWire activity at RSA Conference. Police in Japan find a clever way to combat gift card fraud.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest It’s the week before the 2024 RSA Conference. Today, we have N2K’s own Rick Howard, Brandon Karpf, and Dave Bittner previewing N2K’s upcoming activities and where you can find our team at RSAC 2024. Special Edition: Threat Vector Understanding the Midnight Eclipse Activity and CVE 2024-3400: Host David Moulton and Andy Piazza, Sr. Director of Threat Intelligence at Unit 42, dive into the critical vulnerability CVE-2024-3400 found in PAN-OS software of Palo Alto Networks, emphasizing the importance of immediate patching and mitigation strategies for such vulnerabilities, especially when they affect edge devices like firewalls or VPNs.  Selected Reading Okta warns customers about credential stuffing onslaught (Help Net Security) Crawford puts forward bill on cybersecurity risks to water systems (The Arkansas Democrat-Gazette)  CISA unveils guidelines for AI and critical infrastructure (FedScoop) Chinese Botnet As-A-Service Bypasses Cloudflare & Other DDoS Protection Services (GB Hackers) UK becomes first country to ban default bad passwords on IoT devices (The Record) Researchers unveil novel attack methods targeting Intel's conditional branch predictor (Help Net Security) Standard Chartered CEO on why cybersecurity has become a 'disproportionately huge topic' at board meetings (The Record) Security Bite: Did Apple just declare war on Adload malware? (9to5Mac) Apple users are being locked out of their Apple IDs with no explanation (9to5Mac) Japanese police create fake support scam payment cards to warn victims (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
29/04/2431m 42s

Encore: Jack Rhysider: Get your experience points in everything. [Media] [Career Notes]

Host of Darknet Diaries podcast Jack Rhysider shares his experiences from studying computer engineering at university to his strategy of using gamification on his career that led to him landing in the security space. Jack talks about how his wide experiences came together in security and what prompted him to learn podcasting. Jack endeavors to share the whole story through his podcasts while making them entertaining, enlightening and inspirational. Our thanks to Jack for sharing his story with us.
28/04/247m 54s

Cerber ransomware strikes Linux. [Research Saturday]

Christopher Doman, Co-Founder and CTO at Cado Security, is talking about their research on "Cerber Ransomware: Dissecting the three heads." This research delves into Cerber ransomware being deployed onto servers running the Confluence application via the CVE-2023-22518 exploit.  The research states "Cerber emerged and was at the peak of its activity around 2016, and has since only occasional campaigns, most recently targeting the aforementioned Confluence vulnerability." The research can be found here: Cerber Ransomware: Dissecting the three heads
27/04/2415m 34s

Kaiser Permanente's privacy predicament.

Healthcare providers report breaches affecting millions. PlugX malware is found in over 170 countries. Hackers exploit an old vulnerability to launch Cobalt Strike. A popular Wordpress plugin is under active exploitation. Developing nations may serve as a test bed for malware developers. German authorities question Microsoft over Russian hacks. CISA celebrates the success of their ransomware warning program. Our guest is Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, discussing open source software. Password trends are a mixed bag. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, discussing open source software. Selected Reading Kaiser Permanente data breach may have impacted 13.4 million patients (Security Affairs) LA County Health Services: Patients' data exposed in phishing attack (Bleeping Computer) China-linked PlugX malware infections found in more than 170 countries (The Record) Hackers Exploit Old Microsoft Office 0-day to Deliver Cobalt Strike (GB Hackers) Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors (SecurityWeek) Cybercriminals are using developing nations as test beds for ransomware attacks (TechSpot) Microsoft Questioned by German Lawmakers About Russian Hack (GovInfo Security) More than 800 vulnerabilities resolved through CISA ransomware notification pilot (The Record) Most people still rely on memory or pen and paper for password management (Help Net Security)   Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
26/04/2428m 51s

Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition]

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In this episode, we center our conversation around the Cyber Workforce Pipeline. We discuss where the next great wave of talent is going to come. We talk more about these sources of new talent, such as K-12 programs, higher education, and trade school programs, transitioning military, and other initiatives and programs focused on cultivating the next generation of cyber professionals. Explore Cyber Talent Insights N2K’s Cyber Talent Insights provides security leaders measurable and actionable insights on your organization’s current cyber roles and capabilities to maximize your talent investments and build a business case for better hiring, developing, maintaining, and retaining your technical talent pools. Learn how at n2k.com/talent-insights. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Strategic Cyber Workforce Intelligence resources for your organization Cyber Talent Acquisition Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar
26/04/2455m 0s

The shadowy adversary in Cisco's crosshairs.

Cisco releases urgent patches for their Adaptive Security Appliances. Android powered smart TVs could expose Gmail inboxes. The FTC refunds millions to Amazon Ring customers. The DOJ charges crypto-mixers with money laundering. A critical vulnerability has been disclosed in the Flowmon network monitoring tool. A Swiss blood donation company reopens following a ransomware attack. Multiple vulnerabilities are discovered in the Brocade SANnav storage area network management application. Brokewell is a new Android banking trojan. Meta’s ad business continues to face scrutiny in the EU.  Ann Johnson, host of Microsoft Security’s Afternoon Cyber Tea podcast speaks with LinkedIn's CISO Geoff Belknap. And an AI Deepfake Sparks a Community Crisis. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Ann Johnson, host of Microsoft Security’s Afternoon Cyber Tea podcast talking with Geoff Belknap sharing "Insights from LinkedIn's CISO." You can listen to their full discussion here.  Selected Reading 'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks (WIRED) Cisco Releases Security Updates Addressing ArcaneDoor Campaign, Exploited Vulnerabilities in ASA and FTD (NHS England Digital) Android TVs Can Expose User Email Inboxes (404 Media) FTC Sending $5.6 Million in Refunds to Ring Customers Over Security Failures (SecurityWeek) Southern District of New York | Founders And CEO Of Cryptocurrency Mixing Service Arrested And Charged With Money Laundering And Unlicensed Money Transmitting Offenses (United States Department of Justice) Maximum severity Flowmon bug has a public exploit, patch now (Bleeping Computer) Plasma donation company Octapharma slowly reopening as BlackSuit gang claims attack (The Record) New Brokewell malware takes over Android devices, steals data (Bleeping Computer) Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking (SecurityWeek) Meta could face further squeeze on surveillance ads model in EU (TechCrunch) Baltimore County educator framed principal with AI-generated voice, police say (Baltimore Banner) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
25/04/2429m 31s

Iran's covert cyber operations exposed.

The DOJ indicts four Iranian nationals on hacking charges. Legislation to ban or force the sale of TikTok heads to the President’s desk. A Russian hack group claims a cyberattack on an Indiana water treatment plant. A roundup of dark web data leaks. Mandiant monitors dropping dwell times. Bcrypt bogs down brute-forcing. North Korean hackers target defense secrets. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey. On our Industry Voices segment, Tony Velleca, CEO of CyberProof, joins us to explore some of the pain points that CISOs & CIOs are experiencing today, and how they can improve their cyber readiness. Ransomware may leave the shelves in Sweden’s liquor stores bare.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe discuss content and study strategies for CISSP Domain 3 Security Architecture and Engineering, and discuss encryption and non-repudiation. Specifically they cover sub-domain 3.6, "Select and determine cryptographic solutions," which includes: Cryptographic life cycle Cryptographic method Public key infrastructure (PKI). Industry Voices On our Industry Voices segment, Tony Velleca, CEO of CyberProof, joins us to explore some of the pain points that CISOs & CIOs are experiencing today, and how they can improve their cyber readiness.  Selected Reading Rewards Up to $10 Million for Information on Iranian Hackers (GB Hackers) Congress passes bill that could ban TikTok after years of false starts (Washington Post) Russian hackers claim cyberattack on Indiana water plant (The Record) Major Data Leaks from Honda Vietnam, US Airports, and Chinese Huawei/iPhone Users (SOCRadar® Cyber Intelligence Inc.) Global attacker median dwell time continues to fall (Help Net Security) New Password Cracking Analysis Targets Bcrypt (SecurityWeek) North Korean Hackers Target Dozens of Defense Companies (Infosecurity Magazine) ​​Hackers hijack antivirus updates to drop GuptiMiner malware (Bleeping Computer) Sweden's liquor shelves to run empty this week due to ransomware attack (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
24/04/2442m 18s

Visa crackdown against spyware swindlers.

The State Department puts visa restrictions on spyware developers. UnitedHealth says its recent breach could affect tens of millions of Americans. LockBit leaks data allegedly stolen from the DC government. Microsoft says APT28 has hatched a GooseEgg. The White House and HHS update HIPAA rules to protect private medical data. Keyboard apps prove vulnerable. A New Hampshire hospital suffers a data breach. Microsoft’s DRM may be vulnerable to compromise. On our Industry Voices segment, Ian Leatherman, Security Strategist at Microsoft, discusses raising the bar for security in the software supply chain. GoogleTeller just can’t keep quiet.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Ian Leatherman, Security Strategist at Microsoft, discusses raising the bar for security in the software supply chain. Selected Reading U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity (Security Affairs) UnitedHealth Group Previews Massive Change Healthcare Breach (GovInfo Security) Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor (SecurityWeek) Russian APT28 Group in New “GooseEgg” Hacking Campaign (Infosecurity Magazine) HHS strengthens privacy protections for reproductive health patients and providers (The Record) The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers (The Citizen Lab) Records of almost 2,800 CMC patients vulnerable in 'data security incident': hospital | Crime (Union Leader)  Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (SecurityWeek) The creepy sound of online trackers (Axbom)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
23/04/2435m 52s

Renewed surveillance sparks controversy.

Section 702 gets another two years.  MITRE suffers a breach through an Ivanti VPN. CrushFTP urges customers to patch an actively exploited flaw. SafeBreach researchers disclose vulnerabilities in Windows Defender that allow remote file deletion. Ukrainian soldiers see increased attention from data-stealing apps. GitHub’s comments are being exploited to distribute malware. VW confirms legacy Chinese espionage and data breaches. CISA crowns winners of the President’s Cup Cybersecurity Competition. Cecilia Marinier, Director, Innovation and Programs at RSA Conference, and Niloo Razi Howe, Senior Operating Partner at Energy Impact Partners & judge, review the top Innovation Sandbox contest finalists in anticipation of RSAC 2024. Targeting kids online puts perpetrators in the malware crosshairs.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We have two guests today. Cecilia Marinier, Director, Innovation and Programs at RSA Conference, and Niloo Razi Howe, Senior Operating Partner at Energy Impact Partners & judge, review the top Innovation Sandbox contest finalists and what to look for on the innovation front at RSAC 2024. For 18 years, cybersecurity's boldest new innovators have competed in the RSAC Innovation Sandbox contest to put the spotlight on their potentially game-changing ideas. This year, 10 finalists will once again have three minutes to make their pitch to a panel of judges. Since the start of the contest, the Top 10 Finalists have collectively seen over 80 acquisitions and $13.5 billion in investments. Innovation Sandbox will take place on Monday, May 6th at 10:50am PT. Selected Reading Warrantless spying powers extended to 2026 with Biden’s signature (The Record) MITRE breached by nation-state threat actor via Ivanti zero-days (Help Net Security) CrushFTP File Transfer Vulnerability Lets Attackers Download System Files (Infosecurity Magazine) Researchers Claim that Windows Defender Can Be Bypassed (GB Hackers) Ukrainian soldiers’ apps increasingly targeted for spying, cyber agency warns  (The Record) GitHub comments abused to push malware via Microsoft repo URLs (Bleeping Computer) Presumably Chinese industrial spies stole VW data on e-drive technology (Bleeping Computer) CISA declares winners of President’s Cup cybersecurity competition, with Artificially Intelligent team leading (Industrial Cyber) Malware dev lures child exploiters into honeytrap to extort them (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
22/04/2435m 37s

Encore: Kiersten Todt: problem solving and building solutions. [Policy] [Career Notes]

Managing director of the Cyber Readiness Institute Kiersten Todt shares how she came to be in the cybersecurity industry helping to provide free tools and resources for small businesses through a nonprofit. She describes how her work on the Hill prior to and just after 9/11 changed. Kiersten talks about the diversity of skills that benefit work in cybersecurity and offers her advice on going after what you want to do. Our thanks to Kiersten for sharing her story with us.
21/04/247m 26s

Cloud Architect vs Detection Engineer: Mutual benefit. [CyberWire-X]

In this episode of CyberWire-X, N2K CyberWire’s Podcast host Dave Bittner is joined by Brian Davis, Principal Software Engineer, and Thomas Gardner, Senior Detection Engineer, both from Red Canary. They engage in a cloud architect vs. detection engineer discussion. Through the conversation, they illustrate how one person benefits the other's work and how they work together. Red Canary is our CyberWire-X episode sponsor.
21/04/2418m 23s

The art of information gathering. [Research Saturday]

Greg Lesnewich, senior threat researcher at Proofpoint, sits down to discuss "From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering." Since 2023, TA427 has directly solicited foreign policy experts for their opinions on nuclear disarmament, US-ROK policies, and sanction topics via benign conversation starting emails.  The research states "While our researchers have consistently observed TA427 rely on social engineering tactics and regularly rotating its email infrastructure, in December 2023 the threat actor began to abuse lax Domain-based Message Authentication, Reporting and Conformance (DMARC) policies to spoof various personas and, in February 2024, began incorporating web beacons for target profiling." The research can be found here: From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering
20/04/2431m 48s

Swift responses to cyberattacks.

Two swift responses to recent cyberattacks. Frontier Communications discloses cyberattack. Texas town repels water system cyberattack by unplugging. List of undesirables falls into the wrong hands. CryptoChameleon phishing kit impersonates LastPass. Ransomware payments trending down in Q1 2024 and a warning for small to medium-sized businesses. US auto manufacturers targeted by FIN7. Akira ransomware has made $42 million since March 2023. No more WhatsApp or Threads in China. Concerning drop in US cybersecurity job listings. Our guest is Zscaler’s Chief Security Officer Deepen Desai exploring encrypted attacks amidst the AI revolution. Meghan Markle hacked by Kate supporters.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Deepen Desai, Chief Security Officer and SVP Security Engineering & Research at Zscaler, joins us to talk about exploring encrypted attacks amidst the AI revolution. Selected Reading Frontier Communications Shuts Down Systems Following Cyberattack (SecurityWeek) Tiny Texas City Repels Russia-Tied Hackers Eyeing Water System (Bloomberg)  Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals (The Register)  Advanced Phishing Kit Adds LastPass Branding for Use in Phishing Campaigns (LastPass) Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware! (Help Net Security) FIN7 cybercriminals targeted large U.S. automotive manufacturer last year (The Record)  Akira Ransomware Made Over $42 Million in One Year: Agencies (SecurityWeek)  Apple pulls WhatsApp, Threads from China App Store following state order (TechCrunch) Alarming Decline in Cybersecurity Job Postings in the US (Infosecurity Magazine) Meghan Markle's new lifestyle website hijacked by anonymous user whose ‘thoughts are with Kate’ (GB News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
19/04/2431m 22s

Cyber Talent Insights: Charting your path in cybersecurity. (Part 2 of 3) [Special Edition]

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In this episode, we shift our point of view to provide guidance for an individual's first career or perhaps considering a career change transitioning into the field. We discuss a market-driven approach to career development. We also explore how to discover one’s niche in cybersecurity, including how to stand out in this competitive market and align personal interests with career goals. Lastly, we examine the role certifications play when navigating your path throughout the talent acquisition, development, and retention of the cybersecurity workforce management lifecycle.   Explore Cyber Talent Insights N2K’s Cyber Talent Insights provides security leaders measurable and actionable insights on your organization’s current cyber roles and capabilities to maximize your talent investments and build a business case for better hiring, developing, maintaining, and retaining your technical talent pools. Learn how at n2k.com/talent-insights. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Cyber Talent Acquisition Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar
19/04/2452m 44s

From phishing to felony.

A major Phishing-as-a-service operation gets taken down by international law enforcement. US election officials are warned of nation-state influence operations. The house votes to limit the feds’ purchase of citizens personal data. A Michigan healthcare provider suffered a ransomware attack. Critical infrastructure providers struggle to trust cybersecurity tools. Cloudflare reports on DDoS. Kaspersky uncovers new Android banking malware. Kubernetes cryptominers leverage previously patched flaws. The Massachusetts Attorney General emphasizes the responsible use of AI. Our guest Caleb Barlow, CEO of Cyberbit, joins us to talk about badge swipe fraud as more are returning to the office. Colorado passes a law to keep big tech out of our heads.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest and podcast partner Caleb Barlow, CEO of Cyberbit, joins us to talk about badge swipe fraud as more are returning to the office. Are your employees faking their badge swipes? Selected Reading LabHost phishing service with 40,000 domains disrupted, 37 arrested (Bleeping Computer) US Election Officials Told to Prepare for Nation-State Influence Campa (Infosecurity Magazine) House votes in favor of curtailing government transactions with data brokers (The Record) 180k Impacted by Data Breach at Michigan Healthcare Organization (SecurityWeek) Trust in Cyber Takes a Knock as CNI Budgets Flatline (Infosecurity Magazine) DDoS threat report for 2024 Q1 (Cloudflare)  SoumniBot malware exploits Android bugs to evade detection (Bleeping Computer) Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks (Bleeping Computer) Massachusetts official warns AI systems subject to consumer protection, anti-bias laws (AP News) Your Brain Waves Are Up for Sale. A New Law Wants to Change That (NY Times) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
18/04/2434m 15s

The rebirth of Russia's cyber warfare.

A Russian hacker group boldly targets critical infrastructure. The Change Healthcare ransomware attack is projected to cost over a billion dollars. Three hundred bucks is the going rate for a SIM swap. PuTTY potentially reveals private keys. Cisco Talos reports a surge in brute-force attacks. Ivanti updates its MDM product. Omni Hotels & Resorts confirm a data breach. Financially motivated hackers target Businesses in Latin America with steganography. A prolific cryptojacker faces decades in prison. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey. The ransomware equivalent of a Saturday night special.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe discuss content and study strategies for Domain 2, Asset Security.  Resources: Domain 2, Asset Security Identify and securely provision information assets, establish handling requirements, manage the data lifecycle, and apply data security controls to comply with applicable laws. 2.1 Identify and classify information and assets 2.2 Establish information and asset handling requirements 2.3 Provision resources securely 2.4 Manage data lifecycle 2.5 Ensure appropriate asset retention (e.g., End-of-Life (EOL), End-of-Support (EOS)) 2.6 Determine data security controls and compliance requirements Are you studying for the CISSP exam, considering taking the test soon, or did you have an unsuccessful exam experience? Here are some CISSP exam pitfalls to avoid so that you’re confident and successful on exam day. Selected Reading Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities (WIRED) T-Mobile, Verizon workers get texts offering $300 for SIM swaps (Bleeping Computer) PuTTY SSH client flaw allows recovery of cryptographic private keys (Bleeping Computer)  Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials (Talos Intelligence) Ivanti Patches Two Critical Avalanche Flaws in Major Update (Infosecurity Magazine) Omni Hotels confirms data compromise in apparent ransomware attack (SC Media) Steganography Campaign Targets Global Enterprises (GovInfo Security) Nebraska man allegedly defrauded cloud providers of millions via cryptojacking (The Record) Ransomware attack has cost UnitedHealth $872 million; total expected to surpass $1 billion (The Record) ‘Junk gun’ ransomware: Peashooters can still pack a punch (Sophos News)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
17/04/2432m 4s

Weathering the phishing front.

Cisco Dou warns of a third-party MFA-related breach. MGM Resorts sues to stop an FTC breach investigation. Meanwhile the FTC dings another mental telehealth service provider. Open Source foundations call for caution after social engineering attempts. The NSA shares guidance for securing AI systems. IntelBroker claims to have hit a US geospatial intelligence firm. The UK clamps down on deepfakes. Hard-coded passwords provide the key to smart-lock vulnerabilities. On our Industry Voices segment, Ryan Lougheed, Director of Product Management at Onspring, discusses the benefits of artificial intelligence in governance, risk and compliance (GRC). A Law Firm’s Misclick Ends 21 Years of Matrimony.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Ryan Lougheed, Director of Product Management at Onspring, discusses the benefits of artificial intelligence in governance, risk and compliance (GRC). Selected Reading Cisco Duo MFA logs exposed in third-party data breach (ITPro) Casino operator MGM sues FTC to block probe into 2023 hack (Reuters) Open Source Leaders Warn of XZ Utils-Like Takeover Attempts (Infosecurity Magazine) FTC Bans Online Mental Health Firm From Sharing Certain Data (GovInfo Security) New NSA guidance identifies need to update AI systems to address changing risks, bolster security (Industrial Cyber) IntelBroker Claims Space-Eyes Breach, Targeting US National Security Data (HackRead)  Creating sexually explicit deepfakes to become a criminal offence (BBC) CISA warns of critical vulnerability in Chirp smart locks (The Register) Wrong couple divorced after computer error by law firm Vardag's (BBC) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
16/04/2435m 56s

Hunting vulnerabilities.

Palo Alto Networks releases hotfixes for an exploited zero-day. Delinea issues an urgent update for a critical flaw. Giant Tiger data is leaked online. A European semiconductor manufacturer deals with a data breach. Roku suffers its second breach of the year. Operators of the Hive RAT face charges.  A former Amazon security engineer gets three years in prison for hacking cryptocurrency exchanges. Zambian officials arrest 77 in a scam call center crack down. Our guest Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division describes dual ransomware. And Rob Boyce, Managing Director at Accenture, shares his thoughts on security testing of generative AI. And selling Pokemon cheats leaves one man in Japan feeling like he had a run-in with a Scaldiburn. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we have two guests, Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division discussing dual ransomware. Followed by Rob Boyce, Managing Director at Accenture, sharing some thoughts on security testing of generative AI. Selected Reading Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge (SecurityWeek) A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (Help Net Security) Hacker claims Giant Tiger data breach, leaks 2.8M records online (Bleeping Computer) Press statement: Nexperia IT Breach (Nexperia) Roku issues warning over massive customer account breach (ITPro) Two People Arrested in Australia and US for Development and Sale of Hive RAT (SecurityWeek) Ex-Amazon engineer gets 3 years for hacking crypto exchanges (Bleeping Computer) Zambia arrests 77 people in swoop on "scam" call centre (Bitdefender) Japanese Police Arrest 36-Year-Old Man on Suspicion of Tampering With Pokémon Violet Save Data (IGN)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
15/04/2432m 12s

AWS in Orbit: Extending the resilient edge to space. [T-Minus AWS in Orbit]

You can learn more about AWS in Orbit at space.n2k.com/aws. N2K Space is working with AWS to bring the AWS in Orbit podcast series to the 39th Space Symposium in Colorado Springs from April 8-11.  Our guests today are ​​Clint Crosier, Director at AWS Aerospace and Satellite, and Jim Tran, Vice President of Government Solutions at Iridium. AWS in Orbit is a podcast collaboration between N2K Networks and AWS to offer listeners an in-depth look at the transformative intersection of cloud computing, space technologies, and generative AI. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. Selected Reading AWS Aerospace and Satellite Audience Survey We want to hear from you! Please complete our short survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
15/04/2424m 32s

Encore: Stu Sjouwerman: Trying for a win, win, win game. [CEO] [Career Notes]

Founder and CEO Stu Sjouwerman takes us on a journey of how his career developed from starting a software service company to currently focusing on the infosec side of the business where his team essentially helps to create human firewalls. Stu talks about learning all aspects of the business while creating startups and suggests you learn to speak the language of the area you are looking to get into. He even touches on predicting the future and taking over the world. Our thanks to Stu for sharing his story with us.
14/04/245m 56s

AWS in Orbit: Building a resilient outernet. [T-Minus AWS in Orbit]

You can learn more about AWS in Orbit at space.n2k.com/aws. N2K Space is working with AWS to bring the AWS in Orbit podcast series to the 39th Space Symposium in Colorado Springs from April 8-11.  Our guests today are ​​Salem El Nimri, Chief of Space Technology at AWS Aerospace and Satellite, and Declan Ganley, Chairman and CEO at Rivada Space Networks. AWS in Orbit is a podcast collaboration between N2K Networks and AWS to offer listeners an in-depth look at the transformative intersection of cloud computing, space technologies, and generative AI. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. Selected Reading AWS Aerospace and Satellite Audience Survey We want to hear from you! Please complete our short survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
14/04/2422m 2s

Breaking down a high-severity vulnerability in Kubernetes. [Research Saturday]

Tomer Peled, a Security & Vulnerability Researcher from Akamai is sharing their work on "What a Cluster: Local Volumes Vulnerability in Kubernetes." This research focuses on a high-severity vulnerability in Kubernetes, allowing for remote code execution with system privileges on all Windows endpoints within a Kubernetes cluster. The research states "The discovery of this vulnerability led to the discovery of two others that share the same root cause: insecure function call and lack of user input sanitization." The research can be found here: What a Cluster: Local Volumes Vulnerability in Kubernetes
13/04/2415m 45s

Privacy, power, and the path forward.

Section 702 edges closer to a vote. CISA provides guidance on Sisense and Microsoft breaches. A major conservative think tank reports a breach. Obsolete D-Link devices are under active exploitation, and Palo Alto warns of a zero-day. Raspberry Robin grows more stealthy. A lastpass employee thwarts a deepfake phishing attempt. Are AI models growing more persuasive? Our guest Kevin Magee from Microsoft Canada joins us to talk about cross domain prompt injection and AI. Floppies keep the trains running on time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest and podcast partner Kevin Magee from Microsoft Canada joins us to talk about cross domain prompt injection and AI.  Selected Reading Compromise of Sisense Customer Data (CISA) ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System (CISA) US think tank Heritage Foundation hit by cyberattack (TechCrunch) Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars (SecurityWeek) Palo Alto Networks Warns About Critical Zero-Day in PAN-OS (Infosecurity Magazine) Hackers are using Windows script files to spread malware and swerve antivirus software ( ITPro) LastPass Employee Targeted With Deepfake Calls (SecurityWeek) Anthropic says its AI models are as persuasive as humans (Axios) 5.25-inch floppy disks expected to help run San Francisco trains until 2030 (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
12/04/2430m 34s

Cyber Talent Insights: Navigating the landscape for enterprise organizations. (Part 1 of 3) [Special Edition]

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In the first episode of the series on cybersecurity workforce development, we dive into the complex world of cyber workforce management and planning, particularly as it pertains to the perspective of the enterprise. We explore the current state of the cybersecurity workforce, navigate various challenges in talent acquisition, and explore the nuances of job classifications, titles, compensation, and the dynamics of remote, onsite, and hybrid work environments.  Our experts further address talent development strategies like professional development, training, conferences, mentorship programs, communities of interest, and corporate cyber academies.  Finally, we touch upon the critical aspect of talent retention, an essential component in closing the cybersecurity talent gap. We hope you will join us on this journey. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Strategic Cyber Workforce Intelligence resources for your organization Cyber Talent Acquistion Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar
12/04/2444m 17s

Apple's worldwide warning on mercenary attacks.

Apple warns targeted users of mercenary spyware attacks. CISA expands its Malware Next-Gen service to the private sector. US Cyber Command chronicles their “hunt forward” operations. Taxi fleets leak customer data. Trend Micro tracks DeuterBear malware. The BatBadBut vulnerability enables command injection on Windows. Cybercriminals manipulate GitHub's search functionality. Scully Spider may be utilizing AI generated Powershells scripts. A study from ISC2 shed’s light on salary disparities. On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights. And AI music sings the license.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. You can listen to the full conversation here.  Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights that is launching on Friday, April 12, 2024. You can read more about Cyber Talent Insights here. Selected Reading iPhone users in 92 countries received a spyware attack warning from Apple (Engadget) CISA to expand automated malware analysis system beyond government agencies (The Record) US Cyber Force Assisted Foreign Governments 22 Times in 2023 (SecurityWeek) Taxi software vendor exposes personal details of nearly 300K (The Register) Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear (Trend Micro) BatBadBut: You can't securely execute commands on Windows (Flatt) New Technique to Trick Developers Detected in an Open Source Supply Chain Attack (Checkmarx) Malicious PowerShell script pushing malware looks AI-written (Bleeping Computer) Women make less than men in US cyber jobs — but the gap is narrowing (CyberScoop) Permission is hereby granted (Suno)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
11/04/2443m 25s

From deadlock to debate on a revised Section 702 bill.

The House moves forward on Section 702 reauthorization. Ukraine suspends a top cybersecurity official. A Wisconsin health coop suffers a data breach. Sophos uncovers a malicious backdoor. Fortinet issues patches for critical and high severity vulnerabilities. A Microsoft server exposed employee passwords, keys, and credentials. LG releases patches to secure smart TVs. The IMF warns of cyberattacks potential to trigger bank runs. It was a busy patch Tuesday. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and how to avoid frustration when you get a practice question wrong. X marks the spot where Elon’s impulsiveness turns chaotic.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and discuss Domain 1, Security and Risk Management. They cover note-taking best practices and how to avoid getting frustrated when you get a practice question wrong. Selected Reading House sets up debate on Section 702 bill, along with votes on proposed changes (The Record) Ukrainian security service’s cyber chief suspended following media investigation (The Record) 530k Impacted by Data Breach at Wisconsin Healthcare Organization (SecurityWeek) Smoke and (screen) mirrors: A strange signed backdoor (Sophos News) Fortinet reports FortiClient critical flaw and issues in FortiOS and FortiProxy (Beyond Machines) Microsoft left internal passwords exposed in latest security blunder (The Verge) LG releases updates for vulnerabilities that could allow hackers to gain access to TVs (The Record) Extreme cyberattacks could cause bank runs, IMF warns (Silicon Republic) Johannes Ulrich's summary of MS patch Tuesday (SANS Internet Storm Center) X automatically changed 'Twitter' to 'X' in users' posts, breaking legit URLs (Mashable)  Example from X/Twitter story: https://wetdry.world/@seraph/112241754503585255 Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
10/04/2430m 27s

Unraveling a healthcare ransomware web.

Change Healthcare gets hit with another ransom demand. A French football team warns fans of a cyberattack. The Home Depot breach is chalked up to a misconfigured SaaS application. The FCC looks to sure up car connectivity security to protect survivors of domestic violence. Targus reports a disruptive cyberattack. A massive doxxing event hits El Salvador. India's top audio and wearables brand investigates a customer data breach. The Israeli military jams GPS. Microsoft Security’s Ann Johnson, host of Afternoon Cyber Tea podcast, shares a segment of her latest episode featuring Jason Healey, founding scholar and director for cyber efforts at Columbia's School of International and Public Affairs. They discuss nurturing trust in cybersecurity. And, I’ll have a burger with a side of surveillance.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Microsoft Security’s Ann Johnson, host of Afternoon Cyber Tea podcast, shares a segment of her latest episode featuring Jason Healey, founding scholar and director for cyber efforts at Columbia's School of International and Public Affairs. They discuss nurturing trust in cybersecurity. You can listen to the full episode here. Selected Reading Change Healthcare breach data may be in hands of new ransomware group (SC Media) French football club PSG says ticketing system targeted by cyberattack (The Record) Misconfigured SaaS applications led to the Home Depot data breach, and experts say it’s no surprise (ITPro) FCC opens rulemaking to probe connected car stalking (The Record) Targus discloses cyberattack after hackers detected on file servers (Bleeping Computer) Hacker doxxes nearly every adult in El Salvador (Protos) Hit with massive data breach, boAt loses data of 7.5 million customers (Forbes) Israel’s Scrambled GPS Signals Turn Life Upside Down in Tel Aviv (Bloomberg) How fast food is becoming a new surveillance ground (Fast Company) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
09/04/2430m 2s

A possible breakthrough in data privacy legislation.

Might there be motion from Congress on data privacy legislation? Maryland passes a pair of privacy bills. A database allegedly from the EPA shows up on Russian cybercrime forums. HHS issues an alert for the Healthcare and Public Health sectors. CISA gears up for their Cyber Storm. A leading UK veterinary service provider suffers a cyber incident. A hardcoded backdoor is discovered in deprecated Network Attached Storage devices. NSA’s new cybersecurity director takes the reins. Guest Caleb Barlow, CEO of Cyberbit, shares his insights on the evolving role of the CISO. The bull market for Zero-days. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Caleb Barlow, CEO of Cyberbit, discussing how we need to think about the role and position of the CISO. Selected Reading A Breakthrough Online Privacy Proposal Hits Congress (WIRED) Maryland Passes 2 Major Privacy Bills, Despite Tech Industry Pushback (The New York Times) US Environmental Protection Agency Allegedly Hacked, 8.5M User Data Leaked (HACKREAD) U.S. Department of Health warns of attacks against IT help desks (Security Affairs) CISA’s ‘Cyber Storm’ will help it update National Cyber Incident Response Plan (Federal News Network) Veterinary Giant CVS Reveals Major Cyber-Attack (Infosecurity Magazine) Over 92,000 exposed D-Link NAS devices have a backdoor account (Bleeping Computer) NSA Appoints Dave Luber as Cybersecurity Director (SecurityWeek) Price of zero-day exploits rises as companies harden products against hackers (TechCrunch)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
08/04/2431m 33s

Encore: Selena Larson: The Green Goldfish and cyber threat intelligence. [Analyst] [Career Notes]

Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked investigating and researching things. Specializing in cybersecurity journalism led to the realization of how closely aligned or similar skills are required from an investigative journalist and a cyber threat intelligence analyst. Our thanks to Selena for sharing her story with us.
07/04/247m 40s

Leaking your AWS API keys, on purpose? [Research Saturday]

Noah Pack, a SANS Internet Storm Center Intern, sits down to discuss research on "What happens when you accidentally leak your AWS API keys?" This research is a guest diary from Noah and shares a project he worked on after seeing an online video of someone who created a python script that emailed colleges asking for free swag to be shipped to him. The research states "In this article, I will share some research, resources, and real-world data related to leaked AWS API keys." In this research, Noah shares what he learned while implementing his experiment. The research can be found here: What happens when you accidentally leak your AWS API keys? [Guest Diary]
06/04/2426m 30s

Deciphering the Acuity cybersecurity incident.

Acuity downplays its recent breach. IcedID gives way to a new malware strain. Russia arrests alleged credit card thieves. Wiz uncovers security flaws in Hugging Face AI models. NERC and the E-ISAC review lessons learned from simulated attacks on the electrical grid. UK police track honey traps targeting MPs. Microsoft says China is actively trying to influence US elections. A major global lens maker suffers a cyber attack.  Guest Dick O'Brien from the Symantec Threat Hunter Team shares how ransomware operators adapt to disruption. And SEO under threat of legal action.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Dick O'Brien from Symantec Threat Hunter Team by Broadcom shares how ransomware operators adapt to disruption. Get more details in the blog: Ransomware: Attacks Continue to Rise as Operators Adapt to Disruption. Selected Reading Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info (SecurityWeek) New Latrodectus malware replaces IcedID in network breaches (bleepingcomputer) Magecart-style hackers charged by Russia in theft of 160,000 credit cards (The Record) Wiz Discovers Flaws in GenAI Models Enabling Customer Data Theft (Infosecurity Magazine) Lessons learned from electrical grid security exercise (nerc) British police investigating ‘honey trap’ WhatsApp messages sent to MPs (The Record) China is trying to influence US elections with AI, Microsoft claims (siliconrepublic) Lens Maker Hoya Scrambling to Restore Systems Following Cyberattack (SecurityWeek) A ‘Law Firm’ of AI Generated Lawyers Is Sending Fake Threats as an SEO Scam (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
05/04/2433m 52s

Securing secrets: The State Department's cyber hunt.

The State Department investigates an alleged breach. The FCC looks at regulating connected vehicles. A big-tech consortium hopes to mitigate AI-related job losses. Google aims to thwart cookie-thieves. SurveyLama exposes sensitive info of over four millions users. Omni Hotels & Resorts is recovering from a cyberattack. A national cancer treatment center suffers a breach. How cyber is approached on both sides of the pond. In our Industry Voices segment , George Jones, CISO at Critical Start, discusses strategies for maximizing cybersecurity investments to achieve optimal risk reduction. Playing the identity theft long-game.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On Industry Voices, guest George Jones, CISO at Critical Start, joins us to share thoughts on the topic "Spend Smarter, Risk Less: Cybersecurity ROI Strategies for Security Leaders." George discusses strategies for maximizing cybersecurity investments to achieve optimal risk reduction.  Selected Reading Threat Actor Claims Classified Five Eyes Data Theft (Infosecurity Magazine) Automakers and FCC square off over potential regulations for connected cars (The Record) Big tech companies form new consortium to allay fears of AI job takeovers (TechCrunch) Amazon is cutting hundreds of jobs in its cloud computing unit AWS (NPR) Google Proposes Method for Stopping Multifactor Runaround (GovInfo Security) Google fixes two Pixel zero-day flaws exploited by forensics firms (Bleeping Computer) SurveyLama data breach exposes info of 4.4 million users (Bleeping Computer) Omni Hotels confirms cyberattack behind ongoing IT outage (Bleeping Computer) The US or the UK: Where Should You Get a Cybersecurity Job? (GovInfo Security) US Cancer Center Data Breach Impacting 800,000 (SecurityWeek) Iowa sysadmin pleads guilty to 33-year identity theft of former coworker (The Register)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
04/04/2439m 13s

Biden administration brings down the hammer.

The Cyber Safety Review Board hands Microsoft a scathing report. Jackson County, Missouri declares a state of emergency following a ransomware attack. The concerning growth of Chinese brands in U.S. critical infrastructure. Malware campaigns make use of YouTube. OWASP issues a data breach warning. Trend Micro tracks LockBit’s faltering rebound. India’s government cloud service leaks personal data. ChatGPT jailbreaks spread on popular hacker forums. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and focus on the when and how of studying for Domain 1. And you can no longer just walk out of an Amazon grocery store.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and focus on the when and how of studying for Domain 1.  Resources for this session:  Effect of sunlight exposure on cognitive function among depressed and non-depressed participants: a REGARDS cross-sectional study Selected Reading Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack (AP News) Missouri county declares state of emergency amid suspected ransomware attack (Ars Technica) Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure (Industrial Cyber) YouTube channels found using pirated video games as bait for malware campaign (The Record) OWASP issues data breach alert after misconfigured server leaked member resumes (ITPro) Trend Micro: LockBit ransomware gang's comeback is failing (TechTarget) Indian government’s cloud spilled citizens’ personal data online for years (TechCrunch) ChatGPT jailbreak prompts proliferate on hacker forums (SC Media) Amazon Ditches 'Just Walk Out' Checkouts at Its Grocery Stores (Gizmodo)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
03/04/2432m 50s

From lawsuit to logoff: Google's incognito mode makeover.

Google agrees to delete billions of user records. NIST addresses the NVD backlog. India rescues hundreds of citizens from scam jobs in Cambodia. The UK and US agree to collaborate on AI safety. The FTC tracks an explosion in impersonation fraud. A PandaBuy breach exposes over 1.3 million customers. Prudential Financial informs over 36,000 customers of a data breach. A look at safeguarding sensitive data. Our guest is Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), with insights on identity security best practices. A dash of curiosity reveals a hotel chain vulnerability.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), sharing insights on identity security best practices, identity and access sprawl, and how Generative AI is helping and hurting identity management. The IDSA’s Identity Management Day 2024 is coming up on April 9, 2024. Selected Reading Google agreed to erase billions of browser records to settle a class action lawsuit (Security Affairs) Vulnerability database backlog due to increased volume, changes in 'support,' NIST says (The Record) India rescues 250 citizens enslaved by Cambodian cybercrime gang (Bleeping Computer) The US and UK are teaming up to test the safety of AI models (Engadget) Impersonation Scams Net Fraudsters $1.1bn in a Year ( Infosecurity Magazine) PandaBuy data breach allegedly impacted +1.3M customers (Security Affairs) Prudential Financial Data Breach Impacts 36,000 (SecurityWeek) How to bridge the gap between the IT and legal staffs to better combat insider risk (SC Media) IBIS hotel check-in terminal keypad-code leakage (Pentagrid AG) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
02/04/2436m 49s

Unmasking the xzploitation.

The xz backdoor sets the open source community back on its heels. AT&T resets passwords on millions of customer accounts. Researchers track a macOS infostealer. Poland investigates past internal use of Pegasus spyware. The latest Vultur banking trojan grows trickier than ever. We note the passing of a security legend. On our Solution Spotlight, N2K President Simone Petrella talks about “Bits, Bytes, and Loyalty: How to Improve Team Retention” with Yameen Huq of the Aspen Institute. A ghost ship trips Africa’s internet.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella talks about “Bits, Bytes, and Loyalty: How to Improve Team Retention” with Yameen Huq of the Aspen Institute. Selected Reading What we know about the xz Utils backdoor that almost infected the world (Ars Technica) AT&T resets account passcodes after millions of customer records leak online (TechCrunch) Info stealer attacks target macOS users (Security Affairs) Poland launches inquiry into previous government’s spyware use (The Guardian) Vultur banking malware for Android poses as McAfee Security app (Bleeping Computer) Ross Anderson, professor and famed author of ‘Security Engineering,’ passes away (The Record) A Ghost Ship’s Doomed Journey Through the Gate of Tears (WIRED)  Swapping scripts nightmare. (N2K) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
01/04/2435m 17s

Encore: Liji Samuel: Leaping beyond the barrier. [Certification] [Career Notes]

Liji Samuel from NSA sits down to share her exciting career path through the years until she found a job working for as Chief of Standards and Certification at NSA's Cyber Collaboration Center. She starts by sharing that she had always wanted to work in the STEM field, explaining that growing up she was surrounded with older cousins who were choosing STEM careers and it became an interesting topic for her. She accounts working for a number of companies that helped her grow into the role she is in now. Cybersecurity became a big buzzword for her, causing her to step out of the agency into US cyber command to help take up a management position for the architecture and engineering division. From there, she continued her cybersecurity journey first as the exploration director before moving into where she is now. Liji shares that there were barriers along the way that she had to endure and hop over to get to the right path. She says "So there are challenges and barriers that come across constantly with our work. Um, one just has to pause and reflect on how we can work with it, around it, or influence like our stakeholders and jointly create a vision around it." We thank Liji for sharing her story with us.
31/03/249m 52s

The supply chain in disarray. [Research Saturday]

Elad, a Senior Security Researcher from Cycode is sharing their research on "Cycode Discovers a Supply Chain Vulnerability in Bazel." This security flaw could let hackers inject harmful code, potentially affecting millions of projects and users, including Kubernetes, Angular, Uber, LinkedIn, Databricks, DropBox, Nvidia, Google, and many more. The research states "We reported the vulnerability to Google via its Vulnerability Reward Program, where they acknowledged our discovery and proceeded to address and fix the vulnerable components." Please take a moment to fill out an audience survey! Let us know how we are doing! The research can be found here: Cycode Discovers a Supply Chain Vulnerability in Bazel
30/03/2419m 56s

Pentagon’s cybersecurity roadmap.

The Pentagon unveils its cybersecurity roadmap. A major Massachusetts health insurer reveals a massive data breach. Hot Topic reports credential stuffing. Cisco warns of password spraying targeting VPNs. The FS-ISAC highlights the risk of generative AI to financial institutions. The FEC considers efforts to combat deceptive artificial intelligence. A look at Thread Hijacking attacks. Guests Linda Gray Martin and Britta Glade from RSA Conference join us to discuss what's new and what to look forward to at this year’s big show. Plus my conversation with Eric Goldstein, Executive Assistant Director for Cybersecurity at  CISA, with insights on their recent Notice of Proposed Rulemaking. And Baltimore’s tragic bridge collapse lays bare the degeneration of X-Twitter.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guests Linda Gray Martin, Senior Vice President for Operations, and Britta Glade, Vice President for Content and Curation, join us to discuss what's new and what to look forward to at RSA Conference 2024. This year’s theme is the Art of Possible.  Also joining us is Eric Goldstein, Executive Assistant Director for Cybersecurity at  CISA, sharing their CIRCIA Notice of Proposed Rulemaking. Selected Reading Pentagon lays out strategy to improve defense industrial base cybersecurity (The Record) Massachusetts Health Insurer Data Breach Impacts 2.8 Million (SecurityWeek) American fast-fashion firm Hot Topic hit by credential stuffing attacks (Security Affairs) Cisco Warns of Password Spraying Attacks Exploiting VPN Services (Cybersecurity News) AI abuse and misinformation campaigns threaten financial institutions (Help Net Security) Federal Elections Commission Considers Regulating AI (BankInfo Security) Thread Hijacking: Phishes That Prey on Your Curiosity (Krebs on Security) The slow death of X-Twitter is measured in disasters like the Baltimore bridge collapse (Vox) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
29/03/2438m 43s

AWS in Orbit: Monitoring critical road infrastructure at scale with Alteia and the World Bank. [T-Minus AWS in Orbit]

You can learn more about AWS in Orbit at space.n2k.com/aws. Baptiste Tripard is the Chief Marketing Officer at Alteia. Aiga Stokenberga is the Senior Transport Economist at the World Bank. We explore how Alteia and the World Bank are leveraging AWS's cloud, AI, and space capabilities to monitor critical road networks at scale to support large scale infrastructure investments. From road networks to bridges, they share real-world applications that are making a difference in emerging economies. AWS in Orbit is a podcast collaboration between N2K and AWS to offer listeners an in-depth look at the transformative intersection of cloud computing, space technologies, and generative AI. You can learn more about AWS in Orbit at space.n2k.com/aws. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. Selected Reading AWS Aerospace and Satellite AWS re:Invent Alteia and the World Bank assess and enhance road infrastructure data quality at scale using AWS Audience Survey We want to hear from you! Please complete our short survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
29/03/2438m 46s

A battle against malware.

PyPI puts a temporary hold on operations. OMB outlines federal AI governance. Germany sounds the alarm on Microsoft Exchange server updates. Cisco patches potential denial of service vulnerabilities. The US puts a big bounty on BlackCat. Darcula and Tycoon are sophisticated phishing as a service platforms. Don’t dilly-dally on the latest Chrome update. On our Threat Vector segment, host David Moulton has guest Sam Rubin, VP and Global Head of Operations at Unit 42, to discuss Sam's testimony to the US Congress on the multifaceted landscape of ransomware attacks, AI, and automation, the need for more cybersecurity education. And Data brokers reveal alleged visitors to pedophile island.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Threat Vector segment, host David Moulton has guest Sam Rubin, VP and Global Head of Operations at Unit 42. They discuss Sam's testimony to the US Congress on the multifaceted landscape of ransomware attacks, AI, and automation, the need for more cybersecurity education and more. Listen to the full episode with David and Sam's in-depth discussion. Read Sam Rubin's testimony. Selected Reading PyPi Is Under Attack: Project Creation and User Registration Suspended (Malware News) OMB Issues First Governmentwide AI Risk Mitigation Rules (GovInfo Security) German cyber agency warns 17,000 Microsoft Exchange servers are vulnerable to critical bugs (The Record) Cisco Patches DoS Vulnerabilities in Networking Products (Security Week) US offers a $10 million bounty for information on UnitedHealth hackers (ITPro) IPhone Users Beware! Darcula Phishing Service Attacking Via IMessage (GB Hackers) Tycoon 2FA, the popular phishing kit built to bypass Microsoft and Gmail 2FA security protections, just got a major upgrade — and it’s now even harder to detect (ITPro) Update Chrome now! Google patches possible drive-by vulnerability (Malwarebytes) Jeffrey Epstein's Island Visitors Exposed by Data Broker (WIRED)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2024 N2K Networks, Inc.
28/03/2432m 56s

Jennifer Walsmith: Pioneering and defining possible. [Cyber Solutions] [Career Notes]

Vice President for Cyber and Information Solutions within Mission Systems at Northrop Grumman, Jennifer Walsmith takes us on her pioneering career journey. Following in her father's footsteps at the National Security Agency, Jennifer began her career out of high school in computer systems analysis. Jennifer notes she saw the value of a college degree and at her parents' urging attended night school. She completed her bachelors in computer science at University of Maryland, Baltimore County with the support of the NSA. Jennifer talks about the support of her team at NSA where she was one of the first women to have a career and a family, raising two children while working. Upon retirement from government service, Jennifer chose an organization with values that closely matched her own and uses her position to help her team define possible where they sometimes think they can't. We thank Jennifer for sharing her story with us.
28/03/249m 24s

If there's something strange in your neighborhood, don't call Facebook.

Facebook's Secret Mission to Unmask Snapchat. The White House wants AI audits. Hackers exploit the open-source Ray AI framework. Finnish Police ID those responsible for the 2021 parliament breach. Operation FlightNight targets Indian government and energy sectors. Chinese APT groups target ASEAN entities. A notorious robocaller is rung up for nearly ten million dollars. In our latest Learning Layer, join Sam Meisenberg as he unpacks the intricacies of the CISSP diagnostic with Joe Carrigan from Johns Hopkins University. And Ann Johnson from Microsoft's Afternoon Cyber Tea visits the world of Smashing Security with Graham Cluley and Carole Theriault . And the UK’s watchers need watching. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Join us for part three as this Learning Layer special series continues. Learning Layer host Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. In this segment, they continue to discuss the results of Joe's CISSP diagnostic and dive deep into one of the assessment questions. Learn more about ISC2’s Certified Information Systems Security Professional (CISSP) certification, and explore our online certification courses, practice tests, and labs that ensure that you’re ready for exam day. Microsoft Security’s Ann Johnson, host of the Afternoon Cyber Tea podcast, goes inside the Smashing Security podcast with Graham Cluley and Carole Theriault.  Selected Reading Facebook snooped on users’ Snapchat traffic in secret project, documents reveal (TechCrunch) NTIA Pushes for Independent Audits of AI Systems (GovInfo Security) Thousands of companies using Ray framework exposed to cyberattacks, researchers say (The Record) Finland confirms APT31 hackers behind 2021 parliament breach (BleepingComputer) Operation FlightNight: Indian Government Entities and Energy Sector Targeted by Cyber Espionage Campaign (EclecticIQ) Chinese Hackers Target ASEAN Entities in Espionage Campaign (Infosecurity Magazine) Federal Court Enters $9.9M Penalty and Injunction Against Man Found to Have Caused Thousands of Unlawful Spoofed Robocalls (US Department of Justice) UK counter-eavesdropping agency gets slap on the wrist for eavesdropping (The Record)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
27/03/2437m 51s

Exposing Muddled Libra's meticulous tactics with Incident Responder Stephanie Regan [Threat Vector]

In honor of Women's History Month, please enjoy this episode of the Palo Alto Networks Unit 42's Threat Vector podcast featuring host David Moulton's discussion with Jacqueline Wudyka about the SEC's Cybersecurity Law. In this episode, join host David Moulton as he speaks with Stephanie Regan, a senior consultant at Unit 42. Stephanie, with a background in law enforcement, specializes in compromise assessment and incident response. Discover her insights into combating the Muddled Libra threat group and similar adversaries. Stephanie highlights the crucial role of reconnaissance in investigations and the importance of strong multi-factor authentication (MFA) to counter phishing and social engineering attacks. She delves into techniques like domain typo squatting and shares how domain monitoring can thwart attackers. Learn how Unit 42 assists clients in recovering from attacks, especially those by Muddled Libra. Stephanie emphasizes rapid response and coordination, including using out-of-band communications to outmaneuver threat actors. You can learn more about Muddled Libra at https://unit42.paloaltonetworks.com/muddled-libra/ where Kristopher was the lead author for the Threat Group Assessment: Muddled Libra. Join the conversation on our social media channels: Website: ⁠https://www.paloaltonetworks.com/unit42⁠ Threat Research: ⁠https://unit42.paloaltonetworks.com/⁠ Facebook: ⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠ LinkedIn: ⁠https://www.linkedin.com/company/unit42/⁠ YouTube: ⁠@PaloAltoNetworksUnit42⁠ Twitter: ⁠https://twitter.com/PaloAltoNtwks⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape. PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠
27/03/247m 46s

The great firewall breached: China's covert cyber assault on America exposed.

An alleged sinister hacking plot by China. CISA and the FBI issued a 'secure-by-design' alert. Ransomware hits municipalities in Florida and Texas. The EU sets regulations to safeguard the upcoming European Parliament elections. ReversingLabs describe a suspicious NuGet package. Senator Bill Cassidy questions a costly breach at HHS. A data center landlord sues over requests to reveal its customers. On our Industry Voices segment, Jason Kikta, CISO & Senior Vice President of Product at Automox, discusses ways to increase IT efficiency while avoiding tool overload & complexity. And Google's AI Throws Users a Malicious Bone. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Jason Kikta, CISO & Senior Vice President of Product at Automox, discusses ways to increase IT efficiency including automation & tool streamlining, IT automation/automated patching, and tool overload & complexity. You can learn more in Automox’s 2024 State of IT Operations Research Report. Selected Reading Millions of Americans caught up in Chinese hacking plot (BBC) US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities (SecurityWeek) CISA adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog (Security Affairs) St. Cloud most recent in string of Florida cities hit with ransomware (The Record) Hackers demand $700K in ransomware attack on Tarrant Appraisal District (MSN) The impact of compromised backups on ransomware outcomes (Sophos News) EU sets rules for Big Tech to tackle interference in European Parliament elections (The Record) Suspicious NuGet package grabs data from industrial systems (ReversingLabs) Senator demands answers from HHS about $7.5 million cyber theft in 2023 (The Record) Data center landlord refuses Fairfax County demand for tenant information (Washington Business Journal) Google's AI-powered search feature recommends malicious sites, including scams and malware (TechSpot) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
26/03/2434m 46s

Dr. Rois Ni Thuama: Get into the game. [Cyber governance] [Career Notes]

Head of Cyber Governance with Red Sift, Dr. Rois Ni Thuama shares the circuitous route of her career into cyber governance. She notes the route "looks really clean, but actually it was a bit more Jeremy Bearimy." While at Trinity College, Rois was moved to be part of history unfolding in South Africa and pause her studies. While there, she began making music videos and wildlife documentaries. Upon her return to London, Rois started working in corporate governance and risk at a music technology startup. This ignited her enthusiasm for startups. She now works in a company with several coworkers from that tech startup doing cyber governance. Rois advises law students of many ways into the industry including doing coding, learning risk management, and understanding privacy legislation, and then "just get into the game." We thank Rois for sharing her story.
26/03/249m 50s

Python developers under attack.

A supply chain attack targets python developers. Russia targets German political parties. Romanian and Spanish police dismantle a cyber-fraud gang. Pwn2Own prompts quick patches from Mozilla. President Biden nominates the first assistant secretary of defense for cyber policy at the Pentagon. An influential think tank calls for a dedicated cyber service in the US. Unit42 tracks a StrelaStealer surge. GM reverses its data sharing practice. Our guest is Anna Belak, Director of the Office of Cybersecurity Strategy at Sysdig, who shares trends in cloud-native security. And a Fordham Law School professor suggests AI creators take a page from medical doctors.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Anna Belak, Director of the Office of Cybersecurity Strategy at Sysdig, shares trends in cloud-native security. To learn more, you can check out Sysdig’s 2024 Cloud-Native Security and Usage Report.  Selected Reading Top Python Developers Hacked in Sophisticated Supply Chain Attack (SecurityWeek) Russian hackers target German political parties with WineLoader malware (Bleeping Computer) Police Bust Multimillion-Dollar Holiday Fraud Gang (Infosecurity Magazine) Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own (SecurityWeek) Biden nominates first assistant defense secretary for cyber policy (Nextgov/FCW) Pentagon, Congress have a ‘limited window’ to properly create a Cyber Force (The Record) StrelaStealer targeted over 100 organizations across the EU and US (Security Affairs) General Motors Quits Sharing Driving Behavior With Data Brokers (The New York Times) AI's Hippocratic Oath by Chinmayi Sharma (SSRN) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
25/03/2434m 33s

Encore: Marcelle Lee: Cyber sleuth detecting emerging threats. [Research] [Career Notes]

Senior security researcher from Secureworks Marcelle Lee shares her career journey into cybersecurity and how she helps solve hard problems in her daily work. Marcelle came into cybersecurity not through any traditional path. She describes her route from a different field and starting in cyber at her local community college through a grant program. Marcelle took full advantage of the opportunities she had and grew her career from there. She recommends finding your specialty, but continue to build other skills. As a woman in the field, she is a strong proponent of diversity and encouraging others to find what excites them. And, we thank Marcelle for sharing her story with us.
24/03/247m 55s

HijackLoader unleashed: Evolving threats and sneaky tactics. [Research Saturday]

Liviu Arsene from CrowdStrike joins to discuss their research "HijackLoader Expands Techniques to Improve Defense Evasion." The research has found that HijackLoader continues to become increasingly popular among adversaries for deploying additional payloads and tooling. In their analysis of a recent HijackLoader sample, CrowdStrike researchers discovered new techniques designed to increase the defense evasion capabilities of the loader. Researchers state "this new approach has the potential to make defense evasion stealthier." Please take a moment to fill out an audience survey! Let us know how we are doing! The research can be found here: HijackLoader Expands Techniques to Improve Defense Evasion And be sure to join our live webinar: CISOs are the new Architects (of the Workforce) Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page.
23/03/2424m 13s

When it rains, it pours.

Advanced wiper malware hits Ukraine. Nemesis gets dismantled. Apple deals with an unpatchable vulnerability. FortiGuard rises to the rescue. CISA and FBI join forces against DDoS attacks. US airlines data security and privacy policies are under review. Hackers hit thousands in Jacksonville Beach. Geoffrey Mattson, CEO of Xage Security  sits down to discuss CISA's 2024 JCDC priorities. And Hotel keycard locks can’t be that hard to crack. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Geoffrey Mattson, CEO of Xage Security, joins us to discuss CISA's 2024 JCDC priorities. You can connect with Geoff on LinkedIn and learn more about Xage Security on their website and read about the JCDC 2024 Priorities here.  Geoff’s interview first appeared on March 21st’s episode of T-Minus Space Daily. Check out T-Minus here.  Selected Reading Sandworm-linked group likely knocked down Ukrainian internet providers (The Record)  AcidPour wiper suspected to be used against Ukrainian telecom networks (SC Media) Never-before-seen data wiper may have been used by Russia against Ukraine (Ars Technica) AcidPour | New Embedded Wiper Variant of AcidRain Appears in Ukraine (SentinelOne) F5, ScreenConnect vulnerabilities leveraged in global Chinese cyberattacks (SC Media) Nemesis darknet marketplace raided in Germany-led operation (The Record) Unpatchable vulnerability in Apple chip leaks secret encryption keys (Ars Technica) Exploit Released For Critical Fortinet RCE Flaw: Patch Soon! (GBHackers on Security)  CISA & FBI Released Guide to Respond for DDoS Attacks (Cyber Security News)  CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques (CISA)  US airlines’ data security, privacy policies to be under federal review (SC Media)  Jacksonville Beach and other US municipalities report data breaches following cyberattacks (The Record)  Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds (WIRED)   Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
22/03/2433m 35s

A CIA Psychologist on the Minds of World Leaders, Pt. 2 with Dr. Ursula Wilder [SpyCast]

In honor of Women's History Month, please enjoy this episode of the International Spy Museum's SpyCast podcast featuring part 2 of Andrew Hammond's discussion with Dr. Ursula Wilder of the Central Intelligence Agency. Summary Dr. Ursula Wilder (LinkedIn) joins Andrew (X; LinkedIn) to discuss the intersections between psychology and intelligence. Ursula is a clinical psychologist with over two decades of experience working at the Central Intelligence Agency.  What You’ll Learn Intelligence How psychology can be useful to national security Historical examples of leadership analysis  Leadership personality assessments & the Cuban Missile Crisis Psychoanalytic theory and espionage  Reflections Human nature throughout history History repeating itself  And much, much more … Quotes of the Week “Together, these documents are quite powerful. The psych assessments are very, very carefully, tightly held and are classified at a high level. Every intelligence officer has this fantasy about seeing the file that's kept on them by the opponents.” – Dr. Ursula Wilder. Resources  SURFACE SKIM *SpyCasts* Agent of Betrayal, FBI Spy Robert Hanssen with CBS’ Major Garrett and Friends (2023) The North Korean Defector with Former DPRK Agent Kim, Hyun Woo (2023) SPY@20 – “The Spy of the Century” with Curators Alexis and Andrew on Kim Philby (2022) “How Spies Think” – 10 Lessons in Intelligence with Sir David Omand (2020) *Beginner Resources* What is Psychoanalysis? Institute of Psychoanalysis, YouTube (2011) [3 min. video] Psychologists in the CIA, American Psychological Association (2002) [Short article] 7 Reasons to Study Psychology, University of Toronto (n.d.) [Short article] DEEPER DIVE Books Freud and Beyond, S. A. Mitchell (Basic Books, 2016) Narcissism and Politics: Dreams of Glory, J. M. Post (Cambridge University Press, 2014) The True Believer: Thoughts on the Nature of Mass Movements, E. Hoffer (Harper Perennial Modern Classics, 2010)  Team of Rivals: The Political Genius of Abraham Lincoln, D. K. Goodwin (Simon & Schuster, 2004) Leaders, Fools, and Impostors: Essays on the Psychology of Leadership, M. F. R. Kets de Vries (iUniverse, 2003)  Primary Sources  Charles de Gaulle to Pamela Digby Churchill (1942)  Blood, Toil, Tears and Sweat (1940) Memoirs of Ulysses S. Grant (1885) Gettysburg Address (1863)  House Divided Speech (1858) Excerpt on Cleopatra from Plutarch's Life of Julius Caesar (ca. 2nd century AD) Plutarch’s The Life of Alexander (ca. 2nd century AD)  Appian’s The Civil Wars (ca. 2nd century AD)  Virgil’s The Aeneid (19 B.C.E)  *Wildcard Resource* On Dreams by Sigmund Freud (1901) In this simplified version of the father of psychoanalysis’ seminal book The Interpretation of Dreams, you can get a small taste for Freudian philosophy. Freud believed that dreams were a reflection of the subconscious mind and that studying a person’s dreams can elucidate their inner wants and needs. What are your dreams telling you?
22/03/241h 9m

Safeguarding American data from foreign hands.

The House Unanimously Passes a Bill to Halt Sale of American Data to Foreign Foes. The U.S. Sanctions Russian Individuals and Entities for a Global Disinformation Campaign. China warns of cyber threats from foreign hacking groups. A logistics firm isolates its Canadian division after a cyber attack. Ivanti warns of another critical vulnerability. Researchers find hundreds of vulnerable Firebase instances. Microsoft phases out weaker encryption. Formula One fans fight phishing in the fast lane. Glassdoor is accused of adding real names to profiles without user consent. Our guest is Adam Meyers, SVP of Counter Adversary Operations at CrowdStrike, discussing how adversaries are attacking cloud environments and why it’s an increasingly popular attack surface. And Pwn2Own winners take home their second Tesla.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Adam Meyers, SVP of Counter Adversary Operations at CrowdStrike, discussing how adversaries are attacking cloud environments and why it’s an increasingly popular attack surface – especially as more companies implement AI. For more information, check out CrowdStrike’s 2024 Global Threat Report.  Selected Reading House unanimously passes bill to block data brokers from selling Americans’ info to foreign adversaries (The Record) Treasury Sanctions Actors Supporting Kremlin-Directed Malign Influence Efforts (US Treasury Department) China warns foreign hackers are infiltrating ‘hundreds’ of business and government networks (SCMP) International freight tech firm isolates Canada operations after cyberattack (The Record) Ivanti urges customers to fix critical RCE flaw in Standalone Sentry solution (Security Affairs) 19 million plaintext passwords exposed by incorrectly configured Firebase instances (Malwarebytes) Microsoft deprecates 1024-bit Windows RSA keys — now would be a good time to get machine identity management in order (ITPro) Users ditch Glassdoor, stunned by site adding real names without consent (Ars Technica) Famous Spa GP F1 race comms hijacked by phishing scammers (Cyber Daily) Security Researchers Win Second Tesla At Pwn2Own (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
21/03/2442m 44s

Sloane Menkes: What is the 2%? [Consultant] [Career Notes]

Principal in PricewaterhouseCoopers Cyber Risk and Regulatory Practice, Sloane Menkes, shares her story of how non-linear math helped to shape her life and career. Sloane credits a high school classmate for inspiring her mantra "What is the 2%?" that she employs when she feels like things are shutting down. She talks about her experiences in calculus class at the US AIr Force Academy that helped to enlighten her and inform the intuitive problem solving skill or way of thinking that she'd been employing in her life. She joined Office of Special Investigations and working with Howard Schmidt is where Sloane first started to get interested in cybersecurity. She shares what she loves about the consulting role is that the environment is constantly changing, and she offers some advice for women interested in cybersecurity. We thank Sloane for sharing her story with us.
21/03/2410m 11s

Biden's cyber splash in protecting the nation's water systems.

The White House Mobilizes a National Effort to Shield Water Systems from Cyber Threats and Announces Major Investment in U.S. Chip Manufacturing. The U.S. and Allies Issue Fresh Warnings on China's Volt Typhoon Cyber Threats to Critical Infrastructure. Microsoft Streamlines 365 Services with a Unified Cloud Domain. Ukrainian authorities take down a credential theft operation. LockBit claims another pharmaceutical company. A popular Wordpress plugin puts tens of thousands of websites at risk. A breach at Mintlify compromises GitHub tokens. An Idaho man pleads guilty to online extortion. The SEC fines firms for AI washing. We’ve got part two of our continuing Learning Layer series with Joe Carrigan and Sam Meisenberg logging Joe’s journey toward his CISSP certification.  And password stuffing Pokemon.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Join us as part two of the Learning Layer special series kicks off. Over the next several weekly episodes of the Learning Layer, host Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. On this episode, they continue to discuss Joe's journey to becoming a CISSP as well as discussing step one of Joe's study journey: the diagnostic assessment. Selected Reading White House Calls on States to Boost Cybersecurity in Water Sector (SecurityWeek) Five Eyes issue another China Volt Typhoon warning (The Register) Biden to Tout Government Investing $8.5 Billion in Intel's Computer Chip Plants in Four States (VoaNews) Microsoft Notifies DevOps Teams That Major Domain Change Is Coming (Cybersecurity News) Ukraine Arrests Hackers for Selling 100 Million Email, Instagram Accounts (Hack Read) Pharmaceutical development company investigating cyberattack after LockBit posting (The Record) WordPress Plugin Flaw Exposes 40,000+ Websites to Cyber Attack (GBHackers) Mintlify Confirms Data Breach Through Compromised GitHub Tokens (Hack Read) ‘Lifelock’ hacker pleads guilty to extorting medical clinics (The Record) What does 'AI Washing' mean? Firms Fined $400K by SEC for Exaggerated Statements (Cybersecurity News) Pokémon resets some users’ passwords after hacking attempts (TechCrunch) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
20/03/2430m 26s

The SEC's Cybersecurity Law, a New Compliance Era with Jacqueline Wudyka. [Threat Vector]

In honor of Women's History Month, please enjoy this episode of the Palo Alto Networks Unit 42's Threat Vector podcast featuring host David Moulton's discussion with Jacqueline Wudyka about the SEC's Cybersecurity Law. In this episode of Threat Vector, we dive deep into the new SEC cybersecurity regulations that reshape how public companies handle cyber risks. Legal expert and Unit 42 Consultant Jacqueline Wudyka brings a unique perspective on the challenges of defining 'materiality,' the enforcement hurdles, and the impact on the cybersecurity landscape.  Whether you're a cybersecurity professional, legal expert, or just keen on understanding the latest in cyber law, this episode is packed with insights and strategies for navigating this new terrain. Tune in to stay ahead in the world of cybersecurity compliance! If you're interested to learn more about Unit 42's world-class visit https://www.paloaltonetworks.com/unit42 Join the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠
20/03/2426m 30s

SIM swap scammer pleads guilty.

A SIM-swapper faces prison and fines. Here come the class action suits against UnitedHealth Group. Aviation and Aerospace find themselves in the cyber crosshairs. A major mortgage lender suffers a major data breach. A look at election misinformation. The UK shares guidance on migrating SCADA systems to the cloud. Collaborative efforts to contain Smoke Loader. Trend Micro uncovers Earth Krahang. Troy Hunt weighs in on the alleged AT&T data breach. Ben Yelin unpacks the case between OpenAI and the New York Times. And fool me once, shame on you… Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin, Program Director at University of Maryland’s Center for Health and Homeland Security and cohost of our Caveat podcast, discusses the article on how “OpenAI says New York Times ‘hacked’ ChatGPT to build copyright lawsuit.”   Selected Reading District of New Jersey | Former Telecommunications Company Manager Admits Role in SIM Swapping Scheme (United States Department of Justice) Cash-Strapped Women's Clinic Sues UnitedHealth Over Attack (Gov Info Security) Nations Direct Mortgage Data Breach Impacts 83,000 Individuals (SecurityWeek) Preparing Society for AI-Driven Disinformation in the 2024 Election Cycle (SecurityWeek) NCSC Publishes Security Guidance for Cloud-Hosted SCADA (Infosecurity Magazine) Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor (Palo Alto Networks Unit 42) Prolific Chinese Threat Campaign Targets 100+ Victims (Infosecurity Magazine) Troy Hunt: Inside the Massive Alleged AT&T Data Breach (Troy Hunt) Kids’ Cartoons Get a Free Pass From YouTube’s Deepfake Disclosure Rules (WIRED) Ransomware Groups: Trust Us. Uh, Don't. (BankInfoSecurity) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
19/03/2433m 1s

Roselle Safran: So much opportunity. [Entrepreneur] [Career Notes]

CEO and Founder of KeyCaliber, Roselle Safran, takes us on her circuitous career journey from startup to White House and back to startup again. With a degree in civil engineering, Roselle veered off into a more technical role at a startup and she says "caught the startup bug." After convincing a hiring manager that she could learn on the job, she transitioned to computer forensics and started on the path of cybersecurity. Roselle worked in government for the Department of Homeland Security and then to the Executive Office of the President leading all of the security operations. She jumped back into the world of startups and has stayed there. Roselle tells people interested in a career in cybersecurity to just apply. Learn as much as you can and go for it. We thank Roselle for sharing her story with us.
19/03/248m 37s

The hot pursuit of Volt Typhoon.

Volt Typhoon retains the attention of US investigators. The IMF reports a cyber breach. Fujitsu finds malware on internal systems. Securonix researchers describe DEEP#GOSU targeting South Korea. Subsea cable breaks leave West and Central Africa offline. Health care groups oppose enhanced cyber security regulations. A Pennsylvania school district grapples with a ransomware attack. AT&T denies a data leak. Our guest Kevin Magee of Microsoft Canada shared his experiments with board reporting. And Apex Legends eSports competitors get some unexpected upgrades.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Kevin Magee of Microsoft Canada sharing his experiments using N2K’s CSO Rick Howard's forecasting methodology from his Cybersecurity First Principles book regarding board reporting.  Selected Reading US is still chasing down pieces of Chinese hacking operation, NSA official says (The Record) IMF Investigates Serious Cybersecurity Breach (Infosecurity Magazine) Tech giant Fujitsu says it was hacked, warns of data breach (TechCrunch) Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware (securonix) Ghana says repairs on subsea cables could take five weeks  (Reuters) Health care groups resist cybersecurity rules in wake of landmark breach (CyberScoop) Pennsylvania’s Scranton School District dealing with ransomware attack (The Record) AT&T says leaked data of 70 million people is not from its systems (BleepingComputer) The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats (Security Affairs) Massive ‘Apex Legends’ Hack Disrupts NA Finals, Raises Serious Security Concerns (Forbes) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
18/03/2430m 35s

Encore: Dawn Cappelli: Becoming the cyber fairy godmother. [OT] [Career Notes]

Dawn Cappelli, OT CERT Director at Dragos, sits down to share what she has learned after her 25+ year career in the industry. She recalls wanting to have been a rockstar when she grew up, now she refers to herself as the fairy godmother of security. She shares some of the amazing things she got to work on throughout her career, including working with the Secret Service when the Olympics came to Salt Lake City, Utah in 2002. She shares how she was able to rise through the ranks to get to where she is now. Dawn talks about how she wasn't ready to retire quite yet because she loved the industry so much, saying "I retired, but I knew I still loved security. I have this passion for protection and so Dragos came along and they offered me this role of Director of OT CERT. I feel like I'm the security fairy godmother." She shares words of wisdom for all trying to get into the industry, saying that you need to always take the risk like she did when she first started her career. We thank Dawn for sharing her story with us.
17/03/2410m 2s

Unveiling the updated NICE Framework & cybersecurity education’s future. [Special Edition]

The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1) provides a set of building blocks for describing the Tasks, Knowledge, and Skills (TKS) that are needed to perform cybersecurity work by individuals or teams. Through these building blocks, the NICE Framework enables organizations to develop their workforces to perform cybersecurity work, and it helps learners to explore cybersecurity work and to engage in appropriate learning activities to develop their knowledge and skills. On this Special Edition podcast, N2K CyberWire's Dave Bittner is joined by the team at NIST and FIU's Jack D. Gordon Institute for Public Policy to delve into the history of the NICE Framework through its latest update and looking into the future. Brian Fonseca, Director at the Jack D. Gordon Institute for Public Policy, shares an introduction to the NICE Framework. Karen Wetzel, NICE Framework Manager, discusses the updates to the framework. Rodney Petersen, Director of NICE, talks about what these updates mean to cybersecurity education's future. Resources: NICE Framework Resource Center Getting Started with the NICE Framework 2024 NICE Conference and Expo: Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap Take advantage of the early bird pricing until March 19, 2024. Don’t miss out on this opportunity! Jack D. Gordon Institute for Public Policy at Florida International University (FIU) Veterans and First Responders Training Initiative Intelligence Fellowship And be sure to check out our live webinar: CISOs are the new Architects (of the Workforce) Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page.
17/03/2447m 32s

Inside SendGrid's phishy business. [Research Saturday]

Robert Duncan from Netcraft is sharing their research on "Phishception - SendGrid abused to host phishing attacks impersonating itself." Netcraft has recently observed that criminals abused Twilio SendGrid’s email delivery, API, and marketing services to launch a phishing campaign impersonating itself.  Hackers behind this novel phishing campaign used SendGrid’s Tracking Settings feature, which allows users to track clicks, opens, and subscriptions with SendGrid. The malicious link was masked behind a tracking link hosted by SendGrid.  Please take a moment to fill out an audience survey! Let us know how we are doing! The research can be found here: Phishception – SendGrid is abused to host phishing attacks impersonating itself
16/03/2431m 55s

Flight fiasco: UK Defence Minister's jet faces GPS jamming.

Russia’s accused of jamming a jet carrying the UK’s defense minister. Senators introduce a bipartisan Section 702 compromise bill. The Cybercrime Atlas initiative seeks to dismantle cybercrime. StopCrypt ransomware grows stealthier. A Scottish healthcare provider is under cyber attack. Workers in France are at risk of data exposure. CERT-BE warns of critical vulnerabilities in Arcserve UDP software. The FCC approves IoT device labeling. Researchers snoop on AI chat responses. A MITRE-Harris poll tracks citizens’ concern over critical infrastructure. On our Solution Spotlight, N2K President Simone Petrella discusses the shortage of ethical hackers against the rise of AI with IOActive's CTO Gunter Ollmann. The FTC fines notorious tech support scammers.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella discusses the shortage of ethical hackers against the rise of AI with IOActive's CTO Gunter Ollmann. Coming this weekend Tune in to the CyberWire Daily Podcast feed on Sunday for a Special Edition podcast we produced in collaboration with our partners at NICE, “Unveiling the updated NICE Framework & cybersecurity education’s future.” We delve into the history of the NICE Framework, dig into its latest update, and look into the future of cybersecurity education. Selected Reading Defence Secretary jet hit by an electronic warfare attack in Poland (Security Affairs) Russia believed to have jammed signal on UK defence minister's plane - source (Reuters) Senators propose a compromise over hot-button Section 702 renewal (The Record) WEF effort to disrupt cybercrime moves into operations phase (The Register) StopCrypt: Most widely distributed ransomware now evades detection (Bleeping Computer) Scottish health service says ‘focused and ongoing cyber attack’ may disrupt services (The Record) Massive Data Breach Exposes Info of 43 Million French Workers (Hack Read) WARNING: THREE VULNERABILITIES IN ARCSERVE UDP SOFTWARE DEMAND URGENT ACTION, PATCH IMMEDIATELY! (certbe) FCC approves cybersecurity label for consumer devices  (CyberScoop) Hackers can read private AI-assistant chats even though they’re encrypted  (Ars Technica) MITRE-Harris poll reveals US public's concerns over critical infrastructure and perceived risks  (Industrial Cyber) Tech Support Firms Agree to $26M FTC Settlement Over Fake Services (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
15/03/2437m 14s

A CIA Psychologist on the Minds of World Leaders, Pt. 1 with Dr. Ursula Wilder [SpyCast]

In honor of Women's History Month, please enjoy this episode of the International Spy Museum's SpyCast podcast featuring part 1 of Andrew Hammond's discussion with Dr. Ursula Wilder of the Central Intelligence Agency. Summary Dr. Ursula Wilder (LinkedIn) joins Andrew (X; LinkedIn) to discuss the intersections between psychology and intelligence. Ursula is a clinical psychologist with over two decades of experience working at the Central Intelligence Agency.  What You’ll Learn Intelligence How psychology can be useful to national security Historical examples of leadership analysis  Leadership personality assessments & the Cuban Missile Crisis Psychoanalytic theory and espionage  Reflections Human nature throughout history History repeating itself  And much, much more … Quotes of the Week “Together, these documents are quite powerful. The psych assessments are very, very carefully, tightly held and are classified at a high level. Every intelligence officer has this fantasy about seeing the file that's kept on them by the opponents.” Resources  SURFACE SKIM *SpyCasts* Agent of Betrayal, FBI Spy Robert Hanssen with CBS’ Major Garrett and Friends (2023) The North Korean Defector with Former DPRK Agent Kim, Hyun Woo (2023) SPY@20 – “The Spy of the Century” with Curators Alexis and Andrew on Kim Philby (2022) “How Spies Think” – 10 Lessons in Intelligence with Sir David Omand (2020) *Beginner Resources* What is Psychoanalysis? Institute of Psychoanalysis, YouTube (2011) [3 min. video] Psychologists in the CIA, American Psychological Association (2002) [Short article] 7 Reasons to Study Psychology, University of Toronto (n.d.) [Short article] DEEPER DIVE Books Freud and Beyond, S. A. Mitchell (Basic Books, 2016) Narcissism and Politics: Dreams of Glory, J. M. Post (Cambridge University Press, 2014) The True Believer: Thoughts on the Nature of Mass Movements, E. Hoffer (Harper Perennial Modern Classics, 2010)  Team of Rivals: The Political Genius of Abraham Lincoln, D. K. Goodwin (Simon & Schuster, 2004) Leaders, Fools, and Impostors: Essays on the Psychology of Leadership, M. F. R. Kets de Vries (iUniverse, 2003)  Primary Sources  Charles de Gaulle to Pamela Digby Churchill (1942)  Blood, Toil, Tears and Sweat (1940) Memoirs of Ulysses S. Grant (1885) Gettysburg Address (1863)  House Divided Speech (1858) Excerpt on Cleopatra from Plutarch's Life of Julius Caesar (ca. 2nd century AD) Plutarch’s The Life of Alexander (ca. 2nd century AD)  Appian’s The Civil Wars (ca. 2nd century AD)  Virgil’s The Aeneid (19 B.C.E)  *Wildcard Resource* On Dreams by Sigmund Freud (1901) In this simplified version of the father of psychoanalysis’ seminal book The Interpretation of Dreams, you can get a small taste for Freudian philosophy. Freud believed that dreams were a reflection of the subconscious mind and that studying a person’s dreams can elucidate their inner wants and needs. What are your dreams telling you?
15/03/241h 13m

TikTok showdown: U.S. lawmakers target privacy and security.

The US House votes to enact restrictions on TikTok. HHS launches an investigation into Change Healthcare. An Irish Covid-19 portal puts over a million vaccination records at risk. Google distributes $10 million in bug bounty rewards. Nissan Oceana reports a data breach resulting from an Akira ransomware attack. Meta sues a former VP for alleged data theft.  eSentire sees Blind Eagle focusing on the manufacturing sector. Claroty outlines threats to health care devices. A major provider of yachts is rocked by a cyber incident. In our Threat Vector segment, David Moulton explores the new SEC cybersecurity regulations with legal expert and Unit 42 Consultant Jacqueline Wudyka. And ransomware victims want their overtime pay.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Threat Vector segment, host David Moulton explores the new SEC cybersecurity regulations that reshape how public companies handle cyber risks with legal expert and Unit 42 Consultant Jacqueline Wudyka. They discuss the challenges of defining 'materiality,' the enforcement hurdles, and the impact on the cybersecurity landscape.  Selected Reading Bill that could spur TikTok ban gains House OK  (SC Media) What would a TikTok ban look like for users? (NBC News) HHS to investigate UnitedHealth and ransomware attack on Change Healthcare (The Record) How a user access bug in Ireland’s vaccination website exposed more than a million records (ITPro) Google Paid $10m in Bug Bounties to Security Researchers in 2023 (Infosecurity Magazine) Nearly 100K impacted by Nissan Oceania cyberattack (SC Media) Meta Sues Former VP After Defection to AI Startup (Infosecurity Magazine) Malware Analysis: Blind Eagle's North American Journey (esentire) Only 13% of medical devices support endpoint protection agents (Help Net Security) Billion-dollar boat seller MarineMax reports cyberattack to SEC (The Record) City workers not getting paid overtime amid Hamilton's ransomware attack: unions (CBS News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
14/03/2433m 46s

Teresa Rothaar: Outwork the competition. [Analyst] [Career Notes]

Teresa Rothaar, a governance, risk, and compliance (GRC) analyst at Keeper Security sits down to share her story, from performer to cyber. She fell in love with writing as a young girl, she experimented with writing fanfiction which made her want to grow up to be in the arts. After attending college she found that she was good at math, lighting the way for her to start her cyber career. Teresa moved to being a writer at Keeper, finding she wanted to spread out and try more, so she ended up becoming an analyst while still doing writing on the side. She quotes David Duchovny in an interview once, explaining how sometimes you need to keep your head down and outwork others. Teresa said this resonated with her, saying, "that's how I went from a foreclosure box on the porch to where I am now. I have a good job and, and I have a career and I have a really good career and I absolutely love it." We thank Teresa for sharing her story.
14/03/249m 3s

The usual suspects are up to their usual tricks.

ODNI’s Annual Threat Assessment highlights the usual suspects. The White House meets with UnitedHealth Group’s CEO. A convicted LockBit operator gets four years in prison. The Clop ransomware group leaks data from major universities. Equilend discloses a data breach. Fortinet announces critical and high-severity vulnerabilities. GhostRace exploits speculative race conditions in popular CPUs. Incognito Market pulls the rug and extorts its users. Patch Tuesday notes. On the Learning Layer, Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. They explore Joe's journey on the road to taking his CISSP test. And, I do not authorize Facebook, Meta or any of its subsidiaries to use this podcast. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Join us as a Learning Layer special series kicks off. Over the next several weekly episodes of the Learning Layer, host Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. On this episode, they explore Joe's journey as he embarks on the road to taking his CISSP test after fourteen years in the cyber industry, and why he decided to get it now. Learn more about ISC2’s Certified Information Systems Security Professional (CISSP) certification, and explore our online certification courses, practice tests, and labs that ensure that you’re ready for exam day. Selected Reading ODNI's 2024 Threat Assessment: China, Russia, North Korea pose major cyber threats amid global instability - Industrial Cyber (Industrial Cyber) White House meets with UnitedHealth CEO over hack  (Reuters) LockBit ransomware affiliate gets four years in jail, to pay $860k (bleepingcomputer) Stanford University ransomware attack impacts 27K  (SC Media) EquiLend Employee Data Breached After January Ransomware Attack (HACKread) Fortinet reports two critical and three high severity issues, plan to patch (beyondmachines) Major CPU, Software Vendors Impacted by New GhostRace Attack (SecurityWeek) Incognito Market: The not-so-secure dark web drug marketplace  (Graham Cluley) Microsoft Patch Tuesday – Major Flaws In Office, Exchange And SQL Server (cybersecuritynews) New Facebook photo rule hoax spreads (Malwarebytes)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
13/03/2431m 12s

Biden's budget boost for cybersecurity.

Biden’s budget earmarks thirteen billion bucks for cybersecurity. DOJ targets AI abuse. A US trade mission to the Philippines includes cyber training. CISA and OMB release a secure software attestation form. CyberArk explores AI worms. Russia arrests a South Korean on cyber espionage charges. French government agencies are hit with DDoS attacks. Jessica Brandt is named director of the Foreign Malign Influence Center. Afternoon Cyber Tea host Ann Johnson speaks with her guest Keren Elazari about the hacker mindset. Google builds itself the Bermuda Triangle of Broadband.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Afternoon Cyber Tea host Ann Johnson talks with her guest Keren Elazari about the hacker mindset. To hear the full conversation, please listen to the episode of Afternoon Cyber Tea. Selected Reading US Federal Budget Proposes $27.5B for Cybersecurity (GovInfo Security) Justice Department Beefs up Focus on Artificial Intelligence Enforcement, Warns of Harsher Sentences (SecurityWeek) Microsoft to train 100,000 Philippine women in AI, cybersecurity (South China Morning Post) US launches secure software development attestation form to enhance federal cybersecurity (Industrial Cyber) The Rise of AI Worms in Cybersecurity (Security Boulevard) South Korean detained earlier this year is accused of espionage in Russia, state news agency says (Associated Press)  Massive cyberattacks hit French government agencies (Security Affairs) ODNI appoints new election security leader ahead of presidential race (The Record) Google’s self-designed office swallows Wi-Fi “like the Bermuda Triangle” ( Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
12/03/2427m 10s

Kyla Guru: You are a key piece to our national security. [Education] [Career Notes]

Founder and CEO of nonprofit Bits N' Bytes Cybersecurity Education and undergraduate student at Stanford University, Kyla Guru shares her journey from GenCyber Camp to becoming a cybersecurity thought leader. Seeing the need. for cybersecurity education in her own community spurred Kyla into action engaging our civilian population in understanding their role in the cybersecurity space. Kyla recommends putting yourself out there: taking courses, getting more knowledge, getting internships, meeting people and going to conferences. Kyla thinks her generation has an inquisitive mind and feels that is where advocacy and education come in with cybersecurity. She shares for any young person "thinking about maybe starting something in security, this is definitely the time to do so." And, we thank Kyla for sharing her story with us.
12/03/247m 19s

CISA’s news trifecta.

A roundup of news out of CISA. California reveals data brokers selling the sensitive information of minors. Permiso Security shares an open-source cloud intrusion detection tool. Darktrace highlights a campaign exploiting DropBox.  EU's Cyber Solidarity Act forges ahead. A White House committee urges new economic incentives for securing OT systems. Paysign investigates claims of a data breach.  Our guest is Alex Cox, Director Threat Intelligence, Mitigation, and Escalation at LastPass, to discuss what to expect after LockBit. And Axios highlights the clowns and fools behind ransomware attacks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Alex Cox, Director, Threat Intelligence, Mitigation, Escalation (TIME) at LastPass, joins us to discuss what to expect after LockBit. Selected Reading Top US cybersecurity agency hacked and forced to take some systems offline (CNN Politics) CISA’s open source software security initiatives detailed (SC Media) GAO uncovers mixed feedback on CISA's OT cybersecurity services when it comes to addressing risks (Industrial Cyber) Dozens of data brokers disclose selling reproductive healthcare info, precise geolocation and data belonging to minors (The Record) New Open Source Tool Hunts for APT Activity in the Cloud (SecurityWeek) Dropbox Abused in New Phishing, Malspam Scam to Steal SaaS Logins (HACKREAD) Everything you need to know about the EU's Cyber Solidarity Act (ITPro) White House advisory group says market forces ‘insufficient’ to drive cybersecurity in critical infrastructure (CyberScoop) Paysign investigating reports of consumer information data breach (The Record) The clowns and fools behind ransomware attacks (Axios)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
11/03/2435m 39s

Encore: Swati Shekhar: Challenges increase your risk appetite. [Engineering] [Career Notes]

Ground Labs' Head of Engineering, Swati Shekhar, shares her circuitous route from and back to engineering. Always being interested in leveraging the tools available to solve problems, Swati talks about how she found her place in engineering. She mentions how she had her first real experience with a computer when she was 17 in her first year at college. Aside from being one of 30 young women in a sea of 500 young men there, Swati described it as a "good culture shock because anything that takes you out of your comfort zone actually makes you learn and grow." She notes that challenges experienced in life increase your risk appetite so significantly. Swati advises those looking to make a job change to be certain of what is attracting them and to be yourself. We thank Swati for sharing her story with us.
10/03/2411m 4s

Setting better cyber job expectations to attract and retain talent. [Special Edition]

In honor of Women's History Month, please enjoy this encore of Dr. Sasha Vanterpool's webinar. In this webinar, N2K Networks Cyber Workforce Consultant Dr. Sasha Vanterpool shares how to update job descriptions to better reflect cyber role expectations to improve hiring, training, and retention. To view the original webinar on demand, visit here.
10/03/2421m 2s

Understanding the multi-tiered impact of ransomware. [Research Saturday]

This week we are joined by Jamie MacColl and Dr. Pia Hüsch from RUSI discussing their work on "Ransomware: Victim Insights on Harms to Individuals, Organisations and Society." The research reveals some of the harms caused by ransomware, including physical, financial, reputational, psychological and social harms. Researchers state "Based on interviews with victims and incident responders, this paper outlines the harm ransomware causes to organisations, individuals, the UK economy, national security and wider society." The research can be found here: Ransomware: Victim Insights on Harms to Individuals, Organisations and Society
09/03/2422m 55s

From breach to battle: The escalating threat of Midnight Blizzard.

Russian hackers persist against Microsoft’s internal systems. Change Healthcare systems are slowly coming back online. Russian propaganda sites masquerade as local news. Swiss government info is leaked on the darknet.  Krebs on Security turns the tables on the Radaris online data broker. The NSA highlights the fundamentals of Zero Trust. The British Library publishes lessons learned from their ransomware attack. Researchers run a global prompt hacking competition. CheckPoint looks at Magnet Goblin. Experts highlight the need for psychological safety in cyber security. Our guest is Dinah Davis, Founder and Editor-In-Chief of Code Like A Girl, sharing the work they do to inspire young women to consider a career in technology. And the I-Soon leak reveals the seedy underbelly of Chinese cyber operations. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Dinah Davis, Founder and Editor-In-Chief of Code Like A Girl, sharing the work they do to inspire young women to consider a career in technology. Selected Reading Microsoft says Russian-state sponsored hackers have been able to access internal systems  (Reuters)  Change Healthcare brings some systems back online after cyberattack (The Record) Spate of Mock News Sites With Russian Ties Pop Up in U.S  (The New York Times) Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration (Security Affairs) A Close Up Look at the Consumer Data Broker Radaris (krebsonsecurity) NSA Details Seven Pillars Of Zero Trust (GB Hackers) LEARNING LESSONS FROM THE CYBER-ATTACK British Library cyber incident review (British Library) A Taxonomy of Prompt Injection Attacks  (Schneier on Security) https://arxiv.org/pdf/2311.16119.pdf (Research) Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities  (Check Point Research) Why 'psychological safety' is so important for building a robust security culture (ITPro) Inside Chinese hacking company’s culture of influence, alcohol and sex (C4isernet) International Women's Day (International Women’s Day)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
08/03/2438m 0s

Encore: Breaking Through: Securing the advancement of women in cybersecurity. {Special Editions]

In honor of International Women's Day, please enjoy this encore of our 2023 Women in Cyber panel. In the dynamic field of cybersecurity, it’s well established that creating more opportunities for diversity and inclusion is essential for developing a highly skilled workforce. As an industry, we are starting to see the fruits of that labor, but there is a growing need for diverse leadership to nurture continuous innovation and resilience in cybersecurity. As part of N2K’s 2023 Women in Cyber content series, we’re excited to host an engaging virtual panel discussion moderated by N2K's President Simone Petrella featuring insights, experiences, and strategies for advancing more women into leadership roles within the field. This virtual discussion explores different areas including: Navigating the Cybersecurity Landscape: Gain insights into our guests' career journeys, including mentors, challenges, and success, and how the evolving landscape may present different challenges and opportunities for women. Building a Supportive Ecosystem: Explore the importance of mentorship, allyship, and a strong network in propelling women into leadership, and how to create an environment where everyone can thrive. Closing the Gender Gap: Delve into actionable strategies and best practices for organizations to promote gender diversity in their cybersecurity leadership teams. The Future of Cybersecurity Leadership: Gain a forward-looking perspective on the evolving role of women in shaping the future of cybersecurity. This panel discussion is a must-listen event for professionals, leaders, and aspiring cybersecurity experts who are committed to promoting diversity and empowering women to excel in cybersecurity leadership. Don't miss the opportunity to be part of this inspiring conversation and drive positive change in the industry. Panelists: Abisoye Ajayi, Cyber & Analytics Manager at Tulsa Innovation Labs Koma Gandy, VP, Leadership & Business at Skillsoft Lauren Zabierek, Sr. Advisor at CISA
08/03/2450m 46s

A secret scheme resulting in stolen secrets.

A former Google software engineer is charged with stealing AI tech for China. State attorneys general from forty-one states call out Meta over account takeover issues. Researchers demonstrate a Stuxnet-like attack using PLCs. Buyer beware - A miniPC comes equipped with pre installed malware. A Microsoft engineer wants the FTC to take a closer look at Copilot Designer. There’s a snake in Facebook’s walled garden. Bruce Schneier wonders if AI can strengthen democracy. On our Industry Voices segment, guest Jason Lamar, Senior Vice President of Product at Cobalt, joins us to discuss offensive security strategy. And NIST works hard to keep their innovations above water. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, guest Jason Lamar, Senior Vice President of Product at Cobalt, joins us to discuss offensive security strategy. You can find out more from Cobalt’s OffSec Shift report here.  Selected Reading Former Google Engineer Charged With Stealing AI Secrets (Infosecurity Magazine) Several States Attorneys General have written to Meta demanding better account recovery (NY gov) Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers  (SecurityWeek) Whoops! ACEMAGIC ships mini PCs with free bonus pre-installed malware  (Graham Cluley) Microsoft AI engineer warns FTC about Copilot Designer safety concerns  (The Verge) Snake, a new Info Stealer spreads through Facebook messages (Security Affairs) NSA Details Seven Pillars Of Zero Trust (gbhackers) How Public AI Can Strengthen Democracy  (Schneier on Security) This agency is tasked with keeping AI safe. Its offices are crumbling. (WashingtonPost) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
07/03/2432m 58s

Encore: Dinah Davis: Building your network. [R&D] [Career Notes]

In honor of International Women's Day, please enjoy this encore of Dinah Davis sharing her story. Coming from her love of math, VP of R&D at Arctic Wolf Networks Dinah Davis shares how she arrived in the cybersecurity industry after finding her niche. Dinah recalls how at a time of indecision, a computer course at university and a job with the Canadian government helped to solidify her career direction. Dinah mentions how "security and cryptography specifically was this perfect mix of real world problem solving and mathematics and computer science all combined into one ball of happiness." Networking played a key role in Dinah's journey. She recommends that those interested in joining the field to go for what they believe in. And, we thank Dinah for sharing her story with us.
07/03/248m 10s

No cyber blues on Super Tuesday.

CISA says Super Tuesday ran smoothly. The White House sanctions spyware vendors. The DoD launches its Cyber Operational Readiness Assessment program. NIST unveils an updated NICE Framework. Apple patches a pair of zero-days. The GhostSec and Stormous ransomware gangs join forces. Cado Security tracks a new Golang-based malware campaign. Google updates its search algorithms to fight spammy content. Canada's financial intelligence agency suffers a cyber incident. On our Industry Voices segment, our guest Amitai Cohen, Attack Vector Intel Lead at Wiz joins us to discuss cloud threats. Moonlighting on the dark side.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, our guest Amitai Cohen, Attack Vector Intel Lead at Wiz and host of their Crying Out Cloud podcast, joins us to discuss cloud threats. Learn more in Wiz's State of the AI Cloud report.  Selected Reading No security issues as Super Tuesday draws to a close, CISA official says (The Record) Biden administration sanctions makers of commercial spyware used to surveil US (CNN Business) US DoD launches CORA program to revolutionize cybersecurity strategy (Industrial Cyber) Unveiling NICE Framework Components v1.0.0: Explore the Latest Updates Today! (NIST) Update your iPhones and iPads now: Apple patches security vulnerabilities in iOS and iPadOS (Malwarebytes) Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks (Security Affairs) Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware (Bleeping Computer) Google is starting to squash more spam and AI in search results (The Verge) Cyberattack forces Canada’s financial intelligence agency to take systems offline (The Record) Cyber Pros Turn to Cybercrime as Salaries Stagnate (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
06/03/2437m 53s

From Nation States to Cybercriminals: AI's Influence on Attacks with Wendi Whitmore [Threat Vector]

In honor of Women's History Month, please enjoy this episode of the Palo Alto Networks' Unit 42 podcast, Threat Vector, featuring David Moulton's discussion with Wendi Whitmore about the evolving threat landscape. In this conversation, David Moulton from Unit 42 discusses the evolving threat landscape with Wendi Whitmore, SVP of Unit 42. Wendi highlights the increasing scale, sophistication, and speed of cyberattacks, with examples like the recent Clop ransomware incident, and emphasizes that attackers, including nation-state actors and cybercriminals, are leveraging AI, particularly generative AI, to operate faster and more effectively, especially in social engineering tactics. To protect against these threats, businesses must focus on speed of response, automated integration of security tools, and operationalized capabilities and processes. The conversation underscores the importance of staying vigilant and leveraging technology to defend against the rapidly changing threat landscape. Theat Group Assessments https://unit42.paloaltonetworks.com/category/threat-briefs-assessments/ Please share your thoughts with us for future Threat Vector segments by taking our ⁠brief survey⁠. Join the conversation on our social media channels: Website: ⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠ Threat Research: ⁠⁠https://unit42.paloaltonetworks.com/⁠⁠ Facebook: ⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠ LinkedIn: ⁠⁠https://www.linkedin.com/company/unit42/⁠⁠ YouTube: ⁠⁠@PaloAltoNetworksUnit42⁠⁠ Twitter: ⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape. PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠
05/03/247m 30s

Change Healthcare hackers cash in $22 million ransom.

Is the ALPHV gang pulling up a twenty two million dollar rug? Meta platforms are experiencing outages.  Ukraine claims a cyberattack on the Russian Ministry of Defense. Malicious phishers hope to hook hashes. TeamCity users are warned of critical vulnerabilities. The Discord leaker pleads guilty. AmEx suffers a third-party data breach. Amazon is flooded with fake copycat publications. Our guest is Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division to discuss Volt Typhoon. And, Dude, she is just not that into you. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division joins us to discuss Volt Typhoon. Selected Reading Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment  (WIRED) Ukraine claims it hacked Russian Ministry of Defense servers (Bleeping Computer) Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes (Help Net Security) TeamCity Users Urged to Patch Critical Vulnerabilities (Infosecurity Magazine) Pentagon leak defendant Jack Teixeira pleads guilty, faces years in prison (Reuters) American Express credit cards exposed in third-party data breach (Bleeping Computer) Tech writer Kara Swisher has a new book. Enter the AI-generated scams. (Bleeping Computer) Retired Army officer charged with sharing classified information about Ukraine on foreign dating site (CBS News)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
05/03/2428m 21s

Encore: Monica Ruiz: Moving ahead when not many look like you. [Policy]

In honor of International Women's Day, please enjoy this encore of Monica Ruiz sharing her story. Cyber Initiative and Special Projects Fellow at the Hewlett Foundation Monica Ruiz shares her career development from aspirations of being a weather woman to her current role as a grantmaker and connector in cybersecurity. Monica discusses how her international study experience changed her outlook and brought her to the field of security. She shares the difficulties she faced as a woman of color when when not that many people look like you, and how she used that as her reason to move forward and better the cybersecurity field through her work. Our thanks to Monica for sharing her story with us.
05/03/247m 41s

Cyberattack causes a code red on US healthcare.

The US healthcare sector is struggling to recover from a cyberattack. Russia listens in via Webex. The former head of NCSC calls for a ransomware payment ban. An Indian content farm mimics legitimate online news sites. The FTC reminds landlords that algorithmic price fixing is illegal. FCC employees are targeted by a phishing campaign. Experts weigh in on NIST’s updated cybersecurity framework. Police shut down the largest German-speaking cybercrime market. Guest Mike Hanley, Chief Security Officer and the Senior Vice President of Engineering at GitHub, shares insights with Ann Johnson of Afternoon Cyber Tea. And celebrating the most inspiring women in cyber. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Mike Hanley, Chief Security Officer and the Senior Vice President of Engineering at GitHub, shares insights with Ann Johnson of Afternoon Cyber Tea. You can hear their full discussion here, and tune in to Microsoft Security’s Afternoon Cyber Tea every other Tuesday on the N2K’s CyberWire Network.   Selected Reading Health-care hack spreads pain across hospitals and doctors nationwide (Washington Post) Russia’s chief propagandist leaks intercepted German military Webex conversation (The Record) Cyber ransoms are too profitable. Let’s make paying illegal (The Times UK) News farm impersonates 60+ major outlets: BBC, CNN, CNBC, Guardian… (Bleeping Computer) Price fixing by algorithm is still price fixing (Federal Trade Commission) FCC Employees Targeted in Sophisticated Phishing Attacks (SecurityWeek) Industry Reactions to NIST Cybersecurity Framework 2.0: Feedback Friday (SecurityWeek) Germany takes down cybercrime market with over 180,000 users (Bleeping Computer) Exceptional Women Recognised for Contribution to Cyber Industry at Most Inspiring Women in Cyber Awards 2024 (IT Security Guru) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
04/03/2430m 1s

Encore: Pattie Dillon: Take the leap. [Anti-fraud] [Career Notes]

Product Manager in Anti-Fraud Solutions at SpyCloud, Pattie Dillon shares her journey from raising her family to specializing in the anti-fraud space. Upon reentering the workforce, Pattie worked on identity verification and developed a system with privacy concerns in mind. She moved to work in gift cards and was exposed to money laundering. Traveling along the fraud spectrum, Pattie learned about underground data and feels that this data can be leveraged to actually prevent and fight online fraud. Pattie believes if you don't try, you'll never know. We know we appreciate Pattie sharing her story with us.
03/03/249m 6s

The return of a malware menace. [Research Saturday]

This week we are joined by, Selena Larson from Proofpoint, who is discussing their research, "Bumblebee Buzzes Back in Black." Bumblebee is a sophisticated downloader used by multiple cybercriminal threat actors and was a favored payload from its first appearance in March 2022 through October 2023 before disappearing. After a four month hiatus, Proofpoint researchers found that the downloader returned. Its return aligns with a surge of cybercriminal threat activity after a notable absence of many threat actors and malware. The research can be found here: Bumblebee Buzzes Back in Black
02/03/2421m 8s

WhatsApp's legal triumph cracks the spyware vault.

A court orders NSO Group to hand over their source code. The Five Eyes reiterate warnings about Ivanti products. Researchers demonstrate a generative AI worm. Fulton County calls LockBit’s bluff. SMS codes went unprotected online. Golden Corral serves up a buffet of personal data. Ransom demands continue to climb. A US Senator calls on the FTC to investigate auto industry privacy practices. Dressing up data centers. Our guest is Dominic Rizzo, founder and director of OpenTitan and CEO at zeroRISC, discussing the first open-source silicon project to reach commercial availability. And Cops can’t keep their suspects straight.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Dominic Rizzo, founder and director of OpenTitan and CEO at zeroRISC, discussing the first open-source silicon project to reach commercial availability. You can find the press release here.  Selected Reading Five Eyes Warn of Ivanti Vulnerabilities Exploitation, Detection Tools Insufficient (Infosecurity Magazine) A leaky database spilled 2FA codes for the world’s tech giants (TechCrunch) Report: Average Initial Ransomware Demand in 2023 Reached $600K (Security Boulevard) Here Come the AI Worms (WIRED) Golden Corral restaurant chain data breach impacts 183,000 people (Bleeping Computer) Hackers stole 'sensitive' data from Taiwan telecom giant: ministry(Tech Xplore) CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog (Security Affairs) Senator asks FTC to investigate automakers’ data privacy practices (The Record) Looking good, feeling safe – data center security by design (Data Center Dynamics) Cops visit school of 'wrong person's child,' mix up victims and suspects in epic data fail (The Register) OpenTitan® Partnership Makes History as First Open-Source Silicon Project to Reach Commercial Availability (lowRISC) Creating Connections: Embracing change. (N2K Women in STEM newsletter)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
01/03/2436m 4s

Iran's cyber quest in Middle Eastern aerospace.

Iran-Linked Cyber-Espionage Targets Middle East's Aerospace and Defense. SpaceX is accused of limiting satellite internet for US troops. Savvy Seahorse' Floods the Net with Investment Scams. GUloader Malware draws on a crafty graphic attack vector. Repo confusion attacks persist. European consumer groups question Meta’s data collection options. Allegations of Russia targeting civilian critical infrastructure in Ukraine. Cisco patches high-severity flaws. The US puts a Canadian cyber firm on its Entity List. On the Threat Vector segment, we have a conversation between host David Moulton and Michael "Siko" Sikorski, Unit 42's CTO and VP of Engineering, discussing Unit 42's 2024 Incident Response Report. And the counter-productive messaging in anti-piracy campaigns.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Threat Vector segment, we have a conversation between host David Moulton, Director of Thought Leadership at Palo Alto Networks Unit 42,  and Michael "Siko" Sikorski, Unit 42's CTO and VP of Engineering, discussing the Unit 42's 2024 Incident Response Report.  Selected Reading Suspected Iranian cyber-espionage campaign targets Middle East aerospace, defense industries (The Record) US tells Musk to allow service in Taiwan (Taipei Times) SpaceX Refutes Claim It’s Withholding Starshield in Taiwan (Bloomberg)  Beware the Shallow Waters: Savvy Seahorse Lures Victims to Fake Investment Platforms Through Facebook Ads (infoblox) GUloader Unmasked: Decrypting the Threat of Malicious SVG Files  (McAfee Blog) Over 100,000 Infected Repos Found on GitHub (Apiiro) Rights groups file GDPR suits on Meta's pay-or-consent model (The Register) Russia Attacked Ukraine's Power Grid at Least 66 Times to ‘Freeze It Into Submission’ (WIRED) Cisco Patches High-Severity Vulnerabilities in Data Center OS  (SecurityWeek) Network intelligence company Sandvine banned from trading in the US  (SC Media) Intimidating anti-piracy warnings have the opposite effect on men, new study says (TechSpot) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
29/02/2431m 43s

Protecting American data.

President Biden is set to sign an executive order restricting overseas sharing by data brokers. US Federal agencies warn of exploited Ubiquiti EdgeRouters. A new ransomware operator claims to have hacked Epic Games. A cross-site scripting issue leaves millions of Wordpress sites vulnerable. The Rhysida ransomware group posts a multi-million dollar ransom demand on a Children’s Hospital in Chicago. Mandiant tracks Chinese threat actors targeting Ivanti VPNs. The former head of DHS weighs in on a federal cyber insurance backstop. Domain Registrars offer bulk name blocking for brands. Our guest is Magpie Graham, Principal Adversary Hunter Technical Director at Dragos, reviews the key findings of Dragos’ Cybersecurity Year in Review report. Cameo celebrities are taken out of context for political gains. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Magpie Graham, Principal Adversary Hunter Technical Director at Dragos, reviews the key findings of Dragos’ Cybersecurity Year in Review report. You can download a copy of the report here. To hear the full interview with Magpie, check out Control Loop.  Selected Reading Biden Executive Order Targets Bulk Data Transfers to China (GovInfo Security) FBI Alert: Russian Hackers Target Ubiquiti Routers for Data, Botnet Creation (HACKREAD) Fortnite game developer Epic Games allegedly hacked (Cyber Daily) LiteSpeed Cache Plugin XSS Flaw Exposes 4M+ Million Sites to Attack (Cyber Security News) Ransomware gang seeks $3.4 million after attacking children’s hospital (The Record) Chinese Cyberspies Use New Malware in Ivanti VPN Attacks (SecurityWeek) A Cyber Insurance Backstop (Schneier on Security) Cyberwar Podcast with Kate and Alex - Special Guest Michael Chertoff  Registrars can now block all domains that resemble brand names (BleepingComputer) Cameo is being used for political propaganda — by tricking the stars involved (NPR) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
28/02/2437m 0s

Out with the old, in with the new.

NIST’s Cybersecurity Framework gets an upgrade. ONCD makes a case against memory-related software bugs. A recent cyberattack targets Canada's Royal Canadian Mounted Police. US dethrones Russia as top target in cyber breaches. Caveat podcast cohost Ben Yelin discusses remedies in the generative AI copyright cases.And, Reggaeton Be Gone, a creative way to deal with your neighbors’ music choices.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin, cohost of Caveat podcast and Program Director, Public Policy & External Affairs at University of Maryland Center for Health and Homeland Security, thinking about remedies in the generative AI copyright cases. You can find the Lawfare article Ben references here.   Selected Reading NIST Releases Version 2.0 of Landmark Cybersecurity Framework (NIST) After decades of memory-related software bugs, White House calls on industry to act (The Record)  Canada's RCMP, Global Affairs Hit by Cyberattacks (SecurityWeek) A cyber attack hit the Royal Canadian Mounted Police (Security Affairs)  UK email mistake put ‘lives at risk’ for Afghans who had worked with British military (The Record)  Russia and Belarus targeted by at least 14 nation-state hacker groups, researchers say (The Record)  Number of data breaches falls globally, triples in the US (TechSpot) Steel giant ThyssenKrupp confirms cyberattack on automotive division (Bleeping Computer) The Change Healthcare cyberattack is still impacting pharmacies. It's a bigger deal than you think (Fast Company) US Pharmacy Outage Triggered by 'Blackcat' Ransomware at UnitedHealth Unit, Sources Say (US News and World Report)  Getting Ahead of Cybersecurity Materiality Mayhem (Security Boulevard)  Raspberry Pi maker builds device to hack neighbor's Bluetooth speakers that were streaming annoying music (TechSpot) Reggaeton Be Gone (Hackster.io) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
27/02/2426m 37s

LockBit reloaded: Unveiling the next chapter in cybercrime.

LockBits reawakening. China's ramp up to safety for vital sectors. Data leak leaves China feeling exposed. Malware hidden by North Korea in fake developer job listings. UK Watchdog rebukes firm for biometric scanning of staff at leisure centers. SVR found adapting for the cloud environment. DOE proposes cybersecurity guidelines for the electric sector. Wideness of breach in the financial industry revealed. Moving on to better things. Things are looking up in the cybersecurity startup ecosystem. UK's National Cyber Security Centre announced they are launching a Cyber Governance Training Pack for boards. N2K’s President Simone Petrella talks with Elastic's CISO Mandy Andress about the CISO role and the intersection of cybersecurity, law, and organizational strategy. And, there’s a facial recognition battle going on at Waterloo, the University of Waterloo that is.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Simone Petrella, N2K’s President, talks with Mandy Andress, Elastic's CISO, about the CISO role and the intersection of cybersecurity, law, and organizational strategy. Selected Reading LockBit Ransomware Gang Resurfaces With New Site (SecurityWeek) LockBit ransomware gang attempts to relaunch its services following takedown (The Record)  China to increase protections against hacking for key industries (Reuters) The I-Soon data leak unveils China's cyber espionage tactics, techniques, procedures, and capabilities. (N2K CyberWire) Fake Developer Jobs Laced With Malware (Phylum Blog) Data watchdog tells off outsourcing giant for scanning staff biometrics despite 'power imbalance' (The Register)  SVR cyber actors adapt tactics for initial cloud access (National Cyber Security Centre) New DOE-Funded Initiative Outlines Proposed Cybersecurity Baselines for Electric Distribution Systems (Energy.gov)  LoanDepot says about 17 million customers had personal data and Social Security numbers stolen during cyberattack (TechCrunch)  Actual filing to Office of Maine Attorney General: Data Breach Notifications - Consumer Protection (Maine.gov)  U-Haul data breach affects 67,000 customers in US and Canada (AZ Central) Actual filing to Office of Maine AG: Data Breach Notifications - Consumer Protection (Maine.gov)   Funding Down, Optimism Up: The Bright Spots For Cybersecurity Startups In 2024 (Forbes) NCSC to Offer Cyber Governance Guidance to Boards (InfoSecurity Magazine)  'Facial recognition' error message on vending machine sparks concern at University of Waterloo (CTV News)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
26/02/2429m 17s

Encore: Chris Cochran: Rely on your strengths in the areas of the unknown. [Engineering] [Career Notes]

Director of Security Engineering at Marqeta and Host of Hacker Valley Studio podcast Chris Cochran describes his transitions throughout the cybersecurity industry, from an intelligence job with the Marine Corps, to starting the intelligence apparatus for the House of Representatives, then on to leading Netflix's threat intelligence capability. Chris points out that when pivoting to different roles and responsibilities, you must rely on your own strengths to move forward and bring value to your work Our thanks to Chris for sharing his story with us.
25/02/247m 27s

Web host havoc: Unveiling the Manic Menagerie campaign. [Research Saturday]

Assaf Dahan and Daniel Frank from Palo Alto Networks Cortex sit down with Dave to talk about their research "Manic Menagerie 2.0: The Evolution of a Highly Motivated Threat Actor." From late 2020 to late 2022, Unit 42 researchers discovered an active campaign that targeted several web hosting and IT providers in the United States and European Union. The research states "They have further deepened their foothold in victims’ environments by mass deployment of web shells, which granted them sustained access, as well as access to internal resources of the compromised websites." The research can be found here: Manic Menagerie 2.0: The Evolution of a Highly Motivated Threat Actor
24/02/2423m 45s

Crackdown on privacy leads to a multi-million dollar fine.

The FTC fines Avast over privacy violations. ConnectWise's ScreenConnect is under active exploitation. AT&T restores services nationwide. An Australian telecom provider suffers a data breach. EU Member States publish a cybersecurity and resilience report. Microsoft unleashes a PyRIT. A new infostealer targets the oil and gas sector. A cyberattack cripples a major US healthcare provider. Our guest is Kevin Magee from Microsoft Canada with insights on why cybersecurity startups in Ireland are having so much success building new companies there. And  a USB device is buzzing with malware. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Kevin Magee from Microsoft Canada talks about recently meeting 15 cybersecurity startups in Ireland and finding out why they are having so much success building new companies there.  Selected Reading FTC Order Will Ban Avast from Selling Browsing Data for Advertising Purposes, Require It to Pay $16.5 Million Over Charges the Firm Sold Browsing Data After Claiming Its Products Would Block Online Tracking (FTC) Cybercriminal groups actively exploiting ‘catastrophic’ ScreenConnect bug (The Record) AT&T services resume, company blames "incorrect process" (Data Center Dynamics) 230k Individuals Impacted by Data Breach at Australian Telco Tangerine (SecurityWeek) EU releases comprehensive risk assessment report on cybersecurity, resilience of communication networks (Industrial Cyber) Microsoft Releases Red Teaming Tool for Generative AI (SecurityWeek) New Infostealer Malware Attacking Oil and Gas Industry (GB Hackers on Security) UnitedHealth says Change Healthcare hacked by nation state, as US pharmacy outages drag on (TechCrunch) Vibrator virus steals your personal information (Malwarebytes) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
23/02/2430m 24s

AT&T outage leaves major cities offline.

AT&T experiences a major outage. The LockBit takedown continues. An updated Doppelgänger is spreading misinformation. A roundup of critical infrastructure initiatives. Toshiba and Orange make a quantum leap. An eyecare provider hack comes into focus. A phony iphone repair scheme leads to convictions. In our Learning Layer segment, Sam Meisenberg shares the latest learning science research. And we are shocked - shocked! - to discover that phone chargers can be used to attack our devices.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On this month’s Learning Layer segment, host Sam Meisenberg of N2K discusses learning science research. Sam breaks down research about quizzes and their impact on learner motivation and long term retention. Want to know more? Sam suggests you check out The Value of Using Tests in Education as Tools for Learning—Not Just for Assessment. Selected Reading AT&T, Verizon and T-Mobile customers hit by widespread cellular outages in U.S. (NBC News) US Offering $10M for LockBit Leaders as Law Enforcement Taunts Cybercriminals (SecurityWeek) LockBit Group Prepped New Crypto-Locker Before Takedown (Gov Info Security) Ukraine arrests father-son duo in Lockbit cybercrime bust (Reuters) Russian Cyberwarfare campaign (ClearSky Cyber Security) US Coast Guard issues cybersecurity directive for Chinese-made cranes after Biden's Executive Order (Industrial Cyber)  US agencies release joint fact sheet to strengthen cybersecurity in water and wastewater systems (Industrial Cyber)  E-ISAC 2023 report highlights cybersecurity triumphs and challenges in electricity sector (Industrial Cyber)  Toshiba and Orange test quantum encryption on traditional network (Computer Weekly) Hack at Services Firm Hits 2.4 Million Eye Doctor Patients (Gov Info Security) Chinese Duo Found Guilty of $3m Apple Fraud Plot (Infosecurity Magazine) VoltSchemer attacks use wireless chargers to inject voice commands, fry phones (BleepingComputer)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
22/02/2430m 18s

Anchoring security for US ports.

President Biden to sign EO to bolster maritime port security. Apple announces post-quantum encryption for iMessage. Malwarebytes examines the i-Soon data leak. Law enforcement airs LockBit’s dirty laundry. Varonis highlights vulnerabilities affecting Salesforce platforms. An appeals court overturns a $1 billion piracy verdict. NSA’s Rob Joyce announces his retirement. Anne Neuberger chats with WIRED.  A leading staffing firm finds its data for sale on the dark web. In our sponsored Industry Voices segment, Navneet Singh, VP of Marketing Network Security at Palo Alto Networks, discusses the transition to the cloud and shares some examples from healthcare. Hackers and hobbyists push back on the proposed Flipper Zero ban.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Navneet Singh, VP of Marketing Network Security at Palo Alto Networks, discusses the transition to the cloud and shares some examples in healthcare. Selected Reading Biden to sign executive order to give Coast Guard added authority over maritime cyber threats (CyberScoop) Apple Announces 'Groundbreaking' New Security Protocol for iMessage (MacRumors) A first analysis of the i-Soon data leak (Malwarebytes) Cops turn LockBit ransomware gang's countdown timers against them (The Register) Security Vulnerabilities in Apex Code Could Leak Salesforce Data (Varonis) Court blocks $1 billion copyright ruling that punished ISP for its users’ piracy (Ars Technica) NSA cyber director to step down after 34 years of service (Nextgov/FCW) Anne Neuberger, a Top White House Cyber Official, Is Staying Surprisingly Optimistic (WIRED) Critical flaw found in deprecated VMware EAP. Uninstall it immediately (Security Affairs) Hackers Claim Data Breach at Staffing Giant Robert Half, Sell Sensitive Data (HackRead) Save Flipper (Save Flipper) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
21/02/2436m 42s

The reign of digital terror ends.

Operation Cronos leaves LockBit operations on borrowed time. An alleged leak reveals internal operations from the Chinese Ministry of Public Security. An Israeli airline thwarts communications hijacking attempts. The alleged Raccoon Infostealer operator has been extradited to the US. ConnectWise patches critical vulnerabilities. Schneider Electric confirms a Cactus ransomware attack. Alleged Maryland money launderers face indictments. Russian hackers target media outlets in Ukraine. Our guest is Tomislav Pericin, Chief Software Architect at Reversing Labs , on the rise of software supply chain attacks. and Tinder hopes to reel in the catfish. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Tomislav Pericin, ReversingLabs Chief Software Architect, talking about the rise of software supply chain attacks. Learn more in their 2024 State of Software Supply Chain Security Report.  Selected Reading Police arrests LockBit ransomware members, release decryptor in global crackdown (BleepingComputer) U.S. and U.K. Disrupt LockBit Ransomware Variant (US Justice Department) Chinese Ministry Of Public Security Breach: Data On GitHub (The Cyber Express) Massive “i-Soon” leak reveals Chinese firm's hacking tools, targets, including NATO (The Stack) I-S00N Leaked Chinese foreign government infiltration intel on Github : r/cybersecurity (Reddit) Israeli Aircraft Survive “Cyber-Hijacking” Attempts (Infosecurity Magazine) Raccoon Infostealer operator extradited to the United States (Malwarebytes) Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP! (Help Net Security) Schneider Electric confirms data was stolen in Cactus ransomware attack (IT Pro) Maryland Busts $9.5 Million #BEC Money Laundering Ring (CyberCrime & Doing Time) Several Ukrainian media outlets attacked by Russian hackers (The Record) Tinder Expands ID Checks Amid Rise in AI Scams, Dating Crimes (Bloomberg) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
20/02/2430m 8s

AWS in Orbit: Leveraging generative AI to do more at the rugged space edge with AWS. [T-Minus]

Kathy O’Donnell is the leader of Space Solutions Architecture for AWS Aerospace and Satellite. In this extended conversation, we dive into how AWS is supporting generative AI in the space domain. She walks us through some incredible case studies with AWS customers who are using generative AI and space technologies to improve life here on Earth. Learn more about generative AI use cases for space at AWS re:Invent. AWS in Orbit is a podcast collaboration between N2K Networks and AWS to offer listeners an in-depth look at the transformative intersection of cloud computing, space technologies, and generative AI. You can learn more about AWS in Orbit at space.n2k.com/aws. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. Selected Reading AWS successfully runs AWS compute and machine learning services on an orbiting satellite in a first-of-its kind space experiment | AWS Public Sector Blog AWS re:Invent 2022 - Accelerate Geospatial ML with Amazon SageMaker (AER204)  AWS re:Invent 2023 Audience Survey We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
19/02/2440m 35s

What’s a CNAPP: Cloud-Native Application Protection Platform? [CyberWire-X]

In this episode of CyberWire-X, N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined by Tim Miller, Technical Marketing Engineer for Panoptica, Cisco's Cloud Application Security solution, (Panoptica is the result of Cisco's incubation engine (Outshift) for new products and markets), and Kevin Ford, Esri’s CISO. They discuss the complexity reduction need that Cloud-Native Application Protection Platforms (CNAPPs) provide. Outshift by Cisco is our CyberWire-X episode sponsor. To learn more about Cloud-Native Application Protection Platforms, check out Panoptica’s website at https://panoptica.app and consider attending the Cisco Live EMEA in Amsterdam, February 5-8, 2024.
19/02/2432m 12s

Encore: Dominique Shelton Leipzig: No matter the statistics, even if against the odds, focus on what you want. [Legal] [Career Notes]

Privacy and data security lawyer, Dominique Shelton Leipzig shares that she has always wanted to be a lawyer, ever since she was a little girl. She talks about what her role is with clients in protecting and managing their data, sometimes adhering to up to 134 different data protection laws for global companies. Learn that not a lot has changed for an African-American woman partner at an Amlaw 100 firm as far as diversity during Dominique's career, and how Dominique suggests young lawyers should address those odds. Our thanks to Dominque for sharing her story with us.
18/02/246m 59s

Hackers come hopping back. [Research Saturday]

Ori David from Akamai is sharing their research "Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal." FritzFrog takes advantage of the fact that only internet facing applications were prioritized for Log4Shell patching and targets internal hosts, meaning that a breach of any asset in the network by FritzFrog can expose unpatched internal assets to exploitation.  The research states "FritzFrog has traditionally hopped around by using SSH brute force, and has successfully compromised thousands of targets over the years as a result." Over the years Akamai has seen more than 20,000 FritzFrog attacks, and 1,500+ victims. The research can be found here: Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal
17/02/2420m 16s

FBI initiates router revolution.

The FBI kicks Moobot out of small business routers. Sensitive data has been stolen from a state government network. AMC proposes a multi-million-dollar settlement after improperly sharing subscriber’s viewing habits. The U.S. targets an Iranian military ship in the Red Sea with a cyberattack. Lawmakers propose transparency in the use of algorithms in criminal trials. CERT-EU highlights a spear phishing spike. An infamous Zeus and IcedID operator pleads guilty. Our guests are Dr. Josh Brunty, Head Coach, and Brad Wolfenden, Program Director, of US Cyber Games join us to share the details of how their 2024 season is shaping up. And AI comes to video. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Dr. Josh Brunty, Head Coach, and Brad Wolfenden, Program Director, of US Cyber Games join us to share the details of how the 2024 season is shaping up. Selected Reading US disrupts Russian hacking campaign that infiltrated home, small business routers: DOJ (ABC News)  U.S. State Government Network Hacked Via Former Employee Account (Cyber Security News) CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks (SecurityWeek) AMC to pay $8M for allegedly violating 1988 law with use of Meta Pixel (Ars Technica) U.S. conducted cyberattack on suspected Iranian spy ship (NBC News) New bill would let defendants inspect algorithms used against them in court (The Verge) Hackers Exploit EU Agenda in Spear Phishing Campaigns (Infosecurity Magazine) Ukrainian Hacker Pleads Guilty for Leading Zeus & IcedID Malware Attacks (GBHackers on security) OpenAI introduces Sora, its text-to-video AI model  (The Verge)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
16/02/2435m 12s

An AI arms race.

Microsoft highlights adversaries experiments with AI LLMs. A misconfiguration exposes a decades worth of emails. SentinelOne describes Kryptina ransomware as a service. The European Court of Human Rights rules against backdoors. Senator Wyden calls out a location data broker. GoldFactory steals facial scans to bypass bank security. The Glow fertility app exposes the data of twenty five million users. Qakbot returns. Our Guest Rob Boyce from Accenture talks about tailored extortion. And hacking the airport taxi line leads to prison.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Rob Boyce from Accenture talks about tailored extortion as actors continue to shift to pure data extortion, with old and new tactics. Selected Reading State-backed hackers are experimenting with OpenAI models (Cyberscoop) Staying ahead of threat actors in the age of AI (Microsoft) U.S. Internet Leaked Years of Internal, Customer Emails (Krebs on security) Kryptina RaaS | From Underground Commodity to Open Source Threat  (SentinelOne) Backdoors that let cops decrypt messages violate human rights, EU court says (Arstechnica) A company tracked visits to 600 Planned Parenthood locations for anti-abortion ads, senator says (POLITICO) Cybercriminals are stealing Face ID scans to break into mobile banking accounts (theregister) Fertility tracker Glow fixes bug that exposed users’ personal data (TechCrunch) New Qbot malware variant uses fake Adobe installer popup for evasion (bleepingcomputer) Duo headed to prison for charging cabbies to skip JFK Airport line with Russian hackers' aid (nydailynews) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
15/02/2430m 45s

It’s always DNS, but that may just be FUD.

It’s always DNS, but that may just be FUD. The DoD notifies victims of a cloud email server leak. New Jersey cops sue online data brokers. Crooks use WiFi jammers to thwart security systems. A copyright case against OpenAI is partially dismissed. Patch Tuesday includes two actively exploited zero days. CharmingCypress gathers political intelligence. Ann Johnson from Microsoft Security’s Afternoon Cyber Tea podcast talks with Frank Cilluffo, Director for Cyber and Critical Infrastructure Security at the McCrary Institute of Auburn University, about cyber and critical infrastructure. And beware Cupid’s misleading arrow. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ann Johnson from Microsoft Security’s Afternoon Cyber Tea podcast talks with Frank Cilluffo, Director for Cyber and Critical Infrastructure Security at the McCrary Institute of Auburn University, about cyber and critical infrastructure. Check out the episode with the full conversation between Ann and Frank here.  Selected Reading KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers (SecurityWeek) US military notifies 20,000 of data breach after cloud email leak (TechCrunch) New Jersey law enforcement officers sue 118 data brokers for not removing personal info (The Record) Minnesota burglars are using Wi-Fi jammers to disable home security systems (TechSpot) Sarah Silverman’s lawsuit against OpenAI partially dismissed (The Verge) Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws (BleepingComputer) DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability (The Hacker News) CharmingCypress Use Poisoned VPN Apps to Install Backdoor (Cyber Security News) Beyond the Hype: Questioning FUD in Cybersecurity Marketing  (SecurityWeek) Valentine's Day Scams Woo the Lonely-Hearted (Security Boulevard)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
14/02/2429m 11s

Phishing threats unleashed.

Attackers lock up Azure accounts with MFA. Bank of America alerts customers to a third party data breach. Malicious cyber activity targets elections worldwide. CISA highlights a vulnerability in Roundcube Webmail. Lawmakers introduce a bipartisan bill to enhance healthcare cybersecurity. Siemens and Schneider Electric address multiple industrial vulnerabilities. Perception in tech gender parity still has a ways to go. Dave Bittner speaks with Guests Andrew Scott, Associate Director of China Operations at CISA, and Brett Leatherman, Section Chief for Cyber at the FBI, about Chinese threat actor Volt Typhoon. And the scourge of online obituary spam.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guests Andrew Scott, Associate Director of China Operations at CISA, and Brett Leatherman, Section Chief at FBI, discussing  PRC/Volt Typhoon advisory and living off the land guidance. Read the press release on “U.S. and International Partners Publish Cybersecurity Advisory on People’s Republic of China State-Sponsored Hacking of U.S. Critical Infrastructure.” Selected Reading Ongoing campaign compromises senior execs’ Azure accounts, locks them using MFA (Ars Technica)  Bank of America warns customers of data breach after vendor hack (BleepingComputer) Global Malicious Activity Targeting Elections is Skyrocketing (Security Affairs) CISA Warns Of Active Attacks on Roundcube Webmail XSS Vulnerability (CISA) Bipartisan Senate Bill Requires HHS to Bolster Cyber Efforts (Gov Info Security) ICS Patch Tuesday: Siemens Addresses 270 Vulnerabilities (SecurityWeek)  Four in five men in tech say women are treated equally, as women criticise ‘invisible challenges’ (Euronews) The rise of obituary spam (The Verge)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
13/02/2436m 19s

DOJ strikes justice.

The DOJ shuts down the Warzone rat. Ransomware hits over twenty Romanian hospitals, and Rysida gets a decryptor. Canada may ban the Flipper Zero. Chinese espionage claims against the US are light on facts. Australia looks to criminalize doxxing. Federal IT leaders seek better coordination with CISA and the JCDC. Wired looks at the effect of cyberattacks on inequality. Our guest is Manny Felix, Founder and CEO of US Cyber Initiative, sharing their work in unlocking cyber career opportunities for young people. And this thumb drive will self-destruct in five seconds. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Manuel "Manny" Felix, Founder and CEO of US Cyber Initiative, sharing their work in unlocking career opportunities for young people who are interested in cyber and emergent technology. US Cyber Initiative grew out of AZ Cyber. Learn more about AZ Cyber here.  Selected Reading DOJ shuts down ‘Warzone’ malware vendor and charges two in connection (The Record) Ransomware attack forces 18 Romanian hospitals to go offline (BleepingComputer) Decryptor for Rhysida ransomware is available (Help Net Security) Canada moves to ban the Flipper Zero amid rising auto theft concerns (TECHSPOT) China’s Cyber Revenge | Why the PRC Fails to Back Its Claims of Western Espionage (SentinelOne) ‘Doxxing’ laws to be brought forward after Jewish WhatsApp leak  (The Sydney Morning Herald) Exclusive: Duke Energy to remove Chinese battery giant CATL from Marine Corps Base (Reuters) Federal IT officials call on CISA for tougher standards, more coordination (FedScoop) Priorities of the Joint Cyber Defense Collaborative for 2024 (CISA) The Hidden Injustice of Cyberattacks (WIRED) Ovrdrive USB stick with data-hiding and overheating self-destruct features nears crowdfunding goal (TechSpot) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
12/02/2436m 31s

Encore: Graham Cluley: Have to be able to communicate to everybody. [Media] [Career Notes]

Computer security writer, podcaster and public speaker Graham Cluley describes learning to program on his own from magazines, creating text adventure games for donations, and his journey from programming to presenting and writing with a bit of tap dancing on the side. Along the way, Graham collaborated with others and learned to communicate so that all could understand, not just techies. Our thanks to Graham for sharing his story with us.
11/02/247m 41s

Ransomware is coming. [Research Saturday]

Jon DiMaggio, Chief Security Strategist for Analyst1, is discussing his research on "Ransomware Diaries Volume 4: Ransomed and Exposed - The Story of RansomedVC." While there is evidence to support that RansomedVC runs cybercrime operations, Jon questions the claims it made regarding the authenticity of the data it stole and the methods it used to extort victims. The research states "I uncovered sensitive information about the group's leader, Ransomed Support (also known as Impotent), relating to secrets from his past." In this episode John shares his 6 key findings after spending months engaging with the lead criminal who runs RansomedVC. The research can be found here: Ransomware Diaries Volume 4: Ransomed and Exposed - The Story of RansomedVC
10/02/2430m 48s

Imitation game: LastPass vs LassPass.

A LastPass imitator sneaks its way past Apple’s app store review. Bitdefender identifies a new macOS backdoor. The Air Force and Space Force collaborate for stronger cyber defense. CISA offers an election security advisory program. The FCC bans AI robocalls. The Feds put a bounty on the Hive ransomware group. Senators introduce a bipartisan drone security act. Cisco Talos IDs a new cyber espionage campaign. Fighting the good fight against software bloat. On our Solution Spotlight, N2K President Simone Petrella talks with Amy Kardel, Senior Vice President for Strategic Workforce Relationships at CompTIA about the cyber talent gap. And sports fans check your passwords.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella talks with Amy Kardel, Senior Vice President for Strategic Workforce Relationships at CompTIA about their perspectives and initiatives in response to the cyber talent gap. Selected Reading Fake LastPass App Sneaks Past Apple's Review Team (MacRumors) Warning: Fraudulent App Impersonating LastPass Currently Available in Apple App Store (LastPass) New Rust-Based macOS Backdoor Steals Files, Linked to Ransomware Groups (HACKREAD) New Department of Air Force partnership brings cyber, space and information units closer (DefenseScoop) Federal Cybersecurity Agency Launches Program to Boost Support for State, Local Election Offices (SecurityWeek) FCC votes to outlaw scam robocalls that use AI-generated voices (CNN Business) US offers $10 million for tips on Hive ransomware leadership (Bleeping Computer) New legislation would give NIST drone cybersecurity responsibilities (FedScoop)  New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization (Talos Intelligence) Why Bloat Is Still Software’s Biggest Vulnerability (IEEE Spectrum) Super Bowl of Passwords: Chiefs vs. 49ers in the Battle of Cybersecurity (Security Boulevard) Taylor Swift's Influence on Cybersecurity (Enzoic) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
09/02/2435m 2s

Volt Typhoon’s stealthy threat to US critical infrastructure.

A joint advisory warns of Volt Typhoon’s extended network infiltration. Check your Cisco devices for patches. Fortinet clarifies its latest vulnerabilities. Internet outages plague Pakistan on election day. Kaspersky describes the new Coyote banking trojan. Cyber insurance is projected to reach new heights. The White House appoints a leader for the AI Safety Institute, and sees pushback on proposed reporting regulations. Can we hold AI liable for its foreseeable harms? Joe Carrigan joins us with insights on the Mother of All Data Breaches. The potential of Passkeys versus the comfort of passwords. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Podcast partner and Hacking Humans co-host Joe Carrigan stops by today to discuss the mother of all data breaches. Selected Reading Chinese hackers hid in US infrastructure network for 5 years (BleepingComputer)  Akira, LockBit actively searching for vulnerable Cisco ASA devices (Help Net Security) Cisco fixes critical Expressway Series CSRF vulnerabilities (SecurityAffairs) Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure (BleepingComputer)  Pakistani telcos suffer widespread Internet blackouts on election day (DCD) Coyote: A multi-stage banking Trojan abusing the Squirrel installer (Securelist) Cyber insurance market growing dramatically, Triple-I Finds (AI-TechPark) Biden Administration Names a Director of the New AI Safety Institute (SecurityWeek) No one's happy with latest US cyber incident reporting plan (The Register) DHS Is Recruiting Techies for the AI Corps (BankInfoSecurity) Can the courts save us from dangerous AI? (Vox) I Stopped Using Passwords. It's Great—and a Total Mess (WIRED) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
08/02/2433m 27s

Taking a bite out of Apple.

A security researcher has been charged in an alleged multi-million dollar theft scheme targeting Apple. A House committee hearing explores OT security. Fortinet withdraws accidental CVEs. 2023 saw record highs in ransomware payments. A youtuber finds a cheap and easy bypass for Bitlocker encryption. Political pressure proves challenging for the JCDC. New Hampshire tracks down those fake Biden robocalls. European security agencies bolster warnings about Ivanti devices. HHS fines a New York medical center millions over an identity theft ring. On our sponsored Industry Voices segment, Navneet Singh, Vice President of Marketing Network Security at Palo Alto Networks, shares some practical examples of healthcare organizations transitioning to the cloud. Giving that toothbrush story the brushoff. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Navneet Singh, Vice President of Marketing Network Security at Palo Alto Networks, discusses the transition to the cloud and shares some practical examples in healthcare. Selected Reading A Security Researcher Allegedly Scammed Apple (404 Media) US House Homeland Security subcommittee addresses OT threats, CISA's role in securing OT - Industrial Cyber (Industrial Cyber) Operational Technology disruptions: An eye on the water sector. Robert M. Lee’s opening statement to before the U.S. Congressional Subcommittee on Cybersecurity and Infrastructure Protection. (Control Loop podcast) Securing Operational Technology: A Deep Dive into the Water Sector (Homeland Security Events YouTube) Fortinet Patches Critical Vulnerabilities in FortiSIEM (SecurityWeek) Fortinet snafu: Critical FortiSIEM CVEs are duplicates, issued in error (Bleeping Computer) Ransomware hackers raked in $1 billion last year from victims (NBC News) BitLocker encryption broken in 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM (Tom’s Hardware) The far right is scaring away Washington's private hacker army (POLITICO) N.H. attorney general says he found source of fake Biden robocalls (NBC News) European security agencies publish joint statement on Ivanti Connect Secure, Policy Secure vulnerabilities (Industrial Cyber) Medical Center Fined $4.75M in Insider ID Theft Incident (GovInfoSecurity) Surprising 3 Million Hacked Toothbrushes Story Goes Viral—Is It True? (Forbes) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
07/02/2437m 49s

Cracking down on spyware.

The global community confronts spyware. Canon patches critical vulnerabilities in printers. Barracuda recommends mitigations for Web Application Firewall issues. Group-IB warns of ResumeLooters. Millions are at risk after a data breach in France. Research from the UK reveals contradictory approaches to cybersecurity. Meta’s Oversight Board recommends updates to Facebook’s Manipulated Media policy. We’ve got a special segment from the Threat Vector podcast examining Ivanti's Connect Secure and Policy Secure products. And it’s time to brush up on IOT security.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In a special segment from Palo Alto Networks’ Threat Vector podcast, host David Moulton, Director of Thought Leadership at Unit 42, along with guests Sam Rubin, VP, Global Head of Operations, and Ingrid Parker, Senior Manager of the Intel Response Unit, dives deep into the critical vulnerabilities found in Ivanti's Connect Secure and Policy Secure products. You can check out the full conversation here.  Selected Reading US to restrict visas for those who misuse commercial spyware (Reuters) Britain and France assemble diplomats for international agreement on spyware (The Record) Israeli government absent from London spyware conference and pledge (The Record) Government hackers targeted iPhones owners with zero-days, Google says (TechCrunch) Google agrees to pay $350 million settlement in security lapse case (Washington Post) Canon Patches 7 Critical Vulnerabilities in Small Office Printers  (SecurityWeek) Barracuda Disclosed Critical Vulnerabilities in WAF, Affecting File Upload and JSON Protection (SOCRadar) ResumeLooters target job search sites in extensive data heist (Help Net Security) Millions at risk of fraud after massive health data hack in France (The Connexion) Fragmented cybersecurity vendor landscape is exacerbating risks and compounding skills shortages, SenseOn research reveals (IT Security Guru) Meta’s Oversight Board Urges a Policy Change After a Fake Biden Video (InfoSecurity Magazine) Toothbrushes are a cybersecurity risk, too: millions participate in DDoS attacks (Cybernews) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
06/02/2433m 36s

A serious breach showdown.

Anydesk confirms a serious breach. Clorox and Johnson Controls file cyber incidents with the SEC. There’s already a potential Apple Vision Pro kernel exploit. A $25 million deepfake scam. Akamai research hops on the FritzFrog botnet. The US sanctions Iranians for attacks on American water plants. Commando Cat targets Docker API endpoints. Pennsylvania courts fall victim to a DDoS attack. A new leader takes the reins at US Cyber Command and the NSA. Our guest is Dr. Heather Monthie from N2K Networks, with insights on the White House's recent easing of education requirements for federal contract jobs. And remembering one of the great cryptology communicators.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Heather Monthie from N2K Networks shares some insight into the White House's recent easing of education requirements for federal contract jobs. You can find the background to that in our Selected Reading section.  Selected Reading AnyDesk, an enterprise remote software platform used by major firms including Raytheon and Samsung, suffered a security breach - here’s what you need to know (IT Pro) Clorox and Johnson Controls Reveal $76m Cyber-Attack Bill (Infosecurity Magazine) MIT student claims to hack Apple Vision Pro on launch day (Cybernews) Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’ (CNN) FritzFrog botnet is exploiting Log4Shell bug now, experts say (The Record) US sanctions Iranian officials over cyber-attacks on water plants (BBC) The Nine Lives of Commando Cat: Analysing a Novel Malware Campaign Targeting Docker  (Cado Security) Pennsylvania court agency's website hit by disabling cyberattack, officials say (ABC News) Cyber Command, NSA usher in Haugh as new chief (The Record) White House moves to ease education requirements for federal cyber contracting jobs (CyberScoop) White House moves to ease education requirements for federal cyber contracting jobs (GAO) David Kahn, historian who cracked the code of cryptology, dies at 93 (Washington Post) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
05/02/2436m 7s

Encore: Bilyana Lilly: Turn challenges into opportunities. [Policy] [Career Notes]

Cybersecurity and disinformation researcher Bilyana Lilly shares her career path from studying where she was always a foreigner to an expert on the Russian perspective. While studying international law in Kosovo, Bilyana realized there are no winners in war. Through her work, she hopes to bring a greater understanding of Russia's strategic thinking. Our thanks to Bilyana for sharing her story with us.
04/02/247m 25s

Weathering the internet storm. [Research Saturday]

Johannes Ullrich from SANS talking about the Internet Storm Center and how they do research. Internet Storm Center was created as a mix of manual reports submitted by security analysts during Y2K and automated firewall collection started by DShield. The research shares how SANS used their "agile honeypots" to "zoom in" on events to more effectively collect data targeting specific vulnerabilities. Internet Storm Center has been noted on three separate attacks that were observed. The research can be found here: Jenkins Brute Force Scans Scans for Ivanti Connect "Secure" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887) Scans/Exploit Attempts for Atlassian Confluence RCE Vulnerability CVE-2023-22527
03/02/2425m 37s

A digital leaker gets 40 years behind bars.

Former CIA leaker sentenced to 40 years. Interpol arrests suspected cybercriminals and takes down servers. Cloudflare discloses a Thanksgiving Day data breach. The FBI removes malware from outdated routers. President Biden plans to veto a Republican-led bill overturning cyber disclosure rules. Attackers target poorly managed Linux systems. Infected USB devices take advantage of popular websites for malware distribution. Blackbaud faces a data deletion mandate from the FTC. Our guest is Adam Marré, CISO of Arctic Wolf, to kick off our continuing discussion of 2024 election security. A cybersecurity incident in Georgia leads to a murder suspect on the run. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Adam Marré, CISO of Arctic Wolf, joins us to begin our discussion of election security in 2024. Adam will be sharing their Election Cybersecurity Survey outlining key cybersecurity threats to the 2024 election season.  Selected Reading 40 years in prison for ex-CIA coder who leaked hacking tools to WikiLeaks (Digital Journey) Interpol arrests more than 30 cybercriminals in global ‘Synergia’ operation (The Record) Cloudflare Hacked After State Actor Leverages Okta Breach (HACKREAD) FBI removes malware from hundreds of routers across the US (Malwarebytes) Biden to Veto Attempt to Overturn SEC Cyber Incident Disclosure Rules (SecurityWeek) Threat Actors Installing Linux Backdoor Accounts (ASEC) USB Malware Chained with Text Strings on Legitimate Websites Attacks Users (Cybersecurity News) FTC settles with Blackbaud over poor data practices leading to massive hack (The Record) Murder suspect mistakenly released from jail after 'cybersecurity incident'  (ABC News)   Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
02/02/2432m 52s

Defending America against China's ominous onslaught.

Directors Wray and Easterly warn congress of threats from Chinese hackers. Myanmar authorities extradite pig butchering suspects. Automation remains a challenge. Snyk Security Labs plugs holes in “Leaky Vessels.” Pegasus spyware targets human rights groups in Jordan. Subtle-paws scratch at Ukrainian military personnel. White Phoenix brings your ransomed files back from the ashes. In today’s Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, speaks with MDR Senior Manager Oded Awaskar, about how AI might change the world of security operations and threat-hunting. A wee lil trick for bypassing Chat GPT guardrails. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In today’s segment of Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, speaks with Oded Awaskar, an MDR Senior Manager, about threat-hunting and how AI and ML might change the world of security operations and threat-hunting. Tune in to Palo Alto Networks’ biweekly Threat Vector podcast on our network for the full conversation. If you are interested to learn more about Unit 42 World-Renowned threat hunters, visit https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting and https://www.paloaltonetworks.com/unit42/respond/managed-detection-response In coming episodes, David will discuss the impact of the SEC Cyber Rules with Jacqueline Wudyka and share a conversation with Sam Rubin, Global Head of Operations for Unit 42, about his testimony at the Congressional hearing on the growing threat of ransomware. Selected Reading Wray warns Chinese hackers are aiming to 'wreak havoc' on U.S. critical infrastructure (NPR) FBI director warns Chinese hackers aim to 'wreak havoc' on U.S. critical infrastructure (NBC News) Opening Statement by CISA Director Jen Easterly (CISA on YouTube) FBI issues dramatic public warning: Chinese hackers are preparing to 'wreak havoc' on the US (CNN on YouTube)  CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday (Bleeping Computer) iPhone Under Attack: U.S. Government Issues 21 Days To Comply Warning (Forbes) Why Are Cybersecurity Automation Projects Failing? (Security Week) Crime bosses behind Myanmar cyber ‘fraud dens’ handed over to Chinese government (The Record) Leaky Vessels: Docker and runc Container Breakout Vulnerabilities (Snyk) At Least 30 Journalists, Lawyers and Activists Hacked With Pegasus in Jordan, Forensic Probe Finds (SecurityWeek) Online ransomware decryptor helps recover partially encrypted files (Bleeping Computer) Analysis and Detection of STEADY#URSA Attack Campaign Targeting Ukraine Military Dropping New Covert SUBTLE-PAWS PowerShell Backdoor (Securonix) OpenAI's GPT-4 safety systems broken by Scots Gaelic (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
01/02/2435m 38s

VPN compromise causes concerns.

Global Affairs Canada investigates a major data breach. New York sues Citibank over inadequate online security. Alpha ransomware launches a dedicated leak site on the dark web. A leaked database with 50 million records may or may not be real. CISA and the FBI provide guidance for SOHO routers.Patch ‘em if ya got ‘em. Krustyloader exploits Ivanti weaknesses. Unit 42 tracks a large-scale scareware campaign. Alex Stamos calls Microsoft’s security strategies “morally indefensible.” Our guests are Gianna Whitver and Maria Velasquez from the Cybersecurity Marketing Society to talk about their new podcast "Breaking Through in Cybersecurity Marketing." And do you have what it takes to protect his majesty’s royal laptop? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guests Gianna Whitver and Maria Velasquez from the Cybersecurity Marketing Society join Dave to share about their podcast "Breaking Through in Cybersecurity Marketing" that is joining the N2K network. You can listen to their newest episode on our network.  Selected Reading Global Affairs investigating 'malicious' hack after VPN compromised for over one month (National Post)  Lawsuit: Citibank refused to reimburse scam victims who lost “life savings”  (Ars Technica) Unveiling Alpha Ransomware: A Deep Dive into Its Operations (Netenrich) Nearly 50 million Europcar customer records put up for sale on the dark web – or were they? (ITPro) Apple and Google Just Patched Their First Zero-Day Flaws of the Year (WIRED) Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware (Security Affairs) ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign (Palo Alto Networks) Microsoft's Dangerous Addiction To Security Revenue (LinkedIn) Be the Royal Family’s Cybersecurity Manager, and get a cut-price honey dipper! (Graham Cluley)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
31/01/2434m 5s

A Typhoon counter.

The U.S. counters a Chinese hacking campaign. Juniper issues out of band patches. Schneider Electric suffers a ransomware attack. Over a million and a half individuals are affected by an insurance consulting firm breach. AT&T finds DarkGate malware leveraging Microsoft teams. The White House is set to require AI developers to share safety test results. Resecurity finds high level credentials posted online. Zscaler says Zloader malware is back. The Georgia county prosecuting former President Trump got hit with a cyberattack. Microsoft’s Ann Johnson speaks with guest Deneen DeFiore, Vice President and Chief Information Security Officer at United Airlines, about cybersecurity at 35,000 feet. And yesterday’s airborne joker is off the hook.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ann Johnson, host of Microsoft Security’s Afternoon Cyber Tea podcast, talks with guest Deneen DeFiore, Vice President and Chief Information Security Officer at United Airlines, about cybersecurity at 35,000 feet. Selected Reading Exclusive: US disabled Chinese hacking network targeting critical infrastructure (Reuters) China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz (The Hacker News) Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws (The Hacker News) Schneider Electric confirms it was hit by ransomware attack (Silicon Republic) 1.5 Million Affected by Data Breach at Insurance Broker Keenan & Associates (SecurityWeek) DarkGate malware delivered via Microsoft Teams - detection and response (AT&T) AI companies will need to start reporting their safety tests to the US government (AP) Hundreds of network operators’ credentials found circulating in Dark Web (Security Affairs) New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility (The Hacker News) Cyberattack Hits Georgia County Where Trump Is Charged (Bloomberg) British man acquitted over London-Spain flight bomb hoax (BBC) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
30/01/2429m 26s

Seeking dismissal of SEC allegations.

Solarwinds seeks dismissal of SEC allegations. Urgent calls to implement fixes for Jenkins open-source software automation tools. A New Jersey township closes schools and offices after a cyberattack. The Centre for Cybersecurity Belgium warns of a critical vulnerability in GitLab. The FBI arrests a notorious swatter. HHS releases cybersecurity performance goals. The feds remind organizations to preserve online messaging. Mercedes-Benz exposes data after an authentication token was left unsecured. A dark web drug dealer pleads guilty. Our guest is Caleb Barlow from Cyberbit, discussing hacker celebrities and why yours truly did not make the list. And threats of airport terrorism on public WiFi is no joking matter. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Podcast partner Caleb Barlow, CEO of Cyberbit, discusses hacker celebrities and why our own Dave Bittner did not make the list. Selected Reading SolarWinds Seeks Dismissal of ‘Unfounded’ SEC Cybersecurity Suit  (Bloomberg Law) Fix Available for Critical Jenkins Flaw That Leads to RCE Attacks (Security Boulevard) Freehold Township district: All schools and offices closed Monday due to cybersecurity incident (News12 New Jersey) WARNING: CRITICAL ARBITRARY FILE WRITE VULNERABILITY IN GITLAB CE/EE, PATCH IMMEDIATELY! (Centre for Cybersecurity Belgium) Police Arrest Teen Said to Be Linked to Hundreds of Swatting Attacks (WIRED) HHS debuts voluntary cybersecurity performance goals to enhance healthcare sector resilience (Industrial Cyber) Don’t Delete Slack or Signal Chats, US Agencies Warn Companies (Bloomberg Law) How a mistakenly published password exposed Mercedes-Benz source code (TechCrunch) Dark Web Drugs Vendor Forfeits $150m After Guilty Plea (Infosecurity Magazine) ‘On My Way to Blow Up the Plane’: Teen Faces Huge Fine After Joke Leads to Fighter Jets Scrambling (Gizmodo) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
29/01/2430m 49s

Rashmi Bharathan: Connecting is important. [Auditor] [Career Notes]

Rashmi Bharathan, an Information Technology Internal Auditor from Wintrust Financial Corporation sits down to share her story as a woman with 10 years in the IT industry and how she got her start. From childhood Rashmi always wanted to be a good leader, helping those around her, now she shares how helping people is a passion of hers and spends a lot of her time volunteering to help those coming into this industry. She says "It's all about, you should know your connections. That is more important. So I would say that networking and volunteering is really going to help you to grow in your career," sharing that community is the key to her success and working hard to network has been a great help to her to get her where she is today. We thank Rashmi for sharing her story with us.
28/01/249m 53s

What’s a CNAPP: Cloud-Native Application Protection Platform? [CyberWire-X]

In this episode of CyberWire-X, N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined by Tim Miller, Technical Marketing Engineer for Panoptica, Cisco's Cloud Application Security solution, (Panoptica is the result of Cisco's incubation engine (Outshift) for new products and markets), and Kevin Ford, Esri’s CISO. They discuss the complexity reduction need that Cloud-Native Application Protection Platforms (CNAPPs) provide. Outshift by Cisco is our CyberWire-X episode sponsor. To learn more about Cloud-Native Application Protection Platforms, check out Panoptica’s website at https://panoptica.app and consider attending the Cisco Live EMEA in Amsterdam, February 5-8, 2024.
28/01/2432m 12s

Hooked on pirated macOS applications. [Research Saturday]

Jaron Bradley from Jamf Threat Labs is sharing their work on "Jamf Threat Labs discovers new malware embedded in pirated applications." Jamf Threat Labs has detected a series of pirated macOS applications that have been modified to communicate to attacker infrastructure. The research states "These applications are being hosted on Chinese pirating websites in order to gain victims." The discovery marks new and advanced malware, similar to the ZuRu malware, first discovered by Objective-See in 2021 within the iTerm2 application. The research can be found here: Jamf Threat Labs discovers new malware embedded in pirated applications
27/01/2423m 0s

A new purchase is cause for a call out.

Senator Wyden calls out the NSA for purchasing American’s internet records. Senators look to add IT and ICS environments to federal employee cyber competitions. The FTC asks big tech about their investments in AI. Turns out the GSA bought a bunch of Chinese security cameras. Akira ransomware claims a breach of Lush cosmetics. ESET reports on the Blackwood cyberespionage group. Wired looks at Predatory Sparrow. The U.S. stands firm on the United Nations Cybercrime Treaty. Our guest is Tony Surak, CMO & Operating Partner from DataTribe, with insights on the state of venture capital in cyber. And a Trickbot gang member will be doing some time. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Tony Surak from DataTribe joins us to share his take on the state of the VC cyber market. Selected Reading Wyden Releases Documents Confirming the NSA Buys Americans’ Internet Browsing Records; Calls on Intelligence Community to Stop Buying U.S. Data Obtained Unlawfully From Data Brokers, Violating Recent FTC Order  Senate Committee debuts bipartisan bill to add OT, ICS environments to federal employee cyber competition  FTC officially asks Big Tech about their AI deals | Cybernews  GSA Sparks Security Fears After Buying Risky Chinese Cameras Akira ransomware gang says it stole passport scans from Lush • The Register Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware - SecurityWeek How a Group of Israel-Linked Hackers Has Pushed the Limits of Cyberwar | WIRED On eve of final negotiations, US says consensus growing around ‘narrow’ UN cybercrime treaty Trickbot malware developer sentenced to 5 years behind bars • The Register Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
26/01/2432m 17s

Another day, another Blizzard attack.

Cozy Bear breaches Hewlett Packard Enterprise. An investigation reveals global surveillance based on digital advertising. Cisco patches critical vulnerabilities. Meta aims to enhance the online safety of minors.  iOS notifications are exploited for tracking. EquiLend’s systems go offline after a cyberattack.  A DC theater faced financial crisis after seeing their bank account drained. Critical infrastructure is targeted in Ukraine.  The latest insights on ransomware. Guest Lance Hood joins us from TransUnion to share how fraud attacks on financial industry call centers are rising. And Teslas get POwned in Tokyo. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Lance Hood joins us from TransUnion to share how fraud attacks on financial industry call centers are rising. Selected Reading Hewlett Packard Enterprise tells SEC it was breached by Russia’s 'Cozy Bear' hackers (The Record) Inside a Global Phone Spy Tool Monitoring Billions (404 Media) Cisco Patches Critical Vulnerability in Enterprise Collaboration Products (SecurityWeek) Instagram and Facebook will now prevent strangers from messaging minors by default (The Verge) Research Reveals How iPhone Push Notifications Leak User Data (MacRumors) Financial tech firm EquiLend says recovery after cyberattack ‘may take several days’ (The Record) 'No gift is too small' | GALA Hispanic Theater asking for donations after hackers drain bank accounts (WUSA9) Ukrainian energy giant, postal service, transportation agencies hit by cyberattacks (The Record) The 2024 Ransomware Threat Landscape (Symantec Enterprise Blogs) Who pays, and why: A researcher examines the ransomware victim’s mindset (The Record) Tesla Hack Earns Researchers $100,000 at Pwn2Own Automotive - SecurityWeek (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
25/01/2435m 32s

The fight against exploiting Americans.

Biden prepares executive order on foreign access to data. Britain’s NCSC warns of a significant ransomware increase. Cisco Talos confirms ransomware surge. BuyGoods.com leaks PII and KYC data. Fortra faces scrutiny over slow disclosure. AI fights financial fraud. Intel471 highlights bulletproof hosting. NSO Group lobbies to revamp their image. Tussling in Missouri over election security. Integrating cyber education. Our guests are N2K President Simone Petrella and WiCyS Executive Director Lynn Dohm talking about a new partnership for a comprehensive Cyber Talent Study. And the moral panic of Furbies. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today’s guests are N2K President Simone Petrella and WiCyS Executive Director Lynn Dohm talking with Dave Bittner about a new partnership for a comprehensive Cyber Talent Study to deepen the collective understanding of cybersecurity competencies within the industry. Selected Reading Biden Seeks to Stop Countries From Exploiting Americans’ Data for Espionage (Bloomberg) British intelligence warns AI will cause surge in ransomware volume and impact (The Record) Significant increase in ransomware activity found in Talos IR engagements, while education remains one of the most-targeted sectors (Talos) Global Retailer BuyGoods.com Leaks 198GB of Internal and User PII, KYC data (HACKREAD) Fortra blasted over slow response to critical GoAnywhere file transfer bug (SC Media) Gen AI Expected to Bring Big Changes to Banking Sector (GovInfo Security) Why Bulletproof Hosting is Key to Cybercrime-as-a-Service (Infosecurity Magazine) Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback (WIRED) Missouri secretary of state accused of withholding cybersecurity reviews of election authorities (StateScoop) Cybersecurity education from childhood is a vital tool: 72% of children worldwide have experienced at least one type of cyber threat (Check Point)  These Are the Notorious NSA Furby Documents Showing Spy Agency Freaking Out About Embedded AI in Children's Toy (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
24/01/2438m 2s

The mother of all data breaches.

The mother of all data breaches. CISA director Easterly is the victim of a swatting incident. An AI robocall in New Hampshire seeks to sway the election. Australia sanctions an alleged Russian cyber-crime operator. Atlassian Confluence servers are under active exploitation. Apple patches a webkit zero-day. Black Basta hits a major UK water provider. Hackers who targeted an Indian ISP launch and online search portal. A Massachusetts hospital suffered a Christmas day ransomware attack. Ann Johnson host of the Afternoon Cyber Tea podcast, speaks with Caitlin Sarian, known to many as Cybersecurity Girl. And HP claims bricked printers are a security feature, not a bug.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Microsoft Security’s Afternoon Cyber Tea podcast host, Ann Johnson, speaks with Caitlin Sarian, known to many as Cybersecurity Girl, a leading influencer with a cybersecurity-focused social presence. Listen to the full interview here.  Selected Reading Mother of All Breaches: ​a Historic Data Leak Reveals 26 Billion Records (Cybernews) CISA’s Easterly the target of ‘harrowing’ swatting incident (The Record) AI robocalls impersonate President Biden in an apparent attempt to suppress votes in New Hampshire (PBS NewsHour) Hear fake Biden robocall urging voters not to vote in New Hampshire (YouTube) Medibank hack: Russian sanctioned over Australia's worst data breach (BBC) Hackers start exploiting critical Atlassian Confluence RCE flaw (BleepingComputer) iOS 17.3 and macOS Sonoma 14.3 Patch WebKit Vulnerability That May Have Been Exploited (MacRumors) UK water company that serves millions confirms system attackIndian ISP Hathway Data Breach (The Record) Hacker Leaks 4 Million Users, KYC Data (HACKREAD) Massachusetts hospital claimed to be targeted by Money Message ransomware (SC Media) HP's CEO spells it out: You're a 'bad investment' if you don't buy HP supplies (The Register) HP CEO evokes James Bond-style hack via ink cartridges (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
23/01/2431m 49s

Midnight Blizzard brings the storm.

Russian state hackers breach Microsoft. LockBit claims Subway restaurants hack. A Swedish datacenter is hit with ransomware. VMware patches a vulnerability targeted by Chinese espionage groups. Sentinel Labs warns of North Korean APTs focus on cybersecurity pros. FTC order another data broker to restrict location data. US Feds release security guidance for water and wastewater sectors. Senators question the DOJ on facial recognition technology. Ukraine’s Monobank gets DDoSed. N2K’s CSO Rick Howard joins us to share some insight into what he and the Hash Table are cooking up for the upcoming season of his CSO Perspectives podcast. The passing of a Time Lord.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K’s CSO Rick Howard joins us to share some insight into what he and the Hash Table are cooking up for the upcoming season of his CSO Perspectives podcast launching next month.    Selected Reading Microsoft: Russian Hackers Had Access to Executives' Emails (GovInfo Security) LockBit ransomware gang claims the attack on the sandwich chain Subway (Security Affairs) Ransomware hits cloud service Tietoevry; numerous Swedish customers affected (The Record) Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021 (Mandiant) North Korea’s ScarCruft APT group targets infosec pros (CSO Online) FTC Order Will Ban InMarket from Selling Precise Consumer Location Data (Federal Trade Commission) US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities (SecurityWeek) Ukraine’s Monobank hit with massive DDoS attack (Silicon Republic) Senators ask DOJ to investigate whether facial recognition tech violates Civil Rights Act (The Record) RIP, Internet’s Time Lord (On My Om) Network Time Protocol (NTP) attack (noun) (Word Notes podcast) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
22/01/2429m 59s

Encore: Matt Devost: Solving hard problems and pursuing your passions. [CEO] [Career Notes]

CEO, Matt Devost, describes many firsts in his career including hacking into systems on an aircraft carrier at sea. He shares how he enjoys solving hard problems and the red teamer perspective, and how he was able to translate those into a career. For those interested in cybersecurity, Matt advises opportunities for self-directed learning including heading down to your basement and building your own lab. Our thanks to Matt for sharing his story with us.
21/01/247m 48s

Two viewpoints on the National Cybersecurity Strategy. [Special Edition]

Earlier this month, the White House released the National Cybersecurity Strategy, the first issued since 2018. The strategy refocuses roles, responsibilities, and resource allocations in the digital ecosystem, with a five pillar approach. Those pillars are: defending critical infrastructure, disrupting threat actors, shaping market forces to drive security and resilience, investing in a resilient future, and forging international partnerships. We wanted to delve into the strategy and its intended effects further, so Dave Bittner spoke with representatives from industry and inside government. Dave first speaks with Adam Isles, Principal and Head of Cybersecurity Practice at The Chertoff Group, sharing industry's take on the strategy. Following that conversation, Dave had a discussion with Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology at the National Security Council, for a look at the strategy from inside the White House. Links to resources: Point of View: 2023 National Cybersecurity Strategy The Chertoff Group's blog National Cybersecurity Strategy 2023
21/01/2435m 3s

A firewall wake up call. [Research Saturday]

Jon Williams from Bishop Fox is sharing their research on "It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable." SonicWall published advisories for CVE-2022-22274 and CVE-2023-0656 a year apart after finding that NGFW series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities. The research states "Our research found that the two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern." They also found that when they scanned SonicWall firewalls with management interfaces exposed to the internet, they found that 76% are vulnerable to one or both issues. The research can be found here: It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable
20/01/2423m 1s

New malware, new threats.

Microsoft warns of an Iranian cyberespionage group. The CyberSafety Review Board receives critical reviews of its own. VMWare warns of active product exploitation. Tax info gets leaked in accounting firm breach. Kansas State University reports a cyber incident. CISA adds Citrix Netscaler vulnerabilities to its Known Exploited Vulnerabilities catalog. Councils in the UK suffer online disruptions. Cyber insurance can be a double edged sword. More email security breaches lead to firings. In our Solution Spotlight, N2K President Simone Petrella speaks with Michelle Amante of the Partnership for Public Service With an update on the Cybersecurity Talent Initiative. And it’s shields up for Generation Z. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Solution Spotlight, N2K President Simone Petrella speaks with Michelle Amante of the Partnership for Public Service sharing an update on the Cybersecurity Talent Initiative and how federal agencies and early career existing talent that may be interested in the program’s offerings. Selected Reading Microsoft: Iranian hackers target researchers with new MediaPl malware (Bleeping Computer) Cyber Safety Review Board needs stronger authorities, more independence, experts say (Cyberscoop) VMware vCenter Server Vulnerability Exploited in Wild (SecurityWeek) ELO accounting data breach sparks tax fraud (Cybernews) Cyber attacks on Kent councils disrupt online services (BBC) Kansas State University suffered a serious cybersecurity incident (SecurityAffairs) CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities (Malwarebytes) Cyber Insurance in the Age of Ransomware: Protection or Provocation? (SOCRadar) Four-in-ten employees sacked over email security breaches as firms tackle “truly staggering” increase in attacks (IT Pro) Think boomers are most vulnerable to cybersecurity attacks? Wrong. It's actually Gen Z (CBC) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2024 N2K Networks, Inc.
19/01/2432m 34s

A credential dump hits the online underground.

A massive credential dump hits the online underground. CISA and the FBI issue joint guidance on drones. TensorFlow frameworks are prone to misconfigurations. Swiss federal agencies are targets of nuisance DDoS. Cybercriminals hit vulnerable Docker servers. Quarkslab identifies PixieFAIL in UEFI implementations. Google patches Chrome zero-day. The Bigpanzi botnet infects smart TVs. Proofpoint notes the return of TA866. In our Threat Vector segment, David Moulton dives into the evolving world of AI in cybersecurity with Kyle Wilhoit, director of threat research at Unit 42. And we are shocked- SHOCKED! - to learn that Facebook is tracking us.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest This segment of Threat Vector dives into the evolving world of AI in cybersecurity with Kyle Wilhoit, director of threat research at Unit 42. This thought-provoking discussion, hosted by David Moulton, director of thought leadership at Unit 42, ffocuses on the current state and future trends of AI in cyberthreats. Discover how AI is reshaping the landscape of cyberattacks, the role of generative AI in threat actor tactics, and the challenges of attribution in AI-driven cyberattacks. Visit Unit 42 by Palo Alto Networks to learn more.  Check out the Threat Vector podcast and follow it on your favorite podcast app.  Selected Reading Researcher uncovers one of the biggest password dumps in recent history (Ars Technica) Troy Hunt: Inside the Massive Naz.API Credential Stuffing List (Troy Hunt) Feds warn China-made drones pose risk to US critical infrastructure (SC Media) TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks (The Hacker News) Swiss Government Reports Nuisance-Level DDoS Disruptions (Data Breach Today) Malware Exploits 9Hits, Turns Docker Servers into Traffic Boosted Crypto Miners (HACKREAD) PixieFail: Nine flaws in UEFI open-source reference implementation (Security Affairs) Update Chrome! Google patches actively exploited zero-day vulnerability (Malwarebytes) Cybercrime crew infects 172,000 smart TVs and set-top boxes (Risky Biz News) Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware (Google Threat Analysis Group) Security Brief: TA866 Returns with a Large Email Campaign (Proofpoint) Each Facebook User Is Monitored by Thousands of Companies (Consumer Reports) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
18/01/2431m 12s

Exploring the cosmic frontier: Unveiling the future of space law. [Caveat]

Bryce Kennedy, President of the Association of Commercial Space Professionals (ACSP), is sharing what is on horizon in space law. Bryce is also a space lawyer and a regular contributor to our T-Minus daily space podcast right here on the N2K podcast network. You can hear more from the T-Minus space daily show here. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Caveat Briefing A companion weekly newsletter is available CyberWire Pro members on the CyberWire's website. If you are a member, make sure you subscribe to receive our weekly wrap-up of privacy, policy, and research news, focused on incidents, techniques, tips, compliance, rights, trends, threats, policy, and influence ops delivered to you inbox each Thursday. Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you.
18/01/2429m 34s

Maximum severity vulnerability needs critical updates.

Atlassian issues critical updates. CISA and the FBI warn of AndroxGh0st. A GPU vulnerability hits major manufacturers. A Foxconn subsidiary in Taiwan gets hacked. Australians suffer breached credit cards through credential stuffing. A parade of horrible hackers and scammers. CISO accountability is highlighted at ShmooCon. Cybersecurity VC funding plummets. On the Learning Layer, N2K’s Executive Director of Product Innovation Sam Meisenberg lets us in on an A+ tutoring session. Don’t ask ChatGPT to handle your Amazon product listings.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Learning Layer with N2K’s Executive Director of Product Innovation Sam Meisenberg lets us in on an A+ tutoring session he held with Jaden Dicks. Selected Reading Atlassian’s Confluence Data Center and Server Affected by Critical RCE Vulnerability, CVE-2023-22527: Patch Now (SOCRadar) FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation (Security Affairs) A new vulnerability affecting Apple, AMD, and Qualcomm GPUs could expose AI data (TechSpot) Taiwan’s Foxconn subsidiary faces cyberattack (Taiwan News) 15,000 Aussies Affected After Binge, The Iconic Hacked (Pedestrian) Hackers post disturbing videos to online forum used by UC Irvine students (ABC7) Heartless scammers prey on hundreds of lost pet owners, demanding ransoms or else… (Bitdefender) As hacks worsen, SEC turns up the heat on CISOs (TechCrunch) Cybersecurity Startup Funding Hits 5-Year Low, Drops 50% From 2022 (Crunchbase) Amazon Is Selling Products With AI-Generated Names Like "I Cannot Fulfill This Request It Goes Against OpenAI Use Policy" (Futurism) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
17/01/2435m 48s

Vulnerabilities and security risks.

Ivanti products are under active zero-day exploitation. Phemedrone is a new open-source info-stealer. Bishop Fox finds exposed SonicWall firewalls. GitLab and VMware patch critical vulnerabilities. The Secret Service foils a phishing scam. Europol shuts down a cryptojacking campaign. Ransomware hits a Majorca municipality. RUSI looks at ransomware. Ben Yelin explains the New York Times going after OpenAI over the data scraping. And the sad case of an Ohio lottery winner.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest and partner Ben Yelin joins us today to discuss “The Most Critical Elements of the FTC’s Health Breach Rulemaking.” Ben is the Program Director for Public Policy & External Affairs at the University of Maryland Center for Health and Homeland Security and Co-Host of N2K’s Caveat Podcast. Selected Reading Ivanti Connect Secure zero-days now under mass exploitation (Bleeping Computer) Windows SmartScreen flaw exploited to drop Phemedrone malware (Bleeping Computer) Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack (Security Affairs) GitLab Fixes Password Reset Bug That Allows Account Takeover (Security Boulevard) Patches Available for a Critical Vulnerability in VMware Aria Automation: CVE-2023-34063 (Malware News) US court docs expose fake antivirus renewal phishing tactics (Bleeping Computer) Hacker spins up 1 million virtual servers to illegally mine crypto (Bleeping Computer) Ransomware gang demands €10 million after attacking Spanish council (The Record) Ransomware: Victim Insights on Harms to Individuals, Organisations and Society (Royal United Services Institute) Cybersecurity incident delays payouts for big Ohio Lottery winners (Beacon Journal) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
16/01/2432m 50s

Putting a dent in the cybersecurity workforce gap. [Special Edition]

In this special edition of Solution Spotlight, N2K President, Simone Petrella is talking with ISC2 CEO Clar Rosso about putting a dent in the cybersecurity workforce gap through empowerment, breaking down barriers and expanding DE&I initiatives.
15/01/2431m 3s

Encore: Examining the current state of security orchestration. [CyberWire-X]

In this encore episode of CyberWire-X, N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined by guest Rohit Dhamankar, Fortra's Vice President of Product Strategy, and Hash Table member Steve Winterfeld, Akamai's Advisory CISO to discuss CISO initiatives such as vendor consolidation, automation, and attack surface management as a way to determine if it’s possible to achieve both increased security maturity and decreased operational load. This session covers common mistakes when adopting security technologies, including the pros and cons of AI, and how to better collaborate together.
15/01/2432m 13s

Encore: Kathleen Booth: Get your foot in the door and prove your worth. [Marketing] [Career Notes]

Vice President of Marketing, Kathleen Booth, shares her career path from political science and international development to marketing for a cybersecurity company. Early dreams of acting morphed into goals of making the world a better place. Chief marketer and podcaster Kathleen is doing just that. She shares how proving your worth can lead to success. Listen for Kathleen's advice on getting your foot in the door. Our thanks to Kathleen for sharing her story with us.
14/01/247m 6s

Dual Russian cyber gangs hit 23 companies. [Research Saturday]

Ryan Westman, Senior Manager, Threat Intelligence, eSentire's Threat Response Unit (TRU), is discussing their research "Two Russian-speaking cyber gangs attack employees from 23 different companies." They are using malicious Google ads, promoting popular business software such as Zoom, Slack, and Adobe. The customers targeted are companies in the manufacturing, software, legal, retail and healthcare industries. The attacking threat actors belong to the Russian-speaking Malware-as-a-Service (MaaS) groups called BatLoader and FakeBat. The research can be found here: Two Competing, Russian-Speaking Cybercrime Groups Attack Employees from 23 Companies in the Manufacturing, Software, Legal, Retail, and Healthcare Sectors Using Malicious Google Ads
13/01/2418m 58s

Casting a wider hiring net.

The Feds look to cast a wider hiring net. Legislators focus on deepfakes. Cookie stealers bypass MFA on Google accounts. A Fast food hiring chat bot got hacked. Medusa casts her gaze toward extortion. Akira ransomware is active in Finland. GitLab patches critical vulnerabilities. Bosch thermostats are vulnerable to some hot firmware. CSAM vendors’ crypto sophistication grows. CISA released ICS advisories. On our Solution Spotlight, N2K’s Simone Petrella speaks with Kim Jones, Director of Intuit's CyberCRAFT team, about the SEC's heightened focus on cybersecurity. And a little listener feedback, Karaoke style. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K’s Simone Petrella discusses a possible hurdle with Kim Jones, Director of Intuit's CyberCRAFT team. They talk about the SEC's heightened focus on cybersecurity. Selected Reading An analysis of cyberattacks against Danish energy infrastructure. Cryptomining campaign targets weak SSH passwords. (CyberWire) White House moves to ease education requirements for federal cyber contracting jobs (CyberScoop) State Legislators Tighten A.I. Rules to Combat Deceptive Election Ads (New York Times) Info-stealers can steal cookies for permanent access to your Google account (Malwarebytes) Hackers Break into AI Hiring Chatbot, Could Hire and Reject Fast Food Applicants (404 Media) Medusa Ransomware Turning Your Files into Stone (Unit 42 by Palo Alto Networks) Akira ransomware attackers are wiping NAS and tape backups  (Help Net Security) Urgent: GitLab Releases Patch for Critical Vulnerabilities - Update ASAP (The Hacker News) Vulnerability Puts Bosch Smart Thermostats at Risk of Compromise (Infosecurity Magazine) Child Abusers Are Getting Better at Using Crypto to Cover Their Tracks (WIRED) CISA Releases Nine Industrial Control Systems Advisories (CISA) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
12/01/2435m 14s

Unveiling the Shadow Strike: A zero-day assault on Ivanti VPN users.

A zero-day hits Ivanti VPN customers. CISA highlights an active MS Sharepoint Server flaw. Cisco patches a critical vulnerability. Atomic Stealer gets updates. Sensitive school emergency planning documents are exposed online. The FCC reports on risky communications equipment. The White House will introduce new cybersecurity requirements for hospitals. Mandiant explains their X-Twitter hack. Our guest is Palo Alto Networks’ Unit 42’s David Moulton, host of the new Threat Vector podcast. And we are shocked - shocked! - to learn that an online sex for money scheme is a scam.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest David Moulton from Palo Alto Networks joins us to talk about Threat Vector. It’s Unit 42’s segment turned podcast on the N2K media network. Selected Reading Ivanti customers urged to patch vulnerabilities allegedly exploited by Chinese state hackers (The Record) CISA Urges Patching of Exploited SharePoint Server Vulnerability (SecurityWeek) Critical Cisco Unity Connection flaw gives attackers root privileges. Patch now! (CVE-2024-20272) (Help Net Security) Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload (The Hacker News) FCC's Reimbursement Program shows progress in removing national security risks from communication networks (Industrial Cyber) After Barrage of Hacks, Hospitals Will Face New Federal Cybersecurity Rules Tied to Funding (The Messenger) US School Shooter Emergency Plans Exposed in a Highly Sensitive Database Leak (WIRED) Mandiant’s X Account Was Hacked in Brute-Force Password Attack (Infosecurity Magazine) Believing they would be paid a fortune for having sex with women, hundreds of Indian men scammed out of cash  (Graham Cluely) Threat Vector Links. To get more information on Medusa ransomware, listen to this episode of Threat Vector. Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
11/01/2432m 52s

A pivotal global menace.

The World Economic Forum names AI a top global threat. The SEC suffers social media breach. The FTC settles with a data broker over location data sales. A massive data leak hits Brazil. Chinese researchers claim and AirDrop hack. A major real estate firm suffers data theft. Pikabot loader is seeing use by spammers. Ukraine’s Blackhit hits Russia’s M9 Telecom. Stuxnet methods are revealed. A Patch Tuesday rundown. Our guest is ​​Tim Eades from the Cyber Mentor Fund to discuss the growing prevalence of restoration as a part of incident response. And Hackers could screw up a wrench. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest ​​Tim Eades from Cyber Mentor Fund joins us to discuss the growing prevalence of restoration as a part of incident response.  Selected Reading AI-powered misinformation is the world's biggest short-term threat, Davos report says (AP News) NSA: Benefits of generative AI in cyber security will outweigh the bad (IT Pro) SEC account on X ‘compromised’ and regulator has not approved bitcoin ETFs (MarketWatch) SEC did not have 2FA enabled: X safety team on fake Bitcoin ETF post (Cointelegraph) FTC Order Prohibits Data Broker X-Mode Social and Outlogic from Selling Sensitive Location Data (Federal Trade Commission) Entire population of Brazil possibly exposed in massive data leak (Security Affairs) China says state-backed experts crack Apple's AirDrop (Digital Journal) Fidelity National Financial says hackers stole data on 1.3 million customers (TechCrunch) Water Curupira Hackers Launch Pikabot Malware Attack on Windows Machine (GBHackers On Security) Ukrainian “Blackjack” Hackers Take Out Russian ISP (Infosecurity Magazine) Ukraine is on the front lines of global cyber security (Atlantic Council)  Dutch Engineer Used Water Pump to Get Billion-Dollar Stuxnet Malware Into Iranian Nuclear Facility: Report (SecurityWeek) New research paper explores post-quantum cryptography for critical infrastructure cybersecurity (Industrial Cyber) AI Helps U.S. Intelligence Track Hackers Targeting Critical Infrastructure (Wall Street Journal) Hewlett Packard Enterprise nears $13 billion deal to buy Juniper Networks (Reuters) January Patch Tuesday: New year, more Windows bugs (The Register) Cybersecurity Advisory: Apache Struts Vulnerability CVE-2023-50164 (Uptycs) Hackers can infect network-connected wrenches to install ransomware (Ars Technica)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
10/01/2433m 27s

Swatting on the rise.

Swatting is on the rise. LoanDepot, the Toronto Zoo and the World Council of Churches all confirm ransomware attacks. Iran-linked hackers target Albania. Sea Turtle focuses on espionage and information theft. Fake “security researchers” offer phony ransomware recovery services. Could AI make KYC  EOL? Avast enhances Babuk decryption. Joe Carrigan looks at the human side of email security. And a group of midwives fail to deliver. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we are joined by Joe Carrigan from JHU ISI on the human elements that impact email security  Selected Reading Tanya Chutkan, the judge overseeing Trump's federal election interference case, appears to be victim of 'swatting' Special counsel Jack Smith was targeted by attempted swatting on Christmas Day LoanDepot Takes Systems Offline Following Ransomware Attack Toronto Zoo hit by ransomware attack | Cybernews Rhysida ransomware gang takes responsibility for attack on World Council of Churches Wiper malware found in analysis of Iran-linked attacks on Albanian institutions Turkish espionage campaigns in the Netherlands "Security researcher" offers to delete data stolen by ransomware attackers Gen AI could make KYC effectively useless | TechCrunch  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
09/01/2430m 59s

A conclusion on the xDedic Marketplace investigation.

The DOJ concludes its xDedic Marketplace investigation. A cyberattack shuts down a major mortgage lender. The Swiss Air Force suffers third party breach. An update on SilverRAT. The Space Force emphasizes collaboration for effective cyber growth. The DOE announces cyber resilience funding. Merck reaches a settlement on NotPetya. NIST warns of AI threats. Our guest is Dragos CEO Robert M. Lee, with a look at intellectual property theft in manufacturing. And Chump Change fines for big tech.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we are joined by Robert M. Lee, founder and CEO of Dragos, to discuss intellectual property theft in manufacturing.  Selected Reading AsyncRAT campaign targets US infrastructure. (CyberWire) 19 Individuals Worldwide Charged In Transnational Cybercrime Investigation Of The xDedic Marketplace (US Department of Justice) Space Force is crafting in-house cyber teams but sees need for closer work with USCYBERCOM (Nextgov/FCW) Energy Department has cyber threats to infrastructure in mind with $70 million funding offer (FedScoop) Swiss Air Force documents exposed via cyber attack on third party (BeyondMachines.net) Major IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD Attack (SecurityWeek) Merck settles with insurers who denied $700 million NotPetya claim (The Record) Syrian Threat Group Peddles Destructive SilverRAT (DarkReading) NIST Warns of Security and Privacy Risks from Rapid AI System Deployment (The Hacker News) Mortgage firm loanDepot cyberattack impacts IT systems, payment portal (BleepingComputer) Big Tech has already made enough money in 2024 to pay all its 2023 fines (Proton) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
08/01/2429m 53s

Encore:Johannes Ullrich: Superhero origin stories and lessons that last. [Education] [Career Notes]

Dean of Research, Johannes Ullrich, relays his experiences from studying the hard sciences to his career shift to cybersecurity. Basic principles, superhero origin stories, physics labs and radiation all figure in. And there’s a lot in common with network security best practices. Have a listen to what Johannes has learned and what he hopes to impart on his students. Our thanks to Johannes for sharing his story with us.
07/01/247m 24s

Diving deep into Phobos ransomware. [Research Saturday]

Guilherme Venere from Cisco Talos joins to discuss their research on "A deep dive into Phobos ransomware, recently deployed by 8Base group." Cisco Talos discovered that 8Base’s Phobos ransomware payload contains an embedded configuration, which is a significant difference between 8Base’s Phobos variant and other Phobos samples that have been observed in the wild since 2019.  In this 2-part research series, Talos conducts a deep dive into the Phobos ransomware, including its affiliate structure, activity and capabilities, as well as the one private key that could enable decryption of all the samples analyzed.  The research can be found here: A deep dive into Phobos ransomware, recently deployed by 8Base group Understanding the Phobos affiliate structure and activity
06/01/2424m 5s

Disruptions to the internet.

BGP attack disrupts Internet service. Data breach law firm breached. Remcos RAT returns. Poison packages in the PyPI repository. Hacktivist personae and GRU fronts. BreachForums impresario re-arrested. Cyber National Mission Force gets a new leader. On our Solution Spotlight, Simone Petrella talks with ISC2 CEO Clar Rosso about putting a dent in the cybersecurity workforce gap. LinkedIn as a dating platform? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella talks with ISC2 CEO Clar Rosso about putting a dent in the cybersecurity workforce gap through empowerment, breaking down barriers and expanding Diversity, Equity and Inclusion (DE&I) initiatives. Selected Reading BGP attack disrupts Internet service. Pirated Zeppelin ransomware source code for sale in a C2C souk. BreachForums impresario re-arrested. (CyberWire) Hacker hijacks Orange Spain RIPE account to cause BGP havoc (Bleeping Computer) RIPE Account Hacking Leads to Major Internet Outage at Orange Spain (SecurityWeek) Law firm that handles data breaches was hit by data breach (TechCrunch) UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT (The Hacker News) EXPERTS FOUND 3 MALICIOUS PACKAGES HIDING CRYPTO MINERS IN PYPI REPOSITORY (SecurityAffairs) BreachForums administrator detained after violating parole (The Record) Russian hackers wiped thousands of systems in KyivStar attack (Bleeping Computer) US military’s Cyber National Mission Force gets a new chief (The Record) The Hottest New Dating Site: LinkedIn (Business Insider) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
05/01/2431m 23s

Russian hackers hide in Ukraine telecoms for months.

Sandworm was in Kyivstar's networks for months. Museums face online outages. Emsisoft suggests a ransomware payment ban. An ambulance service suffers a data breach. Mandiant’s social media gets hacked. GXC Team's latest offerings in the C2C underground market. 23andMe blames their breach on password reuse. Lawyers are using outdated encryption.  On today’s Threat Vector segment, David Moulton chats with Garrett Boyd,  senior consultant at Palo Alto Networks Unit 42  about the importance of internal training and mentorship in cybersecurity. And in Russia, holiday cheers turn to political jeers.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Threat Vector segment with David Moulton features Garrett Boyd, a senior consultant at Unit 42 by Palo Alto Networks with a background as a Marine and professor, discusses the importance of internal training and mentorship in cybersecurity. He provides insights into how training prepares professionals for industry challenges and how mentorship fosters professional growth and innovation. Garrett emphasizes the need for a mentorship culture in organizations and the responsibility of both mentors and mentees in this dynamic. The episode highlights the transformative impact of mentorship through personal experiences and concludes with an invitation for listeners to share their stories and a reminder to stay vigilant in the digital world. Threat Vector To learn what is top of mind each month from the experts at Unit 42 sign up for their Threat Intel Bulletin.  Selected Reading Compromised accounts and C2C markets. Cyberespionage and state-directed hacktivism. (CyberWire) Exclusive: Russian hackers were inside Ukraine telecoms giant for months (Reuters) Hackers linked to Russian spy agency claim cyberattack on Ukrainian cell network (reuters) Museum World Hit by Cyberattack on Widely Used Software (The New York Times) The State of Ransomware in the U.S.: Report and Statistics 2023 (Emsisoft) Nearly 1 million affected by ambulance service data breach (The Record) Mandiant’s account on X hacked to push cryptocurrency scam (Bleeping Computer) Cybercriminals Implemented Artificial Intelligence (AI) For Invoice Fraud (Resecurity) 23andMe tells victims it’s their fault that their data was breached (TechCrunch+) The Curious Case of MD5 (katelynsills) Firmware prank causes LED curtain in Russia to display ‘Slava Ukraini’ — police arrest apartment owner (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
04/01/2432m 0s

A digital disappearance in Utah.

Cyber-kidnapping in Utah. Hospitals sue for data recovery. The US Department of Homeland Security assesses cyber threats to the US. Mac malware is on the rise. Cameras hacked by Russian intelligence services provide targeting information. Ransomware roundup. An NPM dependency campaign. Google recommends enhanced safe browsing. Rob Boyce from Accenture describes the Five Families and the trend of hacker collaboration. And the FTC wants to hear your cloned voice. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we are joined by Rob Boyce from Accenture talking about the Five Families, the trend of hacker collaboration.  Selected Reading Missing Riverdale foreign exchange student found near Brigham City in case of ‘cyber kidnapping’ (ABC4) What is ‘cyber kidnapping’ and what can you do to stay safe online? (Deseret News) Hospitals ask courts to force cloud storage firm to return stolen data (BleepingComputer) Homeland Threat Assessment (US Department of Homeland Security)  The Mac Malware of 2023 (Objective-See) SBU blocks webcams that ‘flashed’ operation of air defense during missile attack on Kyiv on Jan 2 (Interfax-Ukraine) Ukraine says Russia hacked web cameras to spy on targets in Kyiv (The Record)  Akumin radiology and oncology reports ransomware attack and data breach (beyondmachines) Coop supermarket chain hit by ransomware cyberattack (beyondmachines) When “Everything” Goes Wrong: NPM Dependency-Hell Campaign – 2024 Edition (Checkmarx) Accounts in danger: Google recommends enhanced safe browsing and extra care (cybernews) The FTC Voice Cloning Challenge (FTC) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
03/01/2430m 26s

Apple's clickless exploit.

A zero-click exploit affects iPhones belonging to Kaspersky employees. A GRU cyber campaign incorporates novel malware. The Indian government targets Apple over hacking attempts. Microsoft disables App Installer. Australian courts’ AV is compromised. A BlackBasta decryptor is released. Cyber Toufan claims attacks against Israeli targets. Patients in Oklahoma face online extortion. LoanCare customers’ data is at risk. Google settles a private browsing lawsuit. Barracuda patches a zero-day. That Chinese spy balloon was making a local call. And then Caleb Barlow, a friend of our show, shares password security tips you should know.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Caleb Barlow, CEO of Cyberbit, joins us today to share helpful tips to remember those passwords.  Selected Reading 4-year campaign backdoored iPhones using possibly the most advanced exploit ever (Ars Technica)  New malware found in analysis of Russian hacks on Ukraine, Poland (The Record) Russian Military Intelligence Blamed for Blitzkrieg Hacks (GovInfo Security) India targets Apple over its phone hacking notifications (Washington Post) Microsoft disables App Installer after observing financially motivated threat actor activity (Cybernews)  Microsoft disables App Installer after observing financially motivated threat actor activity (Cybernews)  Cyber attack on Victoria's court system may have exposed recordings of sensitive cases (ABC News)  New Black Basta decryptor exploits ransomware flaw to recover files (Bleeping Computer) Pro-Palestinian operation claims dozens of data breaches against Israeli firms (The Record) Integris Health patients get extortion emails after cyberattack (Bleeping Computer)  AG: Corewell Health reports another data breach; affects 1 million patients (The Oakland Press) LoanCare Notifying 1.3 Million of Data Breach Following Cyberattack on Parent Company (Security Week) Google settles $5 billion consumer privacy lawsuit (Reuters) Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841 (Security Affairs) U.S. intelligence officials determined the Chinese spy balloon used a U.S. internet provider to communicate (NBC News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
02/01/2431m 32s

Microsoft EVP Charlie Bell on the Future of Security [Afternoon Cyber Tea]

Microsoft Security EVP Charlie Bell joins Ann on this week's episode of Afternoon Cyber Tea. Charlie has over four decades in the tech industry, from developing space shuttle software to leading the creation of Amazon Web Services' decentralized engineering system and now leading Microsoft’s effort to make the digital world safe and secure for everyone on the planet. Ann and Charlie discuss AI, the Security ecosystem, and why he thinks speed and acceleration of problem-solving are so relevant today.    Resources: View Charlie Bell on LinkedIn   View Ann Johnson on LinkedIn     Related Microsoft Podcasts:          Listen to: Uncovering Hidden Risks  Listen to: Security Unlocked   Listen to: Security Unlocked: CISO Series with Bret Arsenault        Discover and follow other Microsoft podcasts at microsoft.com/podcasts Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.
01/01/2428m 29s

Encore: Tom Quinn: The mark of making a difference. [CISO] [Career Notes]

Financial firm CISO, Tom Quinn, takes us from his first experience with modern computers in the military to his current role as a Chief Information Security Officer. It's important to understand how the technology works, but it's also important to understand how people work. And, to make a difference. Our thanks to Tom for sharing his story with us.
31/12/236m 36s

Encore: What malicious campaign is lurking under the surface? [Research Saturday]

Israel Barak, CISO from Cybereason, sits down with Dave to discuss their research, "Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation." Cybereason researchers recently found an attack lurking beneath the surface which was assessed to be the work of Chinese APT Winnti. Cybereason briefed the FBI and the DOJ on the investigation into the malicious campaign. The research states, "For years, the campaign had operated undetected, siphoning intellectual property and sensitive data." The team quickly made two reports on the campaign, one sharing an examination on the tactics and techniques. The second gives a detailed analysis of the malware and exploits used. The research can be found here: Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation
30/12/2323m 33s

T-Minus Overview- Space Cybersecurity. [t-minus]

Welcome to the T-Minus Overview Radio Show. In this program we’ll feature some of the conversations from our daily podcast with the people who are forging the path in the new space era, from industry leaders, technology experts and pioneers, to educators, policy makers, research organizations, and more. In this episode we’re covering cybersecurity for space. What is it? What are the threats to space systems, why is there such an emphasis on it right now, and what are people doing about it?  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. T-Minus Guest Our first guest is Renee Wynn, former CIO of NASA. Our second guest is Matthieu Bailly, Vice President of Space at CYSEC, a cybersecurity company based in Lausanne, Switzerland. Our third guest speaking to T-Minus Producer Alice Carruth, is Steve Luczynski, Board Chairman of the Aerospace Village. T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
29/12/2320m 33s

Peter Bauer: CEO of Mimecast [Cyber CEOs Decoded]

In this episode, Marc catches up with Mimecast CEO and co-founder Peter Bauer. They cover Peter's CEO journey, including what it was like growing up in South Africa, why he opted out of attending university, highlights from Mimecast's 20-year history, and what Peter learned from taking the company public — and then private again. You'll also learn:  When and how to raise capital, and how to manage meeting the board's expectations.  How CEOs can overcome self-doubt and continuously reimagine their role to look at challenges with new eyes.  How to view the company's history as a story with chapters and eras, and why it's important to always believe you're at the beginning of the book.
28/12/2345m 11s

NACD Accelerate, Ian Furr’s Volunteer Work, & Bidemi (Bid) Ologunde Member Spotlight [RH-ISAC Podcast]

In this episode of the Retail & Hospitality ISAC podcast, host Luke Vander Linden is joined by John Scrimsher, chief information security officer (CISO) at Kontoor Brands, Inc., and Marcel Bucsescu, senior director of credentialing and strategic engagement at NACD, to expand upon the NACD Accelerate program. Then Ian Furr, security integration engineer at RH-ISAC, talks about his volunteer work with the Information Technology Disaster Resource Center (ITDRC) and the Fairfax County Fire and Rescue Department. Finally, Luke chats with Bidemi (Bid) Ologunde, intelligence analyst at Expedia Group, about his own podcast, The Bid Picture, background, and the trajectory of cybersecurity. Thank you to Fortinet for their sponsorship of the Retail & Hospitality ISAC podcast.
27/12/231h 8m

Encore: Active visibility into OT systems. [Control Loop]

Rockwell Stratix routers vulnerable to Cisco zero-day. SecurityWeek’s ICS Cyber Security Conference. Malware attacks against IoT devices increase by 400%. Nuclear power plant operator cited over cybersecurity plan. CISA’s ICS advisories. Guest Garrett Bladow, Distinguished Engineer at Dragos, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Garrett discusses active visibility into OT systems. On the Learning Lab, Mark Urban shares the second part of his conversation about cyber threat intelligence with Paul Lukoskie, who is Dragos’ Director of Intelligence Services. Control Loop News Brief. Rockwell Stratix routers vulnerable to Cisco zero-day. PN1653 | Stratix® 5800 & 5200 vulnerable to Cisco IOS XE Web UI Privilege Escalation (Active Exploit) (Rockwell Automation) SecurityWeek’s ICS Cyber Security Conference. 2023 ICS Cybersecurity Conference (SecurityWeek) Malware attacks against IoT devices increase by 400%. Zscaler ThreatLabz 2023 Enterprise IoT and OT Threat Report (Zscaler) Nuclear power plant operator cited over cybersecurity plan. UK Cites Nuclear Plant Operator Over Cybersecurity Strategy (Silicon UK) Rockwell and Dragos announce partnership. Dragos and Rockwell Automation Strengthen Industrial Control System Cybersecurity for Manufacturers with Expanded Capabilities (Business Wire) CISA’s ICS advisories. CISA Releases Two Industrial Control Systems Advisories (CISA) Hitachi Energy’s RTU500 Series Product (Update B) (CISA) CISA Releases Nine Industrial Control Systems Advisories (CISA) Control Loop Interview. Guest is Garrett Bladow, Distinguished Engineer at Dragos, discussing active visibility into OT systems.  Control Loop Learning Lab. On the Learning Lab, Mark Urban is joined by Dragos’ Director of Intelligence Services, Paul Lukoskie, for part two of their discussion on cyber threat intelligence. Control Loop OT Cybersecurity Briefing. A companion monthly newsletter is available through free subscription and on the CyberWire's website.
27/12/2341m 48s

“Espionage and the Metaverse” – with Cathy Hackl [SpyCast]

Summary Cathy Hackl (Twitter, LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss the potential implications of the metaverse on intelligence. Cathy has been called the “Godmother of the Metaverse.” What You’ll Learn Intelligence What the metaverse is Security and counterintelligence in a virtual world Futurism within intelligence agencies  Potential risks and consequences of the metaverse Reflections How virtual spaces can affect our physical world The necessity to evolve alongside technology And much, much more … Episode Notes The web will continue to evolve and change with time, but what’s coming next? And how will this evolution affect the ways that intelligence organizations around the world conduct their operations? This week on SpyCast, Cathy Hackl joins Andrew to explain what the metaverse is, what we can expect from living in this new virtual world, and how intelligence agencies can begin planning for the Web 3 future. Cathy Hackl has been dubbed the “Godmother of the Metaverse”  Resources Featured Resource Into the Metaverse: The Essential Guide to the Business Opportunities of the Web3 Era, Cathy Hackl (Bloomsbury, 2023)  Metaverse Marketing [Cathy’s podcast] *Beginner Resources* What Is the Metaverse, Exactly?, Wired (2022) [Article] Web 3.0 Explained In 5 Minutes, YouTube (2022) [5 min. Video] 12 new tech terms you need to understand the future, R. Gray, BBC (2018) *SpyCasts* How Artificial Intelligence is Changing the Spy Game – with Mike Susong (2022) Trafficking Data: The Digital Struggle with China -- with Aynne Kokas (2022) The FBI & Cyber – with Cyber Division Chief Bryan Vorndran (Part 1 of 2) The FBI & Cyber – with Cyber Division Chief Bryan Vorndran (Part 2 of 2)  *Wildcard Resource* Watch the world’s first metaverse music video, Snoop Dogg’s “House I Built,” here!
26/12/231h 1m

Artificial Intelligence: Insights & Oddities [8th Layer Insights]

On this episode, Perry celebrates the one year birthday of ChatGPT by taking a look at AI from technological, philosophical, and folkloric perspectives. We see how AI was formed based on human words and works, and how it can now shape the future of human legend and belief. Guests: Brandon Karpf, Vice President at N2K Networks (LinkedIn) (Website) Dr. Lynne S. McNeill, Associate Professor at Utah State University (LinkedIn) (Twitter) Dr. John Laudun, Professor at University of Louisiana at Lafayette (LinkedIn) (Twitter) (Website) Lev Gorelov, Research Director at Handshake Consulting (LinkedIn) (Twitter) (Website) Resources Interview with the AI, part one, by the Brandon Karpf / the CyberWire 'Hard Fork': An Interview With Sam Altman, by The New York Times The Exciting, Perilous Journey Toward AGI, Ilya Sutskever TED Talk Ilya: the AI scientist shaping the world, by The Guardian Meet Loab, the AI Art Woman Haunting the Internet: Is she a demon? A Cryptid? Or nothing at all..., the Guardian In 2016, Microsoft’s Racist Chatbot Revealed the Dangers of Online Conversation The bot learned language from people on Twitter—but it also learned values, IEEE Spectrum Perry's Digital Folklore episode about AI Handshake's Generative AI Masterclass on Maven Perry's Books (Amazon Associate links) Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors, by Perry Carpenter The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer by Perry Carpenter & Kai Roer Be sure to check out Perry's other show, Digital Folklore. It's all about the oddities and importance of online culture. Head over to the show's website (https://digitalfolklore.fm/) to see our custom artwork, subscribe to the newsletter, shop for merch, support the show on Patreon, and more. Want to check out what others are saying? Here's some recent press about the show: https://digitalfolklore.fm/in-the-news. Production Credits: Music and Sound Effects by Blue Dot Sessions, Envato Elements, Storyblocks, & EpidemicSound. 8Li cover art by Chris Machowski @ https://www.RansomWear.net/. 8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/ Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com
26/12/231h 5m

Solution Spotlight: Simone Petrella and Camille Stewart Gloster discuss the White House's cybersecurity workforce and education strategy. [Interview Selects]

This interview from August 18th, 2023 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Simone Petrella sits down with Camille Stewart Gloster, Deputy National Cyber Director at the The White House discuss the White House's cybersecurity workforce and education strategy.
25/12/2319m 52s

The CyberWire: The 12 Days of Malware. [Special Edition]

Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
23/12/237m 28s