Folgen
-
At the U.N. Anne Neuberger frames ransomware as a growing public health crisis. Amazon confirms a MOVEit-related data breach. SAP provides patches and mitigations for a variety of flaws. Researchers identify North Korean hackers embedding malware in macOS applications. Form I-9 Compliance reports a data breach impacting over 193,000 individuals. Hot Topic confirms a breach affecting over 54 million customers. Halliburton reports a $35 million ransomware event. Ymir ransomware follows in the footsteps of RustyStealer. Threat actors prepare for a second Trump presidency. A Venezuelan man gets 25 years for romance scam kidnappings. Our guest is Tim Starks from CyberScoop sharing what he’s hearing from Washington insiders as they prepare for the next Trump administration. The Secret Service wonders if warrants are really required.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Tim Starks from CyberScoop sharing what he’s hearing from Washington insiders as they prepare for the next Trump administration.
Selected Reading
White House Slams Russia Over Ransomware's Healthcare Hits (BankInfo Security)
Amazon employee data stolen by hacker, company confirms (Silicon Republic)
SAP Patches High-Severity Vulnerability in Web Dispatcher (SecurityWeek)
North Korean-linked hackers were caught experimenting with new macOS malware (CyberScoop)
Form I-9 Compliance Data Breach Impacts Over 190,000 People (SecurityWeek)
Hot Topic Data Breach: A Massive Leak Exposes Millions of Customer Records (SOCRadar)
Energy Giant Halliburton Reveals $35m Ransomware Loss (Infosecurity Magazine)
New Ymir ransomware partners with RustyStealer in attacks (Bleeping Computer)
How Global Threat Actors May Respond to a Second Trump Term (GovInfo Security)
Man Gets 25 Years for Online Dating Hostage Scams Targeting Americans (Hackread)
'FYI. A Warrant Isn’t Needed': Secret Service Says You Agreed To Be Tracked With Location Data (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Rick Howard, The CyberWire’s Chief Analyst, CSO, and Senior Fellow, and the cast of the entire CyberWire team, honor our U.S. veterans on this special day.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Fehlende Folgen?
-
In this special edition of our podcast, Simone Petrella sits down with cybersecurity luminary Alex Stamos, Chief Information Security Officer at SentinelOne, to delve into one of the most challenging years in tech history. 2024 has seen unprecedented breaches of multinational corporations, high-stakes attacks from state actors, massive data leaks, and the largest global IT failure on record. As both a seasoned security executive and respected thought leader, Stamos offers a firsthand perspective on how the security landscape is evolving under these pressures.
In this exclusive keynote discussion, Stamos draws from his extensive experience to share hard-won lessons from the upheavals of 2024, discussing how companies can build — and rebuild — trust amidst this environment of constant threat. What new responsibilities do organizations have to their customers, employees, shareholders, and society? And what major shifts can we expect across cybersecurity and IT practices in response to these cascading challenges? Tune in for a deep dive into how security professionals are rising to meet their roles in a world brimming with motivated and capable adversaries.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Enjoy this special encore episode where we are joined by Chief Security Officer of Microsoft Canada Kevin Magee, he's sharing his background as a historian and how it applies to his work in cybersecurity. Likening himself to a dashing Indiana Jones, Kevin talks about how he sees history unfolding and the most interesting things right now are happening in security. Spending time tinkering with things in the university's computer room under the stairs gave way to Kevin's love affair with technology. As Chief Security Officer, Kevin says he uses an analogy: "I think we focus on the arrows, not the the archer" meaning there's too much focus on the attacks rather than the ones mounting them. As a historian and witness to our current history, Kevin sees the changes all affecting cybersecurity. We thank Kevin for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Enjoy this special encore episode, where we are joined by Jon Williams from Bishop Fox, as he is sharing their research on "It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable." SonicWall published advisories for CVE-2022-22274 and CVE-2023-0656 a year apart after finding that NGFW series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities.
The research states "Our research found that the two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern." They also found that when they scanned SonicWall firewalls with management interfaces exposed to the internet, they found that 76% are vulnerable to one or both issues.
The research can be found here:
It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA issues a warning about a critical security flaw in Palo Alto Networks’ Expedition tool. A federal agency urges employees to limit phone use in response to Chinese hacking. Law enforcement is perplexed by spontaneously rebooting iPhones. A key supplier for oilfields suffers a ransomware attack. Hewlett Packard Enterprise (HPE) patches multiple vulnerabilities in its Aruba Networking access points. Cybercriminals use game-related apps to distribute Winos4.0. Germany proposes legislation protecting security researchers. The TSA proposes new cybersecurity regulations for critical transportation infrastructure. Our guest is Aaron Griffin, Chief Architect from Sevco Security, sharing the discovery of a significant Apple iOS bug involving iPhone Mirroring. AI tries to wing it in a Reddit group, but moderators put a fork in it.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Aaron Griffin, Chief Architect from Sevco Security, sharing the discovery of a significant Apple iOS 18 and macOS Sequoia privacy bug that exposes employee personal iPhone apps and data to companies through iPhone Mirroring. Read Sevco’s blog on the topic.
Selected Reading
CISA warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks (GB Hackers)
U.S. Agency Warns Employees About Phone Use Amid Ongoing China Hack (Wall Street Journal)
Host of House panels getting briefed on major Chinese hacker telecom breaches (CyberScoop)
Police Freak Out at iPhones Mysteriously Rebooting Themselves, Locking Cops Out (404 Media)
Texas-based oilfield supplier faces disruptions following ransomware attack (The Record)
HPE Patches Critical Vulnerabilities in Aruba Access Points (SecurityWeek)
Winos4.0 hides in gaming apps to hijack Windows systems (The Register)
Germany drafts law to protect researchers who find security flaws (Bleeping Computer)
TSA proposes new cybersecurity rule for surface transportation, seeks public feedback (Industrial Cyber)
Reddit’s ‘Interesting as Fuck’ Community Rules That AI-Generated Video Is Not Interesting (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Canada orders ByteDance to shut down local operations. Cisco releases urgent patches for multiple vulnerabilities. SteelFox malware delivers a crypto-miner and info-stealer. North Korean campaigns pursue fake jobs and remote workers. A suspected cyber intrusion disrupts Washington state court systems. Over 200,000 customers of SelectBlinds have their credit card info stolen. Cyber experts encourage congress to pursue bipartisan readiness studies despite DoD pushback. On our Industry Voices segment, we welcome guest Jeremy Huval, Chief Innovation Officer at HITRUST®, discussing the AI explosion and the need to consider the risks before implementation. Curiosity killed the cat lover’s computer.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Industry Voices segment, we welcome guest Jeremy Huval, Chief Innovation Officer at HITRUST®, discussing the AI explosion and the need to consider the risks before implementation. Learn more about how robust your AI risk management program is here.
Selected Reading
Canada Orders Shutdown of Local TikTok Branch Over Security Concerns (Infosecurity Magazine)
Cisco Patches Critical Vulnerability in Industrial Networking Solution (SecurityWeek)
Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information (GB Hackers)
‘SteelFox’ Miner and Information Stealer Bundle Emerges (SecurityWeek)
North Korean Hackers Employing New Tactic To Acquire Remote Jobs (Cyber Security News)
Outages impact Washington state courts after ‘unauthorized activity’ detected on network (The Record)
SelectBlinds says 200,000 customers impacted after hackers embed malware on site (The Record)
Congress must demand a study of America’s cyber forces (CyberScoop)
Cybercrooks target Bengal cat lovers in Australia (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Election day wrap-up. The FBI issues a warning about cybercriminals selling government email credentials. Google issues an emergency update for Chrome. An Interpol operation nets dozens of arrests and IP takedowns. Microchip Technology disclosed $21.4 million in expenses related to a cybersecurity breach. Ransomware makes a Georgia hospital revert to paper records. South Korea fines Meta $15 million over privacy violations. A cyberattack disables panic alarms on British prison vans. A small city in Kansas recovers from a devastating pig butchering scheme. Our guest today is Javed Hasan, CEO and Co-Founder of Lineaje, discussing the growing risks within open source ecosystems. Sending data down the compressed air superhighway.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Javed Hasan, CEO and Co-Founder of Lineaje, discussing the growing risks within open source ecosystems.
Selected Reading
Top US cyber official says 'no evidence of malicious activity' impacting election (The Record)
FBI Warns Gmail, Outlook Users Of $100 Government Emergency Data Email Hack (Forbes)
Chrome Security Update: Patch for Multiple High Severity Vulnerabilities (Cyber Security News)
Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41 (Bleeping Computer)
Microchip Technology Reports $21.4 Million Cost From Ransomware Attack (SecurityWeek)
Ransomware Attack Disrupts Georgia Hospital's Access to Health Records (SecurityWeek)
South Korea Fines Meta $15 Million for Illegal Data Collection on Facebook Users (CEO Today)
Cyberattack disables tracking systems and panic alarms on British prison vans (The Record)
FBI recovers just $8M after crypto scam crashes Kansas bank (The Register)
The bizarre reason pneumatic tubes are coming back (BBC Science Focus)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
On election day U.S. officials express confidence. A Virginia company is charged with violating U.S. export restrictions on technology bound for Russia. Backing up your GMail. Google mandates MFA. Google claims an AI-powered vulnerability detection breakthrough. Schneider Electric investigates a cyberattack on its internal project tracking platform. A Canadian man suspected in the Snowflake-related data breaches has been arrested. On our Threat Vector segment, David Moulton sits down with Christopher Scott, from Unit 42 to explore the essentials of crisis leadership and management. I spy air fry?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
In this segment of the Threat Vector podcast, host David Moulton sits down with Christopher Scott, Managing Partner at Unit 42 by Palo Alto Networks, to explore the essentials of crisis leadership and management in cybersecurity. You can hear the full discussion here and catch new episodes of Threat Vector every Thursday on your favorite podcast app.
Selected Reading
In final check-in before Election Day, CISA cites low-level threats, and not much else (The Record)
Joint ODNI, FBI, and CISA Statement (FBI Federal Bureau of Investigation)
Exclusive: Nakasone says all the news about influence campaigns ahead of Election Day is actually 'a sign of success' (The Record)
Virginia Company and Two Senior Executives Charged with Illegally Exporting Millions of Dollars of U.S. Technology to Russia (United States Department of Justice)
Gmail 2FA Cyber Attacks—Open Another Account Before It’s Too Late (Forbes)
Mandatory MFA is coming to Google Cloud. Here’s what you need to know (Google Cloud)
Schneider Electric says hackers accessed internal project execution tracking platform (The Record)
Google claims AI first after SQLite security bug discovered (The Register)
Suspected Snowflake Hacker Arrested in Canada (404 Media)
Is your air fryer spying on you? Concerns over ‘excessive’ surveillance in smart devices (The Guardian)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The FBI flags fake videos claiming to be from the agency. Okta patches an authentication bypass vulnerability. Microsoft confirms Windows Server 2025 Blue Screen of Death issues. Scammers exploit DocuSign’s APIs to send fake invoices that bypass spam filters. Hackers use smart contracts for command and control. ICS suppliers face challenges convincing customers to secure their environments. Barracuda tracks a phishing campaign impersonating OpenAI. X-Twitter makes controversial changes to its block feature. A Nigerian man gets 26 years in prison for email fraud. On our Solution Spotlight, N2K's Simone Petrella interviews Alex Stamos, CISO at SentinelOne, at the ISC2 Security Congress 2024 about lessons learned in 2024 and what that means for 2025. For a South Dakota plastic surgeon, ransomware was just the beginning of his financial woes.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Solution Spotlight, N2K's Simone Petrella interviews Alex Stamos, CISO at SentinelOne, at the ISC2 Security Congress 2024 about lessons learned in 2024 and what that means for 2025.
Selected Reading
FBI flags false videos impersonating agency, claiming Democratic ballot fraud (CyberScoop)
Okta security bug affects those with really long usernames (The Register)
Microsoft confirms Windows Server 2025 blue screen, install issues (Bleeping Computer)
Scammers Use DocuSign API to Evade Spam Filters with Phishing Invoices (Hackread)
Supply Chain Attack Uses Smart Contracts for C2 Ops (Infosecurity Magazine)
Siemens and Rockwell Tackle Industrial Cybersecurity, but Face Customer Hesitation (SecurityWeek)
Cybercriminals impersonate OpenAI in large-scale phishing attack (Barracuda)
X updates block feature, letting blocked users see your public posts (TechCrunch)
US Sentences Nigerian to 26 Years in Prison for Stealing Millions Through Phishing (SecurityWeek)
Doctor Hit With $500K HIPAA Fine: Feds Worse Than Hacker (GovInfo Security)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, turns over hosting duties to William MacMillan, the Chief Product Officer at Andesite, to discuss the Cybersecurity First Principle of automation: current state and what happens now with AI as it applies to SOC Operations.
For a complete reading list and even more information, check out Rick’s more detailed essay on the topic.
Check out Rick's 3-part election mini-series:
Part 1: Election Propaganda Part 1: How Does Election Propaganda Work? In this episode, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses personal defensive measures that every citizen can take—regardless of political philosophy—to resist the influence of propaganda. This foundational episode is essential for understanding how to navigate the complex landscape of election messaging.
Part 2: Election Propaganda: Part 2: Modern propaganda efforts. In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
Part 3: Election Propaganda: Part 3: Efforts to reduce the impact of future elections. Thinking past the US 2024 Presidential Election, In part three of the series, Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses reducing the impact of propaganda in the future elections with Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and host of the 8th Layer Insights Podcast, Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber.
References:
Bob Violino, 2022. 7 top challenges of security tool integration [Analysis]. CSO Online.
Bruce Japsen, 2024. UnitedHealth Group Cyberattack Costs To Hit $2.3 Billion This Year [News]. Forbes.
Clay Chun, 2019. JOHN BOYD AND THE “OODA” LOOP (GREAT STRATEGISTS) [Explainer]. War Room - U.S. Army War College.
Michael Cobb, 2023. The history, evolution and current state of SIEM [Explainer]. TechTarget.
Rick Howard, 2022. History of Infosec: a primer. [Podcast and essay]. The CyberWire - CSO Perspectives.
Rick Howard, 2020. Security operations centers: a first principle idea. [Podcast and Essay]. The CyberWire.
Rick Howard, 2020. SOAR – a first principle idea. [Podcast and Essay]. The CyberWire - CSO Perspectives.
Rick Howard, 2021. XDR: from the Rick the Toolman Series. [Podcast and Essay]. The CyberWire - CSO Perspectives.
Robert Lemos, 2024. SOAR Is Dead, Long Live SOAR [Analysis]. Dark Reading.
Timbuk 3, 1986. The Future’s So Bright, I Gotta Wear Shades [Song]. Genius.
Timbuk3VEVO, 2009. Timbuk 3 - The Future’s So Bright [Music Video]. YouTube.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode, where we are joined by VP of R&D at Arctic Wolf Networks Dinah Davis, as she shares how she arrived in the cybersecurity industry after finding her niche. Dinah recalls how at a time of indecision, a computer course at university and a job with the Canadian government helped to solidify her career direction. Dinah mentions how "security and cryptography specifically was this perfect mix of real world problem solving and mathematics and computer science all combined into one ball of happiness." Networking played a key role in Dinah's journey. She recommends that those interested in joining the field to go for what they believe in. And, we thank Dinah for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by, Amnon Kushnir from Sygnia, who is sharing their work on "China-Nexus Threat Group ‘Velvet Ant’ Leverages a Zero-Day to Deploy Malware on Cisco Nexus Switches." In early 2024, Sygnia observed the ‘Velvet Ant’ threat group exploiting a zero-day vulnerability (CVE-2024-20399) to infiltrate Cisco Switch appliances and operate undetected within enterprise networks.
This attack enables threat actors to escape Cisco’s command interface and install malware directly on the device’s OS, bypassing standard security tools. The incident underscores the risks posed by third-party appliances and the importance of enhanced monitoring and threat detection to counter advanced persistent threats.
The research can be found here:
China-Nexus Threat Group ‘Velvet Ant’ Leverages a Zero-Day to Deploy Malware on Cisco Nexus Switches
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Georgia’s Secretary of State Pushes Social Media to Remove Russian Disinformation. CISA introduces its first international strategic plan. Microsoft issues a warning about the Quad7 botnet. Researchers uncover a zero-click vulnerability in Synology devices. CISA warns of critical ICS vulnerabilities. The U.S.and Israel outline the latest cyber activities of an Iranian threat group. Researchers track an online shopping scam operation called “Phish ‘n’ Ships.” A Colorado Pathology lab notifies 1.8 million patients of a data breach. Our guest is Gary Barlet, Public Sector CTO at Illumio, with a timely look at election security. Packing a custom PC full of meth.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Gary Barlet, Public Sector CTO at Illumio, discussing where elections are most vulnerable and the potential dangers beyond national elections.
Selected Reading
Georgia official asks social media sites to take down Russian disinformation video (The Record)
CISA Strategic Plan Targets Global Cooperation on Cybersecurity (Security Boulevard)
Microsoft: Chinese hackers use Quad7 botnet to steal credentials (Bleeping Computer)
Microsoft delays Windows Recall again, now by December (Bleeping Computer)
Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack (WIRED)
CISA Warns of Critical Software Vulnerabilities in Industrial Devices (Infosecurity Magazine)
US, Israel Describe Iranian Hackers' Targeting of Olympics, Surveillance Cameras (SecurityWeek)
Fake product listings on real shopping sites lead to stolen payment information (SC Media)
Medusa Ransomware Hack of Pathology Lab Affects 1.8 Million (BankInfo Security)
Someone tried to smuggle 100kg of synthetic drugs into Australia inside a bunch of PC cases (TechSpot)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA spins up an election operations war room. Microsoft neglected to restrict access to gender-detecting AI. Yahoo uncovers vulnerabilities in OpenText’s NetIQ iManager. QNAP issues urgent patches for its NAS devices. Sysdig uncovers Emerald Whale. A malvertising campaign exploits Meta’s ad platform to spread the SYS01 infostealer. Senator Ron Wyden wants to tighten rules aimed at preventing U.S. technologies from reaching repressive regimes. Researchers use AI to uncover an IoT zero-day. Sophos reveals a five year battle with firewall hackers. Our guest is Frederico Hakamine, Technology Evangelist from Axonius, talking about how threats both overlap and differ across individuals and critical infrastructure. Be afraid of spooky data.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Frederico Hakamine, Technology Evangelist from Axonius, talking about how threats both overlap and differ across individuals and critical infrastructure.
Selected Reading
CISA Opens Election War Room to Combat Escalating Threats (GovInfo Security)
Agencies face ‘inflection point’ ahead of looming zero-trust deadline, CISA official says (CyberScoop)
Microsoft Provided Gender Detection AI on Accident (404 Media)
Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution (SecurityWeek)
QNAP patches critical SQLi flaw (Beyond Machines)
EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files (Sysdig)
Fake Meta Ads Hijacking Facebook Accounts to Spread SYS01 Infostealer (Hackread)
Exclusive: Senator calls on Commerce to tighten proposed rules on exporting surveillance, hacking tech to problematic nations (CyberScoop)
GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI (GreyNoise)
Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices (WIRED)
Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats (Sophos News)
Spooky Data at a Distance (LinkedIn)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Happy Halloween from the team at N2K Networks!
We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video here.
Lyrics
I was coding in the lab late one night
when my eyes beheld an eerie sight
for my malware threat score began to rise
and suddenly to my surprise...
It did the Mash
It did the Malware Mash
The Malware Mash
It was a botnet smash
It did the Mash
It caught on 'cause of Flash
The Malware Mash
It did the Malware Mash
From the Stuxnet worm squirming toward the near east
to the dark web souqs where the script kiddies feast
the APTs left their humble abodes
to get installed from rootkit payloads.
They did the Mash
They did the Malware Mash
The Malware Mash
It was an adware smash
They did the Mash
It caught on 'cause of Flash
The Malware Mash
They did the Malware Mash
The botnets were having fun
The DDoS had just begun
The viruses hit the darknet,
with ransomware yet to come.
The keys were logging, phishing emails abound,
Snowden on chains, backed by his Russian hounds.
The Shadow Brokers were about to arrive
with their vocal group, "The NotPetya Five."
They did the Mash
They played the Malware Mash
The Malware Mash
It was a botnet smash
They did the Mash
It caught on 'cause of Flash
The Malware Mash
They played the Malware Mash
Somewhere in Moscow Vlad's voice did ring
Seems he was troubled by just one thing.
He opened a shell then shook his fist
and said, "Whatever happened to my Turla Trojan twist."
It's now the Mash
It's now the Malware Mash
The Malware Mash
And it's a botnet smash
It's now the Mash
It caught on 'cause of Flash
The Malware Mash
It's now the Malware Mash
Now everything's cool, Vlad's a part of the band
And the Malware Mash is the hit of the land.
For you, defenders, this mash was meant to
when you get to my door, tell them Creeper sent you.
Then you can Mash
Then you can Malware Mash
The Malware Mash
And be a botnet smash
It is the Mash
Don't you dare download Flash
The Malware Mash
Just do the Malware Mash
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Colorado election officials downplay a partial password leak. Over 22,000 CyberPanel instances were targeted in a ransomware attack. Google issues a critical security update for Chrome. Microsoft says Russia’s SVR is conducting a wide-ranging phishing campaign. The FakeCall Android banking trojan gains advanced evasion and espionage capabilities. A New 0patch Fix Blocks Malicious Theme Files. iOS malware LightSpy adds destructive features. LinkedIn faces class-action lawsuits over alleged privacy violations. The U.S. charges a Russian national as part of Operation Magnus. On this week’s CertByte segment, Chris Hare is joined by Dan Neville to break down a question targeting the Certified Associate in Project Management (CAPM)® certification. An Ex-Disney Staffer Allegedly Adds a Side of Sabotage to Park Menus.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
In this segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Dan Neville to break down a question targeting the Certified Associate in Project Management (CAPM)® certification by the Project Management Institute®. Today’s question comes from N2K’s PMI® Certified Associate in Project Management (CAPM®) Practice Test.
If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Additional sources: The 9 Most In-Demand Professional Certifications You Can Get Right Now
Selected Reading
Partial Breach of Election Machine Passwords in Colorado Poses No Risk, State Says (The New York Times)
Election Threats Escalating as US Voters Flock to the Polls (BankInfo Security)
Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (Bleeping Computer)
Critical Chrome Security Update: Patch for Out-of-Bounds & WebRTC Vulnerability (Cyber Security News)
Russian spies use remote desktop protocol files in unusual mass phishing drive (The Register)
FakeCall Android Trojan Evolves with New Evasion Tactics and Expanded Espionage Capabilities (SecurityWeek)
0patch Blog: We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day) (0patch)
Recent Version of LightSpy iOS Malware Packs Destructive Capabilities (SecurityWeek)
Lawsuits Accuse LinkedIn of Tracking Users' Health Info (GovInfo Security)
Feds name a Russian accused of developing Redline (The Register)
Fired Employee Allegedly Hacked Disney World's Menu System to Alter Peanut Allergy Information (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Chinese hacking into US telecoms draws federal scrutiny. ESET examines Evasive Panda’s CloudScout toolset. A new ChatGPT jailbreak bypassed security safeguards. Nintendo warns users of a phishing scam. The Five Eyes launch the Secure Innovation initiative for startups. CISA releases “Product Security Bad Practices” guidelines. Apple’s new bug bounty program offers a million bucks for critical vulnerabilities. The City of Columbus drops its suit of a cybersecurity researcher. On our Solution Spotlight today, N2K’s Simone Petrella speaks with Chris Porter, CISO at Fannie Mae, on cultivating cybersecurity culture and talent. Spooky spam is back.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Solution Spotlight today, N2K’s Simone Petrella speaks with Chris Porter, CISO at Fannie Mae, on cultivating cybersecurity culture and talent. You can hear Simone’s and Chris’ full conversation in this special edition podcast.
Selected Reading
Key Federal Cyber Panel to Probe Chinese Telecoms Hacking (Bank Info Security)
CloudScout: Evasive Panda scouting cloud services (We Live Security)
ChatGPT Jailbreak: Researchers Bypass AI Safeguards Using Hexadecimal Encoding and Emojis (SecurityWeek)
Nintendo Warns of Phishing Attack Mimics Company Email Address (gbhackers)
Five Eyes Agencies Launch Startup Security Initiative (Infosecurity magazine)
CISA sees elimination of ‘bad practices’ as next secure-by-design step (CyberScoop)
Apple Launches 'Apple Intelligence' and Offers $1M Bug Bounty for Security (Hackread)
Columbus drops lawsuit against data leak whistleblower Connor Goodwolf, but with a catch (NBC)
Spooky Spam, Scary Scams: Halloween Threats Rise (Security Boulevard)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this Solution Spotlight episode, our very own Simone Petrella sits down with Chris Porter, the Chief Information Security Officer at Fannie Mae. As a seasoned expert in the financial and cybersecurity sectors, Chris shares insights into how Fannie Mae navigates the complexities of securing one of the nation's most critical financial institutions.
Together, they discuss Fannie Mae's evolving cybersecurity posture, balancing innovation with risk management, and the critical strategies employed to protect sensitive data in an increasingly digital and interconnected world. Chris also delves into the importance of collaboration across the industry, highlighting partnerships and intelligence-sharing as vital components in mitigating cyber threats.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Operation Magnus disrupts notorious infostealers. Pennsylvania officials debunk election disinformation attributed to Russia. TeamTNT targets Docker daemons. Delta sues CrowdStrike. NVIDIA released a critical GPU Display Driver update. Fog and Akira ransomware exploit SonicWall VPNs. A researcher demonstrates Downgrade attacks against Windows systems. Qilin ransomware grows more evasive and disruptive. Pwn2Own Ireland awards over $1 million for more than 70 zero-day vulnerabilities. Our guest is Grant Geyer, Chief Strategy Officer at Claroty, talking about safeguarding our nation's critical food infrastructure. At long last, it’s legal to fix your McFlurry.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Grant Geyer, Chief Strategy Officer at Claroty, talking about safeguarding our nation's critical food infrastructure. The FBI recently held an Agriculture Threats Symposium in Nebraska, spotlighting growing concerns over the security of the nation's critical food infrastructure amid rising threats. As cyberattacks and bioterrorism increasingly target agriculture, the event highlighted urgent calls for stronger safety measures to protect the food supply chain.
Selected Reading
Operation Magnus Disrupted Redline and Meta Infostealer Malware (Cyber Security News)
Pennsylvania officials rebut false voter fraud claims from home and abroad (CyberScoop)
TeamTNT Exploits 16 Million IPs in Malware Attack on Docker Clusters (Hackread)
Delta sues CrowdStrike for $500 million in damages caused by massive airline cancelations (The Independent)
NVIDIA GPU Vulnerabilities Allow Attackers To Execute Remote Code on Windows & Linux (Cyber Security News)
Fog ransomware targets SonicWall VPNs to breach corporate networks (Bleeping Computer)
New Windows Driver Signature bypass allows kernel rootkit installs (Bleeping Computer)
Updated Qilin Ransomware Escalates Encryption and Evasion (BankInfo Security)
Researchers Discover Over 70 Zero-Day Bugs at Pwn2Own Ireland (Infosecurity Magazine)
It Is Now Legal to Hack McFlurry Machines (and Medical Devices) to Fix Them (404 Media)
DisMis: Explore our 3-part series on election propaganda. (N2K)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Mehr anzeigen