Bölümler
-
This week we are joined by Silas Cutler, Principal Security Researcher at Censys, asking the important question of "Will the Real Volt Typhoon Please Stand Up?" The FBI's disruption of the KV Botnet in December 2023, attributed to the Chinese threat group Volt Typhoon, targeted infected systems but did not affect the botnet's control infrastructure.
Despite law enforcement efforts and technical exposure, the botnet's infrastructure has remained largely stable, with only changes in hosting providers, raising questions about whether another party operates the botnet. Censys scanning data from 2024 shows a shift in the botnet's control servers, indicating a response to disruption attempts, while the botnet's operators have shown limited efforts to obscure their infrastructure.
The research can be found here:
Will the Real Volt Typhoon Please Stand Up?
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Law enforcement shutters Garantex crypto exchange. NTT discloses breach affecting corporate customers. Malvertising campaign hits nearly a million devices. AI’s role in Canada’s next election. Scammers target Singapore’s PM in AI fraud. Botnets exploit critical IP camera vulnerability. In our International Women's Day and Women’s History Month special, join Liz Stokes as she shares the inspiring stories of women shaping the future of cybersecurity. And how did Insider threats turn a glitch into a goldmine?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
In this special International Women’s Day edition, we shine a spotlight on the incredible women in and around our network who are shaping the future of cybersecurity. Join Liz Stokes as we celebrate Selena Larson, Threat Researcher at Proofpoint, and co-host of Only Malware in the Building, Gianna Whitver, CEO & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Maria Velasquez, Chief Growth Officer & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Chris Hare, Project Management Specialist and Content Developer at N2K Networks, and host of CertByte, Ann Lang, Project Manager at N2K Networks, Jennifer Eiben, Executive Producer at N2K Networks, and Maria Varmazis, host of the T-Minus Space Daily show at N2K Networks for their achievements, resilience, and the invaluable contributions they make to keeping our digital world secure.
Selected Reading
Russian crypto exchange Garantex’s website taken down in apparent law enforcement operation (The Record)
Data breach at Japanese telecom giant NTT hits 18,000 companies (BleepingComputer)
Malvertising campaign leads to info stealers hosted on GitHub (Microsoft)
Canadian intelligence agency warns of threat AI poses to upcoming elections (The Record)
Deepfakes of Singapore PM Used to Sell Crypto, Residency Program (Bloomberg)
Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets (SecurityWeek)
Magecart: How Akamai Protected a Global Retailer Against a Live Attack (Akamai)
Cybercrime 'crew' stole $635,000 in Taylor Swift concert tickets (BleepingComputer)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Eksik bölüm mü var?
-
US Justice Department charges employees of Chinese IT contractor i-Soon. Silk Typhoon targets the IT supply chain for initial access. Chrome extensions that change shape. Attackers target airflow misconfigurations. LibreOffice vulnerability opens the door to script-based attacks. NSO group leaders face charges in spyware case. Today, our own Dave Bittner is our guest as he appeared on the Adopting Zero Trust podcast at ThreatLocker’s Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham. And turning $1B into thin air.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, our own Dave Bittner is in our guest spot as he appeared on the Adopting Zero Trust podcast at ThreatLocker’s Zero Trust World 2025 event with hosts Elliot Volkman and Neal Dennis and guest Dr. Chase Cunningham aka Dr. Zero Trust. Adopting Zero Trust is an ongoing conversation about the people and organizations adopting Zero Trust. You can catch the full episode here where Dave and Dr. Zero Trust weigh the difference between delivering refined news and raw perspective, hitting critical mass for AI, and the current political environment.
Selected Reading
US charges Chinese nationals in cyberattacks on Treasury, dissidents and more (The Record)
Silk Typhoon targeting IT supply chain (Microsoft)
Malicious Chrome extensions can spoof password managers in new attack (Bleeping Computer)
Apache Airflow Misconfigurations Leak Login Credentials to Hackers (GB Hackers)
LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL (GB Hackers)
Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks (SecurityWeek)
Catalan court says NSO Group executives can be charged in spyware investigation (TechCrunch)
Former top NSA cyber official: Probationary firings ‘devastating’ to cyber, national security (CyberScoop)
Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation (SecurityWeek)
North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit (The Record)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
US Treasury Department sanctions Iranian national accused of running the Nemesis criminal marketplace. Hunters International threatens to leak data stolen from Tata Technologies. Apple challenges U.K.’s iCloud encryption backdoor order. UK competition regulator says no investigation into Microsoft's OpenAI partnership. Stealthy malware campaign targets the UAE's aviation and satellite industry. This week on our CertByte segment, N2K’s Chris Hare is joined by Troy McMillan to break down a question targeting the Cisco Certified Network Associate (CCNA) exam. And hackers hit the books.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K. This week, Chris is joined by Troy McMillan to break down a question targeting the Cisco Certified Network Associate (CCNA) exam, 201-301, version 1.1 exam. Today’s question comes from N2K’s Cisco Certified Network Associate (CCNA 200-301) Practice Test.
According to Cisco, the CCNA is the industry’s most widely recognized and respected associate-level certification. To learn more about this and other related topics under this objective, please refer to the following resource: https://learningnetwork.cisco.com/s/article/protection-techniques-nbsp-from-wardriving-attack
To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Additional source: https://www.cisco.com/site/us/en/learn/training-certifications/certifications/enterprise/ccna/index.html
Selected Reading
Treasury sanctions Iranian national behind defunct Nemesis darknet marketplace (The Record)
Ransomware Group Claims Attack on Tata Technologies (SecurityWeek)
Apple is challenging U.K.’s iCloud encryption backdoor order (TechCrunch)
UK's competition regulator says Microsoft's OpenAI partnership doesn't qualify for investigation (TechCrunch)
Call It What You Want: Threat Actor Delivers Highly Targeted Multistage Polyglot Malware (Proofpoint)
Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear (GuidePoint Security)
Fake police call cryptocurrency investors to steal their funds (Bitdefender)
Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (Bleeping Computer)
Investigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcement (CyberScoop)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA says it will continue monitoring Russian cyber threats. Broadcom patches zero-days that can lead to VM escape. Google patches 43 Bugs, including two sneaky zero-days. CISA flags vulnerabilities exploited in the wild. Palau's health ministry recovers from ransomware attack. Lost and found or lost and leaked? On this week's Threat Vector segment, David Moulton previews an episode with Hollie Hennessy on IoT cybersecurity risk mitigation and next week’s special International Women's Day episode featuring trailblazing women from Palo Alto Networks sharing their cybersecurity journeys and leadership insights. And is that really you?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
On our Threat Vector Segment, host David Moulton shares previews of two upcoming episodes. On this Thursday’s episode, he speaks with Hollie Hennessy, Principal Analyst for IoT Cybersecurity at Omdia, to discuss how attackers exploit vulnerabilities in connected environments and the best approaches for risk mitigation.
The next week On Thursday, March 13th, David shares four conversations with some of the trailblazing women at Palo Alto Networks in honor of International Women’s Day and Women’s History Month. They share their journeys into cybersecurity, discuss the challenges they faced and offer insights on leadership, innovation, and mentorship. Be sure to tune in for some inspiring stories.
Don't miss the full episodes every Threat Vector Thursday, subscribe now to stay ahead. If you're in Austin, Texas for SXSW and want to meet up, email David at [email protected].
Selected Reading
DHS says CISA won’t stop looking at Russian cyber threats (CyberScoop)
Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia? (Zero Day)
Broadcom Patches 3 VMware Zero-Days Exploited in the Wild (SecurityWeek)
Google fixes Android zero-day exploited by Serbian authorities (Bleeping Computer)
Several flaws added to CISA known exploited vulnerabilities catalog (SC Media)
Palau health ministry on the mend after Qilin ransomware attack (The Record)
Lost luggage data leak exposes nearly a million records (Cybernews)
Lee Enterprises ransomware attack halts freelance and contractor payments (TechCrunch)
TikTok Blasts Australia for YouTube Carveout in Social Media Ban (Bloomberg)
Deepfake cyberattacks proliferated in 2024, iProov claims (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Cyber Command ordered to halt offensive operations against Russia during Ukraine negotiations. Ransomware actors exploit Paragon Partition Manager vulnerability. Amnesty International publishes analysis of Cellebrite exploit chain. California orders data broker to shut down for violating the Delete Act. On our Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." And it’s the end of an era.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Afternoon Cyber Tea segment.
On our monthly Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." Ann and Igor share an engaging conversation on the challenges and optimism driving the fight against cyber threats. To hear the full conversation on Ann’s show, check out the episode here. You can catch new episodes of Afternoon Cyber Tea every other Tuesday on N2K CyberWire network and on your favorite podcast app.
Selected Reading
Exclusive: Hegseth orders Cyber Command to stand down on Russia planning (The Record)
As Trump warms to Putin, U.S. halts offensive cyber operations against Moscow (The Washington Post)
Hegseth Orders Pentagon to Stop Offensive Cyberoperations Against Russia (The New York Times)
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (Bleeping Computer)
VU#726882 - Paragon Partition Manager contains five memory vulnerabilities within its BioNTdrv.sys driver that allow for privilege escalation and denial-of-service (DoS) attacks (Carnegie Mellon University Software Engineering Institute CERT Coordination Center)
Cellebrite zero-day exploit used to target phone of Serbian student activist (Amnesty International Security Lab)
California shuts down data broker for failing to register (The Record)
Research finds 12,000 ‘Live’ API Keys and Passwords in DeepSeek's Training Data (Truffle Security)
Cyberattack detected at Polish space agency, minister says (Reuters)
Polish space agency confirms cyberattack (The Register)
As Skype shuts down, its legacy is end-to-end encryption for the masses (TechCrunch)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Senior Threat Analyst and Shift Lead for VMware Taree Reardon shares her journey to becoming leader for women in the cybersecurity field. A big gamer who has always been interested in hacking and forensics, Taree found her passion while learning about cybersecurity. She's dedicated to diversity and inclusion and found her footing on a team made up of 50% women. Taree spends her days tracking and blocking attacks and as a champion for women. Trusting yourself is top on her list of advice. We thank Taree for sharing her story.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week we are joined by Phil Stokes, threat researcher at SentinelOne's SentinelLabs, discussing their work on "macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed." Apple recently pushed an update to its XProtect tool, blocking several variants of the DPRK-linked Ferret malware family, which targets victims through the "Contagious Interview" campaign.
The malware uses fake job interview processes to trick users into installing malicious software, and new variants, including FlexibleFerret, remain undetected by XProtect. SentinelOne's research reveals a deeper investigation into this malware, which uses social engineering to expand its attack vectors, including targeting developers through platforms like GitHub.
The research can be found here:
macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Qilin ransomware gang claims responsibility for attack against Lee Enterprises. Thai police arrest suspected hacker behind more than 90 data leaks. JavaGhost uses compromised AWS environments to launch phishing campaigns. LotusBlossum cyberespionage campaigns target Southeast Asia. Malware abuses Microsoft dev tunnels for C2 communication. Protecting the food supply. Today’s guest is Keith Mularski, Chief Global Ambassador at Qintel and former FBI Special Agent, discussing crypto being the target of the cyber underground. And an interview with Iron Man?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we share Dave’s conversation with Keith Mularski, Chief Global Ambassador at Qintel and former FBI Special Agent, discussing crypto being the target of the cyber underground.
Selected Reading
Ransomware Group Takes Credit for Lee Enterprises Attack (SecurityWeek)
Hacker Behind Over 90 Data Leaks Arrested in Thailand (SecurityWeek)
JavaGhost’s Persistent Phishing Attacks From the Cloud (Unit 42)
Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools (Cisco Talos)
Njrat Campaign Using Microsoft Dev Tunnels (SANS Internet Storm Center)
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins (Cyber Security News)
How pass the cookie attacks can bypass your MFA (Longwall Security)
Farm and Food Cybersecurity Act reintroduced to protect food supply chain from cyber threats (Industrial Cyber)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
FBI attributes $1.5 billion Bybit hack to DPRK hackers. Cellebrite suspends services in Serbia following allegations of misuse. A Belgium spy agency is hacked. New groups, bigger attacks. Sticky Werewolf strikes again. US DNI orders legal review of UK's request for iCloud backdoor. A cybersecurity veteran takes CISA’s lead. DOGE accesses sensitive HUD data. Cleveland Municipal Court remains closed following cyber incident. Our guest today is an excerpt from our Caveat podcast. Adam Marré, Arctic Wolf CISO and former FBI special agent, joins Dave to discuss banning TikTok and increasing regulations for social media companies. And can hacking be treason?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is an excerpt from our Caveat podcast. Adam Marré, Arctic Wolf CISO and former FBI special agent, joins Dave to discuss banning TikTok and increasing regulations for social media companies. You can hear Adam and Dave’s full discussion on today’s Caveat episode. Listen to Dave and co-host Ben Yelin discuss the issue following the interview on Caveat.
Selected Reading
FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist (Bleeping Computer)
Cellebrite suspends Serbia as customer after claims police used firm's tech to plant spyware (TechCrunch)
Belgium probes suspected Chinese hack of state security service (The Record)
It's not just Salt Typhoon: All China-backed attack groups are showcasing specialized offensive skills (CyberScoop)
Angry Likho APT Resurfaces with Lumma Stealer Attacks Against Russia (Hackread)
Gabbard: UK demand to Apple for backdoor access is 'grave concern' to US (The Record)
Karen Evans steps into a leading federal cyber position: executive assistant director for cybersecurity at CISA (CyberScoop)
DOGE Gains Access to Confidential Records on Housing Discrimination, Medical Details — Even Domestic Violence (ProPublica)
‘Cyber incident’ shuts down Cleveland Municipal Court for third straight day (The Record)
Cyber threat shuts down Cleveland Municipal Court for second day (News5 Cleveland)
U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason” (Krebs on Security)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this special live episode of Hacking Humans, recorded at ThreatLocker’s Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis. Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon, ThreatLocker’s VP of Operations for EMEA, shares insights on Zero Trust security and the evolving threat landscape. Maria's story this week follows the IRS warning about a fake “Self Employment Tax Credit” scam on social media, urging taxpayers to ignore misinformation and consult professionals. Dave's got the story of the Better Business Bureau’s annual Scam Tracker report, revealing that online shopping scams continue to top the list for the fifth year, with phishing and employment scams remaining major threats, while fraudsters increasingly use AI and deepfake technology to deceive victims. Our catch of the day comes from Diesel in West Virginia, and features a scammer who tried to panic their target with a classic “We’ve frozen your account” scam—only to get hilariously mixed up with actual embryo freezing.
Resources and links to stories:
Better Business Bureau reveals top local scams of 2024
IRS warns taxpayers about misleading claims about non-existent “Self Employment Tax Credit;” promoters, social media peddling inaccurate eligibility suggestions
BBB Scam Tracker
Got a $1,400 rebate text from the IRS? It's a scam, Better Business Bureau warns.
You can hear more from the T-Minus space daily show here.
Have a Catch of the Day you'd like to share? Email it to us at [email protected].
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGE’s negligent cybersecurity practices. Critical vulnerabilities in Rsync allow attackers to execute remote code. A class action lawsuit claims Amazon violates Washington State’s privacy laws. CISA warns that attackers are exploiting Microsoft’s Partner Center platform. A researcher discovers a critical remote code execution vulnerability in MITRE’s Caldera security training platform. An analysis of CISA’s JCDC AI Cybersecurity Collaboration Playbook. Ben Yelin explains Apple pulling iCloud end-to-end encryption in response to the UK Government. A Disney employee’s cautionary tale.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
We are joined by Caveat podcast co-host Ben Yelin to discuss Apple pulling iCloud end-to-end encryption in response to the UK Government. You can read the article from Bleeping Computer here. Ben is the Program Director for Public Policy & External Affairs at University of Maryland Center for Health and Homeland Security. You can catch Caveat every Thursday here on the N2K CyberWire network and on your favorite podcast app.
Selected Reading
3.3 Million People Impacted by DISA Data Breach (SecurityWeek)
DOGE must halt all ‘negligent cybersecurity practices,’ House Democrats tell Trump (The Record)
Signal May Exit Sweden If Government Imposes Encryption Backdoor (Infosecurity Magazine)
Rsync Vulnerabilities Let Hackers Gain Full Control of Servers - PoC Released (Cyber Security News)
Lawsuit: Amazon Violates Washington State Health Data Law (BankInfo Security)
CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in Wild (Cyber Security News)
MITRE Caldera security suite scores perfect 10 for insecurity (The Register)
CISA’s AI cybersecurity playbook calls for greater collaboration, but trust is key to successful execution (CyberScoop)
A Disney Worker Downloaded an AI Tool. It Led to a Hack That Ruined His Life. (Wall Street Journal)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A hacker claims to have stolen internal documents from a major French telecommunications company. A security breach hits Russia’s financial sector. Cyberattacks targeting ICS and OT surged dramatically last year. Chinese group Silver Fox is spoofing medical software. The UK Home Office’s new vulnerability reporting policy risks prosecuting ethical hackers. Ransomware actors are shifting away from encryption. A sophisticated macOS malware campaign is distributing Poseidon Stealer. The LightSpy surveillance framework evolves into a cross-platform espionage tool. A Chinese botnet is targeting Microsoft 365 accounts using password spraying attacks. Our guest today is Lauren Buitta, Founder and CEO at Girl Security, discussing mentoring and intergenerational strategies. There may be a backdoor in your front door.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Lauren Buitta, Founder and CEO at Girl Security, discussing mentoring and intergenerational strategies.
Selected Reading
Orange Group confirms breach after hacker leaks company documents (Bleeping Computer)
Russia warns of breach of major IT service provider LANIT serving the financial sector (Beyond Machines)
Dragos: Surge of new hacking groups enter ICS space as states collaborate with private actors (CyberScoop)
China's Silver Fox spoofs medical imaging apps to hijack patients' computers (The Register)
UK Home Office’s new vulnerability reporting mechanism leaves researchers open to prosecution (The Record)
Only a Fifth of Ransomware Attacks Now Encrypt Data (Infosecurity Magazine)
Poseidon Stealer Malware Attacking Mac Users via Fake DeepSeek Site (Cyber Security News)
Exploits for unpatched Parallels Desktop flaw give root on Macs (Bleeping Computer)
LightSpy Malware Expands with 100+ Commands to Target Users Across All Major OS Platforms (GB Hackers)
Chinese Botnet Bypasses MFA in Microsoft 365 Attacks (Infosecurity Magazine)
CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability (SecurityWeek)
A single default password exposes access to dozens of apartment buildings (TechCrunch)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Retired Gen. Paul Nakasone warns the U.S. is falling behind in cyberspace. Australia orders government entities to remove and ban Kaspersky products. FatalRAT targets industrial organizations in the APAC region. A major cryptocurrency exchange reports the theft of $1.5 billion in digital assets. Apple removes end-to-end encryption (E2EE) for iCloud in the UK. Researchers uncover a LockBit ransomware attack exploiting a Windows Confluence server. Researchers uncover zero-day vulnerabilities in a widely used cloud logging utility.A PayPal email scam is tricking users into calling scammers. Republican leaders in the House request public input on national data privacy standards. A Michigan man faces charges for his use of the Genesis cybercrime marketplace. Our guest is Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, explaining the domino effect of a cyberattack on the power grid. Meta sues an Insta Extortionist.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, Dave speaks with Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, about the domino effect of a cyberattack on the power grid. You can dig into the details in their report.
Selected Reading
Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace (CyberScoop)
Kaspersky Banned on Australian Government Systems (SecurityWeek)
Chinese Hackers Attacking Industrial Organizations With Sophisticated FatalRAT (Cyber Security News)
Bybit Hack Drains $1.5 Billion From Cryptocurrency Exchange (SecurityWeek)
Experts Slam Government After “Disastrous” Apple Encryption Move (Infosecurity Magazine)
Confluence Exploit Leads to LockBit Ransomware (The DFIR Report)
Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks (Cyber Security News)
Beware: PayPal "New Address" feature abused to send phishing emails (Bleeping Computer)
Top House E&C Republicans query public for ideas on data privacy law (CyberScoop)
US Charges Genesis Market User (SecurityWeek)
Meta Sues Alleged Instagram Extortionist (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore of Career Notes.
Senior technical project manager Dwayne Price takes us on his career journey from databases to project management. Always fascinated with technology and one who appreciates the aspects of the business side of a computer implementations, Dwayne attended UMBC for both his undergraduate and graduate degrees in information systems management. A strong Unix administration background prepared him to understand the relationship between Unix administration and database security. He recommends those interested in cybersecurity check out the NICE Framework as it speaks to all the various different types of roles in cybersecurity, Dwayne prides himself on his communication skills and openness. We thank Dwayne for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Selena Larson from Proofpoint, and co-host of the "Only Malware in the Building" podcast, as she discusses the research on "Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk." The cybersecurity industry has historically prioritized Advanced Persistent Threats (APTs) from nation-state actors over cybercrime, but this distinction is outdated as cybercriminals now employ equally sophisticated tactics.
Financially motivated threat actors, especially ransomware groups, have evolved to the point where they rival state-backed hackers in technical capability and impact, disrupting businesses, infrastructure, and individuals on a massive scale. To enhance security, defenders must shift focus from an APT-centric mindset to a broader approach that equally prioritizes combating cybercrime, which poses an immediate and tangible risk to global stability.
The research can be found here:
Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Senate confirms Kash Patel as FBI director. The SEC rebrands its Crypto Assets and Cyber Unit. Microsoft's quantum chip signals an urgent need for post-quantum security. Chat log leaks reveal the inner workings of BlackBasta. CISA advisories highlight Craft CMS and ICS devices. Researchers release proof-of-concepts for Ivanti Endpoint Manager vulnerabilities. Warby Parker gets a $1.5 million HIPAA fine. Our guest is Steve Schmidt, Amazon CSO, with a behind the scenes look at securing a major event. Researchers explore the massive, mysterious YouTube wormhole.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Steve Schmidt, Amazon CSO, talking about integrating physical and logical security measures. Learn more: "Securing a city-sized event: How Amazon integrates physical and logical security at re:Invent."
Selected Reading
Trump loyalist Kash Patel is confirmed as FBI director by the Senate despite deep Democratic doubts (AP)
SEC rebrands cryptocurrency unit to focus on emerging technologies (CyberScoop)
Microsoft’s Quantum Chip Breakthrough Accelerates Threat to Encryption (Infosecurity Magazine)
BlackBasta Ransomware Chatlogs Leaked Online (Infosecurity Magazine)
CISA Warns of Attacks Exploiting Craft CMS Vulnerability (SecurityWeek)
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits (Cyber Security News)
Ivanti endpoint manager can become endpoint ravager (The Register)
Feds Fine Eyeglass Retailer $1.5M for HIPAA Lapses in Hacks (GovInfo Security)
How a computer that 'drunk dials' videos is exposing YouTube's secrets (BBC)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The CISA and FBI warn that Ghost ransomware has breached organizations in over 70 countries. President Trump announces his pick to lead the DOJ’s National Security Division. A new ransomware strain targets European healthcare organizations. Researchers uncover four critical vulnerabilities in Ivanti Endpoint Manager. Microsoft has patched a critical improper access control vulnerability in Power Pages. The NSA updates its Ghidra reverse engineering tool. A former U.S. Army soldier admits to leaking private call records. Our guest is Stephen Hilt, senior threat researcher at Trend Micro, sharing the current state of the English cyber underground market. The pentesters’ breach was simulated — their arrest was not.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Stephen Hilt, senior threat researcher at Trend Micro, sharing the current state of the English cyber underground market. Learn more in the report.
Selected Reading
CISA and FBI: Ghost ransomware breached orgs in 70 countries (Bleeping Computer)
Trump to nominate White House insider from first term to lead DOJ’s National Security Division (The Record)
New NailaoLocker ransomware used against EU healthcare orgs (Bleeping Computer)
PoC Exploit Published for Critical Ivanti EPM Vulnerabilities (SecurityWeek)
Microsoft Patches Exploited Power Pages Vulnerability (SecurityWeek)
NSA Added New Features to Supercharge Ghidra 11.3 (Cyber Security News)
Army soldier linked to Snowflake extortion to plead guilty (The Register)
Katie Arrington Returns to Pentagon as DoD CISO (GovInfo Security)
Penetration Testers Arrested by Police During Authorized Physical Penetration Testing (Cyber Security News)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Credential theft puts sensitive corporate and military networks at risk. A federal judge refuses to block DOGE from accessing sensitive federal data. New York-based Insight Partners confirms a cyber-attack. BlackLock ransomware group is on the rise. OpenSSH patches a pair of vulnerabilities. Russian threat actors are exploiting Signal’s “Linked Devices” feature. Over 12,000 GFI KerioControl firewalls remain exposed to a critical remote code execution (RCE) vulnerability.CISA issued two ICS security advisories. Federal contractors pay $11 million in cybersecurity noncompliance fines. In our CertByte segment, Chris Hare is joined by Steven Burnley to break down a question targeting the ISC2® SSCP - Systems Security Certified Practitioner exam.Sweeping cybercrime reforms are unveiled by…Russia?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K’s suite of industry-leading certification resources, for the past 25 years, N2K's practice tests have helped more than half a million IT and cyber security professionals reach certification success. Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Additional source: https://www.isc2.org/certifications/sscp
Selected Reading
Hundreds of US Military and Defense Credentials Compromised (Infosecurity Magazine)
DOGE Team Wins Legal Battle, Retains Access to Federal Data (GovInfo Security)
Musk Ally Demands Admin Access to System That Lets Government Text the Public (404 Media)
Cyber Investor Insight Partners Suffers Security Breach (Infosecurity Magazine)
BlackLock On Track to Be 2025’s Most Prolific Ransomware Group (Infosecurity Magazine)
Qualys reports two flaws in OpenSSH, one critical DDoS (Beyond Machines)
Russian phishing campaigns exploit Signal's device-linking feature (Bleeping Computer)
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw (Bleeping Computer)
CISA Releases Two New ICS Advisories Exploits Following Vulnerabilities (Cyber Security News)
Managed healthcare defense contractor to pay $11 million over alleged cyber failings (The Record)
Russian Government Proposes Stricter Penalties to Tackle Cybercrime (GB Hackers)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Palo Alto Networks confirms a recently patched firewall vulnerability is being actively exploited. CISA warns of an actively exploited iOS vulnerability. Juniper Networks has issued a critical security advisory for an API authentication bypass vulnerability. The acting commissioner of the Social Security Administration (SSA) resigns after Elon Musk’s team sought access to sensitive personal data of millions of Americans. The EagerBee malware framework is actively targeting government agencies and ISPs across the Middle East. Proofpoint researchers document a new macOS infostealer. A new phishing kit uses timesheet notification emails to steal credentials and two-factor authentication codes. JPMorgan Chase will begin blocking Zelle payments to social media contacts to combat online scams. Our guest is Tim Starks from CyberScoop discussing his interview with former National Cyber Director Harry Coker. Transferring your digital legacy.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Tim Starks from CyberScoop discussing his interview with former National Cyber Director Harry Coker. You can read more about Tim’s interview “National Cyber Director Harry Coker looks back (and ahead) on the Cyber Director office” and companion piece “Trump picks Sean Cairncross for national cyber director” on CyberScoop.
Selected Reading
Palo Alto Networks Confirms Exploitation of Firewall Vulnerability (SecurityWeek)
CISA Warns of Apple iOS Vulnerability Exploited in Wild (Cyber Security News)
Juniper Warns of Critical Authentication Bypass Vulnerability Affecting Multiple Products (Cyber Security News)
Top Social Security Official Leaves After Musk Team Seeks Data Access (New York Times)
EagerBee Malware Attacking Government Entities & ISPs To Deploy Backdoor (Cyber Security News)
Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer (Infosecurity Magazine)
Microsoft Warns of Improved XCSSET macOS Malware (SecurityWeek)
Fake Timesheet Report Emails Linked to Tycoon 2FA Phishing Kit (GB Hackers)
Chase will soon block Zelle payments to sellers on social media (Bleeping Computer)
Digital Estate Planning: How to Prepare Your Social Media Accounts (New York Times)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc
Learn more about your ad choices. Visit megaphone.fm/adchoices - Daha fazla göster
![Botnet’s back, tell a friend. [Research Saturday]](https://is5-ssl.mzstatic.com/image/thumb/Podcasts116/v4/12/16/ca/1216caa3-af21-5352-8400-c6e0e84332b5/mza_6844882071149318753.jpg/80x80bb.jpg)