Episoder
-
DHS Secretary Kristi Noem justifies budget cuts in her RSAC keynote. The EFF pens an open letter to Trump backing Chris Krebs. Scattered Spider is credited with the Marks & Spencer cyberattack. Researchers discover a critical flaw in Apple’s AirPlay protocol. The latest CISA advisories. On our Industry Voices segment, we are joined by Neil Gad, Chief Product and Technology Officer at RealVNC, who is discussing a security-first approach in remote access software development. What do you call an AI chatbot that finished at the bottom of its class in med school?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
On our Industry Voices segment, we are joined by Neil Gad, Chief Product and Technology Officer at RealVNC, who is discussing a security-first approach in remote access software development.
Kevin on the Street
Joining us this week from RSAC 2025, we have our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Stay tuned to the CyberWire Daily podcast for “Kevin on the Street” updates on all things RSAC 2025 from Kevin all week. Today Kevin is joined by Ryan Lasmaili Co-Founder and CEO of Vaultree and Stan Golubchik CEO and co-founder of Contraforce, here are their conversations.
You can also catch Kevin on our Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. Whether you are building your own startup or just love a good innovation story, https://explore.thecyberwire.com/microsoft-for-startups.
Selected Reading
DHS Secretary Noem: CISA needs to get back to ‘core mission’ (CyberScoop)
Noem calls for reauthorization of cyberthreat information sharing law during RSA keynote (The Record)
Cyber experts, Democrats urge Trump administration not to break up cyber coordination in State reorg (CyberScoop)
Infosec pros rally against Trump's attack on Chris Krebs (The Register)
Scattered Spider Suspected in Major M&S Cyberattack (Hackread)
AirPlay Zero-Click RCE Vulnerability Enables Remote Device Takeover via Wi-Fi (Cyber Security News)
CISA Adds One Known Exploited Vulnerability to Catalog (CISA)
CISA Releases Three Industrial Control Systems Advisories (CISA)
Instagram's AI Chatbots Lie About Being Licensed Therapists (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
RSAC 2025 is well under way, and Kevin the Intern files his first report. Authorities say Spain and Portugal’s massive power outage was not a cyberattack. Concerns are raised over DOGE access to classified nuclear networks. The FS-ISAC launches the Cyberfraud Prevention Framework. Real-time deepfake fraud is here to stay. On today’s Threat Vector, host David Moulton speaks with Daniel B. Rosenzweig, a leading data privacy and AI attorney, about the growing complexity of privacy compliance in the era of big data and artificial intelligence. Protecting your company…with a fat joke.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector
In this segment of Threat Vector, host David Moulton speaks with Daniel B. Rosenzweig, a leading data privacy and AI attorney, about the growing complexity of privacy compliance in the era of big data and artificial intelligence. Dan explains how businesses can build trust by aligning technical operations with legal obligations—what he calls “say what you do, do what you say.” They explore U.S. state privacy laws, global data transfer regulations, AI compliance, and the role of privacy-enhancing technologies. You can hear David and Daniel's full discussion on Threat Vector here and catch new episodes every Thursday on your favorite podcast app.
Kevin on the Street
Joining us this week from RSAC 2025, we have our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Stay tuned to the CyberWire Daily podcast for “Kevin on the Street” updates on all things RSAC 2025 from Kevin all week.
You can also catch Kevin on our Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. Whether you are building your own startup or just love a good innovation story, https://explore.thecyberwire.com/microsoft-for-startups.
Selected Reading
RSA Conference 2025 Announcements Summary (Day 1) (SecurityWeek)
ISMG Editors: Day 1 Overview of RSAC Conference 2025 (GovInfo Security)
ProjectDiscovery Named “Most Innovative Startup” at RSAC™ 2025 Conference Innovation Sandbox Contest (RSAC)
Krebs: People should be ‘outraged’ at efforts to shrink federal cyber efforts (The Record)
NSA, CISA top brass absent from RSA Conference (The Register)
Power Is Restored in Spain and Portugal After Widespread Outage (New York Times)
DOGE employees gain accounts on classified networks holding nuclear secrets (NPR)
New Framework Targets Rising Financial Crime Threats (GovInfo Security)
The Age of Realtime Deepfake Fraud Is Here (404 Media)
The one interview question that will protect you from North Korean fake workers (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Mangler du episoder?
-
A massive power outage strikes the Iberian Peninsula. Iran says it repelled a “widespread and complex” cyberattack targeting national infrastructure. Researchers find hundreds of SAP NetWeaver systems vulnerable to a critical zero-day. A British retailer tells warehouse workers to stay home following a cyberattack. VeriSource Services discloses a breach exposing personal data of four million individuals. Global automated scanning surged 16.7% in 2024. CISA discloses several critical vulnerabilities affecting Planet Technology’s industrial switches and network management products. A Greek court upholds a VPN provider’s no-logs policies. Law enforcement dismantles the JokerOTP phishing tool. Our guest is Tim Starks from CyberScoop with developments in the NSO Group trial. How Bad Scans and AI Spread a Scientific Urban Legend.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Special Edition
On our Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft, we are shining a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. This episode is part of our exclusive RSAC series where we dive into the real world impact of the Microsoft for Startups Founders Hub.
Along with Microsoft’s Kevin Magee, Dave Bittner talks with an entrepreneur and startup veteran, and founders from three incredible startups who are part of the Founders Hub, each tackling big problems with even bigger ideas.
Dave and Kevin set the stage speaking with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur. Dave and Kevin then speak with three founders: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. So whether you are building your own startup or just love a good innovation story, listen in. For more information, visit the Microsoft for Startups website.
CyberWire Guest
We are joined by Tim Starks from CyberScoop who is discussing Judge limits evidence about NSO Group customers, victims in damages trial
Selected Reading
Nationwide Power Outages in Portugal & Spain Possibly Due to Cyberattack (Cyber Security News)
Iran claims it stopped large cyberattack on country’s infrastructure (The Record)
400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild (Cyber Security News)
M&S warehouse workers told not to come to work following cyberattack (The Record)
4 Million Affected by VeriSource Data Breach (SecurityWeek)
Researchers Note 16.7% Increase in Automated Scanning Activity (Infosecurity Magazine)
Critical Vulnerabilities Found in Planet Technology Industrial Networking Products (SecurityWeek)
Court Dismisses Criminal Charges Against VPN Executive, Affirms No-Log Policy (Hackread)
JokerOTP Dismantled After 28,000 Phishing Attacks, 2 Arrested (Hackread)
A Strange Phrase Keeps Turning Up in Scientific Papers, But Why? (ScienceAlert)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of Career Notes.
CEO and co-founder of Sternum, Natali Tshuva shares how she took her interest in science and technology and made a career and company out of it. Beginning her computer science undergraduate degree at age 14 through a special program in Israel, Natali says it opened up a new world for her. Her required service in the IDF found Natali as a member of Unit 8200, the Israeli intelligence. In the Israeli corporate space following the IDF, Natali discovered how cybersecurity could actually create impact in the real world environment and found a way to combine her cybersecurity expertise with the passion to impact critical industries like the medical industry. Natali recommends that those entering the field get some hands-on experience and use your unique strengths to find a way to make the world a better place. We thank Natali for sharing her story.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Welcome to the Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft. In this episode, we are shining a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. This episode is part of our exclusive RSAC series where we dive into the real world impact of the Microsoft for Startups Founders Hub.
Along with Microsoft’s Kevin Magee, Dave Bittner talks with an entrepreneur and startup veteran, and founders from three incredible startups who are part of the Founders Hub, each tackling big problems with even bigger ideas.
Dave and Kevin set the stage speaking with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur. Dave and Kevin then speak with three founders: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. So whether you are building your own startup or just love a good innovation story, listen in. For more information, visit the Microsoft for Startups website.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Today we are joined by Crystal Morin, Cybersecurity Strategist from Sysdig, as she is sharing their work on "UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell." UNC5174, a Chinese state-sponsored threat actor, has resurfaced with a stealthy cyber campaign using a new arsenal of customized and open-source tools, including a variant of their SNOWLIGHT malware and the VShell RAT.
Sysdig researchers discovered that the group targets Linux systems through malicious bash scripts, domain squatting, and in-memory payloads, indicating a high level of sophistication and espionage intent. Their evolving tactics, such as using spoofed domains and fileless malware, continue to blur attribution and pose a significant threat to research institutions, critical infrastructure, and NGOs across the West and Asia-Pacific regions.
The research can be found here:
UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Defense Department is launching a new fast-track software approval process. A popular employee monitoring tool exposes over 21 million real-time screenshots. The U.S. opens a criminal antitrust investigation into router maker TP-Link. A pair of health data breaches affect over six million people. South Korea’s SK Telecom confirms a cyberattack. A critical zero-day puts thousands of SAP applications at potential risk. Researchers raise concerns over AI agents performing unauthorized actions. “Policy Puppetry” can break the safety guardrails of all major generative AI models. New research tallies the high costs of data breaches. A preview of the RSAC Innovation Sandbox with Cecilia Marinier, Vice President at RSAC, and David Chen, Head of Global Technology Investment Banking at Morgan Stanley. Stocking hard drives full of human knowledge, just in case.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn
CyberWire Guest
Cecilia Marinier, Vice President at RSAC, and David Chen, Head of Global Technology Investment Banking at Morgan Stanley, sit down with Dave to discuss the Innovation Sandbox Contest 2025.
Selected Reading
Acting Pentagon CIO Signing Off on New, Faster Cyber Rules for Contractors (airandspaceforces)
Top employee monitoring app leaks 21 million screenshots on thousands of users (TechRadar)
Router Maker TP-Link Faces US Criminal Antitrust Investigation (bloomberg)
Yale New Haven Health Notifying 5.5 Million of March Hack (bankinfosecurity)
Frederick Health data breach impacts nearly 1 million patients (BleepingComputer)
Hackers access sensitive SIM card data at South Korea's largest telecoms company (bitdefender)
SAP Zero-Day Possibly Exploited by Initial Access Broker (SecurityWeek)
Chrome Extension Uses AI Engine to Act Without User Input (Infosecurity Magazine)
All Major Gen-AI Models Vulnerable to 'Policy Puppetry' Prompt Injection Attack (SecurityWeek)
US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures (Infosecurity Magazine)
Sales of Hard Drives for the End of the World Boom Under Trump (404media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Verizon and Mandiant call for layered defenses against evolving threats. Cisco Talos describes ToyMaker and Cactus threat actors. Researchers discover a major Linux security flaw which allows rootkits to bypass traditional detection methods. Ransomware groups are experimenting with new business models. Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division shares the latest on Salt Typhoon. Global censorship takes a coffee break.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Dave sits down with Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division who shares a PSA on Salt Typhoon.
Selected Reading
2025 Data Breach Investigations Report (Verizon)
Mandiant M-Trends 2025 Report (Mandiant)
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs (Ciso Talos)
Linux 'io_uring' security blindspot allows stealthy rootkit attacks (bleepingcomputer)
Ransomware groups test new business models to hit more victims, increase profits (the record)
Cloudflare: Government-backed internet shutdowns plummet to zero in first quarter (the record)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
We're sharing a episode from another N2K show we thought you might like. It's the second episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy!
Show Notes:
Cybersecurity has an identity problem where the industry as a whole is struggling to determine whether it is a trade or a profession. In this episode of CISO Perspectives, host Kim Jones sits down with Larry Whiteside Jr., the Chief Advisory Officer for The CISO Society, to discuss this identity crisis and how the industry as a whole connects to both of these labels. Throughout the conversation, Larry and Kim will discuss the merits and drawbacks of both labels and how cybersecurity does not solely fall into one category or the other.
Want more CISO Perspectives?:
Check out a companion blog post by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. It’s the perfect follow-up if you’re curious about the cyber talent crunch and how we can reshape the ecosystem for future professionals.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The White House’s shift of cybersecurity responsibilities to the states is met with skepticism. Baltimore City Public Schools suffer a ransomware attack. Russian state-backed hackers target Dutch critical infrastructure. Microsoft resolves multiple Remote Desktop issues. A new malware campaign is targeting Docker environments for cryptojacking. A new phishing campaign uses weaponized Word documents to steal Windows login credentials. Zyxel Networks issues critical patches for two high-severity vulnerabilities. CISA issues five advisories highlighting critical vulnerabilities in ICS systems. Our guest is Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, sharing the findings of their latest IC3 report. So long, Privacy Sandbox.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, as she is sharing the findings of their latest IC3 report.
Selected Reading
Trump is shifting cybersecurity to the states, but many aren’t prepared (Stateline)
Baltimore City Public Schools report data breach (beyondmachines)
Russia attempting cyber sabotage attacks against Dutch critical infrastructure (record)
Microsoft fixes Remote Desktop freezes caused by Windows updates (bleepingcomputer)
New Malware Hijacking Docker Images with Unique Obfuscation Technique (cybersecuritynews)
Hackers Exploit Weaponized Word Docs to Steal Windows Login Credentials (gbhackers)
Kelly Benefits Data Breach Impacts 260,000 People (SecurityWeek)
Data Breach at Onsite Mammography Impacts 350,000 (SecurityWeek)
Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls (cybersecuritynews)
CISA Releases Five Advisories Covering ICS Vulnerabilities & Exploits (cybersecuritynews)
RIP to the Google Privacy Sandbox (The Register)
2024 IC3 ANNUAL REPORT
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Russian Proton66 is tied to cybercriminal bulletproof hosting services. A new Rust-based botnet hijacks vulnerable routers. CISA budget cuts limit the use of popular analysis tools. A pair of healthcare providers confirm ransomware attacks. Researchers uncover the Scallywag ad fraud network. The UN warns of cyber-enabled fraud in Southeast Asia expanding at an industrial scale. Fog ransomware resurfaces and points a finger at DOGE. The cybercrime marketplace Cracked relaunches under a new domain. On our Industry Voices segment, Bob Maley, CSO of Black Kite, shares insights on the growing risk of third-party cyber incidents. Taking the scenic route through Europe's digital landscape.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Kim Jones, the new Host of CISO Perspectives podcast, previewing the latest episode where Kim is joined by Larry Whiteside Jr. discussing “Are we a trade or a profession?”
Industry Voices
On our Industry Voices segment, Bob Maley, CSO of Black Kite, sharing insights on the growing risk of third-party cyber incidents.
Selected Reading
Many Malware Campaigns Linked to Proton66 Network (SecurityWeek)
New Rust Botnet Hijacking Routers to Inject Commands Remotely (Cyber Security News)
CISA Issues Warning Against Using Censys, VirusTotal in Threat Hunting Ops (GB Hackers)
Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000 (SecurityWeek)
Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily (Infosecurity Magazine)
$40bn Southeast Asian Scam Sector Growing “Like a Cancer” (Infosecurity Magazine)
Fog ransomware notes troll with DOGE references, bait insider attacks (SC World)
Reborn: Cybercrime Marketplace Cracked Appears to Be Back (BankInfo Security)
Nemesis darknet market founder indicted for years-long “borderless powerhouse of criminal activity” (Cybernews)
Digital Weaning Guide from the United States (Dagbladet Information)
Two top cyber officials resign from CISA (The Record)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Adversary nations are using ClickFix in cyber espionage campaigns. Japan’s Financial Services Agency issues an urgent warning after hundreds of millions in unauthorized trades. The critical Erlang/OTP’s SSH vulnerability now has public exploits. A flawed rollout of a new Microsoft Entra app triggers widespread account lockouts. The alleged operator of SmokeLoader malware faces federal hacking charges. A new scam blends social engineering, malware, and NFC tech to drain bank accounts. GSA employees may have been oversharing sensitive documents. Yoni Shohet, Co-Founder and CEO of Valence Security, who cautions financial organizations of coming Chinese open source AI. Crosswalks in the crosshairs of satirical hacking.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
We are joined by Yoni Shohet, Co-Founder and CEO of Valence Security, discussing how the onslaught of more open source AI tools coming out of China will be difficult to manage for companies especially those in the financial sector.
Selected Reading
North Korea, Iran, Russia-Backed Hackers Deploy ClickFix in New Attacks (Hackread)
Countries Shore Up Their Digital Defenses as Global Tensions Raise the Threat of Cyberwarfare (SecurityWeek)
Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts (The Record)
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (Bleeping Computer)
Widespread Microsoft Entra lockouts tied to new security feature rollout (Bleeping Computer)
Alleged SmokeLoader malware operator facing federal charges in Vermont (The Record)
New payment-card scam involves a phone call, some malware and a personal tap (The Record)
Sensitive files, including White House floor plans, shared with thousands (The Washington Post)
Hacking US crosswalks to talk like Zuck is as easy as 1234 (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of Career Notes.
Chief Technology Officer of ActiveNav Rich Hale takes us through his career aspirations of board game designer (one he has yet to realize), through his experience with the Royal Air Force to the commercial sector where his firm works to secure dark data. During his time in the Air Force, Rich was fortunate to serve on a wide range of different platforms from training aircraft to bombers, and all the way into procurement and policy. Transitioning to the commercial sector, Rich notes he was well prepared for some aspects, but lacking in some he's made up on his own. Rich likes to lead with vision and empower his teams. He counsels that you should not fear making a career change, but be sure to look twice before making the leap. We thank Rich for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Nick Cerne, Security Consultant from Bishop Fox, to discuss "Rust for Malware Development." In pursuit of simulating real adversarial tactics, this blog explores the use of Rust for malware development, contrasting it with C in terms of binary complexity, detection evasion, and reverse engineering challenges.
The author demonstrates how Rust's inherent anti-analysis traits and memory safety features can create more evasive malware tooling, including a simple dropper that injects shellcode using lesser-known Windows APIs. Through hands-on comparisons and decompiled output analysis, the post highlights Rust’s growing appeal in offensive security while noting key OPSEC considerations and tooling limitations.
The research can be found here:
Rust for Malware Development
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A critical vulnerability in Erlang/OTP SSH allows unauthenticated remote code execution. There’s a bipartisan effort to renew a key cybersecurity info sharing law. A newly discovered Linux kernel vulnerability allows local attackers to escalate privileges. A researcher uncovers 57 risky Chrome extensions with a combined 6 million users. AttackIQ shares StrelaStealer simulations. A major live events service provider notifies employees and customers of a data breach. CISA warns of an actively exploited SonicWall vulnerability. An airport retailer agrees to a multi-million dollar settlement stemming from a ransomware attack. A preview of RSAC 2025 with Linda Gray Martin and Britta Glade. Zoom-a-zoom zoom, it’s always DNS.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today Dave sits down with Linda Gray Martin, Chief of Staff, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2025.
Selected Reading
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (Bleeping Computer)
Bipartisan duo wants to renew 10-year-old cyberthreat information sharing law (The Record)
Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released (Cyber Security News)
Chrome extensions with 6 million installs have hidden tracking code (Bleeping Computer)
Emulating the Stealthy StrelaStealer Malware (AttackIQ)
Live Events Giant Legends International Hacked (SecurityWeek)
CISA tags SonicWall VPN flaw as actively exploited in attacks (Bleeping Computer)
Airport retailer agrees to $6.9 million settlement over ransomware data breach (The Record)
Global Zoom Outage Caused by Server Block Imposed from GoDaddy Registry (Cyber Security News)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Microsoft issues emergency updates for Windows Server. Apple releases emergency security updates to patch two zero-days. CISA averts a CVE program disruption. Researchers uncover Windows versions of the BrickStorm backdoor. Atlassian and Cisco patch several high-severity vulnerabilities. An Oklahoma cybersecurity CEO is charged with hacking a local hospital. A Fortune 500 financial firm reports an insider data breach. Researchers unmask IP addresses behind the Medusa Ransomware Group. CISA issues a warning following an Oracle data breach. On our Industry Voices segment, we are joined by Rob Allen, Chief Product Officer at ThreatLocker, to discuss a layered approach to zero trust. Former CISA director Chris Krebs steps down from his role at SentinelOne.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Industry Voices
On our Industry Voices segment, we are joined by Rob Allen, Chief Product Officer at ThreatLocker, to discuss a layered approach to zero trust.
Selected Reading
New Windows Server emergency updates fix container launch issue (Bleeping Computer)
Apple fixes two zero-days exploited in targeted iPhone attacks (Bleeping Computer)
CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension (Infosecurity Magazine)
MITRE Hackers' Backdoor Has Targeted Windows for Years (SecurityWeek)
Vulnerabilities Patched in Atlassian, Cisco Products (SecurityWeek)
Edmond cybersecurity CEO accused in major hack at hospital (KOCO News)
Fortune 500 firm's ex-employee exposes thousands of clients (Cybernews)
Researchers Deanonymized Medusa Ransomware Group's Onion Site (Cyber Security News)
CISA warns of potential data breaches caused by legacy Oracle Cloud leak (The Record)
Krebs Exits SentinelOne After Security Clearance Pulled (SecurityWeek)
The top 10 ThreatLocker policies for 2025 (ThreatLocker)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
We're sharing a episode from another N2K show we thought you might like. It's the first episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy!
Show Notes:
The cyber talent ecosystem faces severe indigestion, which has stifled growth and closed doors to new talent. In this episode of CISO Perspectives, host Kim Jones sits down with Ed Adams, the Head of Cybersecurity for North America at the Bureau Veritas Group, to discuss what has caused this indigestion and how leadership can better address these challenges. A key aspect of this conversation revolved around discussing Ed's book, See Yourself in Cyber: Security Careers Beyond Hacking, and how he expands the conversation surrounding traditional roles associated with cybersecurity.
Want more CISO Perspectives?:
Check out a companion blog post by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. It’s the perfect follow-up if you’re curious about the cyber talent crunch and how we can reshape the ecosystem for future professionals.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The CVE program gets a last-minute reprieve. A federal whistleblower alleges a security breach at the NLRB. Texas votes to spin up their very own Cyber Command. BreachForums suffers another takedown. A watchdog group sues the federal government over SignalGate allegations. The SEC Chair reveals a 2016 hack. ResolverRAT targets the healthcare and pharmaceutical sectors worldwide. Microsoft warns of blue screen crashes following recent updates. On our CertByte segment, Chris Hare is joined by Troy McMillan to break down a question targeting the EC-Council® Certified Ethical Hacker (CEH) exam. 4chan gets Soyjacked.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Troy McMillan to break down a question targeting the EC-Council® Certified Ethical Hacker (CEH) exam. Today’s question comes from N2K’s EC-Council Certified Ethical Hacker CEH (312-50) Practice Test.
Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify.To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Selected Reading
Funding Expires for Key Cyber Vulnerability Database (Krebs on Security)
CISA extends funding to ensure 'no lapse in critical CVE services' (Bleeping Computer)
CVE Foundation (CVE Foundation)
NoVa govcon firm Mitre to lay off 442 employees after DOGE cuts contracts (Virginia Business)
Federal employee alleges DOGE activity resulted in data breach at labor board (NBC News)
Whistleblower claims DOGE took sensitive data - now he’s being hounded by threatening notes (CNN via YouTube)
New state agency to deal with cyber threats advances in Texas House (Texarkana Gazette)
BreachForums taken down by the FBI? Dark Storm hackers say they did it “for fun” (Cybernews)
Here’s What Happened to Those SignalGate Messages (WIRED)
After breach, SEC says hackers used stolen data to buy stocks (CNET)
New ResolverRAT malware targets pharma and healthcare orgs worldwide (Bleeping Computer)
Microsoft warns of blue screen crashes caused by April updates (Bleeping Computer)
Infamous message board 4chan taken down following major hack (Bleeping Computer)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Some U.S. banks pause electronic communications with the OCC following a major breach of the agency’s email system. Uncertainty spreads at CISA. China accuses three alleged U.S. operatives of conducting cyberattacks during February’s Asian Games. Microsoft Teams suffers filesharing issues. Fraudsters use ChatGPT to create fake passports. Car rental giant Hertz confirms data stolen in last year’s Cleo breach. Researchers describe a novel process injection method called Waiting Thread Hijacking. A new macOS malware-as-a-service threat is being sold on underground forums. A UK man is sentenced to over eight years for masterminding the LabHost phishing platform. Kim Jones joins us with a preview of the newly relaunched CISO Perspective podcast. David Moulton from Unit 42 sits down with Rob Wright, Security News Director at Informa TechTarget for the latest Threat Vector. Fighting the flood of AI generated experts.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Kim Jones joins Dave to launch the newly rebranded CISO Perspectives—formerly CSO Perspectives. We’re excited to welcome a fresh voice to the mic as Kim takes the helm. In this premiere episode, he’s joined by Ed Adams for a candid conversation about the evolving role of the CISO and the big question on everyone’s mind: Is the cyber talent ecosystem broken? Tune in as Kim kicks off this next chapter—same mission, sharper focus, new perspective.
Threat Vector Segment
The cybersecurity industry is full of headlines, but are we paying attention to the right ones? In this segment of Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, sits down with Rob Wright, Security News Director at Informa TechTarget, to discuss the stories the industry overlooks, the overhyped AI security fears, and the real risks posed by certificate authorities. You can listen to the full conversation here and catch new episodes of Threat Vector each Thursday on your favorite podcast app.
Selected Reading
OCC Hack: JPMorgan, BNY Limit Information Sharing With Agency After Breach (Bloomberg)
CISA Braces for Major Workforce Cuts Amid Security Fears (BankInfo Security)
China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games (SecurityWeek)
Microsoft Teams File Sharing Outage, Users Unable to Share Files (Cyber Security News)
ChatGPT Image Generator Abused for Fake Passport Production (GB Hackers)
Hertz says personal, sensitive data stolen in Cleo attacks (The Register)
Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking (Check Point Research)
macOS Users Beware! Hackers Allegedly Offering Full System Control Malware for Rent (Cyber Security News)
LabHost Phishing Mastermind Sentenced to 8.5 Years (Infosecurity Magazine)
Virtual reality: The widely-quoted media experts who are not what they seem (Press Gazette)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Department of the Interior removes top cybersecurity and tech officials. The DOJ looks to block foreign adversaries from acquiring sensitive personal data of U.S. citizens. Microsoft issues emergency updates to fix an Active Directory bug. Hackers are installing stealth backdoors on FortiGate devices. Researchers warn of a rise in “Dangling DNS” attacks. A pair of class action lawsuits allege a major adtech firm secretly tracks users online without consent. Google is fixing a 20-year-old Chrome privacy flaw. The Tycoon2FA phishing-as-a-service platform continues to evolve. My guest is Tim Starks from CyberScoop, discussing the latest from CISA and Chris Krebs. Slopsquatting AI totally harshes the supply chain vibe.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Tim Starks from CyberScoop, and he is discussing the latest with CISA and Chris Krebs.
Selected Reading
Interior Department Ousts Key Cyber Leaders Amid DOGE Spat (Data Breach Today)
US Blocks Foreign Governments from Acquiring Citizen Data (Infosecurity Magazine)
Microsoft: New emergency Windows updates fix AD policy issues (Bleeping Origin)
Fortinet Issues Fixes After Attackers Bypass Patches to Maintain Access (Hackread)
Dangling DNS Attack Let Hackers Gain Control Over Organization’s Subdomain (Cyber Security News)
Two Lawsuits Allege The Trade Desk Secretly Violates Consumer Privacy Laws (AdTech)
Chrome 136 fixes 20-year browser history privacy risk (Bleeping Computer)
Tycoon2FA phishing kit targets Microsoft 365 with new tricks (Bleeping Computer)
AI Hallucinations Create a New Software Supply Chain Threat (SecurityWeek)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Se mer
