Episodes
-
Sharon Lemac-Vincere is an academic that focuses her research on the intersection of space and cyber. She has released a report on space and cybersecurity which outlines how Scotland can lead the way in both industries.
You can connect with Sharon on LinkedIn, and read her paper on The Cyber-Safe Gateway : Unlocking Scotland's Space Cybersecurity Potential on this website.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Be sure to follow T-Minus on LinkedIn and Instagram.
T-Minus Crew Survey
We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
Want to join us for an interview?
Please send your pitch to [email protected] and include your name, affiliation, and topic proposal.
T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, The Microsoft Threat Intelligence Podcast by Microsoft Threat Intelligence. See you in 2025!
On this week's episode of The Microsoft Threat Intelligence Podcast, we discuss the collaborative effort between Microsoft and Fortra to combat the illegal use of cracked Cobalt Strike software, which is commonly employed in ransomware attacks. To break down the situation, our host, Sherrod DeGrippo, is joined by Richard Boscovich, Assistant General Counsel at Microsoft, Jason Lyons, Principal Investigator with the DCU, and Bob Erdman, Associate VP Research and Development at Fortra. The discussion covers the creative use of DMCA notifications tailored by geographic region to combat cybercrime globally. The group express their optimism about applying these successful techniques to other areas, such as phishing kits, and highlight ongoing efforts to make Cobalt Strike harder to abuse.
In this episode you’ll learn:
The impact on detection engineers due to the crackdown on cracked Cobalt Strike
Extensive automation used to detect and dismantle large-scale threats
How the team used the DMCA creatively to combat cybercrime
Some questions we ask:
Do you encounter any pushback when issuing DMCA notifications?
How do you plan to proceed following the success of this operation?
Can you explain the legal mechanisms behind this take-down?
Resources:
View Jason Lyons on LinkedIn
View Bob Erdman on LinkedIn
View Richard Boscovich on LinkedIn
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Missing episodes?
-
Brandon Karpf sits down with Mike Silverman, Chief Strategy and Innovation Officer at FS-ISAC, to discuss the white paper Building Cryptographic Agility in the Financial Sector.
Authored by experts from FS-ISAC’s Post-Quantum Cryptography Working Group, the paper addresses the vulnerabilities posed by quantum computing to current cryptographic algorithms. It provides financial institutions with strategies to safeguard sensitive data and maintain trust as these emerging threats evolve.
Discover the challenges and actionable steps to build cryptographic agility in this insightful conversation.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, The BlueHat Podcast by Microsoft and MSRC. See you in 2025!
Yonatan Zunger, CVP of AI Safety & Security at Microsoft joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Yonatan explains the distinction between generative and predictive AI, noting that while predictive AI excels in classification and recommendation, generative AI focuses on summarizing and role-playing. He highlights how generative AI's ability to process natural language and role-play has vast potential, though its applications are still emerging. He contrasts this with predictive AI's strength in handling large datasets for specific tasks. Yonatan emphasizes the importance of ethical considerations in AI development, stressing the need for continuous safety engineering and diverse perspectives to anticipate and mitigate potential failures. He provides examples of AI's positive and negative uses, illustrating the importance of designing systems that account for various scenarios and potential misuses.
In This Episode You Will Learn:
How predictive AI anticipates outcomes based on historical data
The difficulties and strategies involved in making AI systems safe and secure from misuse
How role-playing exercises help developers understand the behavior of AI systems
Some Questions We Ask:
What distinguishes predictive AI from generative AI?
Can generative AI be used to improve decision-making processes?
What is the role of unit testing and test cases in policy and AI system development?
Resources:
View Yonatan Zunger on LinkedIn
View Wendy Zenone on LinkedIn
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Microsoft Threat Intelligence Podcast
Afternoon Cyber Tea with Ann Johnson
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of a Special Edition.
N2K’s Brandon Karpf speaks with guest Justin Fanelli, Acting CTO of the US Navy, about the US Navy streamlining the innovation process. For some background, you can refer to this article.
Additional resources:
PEO Digital Innovation Adoption Kit
Atlantic Council’s Commission on Defense Innovation Adoption
For industry looking to engage with PEO Digital: Industry Engagement
Learn more about your ad choices. Visit megaphone.fm/adchoices -
VP of Global Solutions Architecture at eSentire Tia Hopkins shares her career journey and talks about its beginnings in engineering and pivots into cybersecurity leadership. Tia shares how she liked to take things apart when she was young, including the brand new computer her mother bought her and how she was fascinated by all the pieces of it spread all across her bedroom floor. As she started studying engineering, Tia learned she was more of a technologist than an engineer. Tia got her start in technology without completing her formal education by what she says is "grit and right place, right time." Once she was in a management role, Tia wanted to validate her knowledge, experience, and ability and not only completed her bachelor's degree, but also two master's degrees. Tia recently started an organization to encourage and grow interest, confidence, and leaders of women of color in the field of cybersecurity. We thank Tia for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Asheer Malhotra and Vitor Ventura from Cisco Talos, and they are discussing "Operation Celestial Force employs mobile and desktop malware to target Indian entities." Cisco Talos revealed Operation Celestial Force, an espionage campaign by the Pakistani threat group "Cosmic Leopard," targeting Indian defense, government, and technology sectors.
Active for at least six years, the operation has recently increased its use of mobile malware and commercial spyware for surveillance.
The research can be found here:
Operation Celestial Force employs mobile and desktop malware to target Indian entities
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of Only Malware in the Building.
Welcome in! You’ve entered, Only Malware in the Building. Grab your eggnog and don your coziest holiday sweater as we sleuth our way through cyber mysteries with a festive twist! Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our cyber ghosts delve into the past, present, and future of some of the season’s most pressing threats: two-factor authentication (2FA), social engineering scams, and the return to consumer-targeted attacks.
Together, Rick, Dave, and Selena deliver a ghostly—but insightful—message about the state of cybersecurity, past, present, and future. Can their advice save your holiday season from digital disaster? Tune in and find out.
May your holidays be merry, bright, and free of cyber fright!
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of Solution Spotlight.
In this special edition of Solution Spotlight, N2K President, Simone Petrella is talking with ISC2 CEO Clar Rosso about putting a dent in the cybersecurity workforce gap through empowerment, breaking down barriers and expanding DE&I initiatives.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect!
The 12 Days of Malware lyrics
On the first day of Christmas, my malware gave to me:
A keylogger logging my keys.
On the second day of Christmas, my malware gave to me:
2 Trojan Apps...
And a keylogger logging my keys.
On the third day of Christmas, my malware gave to me:
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the fourth day of Christmas, my malware gave to me:
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the fifth day of Christmas, my malware gave to me:
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the sixth day of Christmas, my malware gave to me:
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the seventh day of Christmas, my malware gave to me:
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the eighth day of Christmas, my malware gave to me:
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the ninth day of Christmas, my malware gave to me:
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the tenth day of Christmas, my malware gave to me:
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days! (Bah-dum-dum-dum!)
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the eleventh day of Christmas, my malware gave to me:
11 Phishers phishing...
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days! (Bah-dum-dum-dum!)
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the twelfth day of Christmas, my malware gave to me:
12 Hackers hacking...
11 Phishers phishing...
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Gather 'round for a holiday treat like no other! In this festive edition of Only Malware in the Building, we present A Social Engineering Carol—a cunning twist on the classic Dickens tale, penned and created by our very own Dave Bittner. Follow a modern-day Scrooge as they navigate the ghostly consequences of phishing, vishing, and smishing in this holiday cybersecurity fable.
Don't miss the accompanying video, packed with holiday cheer and cyber lessons to keep you safe this season! Check it out now!
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore of T-Minus Space Daily.
A few hours prior to the Russian invasion of Ukraine on February 24, 2022, Russia’s military intelligence launched a cyberattack against ViaSat’s KA-SAT satellite network, which was used by the Ukrainian Armed Forces. It prevented them from using satellite communications to respond to the invasion. After the ViaSat hack, numerous cyber operations were conducted against the space sector from both sides of the conflict. What have we learnt from the Viasat attack? Clémence Poirier has written a report on the Viasat cybersecurity attack during the war in Ukraine. Hacking the Cosmos: Cyber operations against the space sector.
You can connect with Clémence Poirier on LinkedIn, and read her report on this website.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram.
T-Minus Crew Survey
We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
Want to join us for an interview?
Please send your pitch to [email protected] and include your name, affiliation, and topic proposal.
T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, Threat Vector by Palo Alto Networks. See you in 2025!
Announcement: We are pleased to share an exciting announcement about Cortex XDR at the top of our show. You can learn more here. Check out our episode on "Cyber Espionage and Financial Crime: North Korea’s Double Threat" with Assaf Dahan, Director of Threat Research at Palo Alto Networks Cortex team.
Join host David Moulton on Threat Vector, as he dives deep into the rapidly evolving XDR landscape with Allie Mellen, Principal Analyst at Forrester. With expertise in security operations, nation-state threats, and the application of AI in security, Allie offers an inside look at how XDR is reshaping threat detection and response. From tackling the SIEM market’s current challenges to optimizing detection engineering, Allie provides invaluable insights into the people, processes, and tools central to an effective SOC. This episode offers listeners a thoughtful exploration of how to navigate today's complex threat landscape and separate XDR hype from reality. Perfect for cybersecurity professionals looking to stay ahead in the field, tune in to hear expert perspectives on the next steps in cybersecurity resilience.
Ready to go deeper? Join Josh Costa, Director of Product Marketing, Allie Mellen, Principal Analyst at Forrester and David Moulton, Director of Content and Thought Leadership for Unit 42 as they discuss the State of XDR https://start.paloaltonetworks.com/State-of-XDR-with-Forrester.
Join the conversation on our social media channels:
Website: http://www.paloaltonetworks.com
Threat Research: https://unit42.paloaltonetworks.com/
Facebook: https://www.facebook.com/LifeatPaloAltoNetworks/
LinkedIn: https://www.linkedin.com/company/palo-alto-networks/
YouTube: @paloaltonetworks
Twitter: https://twitter.com/PaloAltoNtwks
About Threat Vector
Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.
The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.
Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.
Palo Alto Networks
Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. http://paloaltonetworks.com
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A federal judge finds NSO Group liable for hacking WhatsApp. China accuses the U.S. government of cyberattacks. The UK’s Operation Destabilise uncovers a vast criminal network. An alleged LockBit developer says he did it for the money. Apache releases a security update for their Tomcat web server. Siemens issues a security advisory for their User Management Component. Italy’s data protection authority fines OpenAI $15.6 million. Researchers demonstrate a method to bypass the latest Wi-Fi security protocol. Apple sends potential spyware victims to a nonprofit for help. Our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Hackers supersize their McDonald’s delivery orders.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention.
Selected Reading
Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices (Recorded Future)
Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets (CyberScoop)
Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing (Recorded Future)
Suspected LockBit dev faces extradition to the US (The Register)
Apache fixes remote code execution bypass in Tomcat web server (Bleeping Computer)
Siemens Warn of Critical Vulnerability in UMC (GovInfoSecurity)
Italy's Privacy Watchdog Fines OpenAI for ChatGPT's Violations in Collecting Users Personal Data (SecurityWeek)
WPA3 Network Password Bypassed via MITM Attack & Social Engineering (CyberSecurityNews.com)
Apple Warns Users Of iPhone Spyware Attacks—What You Need To Know (Forbes)
McDonald’s Delivery App Vulnerability Let Anyone Place an Order for Just $0.01 (CyberSecurityNews.com)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CEO and co-founder of SafeGuard Cyber Jim Zufoletti shares his journey starting out as an intrepreneur and transformation into a serial entrepreneur in cybersecurity. Jim shares how he got his feet wet working for others as an intrepreneur and catching the entrepreneurial bug in the mid-90s. He has co-founded a number of companies starting with FreeMarkets, a B2B ecommerce company. After that went public and Jim moved on, he went to business school at the University of Virginia and crossed paths with his future co-founder of SafeGuard Cyber. At UVA, Jim was inspired by a professor who exposed him to the effectuation approach to entrepreneurship, Along those lines, Jim recommends those looking to start a business in cyber build their experience portfolio. Jim took what he learned to help build where he is today. His company helps protect the humans in this new digital world with the current work from home environment. And, we thank Jim for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Adam Khan, VP of Security Operations at Barracuda, joins to discuss his team's work on "The evolving use of QR codes in phishing attacks." Cybercriminals are evolving phishing tactics by embedding QR codes, or “quishing,” into PDF documents attached to emails, tricking recipients into scanning them to access malicious websites that steal credentials.
Barracuda researchers found over half a million such emails from June to September 2024, with most impersonating brands like Microsoft, DocuSign, and Adobe to exploit urgency and trust. To counter these attacks, businesses should deploy multilayered email security, use AI-powered detection tools, educate employees on QR code risks, and enable multifactor authentication to safeguard accounts.
The research can be found here:
Threat Spotlight: The evolving use of QR codes in phishing attacks
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Russian hackers attack Ukraine’s state registers. NotLockBit is a new ransomware strain targeting macOS and Windows. Sophos discloses three critical vulnerabilities in its Firewall product. The BadBox botnet infects over 190,000 Android devices. BeyondTrust patches two critical vulnerabilities. Hackers stole $2.2 billion from cryptocurrency platforms in 2024. Officials dismantle a live sports streaming piracy ring. Rockwell Automation patches critical vulnerabilities in a device used for energy control in industrial systems. A new report from Dragos highlights ransomware groups targeting industrial sectors. A Ukrainian national is sentenced to 60 months in prison for distributing the Raccoon Infostealer malware. We bid a fond farewell to our colleague Rick Howard, who’s retiring after years of inspiring leadership, wisdom, and camaraderie. The LockBit gang tease what’s yet to come.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today’s guest segment is bittersweet as we bid farewell to our beloved Rick Howard, who’s retiring after years of inspiring leadership, wisdom, and camaraderie. Join us in celebrating his incredible journey, sharing heartfelt memories, and letting him know just how deeply he’ll be missed by all of us here at N2K.
Selected Reading
Ukraine’s state registers hit with one of Russia’s largest cyberattacks, officials say (The Record)
NotLockBit - Previously Unknown Ransomware Attack Windows & macOS (GB Hackers)
Critical Sophos Firewall Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News)
Botnet of 190,000 BadBox-Infected Android Devices Discovered (SecurityWeek)
BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) (SOCRadar)
Crypto-Hackers Steal $2.2bn as North Koreans Dominate (Infosecurity Magazine)
Massive live sports piracy ring with 812 million yearly visits taken offline (Bleeping Computer)
Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems (SecurityWeek)
Ransomware Attackers Target Industries with Low Downtime Tolerance (Infosecurity Magazine)
Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US (SecurityWeek)
NetWalker Ransomware Operator Sentenced For Hacking Hundreds Of Organizations (Cyber Security News)
LockBit Admins Tease a New Ransomware Version (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA urges senior government officials to enhance mobile device security. Russian state-sponsored hacker group Sandworm is targeting Ukrainian soldiers. A website bug in GPS tracking firm Hapn is exposing customer information. Multiple critical vulnerabilities have been identified in Sharp branded routers. Ireland’s Data Protection Commission fines Meta $263 million for alleged GDPR violations. Google releases an urgent Chrome security update to address four high-rated vulnerabilities. Cyberattacks on India-based organizations surged 92% year-over-year. Cybercriminals target Google Calendar to launch phishing attacks. Fortinet patches a critical vulnerability in FortiWLM. Juniper Networks warns of a botnet infection targeting routers with default credentials. Our guest is Jeff Krull, principal and practice leader of Baker Tilly's cybersecurity practice, with advice on using employee access controls to limit internal cyber threats. When is “undesirable” a badge of honor?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Jeff Krull, principal and practice leader of Baker Tilly's cybersecurity practice, talking about using employee access controls to limit internal cyber threats.
Selected Reading
CISA urges senior government officials to lock down mobile devices amid ongoing Salt Typhoon breach (The Record)
Sandworm-linked hackers target users of Ukraine’s military app in new spying campaign (The Record)
Tracker firm Hapn spilling names of thousands of GPS tracking customers (TechCrunch)
Multiple security flaws reported in SHARP routers (Beyond Machines)
Meta fined $263 million for alleged GDPR violations that led to data breach (The Record)
Update Google Chrome Now—4 New Windows, Mac, Linux Security Warnings (Forbes)
India Sees Surge in Banking, Utilities API Attacks (Dark Reading)
Google Calendar Phishing Scam Targets Users with Malicious Invites (Hackread)
Fortinet Patches Critical FortiWLM Vulnerability (SecurityWeek)
Juniper Warns of Mirai Botnet Targeting Session Smart Routers (SecurityWeek)
Recorded Future CEO Calls Russia’s “Undesirable” Listing a “Compliment” (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The U.S. considers a ban on Chinese made routers. More than 200 Cleo managed file-transfer servers remain vulnerable. The Androxgh0st botnet expands. Schneider Electric reports a critical vulnerability in some PLCs. A critical Apache Struts 2 vulnerability is being actively exploited. Malicious campaigns are targeting Chinese-branded IoT devices. A Nebraska-based healthcare insurer discloses a data breach affecting over 225,000 individuals. IntelBroker leaks 2.9GB of data from Cisco’s DevHub environment. CISA issues a Binding Operational Directive requiring federal agencies to enhance cloud security. On today’s CERTByte segment, Chris Hare and Dan Neville unpack a question targeting the Network+ certification. INTERPOL says, “Enough with the pig butchering.“
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
This week, Chris is joined by Dan Neville to break down a question targeting the Network+ certification (N10-008 expires on 12/20/24 and the N10-009 update launched on June 20th of this year). Today’s question comes from N2K’s CompTIA® Network+ Practice Test, both exam versions of which are offered on our site.
Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here and on our site are not actual current or prior questions and answers from these certification publishers or providers.
Selected Reading
U.S. Weighs Ban on Chinese-Made Router in Millions of American Homes (Wall Street Journal)
Attack Exposure: Unpatched Cleo Managed File-Transfer Software (BankInfo Security)
Androxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities (Hackread)
Schneider Electric reports critical flaw in Modicon Programmable Logic Controllers (Beyond Machines)
RATs can sniff out your Chinese-made web cameras: here’s how to defend yourself (Cybernews)
Regional Care Data Breach Impacts 225,000 People (SecurityWeek)
Hacker IntelBroker Leaked 2.9GB of Data Stolen From Cisco DevHub Instance (Cyber Security News)
New critical Apache Struts flaw exploited to find vulnerable servers (Bleeping Computer)
CISA Issues Binding Operational Directive for Improved Cloud Security (SecurityWeek)
Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure (CISA)
INTERPOL urges end to 'Pig Butchering' term, cites harm to online victims (INTERPOL)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Biden administration takes its first step to retaliate against China for the Salt Typhoon cyberattack. The Feds release a draft National Cyber Incident Response Plan. Telecom Namibia suffers a cyberattack. The Australian Information Commissioner has reached a $50 million settlement with Meta over the Cambridge Analytica scandal. CISA releases its 2024 year in review. LastPass hackers nab an additional five millions dollars. Texas Tech University notifies over 1.4 million individuals of a ransomware attack. Researchers discover a new DarkGate RAT attack vector using vishing. A fraudster gets 69 months in prison. On our Threat Vector segment, David Moulton speaks with Nir Zuk, Founder and CTO of Palo Alto Networks about predictions for 2025. Surveillance tweaks our brains in unexpected ways.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
On our Threat Vector segment, we preview this week’s episode where host David Moulton talks with Nir Zuk, Founder and CTO of Palo Alto Networks. They talk about Palo Alto Networks' predictions for 2025, focusing on the shift to unified data security platforms and the growing importance of AI in cybersecurity. You can catch new episodes of Threat Vector every Thursday here and on your favorite podcast app.
Selected Reading
Biden Administration Takes First Step to Retaliate Against China Over Hack (The New York Times)
US Unveils New National Cyber Incident Response Plan (Infosecurity Magazine)
Telecom Namibia Cyberattack: 400,000 Files Leaked (The Cyber Express)
Landmark settlement of $50m from Meta for Australian users impacted by Cambridge Analytica incident (OAIC)
CISA Warns of New Windows Vulnerability Used in Hacker Attacks (CyberInsider)
CISA 2024 Year in review (CISA)
LastPass threat actor steals $5.4M from victims just a week before Xmas (Cointelegraph)
Texas Tech University Data Breach Impacts 1.4 Million People (SecurityWeek)
Microsoft Teams Vishing Spreads DarkGate RAT (Dark Reading)
Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence (SecurityWeek)
The psychological implications of Big Brother’s gaze (SCIMEX)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Show more
![Scotland’s position to lead cyber and space. [Deep Space]](https://is5-ssl.mzstatic.com/image/thumb/Podcasts116/v4/12/16/ca/1216caa3-af21-5352-8400-c6e0e84332b5/mza_6844882071149318753.jpg/80x80bb.jpg)