![Scotland’s position to lead cyber and space. [Deep Space]](https://is5-ssl.mzstatic.com/image/thumb/Podcasts116/v4/12/16/ca/1216caa3-af21-5352-8400-c6e0e84332b5/mza_6844882071149318753.jpg/250x250bb.jpg)
Avsnitt
-
New reports shed light on both Volt and Salt Typhoons. Tenable updates faulty Nessus Agents and resumes plugin updates. A new infostealer campaign targets gamers on Discord. A fake version of a popular browser extension has been discovered stealing login credentials and conducting phishing attacks. ESET warns Windows 10 users of a potential “security fiasco.” A vulnerability in Nuclei allows attackers to bypass template signature verification and inject malicious code. An Indiana dental practice pays a $350,000 settlement over an alleged ransomware coverup. Tim Starks, Senior Reporter from CyberScoop, joins us today to discuss a new United Nations cybercrime treaty and his outlook for 2025. Farewell to a visionary leader.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Tim Starks, Senior Reporter from CyberScoop, joins us today to discuss a new United Nations cybercrime treaty and his outlook for 2025. Read Tim’s article on the UN cybercrime treaty here.
Selected Reading
The US’s Worst Fears of Chinese Hacking Are on Display in Guam (Bloomberg)
How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons (Wall Street Journal)
China protests US sanctions for its alleged role in hacking, complains of foreign hacker attacks (AP News)
Tenable Disables Nessus Agents Over Faulty Updates (SecurityWeek)
New Infostealer Campaign Uses Discord Videogame Lure (Infosecurity Magazine)
Beware! Malicious EditThisCookie Chrome Extension Steals Login Credentials (Cyber Security News)
Windows 10 users urged to upgrade to avoid "security fiasco" (Bleeping Computer)
Nuclei flaw lets malicious templates bypass signature verification (Bleeping Computer)
Dental Practice Pays State in Alleged Data Breach 'Cover Up' (GovInfo Security)
Tenable CEO Amit Yoran Dead at 54 (SecurityWeek)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Technical account manager Dominique West takes us on her career journey from engineering to cybersecurity. Even though her undergraduate degree was in information systems, Dominique did not learn about cybersecurity until she personally experienced credit card fraud. She had a range of positions from working the help desk in an art museum to vulnerability management and cloud security. Dominique mentions remembering feeling isolated as the only black person and one of few women in many situations. These experiences spurred her into action to create Security in Color to help others navigate their way into cybersecurity and share resources are available to them. Dominique recommends those interested in cybersecurity to go ahead and get your hands dirty out there; figure out what you like and what you don't like and do community. We thank Dominique for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Saknas det avsnitt?
-
Karlo Zanki, Reverse Engineer at ReversingLabs, discussing their work on "Malicious PyPI crypto pay package aiocpa implants infostealer code." ReversingLabs' machine learning-based threat hunting system identified a malicious PyPI package, aiocpa, designed to exfiltrate cryptocurrency wallet information.
Unlike typical attacks involving typosquatting, the attackers published a seemingly legitimate crypto client tool to build trust before introducing malicious updates. ReversingLabs used its Spectra Assure platform to detect behavioral anomalies and worked with PyPI to remove the package, highlighting the growing need for advanced supply chain security tools to counter increasingly sophisticated threats.
The research can be found here:
Malicious PyPI crypto pay package aiocpa implants infostealer code
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The U.S. sanctions Russian and Iranian groups over election misinformation. Apple settles a class action lawsuit over Siri privacy allegations. DoubleClickjacking exploits a timing vulnerability in browser behavior. FireScam targets sensitive info on Android devices. ASUS issues a critical security advisory for several router models. A former crypto boss faces extradition amidst allegations of defrauding investors out of more than $40 billion. HHS unveils proposed updates to HIPAA. Millions of email servers have yet to enable encryption. Our guest is Joe Saunders, Co-Founder & CEO of RunSafe Security discussing the complexities of safeguarding critical infrastructure. Using Doom to prove you’re human.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Joe Saunders, Co-Founder & CEO of RunSafe Security. Joe joins us to discuss the complexities of safeguarding critical infrastructure amid the looming threat of cyber attacks and military conflict.
Selected Reading
US Imposes Sanctions on Russian and Iranian Groups Over Disinformation Targeting American Voters (SecurityWeek)
Apple Agrees $95M Settlement Over Siri Privacy Violations (Infosecurity Magazine)
SysBumps - New Kernel Break Attack Bypassing macOS Systems Security (Cyber Security News)
'DoubleClickjacking' Threatens Major Websites’ Security (GovInfo Security)
FireScam Android Malware Packs Infostealer, Spyware Capabilities (SecurityWeek)
ASUS Routers Vulnerabilities Allows Arbitrary Code Execution (Cyber Security News)
Crypto Boss Extradited to Face $40bn Fraud Charges (Infosecurity Magazine)
What's in HHS' Proposed HIPAA Security Rule Overhaul? (GovInfo Security)
Over 3 million mail servers without encryption exposed to sniffing attacks (Bleeping Computer)
CAPTCHAs now run Doom – on nightmare mode (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Chinese hackers breach the U.S. Treasury Department. At least 35 Chrome extensions are compromised. Federal authorities arrest a U.S. Army soldier over accusations of sensitive data stolen from AT&T and Verizon. A misconfigured Amazon cloud server exposes sensitive data from over 800,000 VW EV owners. Rhode Island confirms a data breach linked to ransomware group Brain Cipher. Ascension healthcare confirms the exposure of the personal and medical data of 5.6 million customers. A recent patch to Windows BitLocker encryption proves inadequate. A suspected Chinese hacking campaign is exploiting a vulnerability in Palo Alto firewalls for espionage. The DOJ bans the sale of Americans’ sensitive data to adversarial nations. HHS proposes a HIPAA update to address cybersecurity. Our guest is Mick Baccio, Global Security Advisor at Splunk, with insights on the cybersecurity resilience gap. CISA Director Easterly looks back at 2024.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Mick Baccio, Global Security Advisor at Splunk’s security research team SURGe, sharing some insights on the cybersecurity resilience gap and top cyber challenges/priorities for the public sector. You can read more about this in SURGe’s blog and whitepaper.
Selected Reading
US Treasury Department breached through remote support platform (Bleeping Computer)
New details reveal how hackers hijacked 35 Google Chrome extensions (Bleeping Computer)
U.S. Army Soldier Arrested in AT&T, Verizon Extortions (Krebs on Security)
AT&T and Verizon Say Chinese Hackers Ejected From Networks (GovInfo Security)
Volkswagen leak exposes private information of 800,000 EV owners, including location data (TechSpot)
Hackers Leak Rhode Island Citizens' Data on Dark Web (Infosecurity Magazine)
Ascension cyberattack exposed medical data of 5.6M customers (Healthcare IT News)
Patched BitLocker Flaw Still Susceptible to Hack (GovInfo Security)
Palo Alto Firewalls Backdoored by Suspected Chinese Hackers (BankInfo Security)
US prohibits data sales to adversarial nations (SC Media)
Massive healthcare breaches prompt US cybersecurity rules overhaul (Bleeping Computer)
CISA's 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration (Infosecurity Magazine)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Sharon Lemac-Vincere is an academic that focuses her research on the intersection of space and cyber. She has released a report on space and cybersecurity which outlines how Scotland can lead the way in both industries.
You can connect with Sharon on LinkedIn, and read her paper on The Cyber-Safe Gateway : Unlocking Scotland's Space Cybersecurity Potential on this website.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Be sure to follow T-Minus on LinkedIn and Instagram.
T-Minus Crew Survey
We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
Want to join us for an interview?
Please send your pitch to [email protected] and include your name, affiliation, and topic proposal.
T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, The Microsoft Threat Intelligence Podcast by Microsoft Threat Intelligence. See you in 2025!
On this week's episode of The Microsoft Threat Intelligence Podcast, we discuss the collaborative effort between Microsoft and Fortra to combat the illegal use of cracked Cobalt Strike software, which is commonly employed in ransomware attacks. To break down the situation, our host, Sherrod DeGrippo, is joined by Richard Boscovich, Assistant General Counsel at Microsoft, Jason Lyons, Principal Investigator with the DCU, and Bob Erdman, Associate VP Research and Development at Fortra. The discussion covers the creative use of DMCA notifications tailored by geographic region to combat cybercrime globally. The group express their optimism about applying these successful techniques to other areas, such as phishing kits, and highlight ongoing efforts to make Cobalt Strike harder to abuse.
In this episode you’ll learn:
The impact on detection engineers due to the crackdown on cracked Cobalt Strike
Extensive automation used to detect and dismantle large-scale threats
How the team used the DMCA creatively to combat cybercrime
Some questions we ask:
Do you encounter any pushback when issuing DMCA notifications?
How do you plan to proceed following the success of this operation?
Can you explain the legal mechanisms behind this take-down?
Resources:
View Jason Lyons on LinkedIn
View Bob Erdman on LinkedIn
View Richard Boscovich on LinkedIn
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Brandon Karpf sits down with Mike Silverman, Chief Strategy and Innovation Officer at FS-ISAC, to discuss the white paper Building Cryptographic Agility in the Financial Sector.
Authored by experts from FS-ISAC’s Post-Quantum Cryptography Working Group, the paper addresses the vulnerabilities posed by quantum computing to current cryptographic algorithms. It provides financial institutions with strategies to safeguard sensitive data and maintain trust as these emerging threats evolve.
Discover the challenges and actionable steps to build cryptographic agility in this insightful conversation.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, The BlueHat Podcast by Microsoft and MSRC. See you in 2025!
Yonatan Zunger, CVP of AI Safety & Security at Microsoft joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Yonatan explains the distinction between generative and predictive AI, noting that while predictive AI excels in classification and recommendation, generative AI focuses on summarizing and role-playing. He highlights how generative AI's ability to process natural language and role-play has vast potential, though its applications are still emerging. He contrasts this with predictive AI's strength in handling large datasets for specific tasks. Yonatan emphasizes the importance of ethical considerations in AI development, stressing the need for continuous safety engineering and diverse perspectives to anticipate and mitigate potential failures. He provides examples of AI's positive and negative uses, illustrating the importance of designing systems that account for various scenarios and potential misuses.
In This Episode You Will Learn:
How predictive AI anticipates outcomes based on historical data
The difficulties and strategies involved in making AI systems safe and secure from misuse
How role-playing exercises help developers understand the behavior of AI systems
Some Questions We Ask:
What distinguishes predictive AI from generative AI?
Can generative AI be used to improve decision-making processes?
What is the role of unit testing and test cases in policy and AI system development?
Resources:
View Yonatan Zunger on LinkedIn
View Wendy Zenone on LinkedIn
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Microsoft Threat Intelligence Podcast
Afternoon Cyber Tea with Ann Johnson
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of a Special Edition.
N2K’s Brandon Karpf speaks with guest Justin Fanelli, Acting CTO of the US Navy, about the US Navy streamlining the innovation process. For some background, you can refer to this article.
Additional resources:
PEO Digital Innovation Adoption Kit
Atlantic Council’s Commission on Defense Innovation Adoption
For industry looking to engage with PEO Digital: Industry Engagement
Learn more about your ad choices. Visit megaphone.fm/adchoices -
VP of Global Solutions Architecture at eSentire Tia Hopkins shares her career journey and talks about its beginnings in engineering and pivots into cybersecurity leadership. Tia shares how she liked to take things apart when she was young, including the brand new computer her mother bought her and how she was fascinated by all the pieces of it spread all across her bedroom floor. As she started studying engineering, Tia learned she was more of a technologist than an engineer. Tia got her start in technology without completing her formal education by what she says is "grit and right place, right time." Once she was in a management role, Tia wanted to validate her knowledge, experience, and ability and not only completed her bachelor's degree, but also two master's degrees. Tia recently started an organization to encourage and grow interest, confidence, and leaders of women of color in the field of cybersecurity. We thank Tia for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Asheer Malhotra and Vitor Ventura from Cisco Talos, and they are discussing "Operation Celestial Force employs mobile and desktop malware to target Indian entities." Cisco Talos revealed Operation Celestial Force, an espionage campaign by the Pakistani threat group "Cosmic Leopard," targeting Indian defense, government, and technology sectors.
Active for at least six years, the operation has recently increased its use of mobile malware and commercial spyware for surveillance.
The research can be found here:
Operation Celestial Force employs mobile and desktop malware to target Indian entities
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of Only Malware in the Building.
Welcome in! You’ve entered, Only Malware in the Building. Grab your eggnog and don your coziest holiday sweater as we sleuth our way through cyber mysteries with a festive twist! Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our cyber ghosts delve into the past, present, and future of some of the season’s most pressing threats: two-factor authentication (2FA), social engineering scams, and the return to consumer-targeted attacks.
Together, Rick, Dave, and Selena deliver a ghostly—but insightful—message about the state of cybersecurity, past, present, and future. Can their advice save your holiday season from digital disaster? Tune in and find out.
May your holidays be merry, bright, and free of cyber fright!
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode of Solution Spotlight.
In this special edition of Solution Spotlight, N2K President, Simone Petrella is talking with ISC2 CEO Clar Rosso about putting a dent in the cybersecurity workforce gap through empowerment, breaking down barriers and expanding DE&I initiatives.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect!
The 12 Days of Malware lyrics
On the first day of Christmas, my malware gave to me:
A keylogger logging my keys.
On the second day of Christmas, my malware gave to me:
2 Trojan Apps...
And a keylogger logging my keys.
On the third day of Christmas, my malware gave to me:
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the fourth day of Christmas, my malware gave to me:
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the fifth day of Christmas, my malware gave to me:
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the sixth day of Christmas, my malware gave to me:
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the seventh day of Christmas, my malware gave to me:
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the eighth day of Christmas, my malware gave to me:
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the ninth day of Christmas, my malware gave to me:
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the tenth day of Christmas, my malware gave to me:
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days! (Bah-dum-dum-dum!)
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the eleventh day of Christmas, my malware gave to me:
11 Phishers phishing...
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days! (Bah-dum-dum-dum!)
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
On the twelfth day of Christmas, my malware gave to me:
12 Hackers hacking...
11 Phishers phishing...
10 Darknet markets...
9 Rootkits rooting...
8 Worms a wiping...
7 Scripts a scraping...
6 Passwords spraying...
5 Zero Days!
4 Crypto scams...
3 Web shells...
2 Trojan Apps...
And a keylogger logging my keys.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Gather 'round for a holiday treat like no other! In this festive edition of Only Malware in the Building, we present A Social Engineering Carol—a cunning twist on the classic Dickens tale, penned and created by our very own Dave Bittner. Follow a modern-day Scrooge as they navigate the ghostly consequences of phishing, vishing, and smishing in this holiday cybersecurity fable.
Don't miss the accompanying video, packed with holiday cheer and cyber lessons to keep you safe this season! Check it out now!
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore of T-Minus Space Daily.
A few hours prior to the Russian invasion of Ukraine on February 24, 2022, Russia’s military intelligence launched a cyberattack against ViaSat’s KA-SAT satellite network, which was used by the Ukrainian Armed Forces. It prevented them from using satellite communications to respond to the invasion. After the ViaSat hack, numerous cyber operations were conducted against the space sector from both sides of the conflict. What have we learnt from the Viasat attack? Clémence Poirier has written a report on the Viasat cybersecurity attack during the war in Ukraine. Hacking the Cosmos: Cyber operations against the space sector.
You can connect with Clémence Poirier on LinkedIn, and read her report on this website.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram.
T-Minus Crew Survey
We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
Want to join us for an interview?
Please send your pitch to [email protected] and include your name, affiliation, and topic proposal.
T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, Threat Vector by Palo Alto Networks. See you in 2025!
Announcement: We are pleased to share an exciting announcement about Cortex XDR at the top of our show. You can learn more here. Check out our episode on "Cyber Espionage and Financial Crime: North Korea’s Double Threat" with Assaf Dahan, Director of Threat Research at Palo Alto Networks Cortex team.
Join host David Moulton on Threat Vector, as he dives deep into the rapidly evolving XDR landscape with Allie Mellen, Principal Analyst at Forrester. With expertise in security operations, nation-state threats, and the application of AI in security, Allie offers an inside look at how XDR is reshaping threat detection and response. From tackling the SIEM market’s current challenges to optimizing detection engineering, Allie provides invaluable insights into the people, processes, and tools central to an effective SOC. This episode offers listeners a thoughtful exploration of how to navigate today's complex threat landscape and separate XDR hype from reality. Perfect for cybersecurity professionals looking to stay ahead in the field, tune in to hear expert perspectives on the next steps in cybersecurity resilience.
Ready to go deeper? Join Josh Costa, Director of Product Marketing, Allie Mellen, Principal Analyst at Forrester and David Moulton, Director of Content and Thought Leadership for Unit 42 as they discuss the State of XDR https://start.paloaltonetworks.com/State-of-XDR-with-Forrester.
Join the conversation on our social media channels:
Website: http://www.paloaltonetworks.com
Threat Research: https://unit42.paloaltonetworks.com/
Facebook: https://www.facebook.com/LifeatPaloAltoNetworks/
LinkedIn: https://www.linkedin.com/company/palo-alto-networks/
YouTube: @paloaltonetworks
Twitter: https://twitter.com/PaloAltoNtwks
About Threat Vector
Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.
The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.
Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.
Palo Alto Networks
Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. http://paloaltonetworks.com
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A federal judge finds NSO Group liable for hacking WhatsApp. China accuses the U.S. government of cyberattacks. The UK’s Operation Destabilise uncovers a vast criminal network. An alleged LockBit developer says he did it for the money. Apache releases a security update for their Tomcat web server. Siemens issues a security advisory for their User Management Component. Italy’s data protection authority fines OpenAI $15.6 million. Researchers demonstrate a method to bypass the latest Wi-Fi security protocol. Apple sends potential spyware victims to a nonprofit for help. Our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Hackers supersize their McDonald’s delivery orders.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention.
Selected Reading
Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices (Recorded Future)
Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets (CyberScoop)
Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing (Recorded Future)
Suspected LockBit dev faces extradition to the US (The Register)
Apache fixes remote code execution bypass in Tomcat web server (Bleeping Computer)
Siemens Warn of Critical Vulnerability in UMC (GovInfoSecurity)
Italy's Privacy Watchdog Fines OpenAI for ChatGPT's Violations in Collecting Users Personal Data (SecurityWeek)
WPA3 Network Password Bypassed via MITM Attack & Social Engineering (CyberSecurityNews.com)
Apple Warns Users Of iPhone Spyware Attacks—What You Need To Know (Forbes)
McDonald’s Delivery App Vulnerability Let Anyone Place an Order for Just $0.01 (CyberSecurityNews.com)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CEO and co-founder of SafeGuard Cyber Jim Zufoletti shares his journey starting out as an intrepreneur and transformation into a serial entrepreneur in cybersecurity. Jim shares how he got his feet wet working for others as an intrepreneur and catching the entrepreneurial bug in the mid-90s. He has co-founded a number of companies starting with FreeMarkets, a B2B ecommerce company. After that went public and Jim moved on, he went to business school at the University of Virginia and crossed paths with his future co-founder of SafeGuard Cyber. At UVA, Jim was inspired by a professor who exposed him to the effectuation approach to entrepreneurship, Along those lines, Jim recommends those looking to start a business in cyber build their experience portfolio. Jim took what he learned to help build where he is today. His company helps protect the humans in this new digital world with the current work from home environment. And, we thank Jim for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Visa fler
