Folgen
-
On election day U.S. officials express confidence. A Virginia company is charged with violating U.S. export restrictions on technology bound for Russia. Backing up your GMail. Google mandates MFA. Google claims an AI-powered vulnerability detection breakthrough. Schneider Electric investigates a cyberattack on its internal project tracking platform. A Canadian man suspected in the Snowflake-related data breaches has been arrested. On our Threat Vector segment, David Moulton sits down with Christopher Scott, from Unit 42 to explore the essentials of crisis leadership and management. I spy air fry?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
In this segment of the Threat Vector podcast, host David Moulton sits down with Christopher Scott, Managing Partner at Unit 42 by Palo Alto Networks, to explore the essentials of crisis leadership and management in cybersecurity. You can hear the full discussion here and catch new episodes of Threat Vector every Thursday on your favorite podcast app.
Selected Reading
In final check-in before Election Day, CISA cites low-level threats, and not much else (The Record)
Joint ODNI, FBI, and CISA Statement (FBI Federal Bureau of Investigation)
Exclusive: Nakasone says all the news about influence campaigns ahead of Election Day is actually 'a sign of success' (The Record)
Virginia Company and Two Senior Executives Charged with Illegally Exporting Millions of Dollars of U.S. Technology to Russia (United States Department of Justice)
Gmail 2FA Cyber Attacks—Open Another Account Before It’s Too Late (Forbes)
Mandatory MFA is coming to Google Cloud. Here’s what you need to know (Google Cloud)
Schneider Electric says hackers accessed internal project execution tracking platform (The Record)
Google claims AI first after SQLite security bug discovered (The Register)
Suspected Snowflake Hacker Arrested in Canada (404 Media)
Is your air fryer spying on you? Concerns over ‘excessive’ surveillance in smart devices (The Guardian)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The FBI flags fake videos claiming to be from the agency. Okta patches an authentication bypass vulnerability. Microsoft confirms Windows Server 2025 Blue Screen of Death issues. Scammers exploit DocuSign’s APIs to send fake invoices that bypass spam filters. Hackers use smart contracts for command and control. ICS suppliers face challenges convincing customers to secure their environments. Barracuda tracks a phishing campaign impersonating OpenAI. X-Twitter makes controversial changes to its block feature. A Nigerian man gets 26 years in prison for email fraud. On our Solution Spotlight, N2K's Simone Petrella interviews Alex Stamos, CISO at SentinelOne, at the ISC2 Security Congress 2024 about lessons learned in 2024 and what that means for 2025. For a South Dakota plastic surgeon, ransomware was just the beginning of his financial woes.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Solution Spotlight, N2K's Simone Petrella interviews Alex Stamos, CISO at SentinelOne, at the ISC2 Security Congress 2024 about lessons learned in 2024 and what that means for 2025.
Selected Reading
FBI flags false videos impersonating agency, claiming Democratic ballot fraud (CyberScoop)
Okta security bug affects those with really long usernames (The Register)
Microsoft confirms Windows Server 2025 blue screen, install issues (Bleeping Computer)
Scammers Use DocuSign API to Evade Spam Filters with Phishing Invoices (Hackread)
Supply Chain Attack Uses Smart Contracts for C2 Ops (Infosecurity Magazine)
Siemens and Rockwell Tackle Industrial Cybersecurity, but Face Customer Hesitation (SecurityWeek)
Cybercriminals impersonate OpenAI in large-scale phishing attack (Barracuda)
X updates block feature, letting blocked users see your public posts (TechCrunch)
US Sentences Nigerian to 26 Years in Prison for Stealing Millions Through Phishing (SecurityWeek)
Doctor Hit With $500K HIPAA Fine: Feds Worse Than Hacker (GovInfo Security)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Fehlende Folgen?
-
Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, turns over hosting duties to William MacMillan, the Chief Product Officer at Andesite, to discuss the Cybersecurity First Principle of automation: current state and what happens now with AI as it applies to SOC Operations.
For a complete reading list and even more information, check out Rick’s more detailed essay on the topic.
Check out Rick's 3-part election mini-series:
Part 1: Election Propaganda Part 1: How Does Election Propaganda Work? In this episode, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses personal defensive measures that every citizen can take—regardless of political philosophy—to resist the influence of propaganda. This foundational episode is essential for understanding how to navigate the complex landscape of election messaging.
Part 2: Election Propaganda: Part 2: Modern propaganda efforts. In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
Part 3: Election Propaganda: Part 3: Efforts to reduce the impact of future elections. Thinking past the US 2024 Presidential Election, In part three of the series, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses reducing the impact of propaganda in the future elections with Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and host of the 8th Layer Insights Podcast, Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
References:
Bob Violino, 2022. 7 top challenges of security tool integration [Analysis]. CSO Online.
Bruce Japsen, 2024. UnitedHealth Group Cyberattack Costs To Hit $2.3 Billion This Year [News]. Forbes.
Clay Chun, 2019. JOHN BOYD AND THE “OODA” LOOP (GREAT STRATEGISTS) [Explainer]. War Room - U.S. Army War College.
Michael Cobb, 2023. The history, evolution and current state of SIEM [Explainer]. TechTarget.
Rick Howard, 2022. History of Infosec: a primer. [Podcast and essay]. The CyberWire - CSO Perspectives.
Rick Howard, 2020. Security operations centers: a first principle idea. [Podcast and Essay]. The CyberWire.
Rick Howard, 2020. SOAR – a first principle idea. [Podcast and Essay]. The CyberWire - CSO Perspectives.
Rick Howard, 2021. XDR: from the Rick the Toolman Series. [Podcast and Essay]. The CyberWire - CSO Perspectives.
Robert Lemos, 2024. SOAR Is Dead, Long Live SOAR [Analysis]. Dark Reading.
Timbuk 3, 1986. The Future’s So Bright, I Gotta Wear Shades [Song]. Genius.
Timbuk3VEVO, 2009. Timbuk 3 - The Future’s So Bright [Music Video]. YouTube.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode, where we are joined by VP of R&D at Arctic Wolf Networks Dinah Davis, as she shares how she arrived in the cybersecurity industry after finding her niche. Dinah recalls how at a time of indecision, a computer course at university and a job with the Canadian government helped to solidify her career direction. Dinah mentions how "security and cryptography specifically was this perfect mix of real world problem solving and mathematics and computer science all combined into one ball of happiness." Networking played a key role in Dinah's journey. She recommends that those interested in joining the field to go for what they believe in. And, we thank Dinah for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by, Amnon Kushnir from Sygnia, who is sharing their work on "China-Nexus Threat Group ‘Velvet Ant’ Leverages a Zero-Day to Deploy Malware on Cisco Nexus Switches." In early 2024, Sygnia observed the ‘Velvet Ant’ threat group exploiting a zero-day vulnerability (CVE-2024-20399) to infiltrate Cisco Switch appliances and operate undetected within enterprise networks.
This attack enables threat actors to escape Cisco’s command interface and install malware directly on the device’s OS, bypassing standard security tools. The incident underscores the risks posed by third-party appliances and the importance of enhanced monitoring and threat detection to counter advanced persistent threats.
The research can be found here:
China-Nexus Threat Group ‘Velvet Ant’ Leverages a Zero-Day to Deploy Malware on Cisco Nexus Switches
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Georgia’s Secretary of State Pushes Social Media to Remove Russian Disinformation. CISA introduces its first international strategic plan. Microsoft issues a warning about the Quad7 botnet. Researchers uncover a zero-click vulnerability in Synology devices. CISA warns of critical ICS vulnerabilities. The U.S.and Israel outline the latest cyber activities of an Iranian threat group. Researchers track an online shopping scam operation called “Phish ‘n’ Ships.” A Colorado Pathology lab notifies 1.8 million patients of a data breach. Our guest is Gary Barlet, Public Sector CTO at Illumio, with a timely look at election security. Packing a custom PC full of meth.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Gary Barlet, Public Sector CTO at Illumio, discussing where elections are most vulnerable and the potential dangers beyond national elections.
Selected Reading
Georgia official asks social media sites to take down Russian disinformation video (The Record)
CISA Strategic Plan Targets Global Cooperation on Cybersecurity (Security Boulevard)
Microsoft: Chinese hackers use Quad7 botnet to steal credentials (Bleeping Computer)
Microsoft delays Windows Recall again, now by December (Bleeping Computer)
Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack (WIRED)
CISA Warns of Critical Software Vulnerabilities in Industrial Devices (Infosecurity Magazine)
US, Israel Describe Iranian Hackers' Targeting of Olympics, Surveillance Cameras (SecurityWeek)
Fake product listings on real shopping sites lead to stolen payment information (SC Media)
Medusa Ransomware Hack of Pathology Lab Affects 1.8 Million (BankInfo Security)
Someone tried to smuggle 100kg of synthetic drugs into Australia inside a bunch of PC cases (TechSpot)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA spins up an election operations war room. Microsoft neglected to restrict access to gender-detecting AI. Yahoo uncovers vulnerabilities in OpenText’s NetIQ iManager. QNAP issues urgent patches for its NAS devices. Sysdig uncovers Emerald Whale. A malvertising campaign exploits Meta’s ad platform to spread the SYS01 infostealer. Senator Ron Wyden wants to tighten rules aimed at preventing U.S. technologies from reaching repressive regimes. Researchers use AI to uncover an IoT zero-day. Sophos reveals a five year battle with firewall hackers. Our guest is Frederico Hakamine, Technology Evangelist from Axonius, talking about how threats both overlap and differ across individuals and critical infrastructure. Be afraid of spooky data.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Frederico Hakamine, Technology Evangelist from Axonius, talking about how threats both overlap and differ across individuals and critical infrastructure.
Selected Reading
CISA Opens Election War Room to Combat Escalating Threats (GovInfo Security)
Agencies face ‘inflection point’ ahead of looming zero-trust deadline, CISA official says (CyberScoop)
Microsoft Provided Gender Detection AI on Accident (404 Media)
Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution (SecurityWeek)
QNAP patches critical SQLi flaw (Beyond Machines)
EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files (Sysdig)
Fake Meta Ads Hijacking Facebook Accounts to Spread SYS01 Infostealer (Hackread)
Exclusive: Senator calls on Commerce to tighten proposed rules on exporting surveillance, hacking tech to problematic nations (CyberScoop)
GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI (GreyNoise)
Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices (WIRED)
Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats (Sophos News)
Spooky Data at a Distance (LinkedIn)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Happy Halloween from the team at N2K Networks!
We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video here.
Lyrics
I was coding in the lab late one night
when my eyes beheld an eerie sight
for my malware threat score began to rise
and suddenly to my surprise...
It did the Mash
It did the Malware Mash
The Malware Mash
It was a botnet smash
It did the Mash
It caught on 'cause of Flash
The Malware Mash
It did the Malware Mash
From the Stuxnet worm squirming toward the near east
to the dark web souqs where the script kiddies feast
the APTs left their humble abodes
to get installed from rootkit payloads.
They did the Mash
They did the Malware Mash
The Malware Mash
It was an adware smash
They did the Mash
It caught on 'cause of Flash
The Malware Mash
They did the Malware Mash
The botnets were having fun
The DDoS had just begun
The viruses hit the darknet,
with ransomware yet to come.
The keys were logging, phishing emails abound,
Snowden on chains, backed by his Russian hounds.
The Shadow Brokers were about to arrive
with their vocal group, "The NotPetya Five."
They did the Mash
They played the Malware Mash
The Malware Mash
It was a botnet smash
They did the Mash
It caught on 'cause of Flash
The Malware Mash
They played the Malware Mash
Somewhere in Moscow Vlad's voice did ring
Seems he was troubled by just one thing.
He opened a shell then shook his fist
and said, "Whatever happened to my Turla Trojan twist."
It's now the Mash
It's now the Malware Mash
The Malware Mash
And it's a botnet smash
It's now the Mash
It caught on 'cause of Flash
The Malware Mash
It's now the Malware Mash
Now everything's cool, Vlad's a part of the band
And the Malware Mash is the hit of the land.
For you, defenders, this mash was meant to
when you get to my door, tell them Creeper sent you.
Then you can Mash
Then you can Malware Mash
The Malware Mash
And be a botnet smash
It is the Mash
Don't you dare download Flash
The Malware Mash
Just do the Malware Mash
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Colorado election officials downplay a partial password leak. Over 22,000 CyberPanel instances were targeted in a ransomware attack. Google issues a critical security update for Chrome. Microsoft says Russia’s SVR is conducting a wide-ranging phishing campaign. The FakeCall Android banking trojan gains advanced evasion and espionage capabilities. A New 0patch Fix Blocks Malicious Theme Files. iOS malware LightSpy adds destructive features. LinkedIn faces class-action lawsuits over alleged privacy violations. The U.S. charges a Russian national as part of Operation Magnus. On this week’s CertByte segment, Chris Hare is joined by Dan Neville to break down a question targeting the Certified Associate in Project Management (CAPM)® certification. An Ex-Disney Staffer Allegedly Adds a Side of Sabotage to Park Menus.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
In this segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Dan Neville to break down a question targeting the Certified Associate in Project Management (CAPM)® certification by the Project Management Institute®. Today’s question comes from N2K’s PMI® Certified Associate in Project Management (CAPM®) Practice Test.
If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Additional sources: The 9 Most In-Demand Professional Certifications You Can Get Right Now
Selected Reading
Partial Breach of Election Machine Passwords in Colorado Poses No Risk, State Says (The New York Times)
Election Threats Escalating as US Voters Flock to the Polls (BankInfo Security)
Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (Bleeping Computer)
Critical Chrome Security Update: Patch for Out-of-Bounds & WebRTC Vulnerability (Cyber Security News)
Russian spies use remote desktop protocol files in unusual mass phishing drive (The Register)
FakeCall Android Trojan Evolves with New Evasion Tactics and Expanded Espionage Capabilities (SecurityWeek)
0patch Blog: We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day) (0patch)
Recent Version of LightSpy iOS Malware Packs Destructive Capabilities (SecurityWeek)
Lawsuits Accuse LinkedIn of Tracking Users' Health Info (GovInfo Security)
Feds name a Russian accused of developing Redline (The Register)
Fired Employee Allegedly Hacked Disney World's Menu System to Alter Peanut Allergy Information (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Chinese hacking into US telecoms draws federal scrutiny. ESET examines Evasive Panda’s CloudScout toolset. A new ChatGPT jailbreak bypassed security safeguards. Nintendo warns users of a phishing scam. The Five Eyes launch the Secure Innovation initiative for startups. CISA releases “Product Security Bad Practices” guidelines. Apple’s new bug bounty program offers a million bucks for critical vulnerabilities. The City of Columbus drops its suit of a cybersecurity researcher. On our Solution Spotlight today, N2K’s Simone Petrella speaks with Chris Porter, CISO at Fannie Mae, on cultivating cybersecurity culture and talent. Spooky spam is back.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Solution Spotlight today, N2K’s Simone Petrella speaks with Chris Porter, CISO at Fannie Mae, on cultivating cybersecurity culture and talent. You can hear Simone’s and Chris’ full conversation in this special edition podcast.
Selected Reading
Key Federal Cyber Panel to Probe Chinese Telecoms Hacking (Bank Info Security)
CloudScout: Evasive Panda scouting cloud services (We Live Security)
ChatGPT Jailbreak: Researchers Bypass AI Safeguards Using Hexadecimal Encoding and Emojis (SecurityWeek)
Nintendo Warns of Phishing Attack Mimics Company Email Address (gbhackers)
Five Eyes Agencies Launch Startup Security Initiative (Infosecurity magazine)
CISA sees elimination of ‘bad practices’ as next secure-by-design step (CyberScoop)
Apple Launches 'Apple Intelligence' and Offers $1M Bug Bounty for Security (Hackread)
Columbus drops lawsuit against data leak whistleblower Connor Goodwolf, but with a catch (NBC)
Spooky Spam, Scary Scams: Halloween Threats Rise (Security Boulevard)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this Solution Spotlight episode, our very own Simone Petrella sits down with Chris Porter, the Chief Information Security Officer at Fannie Mae. As a seasoned expert in the financial and cybersecurity sectors, Chris shares insights into how Fannie Mae navigates the complexities of securing one of the nation's most critical financial institutions.
Together, they discuss Fannie Mae's evolving cybersecurity posture, balancing innovation with risk management, and the critical strategies employed to protect sensitive data in an increasingly digital and interconnected world. Chris also delves into the importance of collaboration across the industry, highlighting partnerships and intelligence-sharing as vital components in mitigating cyber threats.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Operation Magnus disrupts notorious infostealers. Pennsylvania officials debunk election disinformation attributed to Russia. TeamTNT targets Docker daemons. Delta sues CrowdStrike. NVIDIA released a critical GPU Display Driver update. Fog and Akira ransomware exploit SonicWall VPNs. A researcher demonstrates Downgrade attacks against Windows systems. Qilin ransomware grows more evasive and disruptive. Pwn2Own Ireland awards over $1 million for more than 70 zero-day vulnerabilities. Our guest is Grant Geyer, Chief Strategy Officer at Claroty, talking about safeguarding our nation's critical food infrastructure. At long last, it’s legal to fix your McFlurry.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Grant Geyer, Chief Strategy Officer at Claroty, talking about safeguarding our nation's critical food infrastructure. The FBI recently held an Agriculture Threats Symposium in Nebraska, spotlighting growing concerns over the security of the nation's critical food infrastructure amid rising threats. As cyberattacks and bioterrorism increasingly target agriculture, the event highlighted urgent calls for stronger safety measures to protect the food supply chain.
Selected Reading
Operation Magnus Disrupted Redline and Meta Infostealer Malware (Cyber Security News)
Pennsylvania officials rebut false voter fraud claims from home and abroad (CyberScoop)
TeamTNT Exploits 16 Million IPs in Malware Attack on Docker Clusters (Hackread)
Delta sues CrowdStrike for $500 million in damages caused by massive airline cancelations (The Independent)
NVIDIA GPU Vulnerabilities Allow Attackers To Execute Remote Code on Windows & Linux (Cyber Security News)
Fog ransomware targets SonicWall VPNs to breach corporate networks (Bleeping Computer)
New Windows Driver Signature bypass allows kernel rootkit installs (Bleeping Computer)
Updated Qilin Ransomware Escalates Encryption and Evasion (BankInfo Security)
Researchers Discover Over 70 Zero-Day Bugs at Pwn2Own Ireland (Infosecurity Magazine)
It Is Now Legal to Hack McFlurry Machines (and Medical Devices) to Fix Them (404 Media)
DisMis: Explore our 3-part series on election propaganda. (N2K)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, turns over hosting duties to Dr. Rebecca Wynn, the Click Solutions Group Global Chief Security Strategist & CISO. She interviews Justin Daniels, a Baker Donelson lawyer and podcast host with expertise in cyber operations, M&A, and investment capital transactions, on the current state of cyber law and compliance.
Check out Rick's 3-part election mini-series:
Part 1: Election Propaganda Part 1: How Does Election Propaganda Work? In this episode, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses personal defensive measures that every citizen can take—regardless of political philosophy—to resist the influence of propaganda. This foundational episode is essential for understanding how to navigate the complex landscape of election messaging.
Part 2: Election Propaganda: Part 2: Modern propaganda efforts. In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
Part 3: Election Propaganda: Part 3: Efforts to reduce the impact of future elections. Thinking past the US 2024 Presidential Election, In part three of the series, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses reducing the impact of propaganda in the future elections with Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and host of the 8th Layer Insights Podcast, Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
References:
Tatiana Rice, Keir Lamont, Jordan Francis, 2024. The Colorado Artificial Intelligence Act: An FPF U.S. Legislation Policy Brief [Explainer]. Colorado General Assembly.
Dr Rebecca Wynn. Soulful CXO [Podcast]. Soulful CXO.
Jodi Daniels, Justin Daniels. She Said Privacy/He Said Security [Podcast]. Apple Podcasts.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this episode, N2K's Brandon Karpf interviews Pete Newell, CEO and Founder of BMNT, about the challenges facing technology adoption within the Department of Defense (DoD). They discuss the concept of “mission acceleration,” focusing on the DoD’s struggle to keep pace with rapid changes on the battlefield and the importance of a human-centered approach to technology adaptation. Newell emphasizes that true innovation in defense is more of a "people problem" than a technology issue, requiring shifts in organizational culture and internal education. Tune in to hear insights on accelerating change in defense through better problem articulation and training.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Enjoy this special encore episode where we are joined by Army Cyber Institute Technical Director and Chief of Staff Colonel Stephen Hamilton, as he takes us on his computer science journey. Fascinated with computers since the second grade, Stephen chose West Point after high school to study computer science. Following graduation he moved into the signal branch as it most closely matched his interest in ham radio as no branch related directly to computing. He was pulled from the motor pool to help with another area's computing needs and then worked his way to teaching computer science at. West Point and US Cyber Command. Stephen recommends coding it first to help realize the nuances, and then code it again. We thank Stephen for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are pleased to be joined by Mick Baccio, global security advisor for Splunk SURGe, sharing their research on "LLM Security: Splunk & OWASP Top 10 for LLM-based Applications." The research dives into the rapid rise of AI and Large Language Models (LLMs) that initially seem magical, but behind the scenes, they are sophisticated systems built by humans. Despite their impressive capabilities, these systems are vulnerable to numerous cyber threats.
Splunk's research explores the OWASP Top 10 for LLM Applications, a framework that highlights key vulnerabilities such as prompt injection, training data poisoning, and sensitive information disclosure.
The research can be found here:
LLM Security: Splunk & OWASP Top 10 for LLM-based Applications
Learn more about your ad choices. Visit megaphone.fm/adchoices -
UnitedHealth confirms breach numbers. Patient privacy pains. Amazon vs. APT29. CDK vulnerability threatens user security. Fog and Akira take aim at SonicWall. Level up or log off. LinkedIn in hot water. Open source, closed doors. Watt's the risk? Today, we are joined by Itzik Alvas, Entro Security’s CEO and Co-Founder, discussing their research team's work on non-human identities and secrets management. And Muni Metro hits Ctrl+Alt+Delete on floppy disks!
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, we are joined by Itzik Alvas, Entro Security’s CEO and Co-Founder, discussing their research team's work on non-human identities and secrets management. You can learn more here.
Selected Reading
UnitedHealth: 100 Million Individuals Affected by the Change Healthcare Data Breach (Heimdal)
OnePoint Patient Care data breach impacted 795916 individuals (Security Affairs)
Amazon identified internet domains abused by APT29 (AWS Security Blog)
RDP configuration files as a means of obtaining remote access to a computer or "Rogue RDP" (CERT-UA#11690) (CERT-UA)
AWS Cloud Development Kit flaw exposed accounts to full takeover (The Register)
Arctic Wolf Labs Observes Increased Fog and Akira Ransomware Activity Linked to SonicWall SSL VPN (Arctic Wolf)
Lazarus Group Exploits Chrome 0-Day for Crypto with Fake NFT Game (Hackread)
LinkedIn hit with $335 million fine for using member data for ad targeting without consent (The Record)
Linux creator approves de-listing of several kernel maintainers associated with Russia (The Record)
U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog (Security Affairs)
Cybersecurity Isn't Easy When You're Trying to Be Green (Dark Reading)
Goodbye, floppies - San Francisco pays Hitachi $212 million to remove 5.25-inch disks from its light rail service (TechSpot)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Fortinet confirms a recently rumored zero-day. Officials investigate how restricted chips ended up in products from Huawei. The White House unveils a coordinated AI strategy for national security. Researchers jailbreak LLMs with Deceptive Delight. A new ransomware group exploits vulnerable device drivers. Sensitive documents from a UN trust fund are leaked online. Penn State pays over a millions dollars to settle allegations of inadequate security in government contracts. CISA adds a SharePoint vulnerability to its Known Exploited Vulnerabilities Catalog. A Microsoft report warns of growing election disinformation. On our industry voices segment, Eric Herzog, CMO of Infinidat, discusses merging cybersecurity and cyber storage resilience. China is shocked - shocked! - that its space program has drawn the attention of foreign spies.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our industry voices segment, Eric Herzog, CMO of Infinidat, discusses merging cybersecurity and cyber storage resilience.
Selected Reading
Mandiant says new Fortinet flaw has been exploited since June (Bleeping Computer)
TSMC Cuts Off Client After Discovering Chips Sent to Huawei (Bloomberg)
White House unveils plan for US government to keep its edge on AI development (The Record)
FACT SHEET: Biden-Harris Administration Outlines Coordinated Approach to Harness Power of AI for U.S. National Security (The White House)
New LLM jailbreak method with 65% success rate developed by researchers (SC Media)
Embargo Ransomware Disables Security Defenses (GovInfo Security)
Misconfigured UN Database Exposes 228GB of Gender Violence Victims' Data (Hackread)
Penn State Settles for $1.25M Over Failure to Comply With DoD, NASA Cybersecurity Requirements (SecurityWeek)
CISA Warns Active Exploitation of Microsoft SharePoint Vulnerability (Cyber Security News)
As Election Looms, Disinformation ‘Has Never Been Worse’ (The New York Times)
Microsoft Warns Foreign Disinformation Is Hitting the US Election From All Directions (WIRED)
China’s space programme targeted by ‘audacity’ of foreign agents, anti-spy agency warns (South China Morning Post)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
NotLockBit mimics its namesake while targeting macOS. Symantec uncovers popular mobile apps with hardcoded credentials. Avast releases a Mallox ransomware decryptor. Akira ransomware reverts to tactics tried and true. Lawmakers ask the DOJ to prosecute tax prep firms for privacy violations. The SEC levies fines for misleading disclosures following the SolarWinds breach. Software liability remains a sticky issue. Updated guidance reiterates the feds’ commitment to the Traffic Light Protocol. A task force has cybersecurity recommendations for the next U.S. president. Today’s guest is Jérôme Segura, Sr. Director of Research at Malwarebytes, sharing their work on "Scammers advertise fake AppleCare+ service via GitHub repos." Warrantless surveillance, powered by your favorite apps.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today’s guest is Jérôme Segura, Sr. Director of Research at Malwarebytes, sharing their work on "Scammers advertise fake AppleCare+ service via GitHub repos." You can learn more about this research here.
Selected Reading
NotLockBit Ransomware Can Target macOS Devices (SecurityWeek)
Millions of iOS and Android Users at Risk as Popular Apps Expose Cloud Keys (Hackread)
Mallox Ransomware Flaw Let Victims Recover Files Without Ransom Payment (Cyber Security News)
Akira ransomware pivots back to double extortion, C++ code (SC Media)
Lawmakers ask DOJ to prosecute tax prep firms for sharing customer data with big tech (The Record)
SEC fines four companies $7M for 'misleading cyber disclosures' regarding SolarWinds hack (TechCrunch)
The struggle for software liability: Inside a ‘very, very, very hard problem’ (The Record)
US Government Pledges to Cyber Threat Sharing Via TLP Protocol (Infosecurity Magazine)
Task force unveils cyber recommendations for the next president (CyberScoop)
The Global Surveillance Free-for-All in Mobile Ad Data (Krebs on Security)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A zero-day affects Samsung mobile processors. A critical vulnerability is discovered in the OneDev DevOps platform. German authorities warn against vulnerable industrial routers. The Bumblebee loader buzzes around corporate networks. Ghostpulse hides payloads in PNG files. A Michigan chain of dental centers agrees to a multimillion dollar data breach settlement. A White House proposal tamps down international data sharing. Fortinet is reportedly patching an as-yet undisclosed severe vulnerability. In our Threat Vector segment, host David Moulton speaks with Nathaniel Quist about cloud extortion operations, the rise of ransomware attacks, and the challenges businesses face in securing public cloud environments. Russian deepfakes spread election misinformation.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
In this segment of the Threat Vector podcast, host David Moulton, Director of Thought Leadership at Palo Alto Networks, speaks with Nathaniel Quist, Manager of Cloud Threat Intelligence at Cortex & Unit 42. David and Nathaniel discuss recent cloud extortion operations, the rise of ransomware attacks, and the challenges businesses face in securing public cloud environments. You can hear the full discussion here and catch new episodes of Threat Vector every Thursday on your favorite podcast app.
Selected Reading
Google Warns of Samsung Zero-Day Exploited in the Wild (SecurityWeek)
Critical OneDev DevOps Platform Vulnerability Let Attacker Read Sensitive Data (Cyber Security News)
Critical Vulnerabilities Expose mbNET.mini, Helmholz Industrial Routers to Attacks (SecurityWeek)
Hackers Use Bumblebee Malware to Gain Access to Corporate Networks (GB Hackers)
CISA Adds Sciencelogic SL1 Unspecified Vulnerability to KEV Catalog (Cyber Security News)
Pixel perfect Ghostpulse malware loader hides inside PNG image files (The Register)
Dental Center Chain Settles Data Breach Lawsuit for $2.7M (BankInfo Security)
Biden administration proposes new rules governing data transfers to adversarial nations (The Record)
Fortinet issues private notifications to FortiManager customers to patch an undisclosed flaw (Beyond Machines)
Russian Propaganda Unit Appears to Be Behind Spread of False Tim Walz Sexual Abuse Claims (WIRED)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Mehr anzeigen
