Avsnitt
-
Please enjoy this encore episode of Career Notes.
Chief Technology Officer of ActiveNav Rich Hale takes us through his career aspirations of board game designer (one he has yet to realize), through his experience with the Royal Air Force to the commercial sector where his firm works to secure dark data. During his time in the Air Force, Rich was fortunate to serve on a wide range of different platforms from training aircraft to bombers, and all the way into procurement and policy. Transitioning to the commercial sector, Rich notes he was well prepared for some aspects, but lacking in some he's made up on his own. Rich likes to lead with vision and empower his teams. He counsels that you should not fear making a career change, but be sure to look twice before making the leap. We thank Rich for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Nick Cerne, Security Consultant from Bishop Fox, to discuss "Rust for Malware Development." In pursuit of simulating real adversarial tactics, this blog explores the use of Rust for malware development, contrasting it with C in terms of binary complexity, detection evasion, and reverse engineering challenges.
The author demonstrates how Rust's inherent anti-analysis traits and memory safety features can create more evasive malware tooling, including a simple dropper that injects shellcode using lesser-known Windows APIs. Through hands-on comparisons and decompiled output analysis, the post highlights Rust’s growing appeal in offensive security while noting key OPSEC considerations and tooling limitations.
The research can be found here:
Rust for Malware Development
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Saknas det avsnitt?
-
A critical vulnerability in Erlang/OTP SSH allows unauthenticated remote code execution. There’s a bipartisan effort to renew a key cybersecurity info sharing law. A newly discovered Linux kernel vulnerability allows local attackers to escalate privileges. A researcher uncovers 57 risky Chrome extensions with a combined 6 million users. AttackIQ shares StrelaStealer simulations. A major live events service provider notifies employees and customers of a data breach. CISA warns of an actively exploited SonicWall vulnerability. An airport retailer agrees to a multi-million dollar settlement stemming from a ransomware attack. A preview of RSAC 2025 with Linda Gray Martin and Britta Glade. Zoom-a-zoom zoom, it’s always DNS.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today Dave sits down with Linda Gray Martin, Chief of Staff, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2025.
Selected Reading
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (Bleeping Computer)
Bipartisan duo wants to renew 10-year-old cyberthreat information sharing law (The Record)
Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released (Cyber Security News)
Chrome extensions with 6 million installs have hidden tracking code (Bleeping Computer)
Emulating the Stealthy StrelaStealer Malware (AttackIQ)
Live Events Giant Legends International Hacked (SecurityWeek)
CISA tags SonicWall VPN flaw as actively exploited in attacks (Bleeping Computer)
Airport retailer agrees to $6.9 million settlement over ransomware data breach (The Record)
Global Zoom Outage Caused by Server Block Imposed from GoDaddy Registry (Cyber Security News)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Microsoft issues emergency updates for Windows Server. Apple releases emergency security updates to patch two zero-days. CISA averts a CVE program disruption. Researchers uncover Windows versions of the BrickStorm backdoor. Atlassian and Cisco patch several high-severity vulnerabilities. An Oklahoma cybersecurity CEO is charged with hacking a local hospital. A Fortune 500 financial firm reports an insider data breach. Researchers unmask IP addresses behind the Medusa Ransomware Group. CISA issues a warning following an Oracle data breach. On our Industry Voices segment, we are joined by Rob Allen, Chief Product Officer at ThreatLocker, to discuss a layered approach to zero trust. Former CISA director Chris Krebs steps down from his role at SentinelOne.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Industry Voices
On our Industry Voices segment, we are joined by Rob Allen, Chief Product Officer at ThreatLocker, to discuss a layered approach to zero trust.
Selected Reading
New Windows Server emergency updates fix container launch issue (Bleeping Computer)
Apple fixes two zero-days exploited in targeted iPhone attacks (Bleeping Computer)
CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension (Infosecurity Magazine)
MITRE Hackers' Backdoor Has Targeted Windows for Years (SecurityWeek)
Vulnerabilities Patched in Atlassian, Cisco Products (SecurityWeek)
Edmond cybersecurity CEO accused in major hack at hospital (KOCO News)
Fortune 500 firm's ex-employee exposes thousands of clients (Cybernews)
Researchers Deanonymized Medusa Ransomware Group's Onion Site (Cyber Security News)
CISA warns of potential data breaches caused by legacy Oracle Cloud leak (The Record)
Krebs Exits SentinelOne After Security Clearance Pulled (SecurityWeek)
The top 10 ThreatLocker policies for 2025 (ThreatLocker)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
We're sharing a episode from another N2K show we thought you might like. It's the first episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy!
Show Notes:
The cyber talent ecosystem faces severe indigestion, which has stifled growth and closed doors to new talent. In this episode of CISO Perspectives, host Kim Jones sits down with Ed Adams, the Head of Cybersecurity for North America at the Bureau Veritas Group, to discuss what has caused this indigestion and how leadership can better address these challenges. A key aspect of this conversation revolved around discussing Ed's book, See Yourself in Cyber: Security Careers Beyond Hacking, and how he expands the conversation surrounding traditional roles associated with cybersecurity.
Want more CISO Perspectives?:
Check out a companion blog post by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. It’s the perfect follow-up if you’re curious about the cyber talent crunch and how we can reshape the ecosystem for future professionals.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The CVE program gets a last-minute reprieve. A federal whistleblower alleges a security breach at the NLRB. Texas votes to spin up their very own Cyber Command. BreachForums suffers another takedown. A watchdog group sues the federal government over SignalGate allegations. The SEC Chair reveals a 2016 hack. ResolverRAT targets the healthcare and pharmaceutical sectors worldwide. Microsoft warns of blue screen crashes following recent updates. On our CertByte segment, Chris Hare is joined by Troy McMillan to break down a question targeting the EC-Council® Certified Ethical Hacker (CEH) exam. 4chan gets Soyjacked.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Troy McMillan to break down a question targeting the EC-Council® Certified Ethical Hacker (CEH) exam. Today’s question comes from N2K’s EC-Council Certified Ethical Hacker CEH (312-50) Practice Test.
Have a question that you’d like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify.To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Selected Reading
Funding Expires for Key Cyber Vulnerability Database (Krebs on Security)
CISA extends funding to ensure 'no lapse in critical CVE services' (Bleeping Computer)
CVE Foundation (CVE Foundation)
NoVa govcon firm Mitre to lay off 442 employees after DOGE cuts contracts (Virginia Business)
Federal employee alleges DOGE activity resulted in data breach at labor board (NBC News)
Whistleblower claims DOGE took sensitive data - now he’s being hounded by threatening notes (CNN via YouTube)
New state agency to deal with cyber threats advances in Texas House (Texarkana Gazette)
BreachForums taken down by the FBI? Dark Storm hackers say they did it “for fun” (Cybernews)
Here’s What Happened to Those SignalGate Messages (WIRED)
After breach, SEC says hackers used stolen data to buy stocks (CNET)
New ResolverRAT malware targets pharma and healthcare orgs worldwide (Bleeping Computer)
Microsoft warns of blue screen crashes caused by April updates (Bleeping Computer)
Infamous message board 4chan taken down following major hack (Bleeping Computer)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Some U.S. banks pause electronic communications with the OCC following a major breach of the agency’s email system. Uncertainty spreads at CISA. China accuses three alleged U.S. operatives of conducting cyberattacks during February’s Asian Games. Microsoft Teams suffers filesharing issues. Fraudsters use ChatGPT to create fake passports. Car rental giant Hertz confirms data stolen in last year’s Cleo breach. Researchers describe a novel process injection method called Waiting Thread Hijacking. A new macOS malware-as-a-service threat is being sold on underground forums. A UK man is sentenced to over eight years for masterminding the LabHost phishing platform. Kim Jones joins us with a preview of the newly relaunched CISO Perspective podcast. David Moulton from Unit 42 sits down with Rob Wright, Security News Director at Informa TechTarget for the latest Threat Vector. Fighting the flood of AI generated experts.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Kim Jones joins Dave to launch the newly rebranded CISO Perspectives—formerly CSO Perspectives. We’re excited to welcome a fresh voice to the mic as Kim takes the helm. In this premiere episode, he’s joined by Ed Adams for a candid conversation about the evolving role of the CISO and the big question on everyone’s mind: Is the cyber talent ecosystem broken? Tune in as Kim kicks off this next chapter—same mission, sharper focus, new perspective.
Threat Vector Segment
The cybersecurity industry is full of headlines, but are we paying attention to the right ones? In this segment of Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, sits down with Rob Wright, Security News Director at Informa TechTarget, to discuss the stories the industry overlooks, the overhyped AI security fears, and the real risks posed by certificate authorities. You can listen to the full conversation here and catch new episodes of Threat Vector each Thursday on your favorite podcast app.
Selected Reading
OCC Hack: JPMorgan, BNY Limit Information Sharing With Agency After Breach (Bloomberg)
CISA Braces for Major Workforce Cuts Amid Security Fears (BankInfo Security)
China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games (SecurityWeek)
Microsoft Teams File Sharing Outage, Users Unable to Share Files (Cyber Security News)
ChatGPT Image Generator Abused for Fake Passport Production (GB Hackers)
Hertz says personal, sensitive data stolen in Cleo attacks (The Register)
Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking (Check Point Research)
macOS Users Beware! Hackers Allegedly Offering Full System Control Malware for Rent (Cyber Security News)
LabHost Phishing Mastermind Sentenced to 8.5 Years (Infosecurity Magazine)
Virtual reality: The widely-quoted media experts who are not what they seem (Press Gazette)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Department of the Interior removes top cybersecurity and tech officials. The DOJ looks to block foreign adversaries from acquiring sensitive personal data of U.S. citizens. Microsoft issues emergency updates to fix an Active Directory bug. Hackers are installing stealth backdoors on FortiGate devices. Researchers warn of a rise in “Dangling DNS” attacks. A pair of class action lawsuits allege a major adtech firm secretly tracks users online without consent. Google is fixing a 20-year-old Chrome privacy flaw. The Tycoon2FA phishing-as-a-service platform continues to evolve. My guest is Tim Starks from CyberScoop, discussing the latest from CISA and Chris Krebs. Slopsquatting AI totally harshes the supply chain vibe.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today we are joined by Tim Starks from CyberScoop, and he is discussing the latest with CISA and Chris Krebs.
Selected Reading
Interior Department Ousts Key Cyber Leaders Amid DOGE Spat (Data Breach Today)
US Blocks Foreign Governments from Acquiring Citizen Data (Infosecurity Magazine)
Microsoft: New emergency Windows updates fix AD policy issues (Bleeping Origin)
Fortinet Issues Fixes After Attackers Bypass Patches to Maintain Access (Hackread)
Dangling DNS Attack Let Hackers Gain Control Over Organization’s Subdomain (Cyber Security News)
Two Lawsuits Allege The Trade Desk Secretly Violates Consumer Privacy Laws (AdTech)
Chrome 136 fixes 20-year browser history privacy risk (Bleeping Computer)
Tycoon2FA phishing kit targets Microsoft 365 with new tricks (Bleeping Computer)
AI Hallucinations Create a New Software Supply Chain Threat (SecurityWeek)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore of Career Notes.
Vice President for Cyber and Information Solutions within Mission Systems at Northrop Grumman, Jennifer Walsmith takes us on her pioneering career journey. Following in her father's footsteps at the National Security Agency, Jennifer began her career out of high school in computer systems analysis. Jennifer notes she saw the value of a college degree and at her parents' urging attended night school. She completed her bachelors in computer science at University of Maryland, Baltimore County with the support of the NSA. Jennifer talks about the support of her team at NSA where she was one of the first women to have a career and a family, raising two children while working. Upon retirement from government service, Jennifer chose an organization with values that closely matched her own and uses her position to help her team define possible where they sometimes think they can't. We thank Jennifer for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are sharing an episode of our monthly show, Only Malware in the Building. We invite you to join Dave Bittner and cohost Selena Larson as they explore "The new malware on the block."
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we’re keeping an eye on them just in case).
Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA braces for widespread staffing cuts. Russian hackers target a Western military mission in Ukraine. China acknowledges Volt Typhoon. The U.S. signs on to global spyware restrictions. A lab supporting Planned Parenthood confirms a data breach. Threat actors steal metadata from unsecured Amazon EC2 instances. A critical WordPress plugin vulnerability is under active exploitation. A new analysis details a critical unauthenticated remote code execution flaw affecting Ivanti products. Joining us today is Johannes Ullrich, Dean of Research at SANS Technology Institute, with his take on "Vibe Security." Does AI understand, and does that ultimately matter?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Joining us today is Johannes Ullrich, Dean of Research at SANS Technology Institute, discussing "Vibe Security," similar to “Vibe Coding” where security teams overly rely on AI to do their job.
Selected Reading
Trump administration planning major workforce cuts at CISA (The Record)
Cybersecurity industry falls silent as Trump turns ire on SentinelOne (Reuters)
Russian hackers attack Western military mission using malicious drive (Bleeping Computer)
China Admitted to US That It Conducted Volt Typhoon Attacks: Report (SecurityWeek)
US to sign Pall Mall pact aimed at countering spyware abuses (The Record)
US lab testing provider exposed health data of 1.6 million people (Bleeping Computer)
Amazon EC2 instance metadata targeted in SSRF attacks (SC Media)
Vulnerability in OttoKit WordPress Plugin Exploited in the Wild (SecurityWeek)
Ivanti 0-day RCE Vulnerability Exploitation Details Disclosed (Cyber Security News)
Experts Debate: Do AI Chatbots Truly Understand? (IEEE Spectrum)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Trump targets former cybersecurity officials. Senator blocks CISA nominee over telecom security concerns. The acting head of NSA and Cyber Command makes his public debut. Escalation of Cyber Tensions in U.S.-China Trade Relations. Researchers evaluate the effectiveness of Large Language Models (LLMs) in automating Cyber Threat Intelligence. Hackers at Black Hat Asia pown a Nissan Leaf. A smart hub vulnerability exposes WiFi credentials. A new report reveals routers’ riskiness. Operation Endgames nabs SmokeLoader botnet users. Our guest is Anushika Babu, Chief Growth Officer at AppSecEngineer, joins us to discuss the creative ways people are using AI. The folks behind the Flipper Zero get busy.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Anushika Babu, Chief Growth Officer at AppSecEngineer, joins us to discuss the creative ways people are using AI.
Selected Reading
Trump Signs Memorandum Revoking Security Clearance of Former CISA Director Chris Krebs (Zero Day)
Senator puts hold on Trump's nominee for CISA director, citing telco security 'cover up' (TechCrunch)
Infosec experts fear China could retaliate against tariffs with a Typhoon attack (The Register)
New US Cyber Command, NSA chief glides in first public appearance (The Record)
LARGE LANGUAGE MODELS ARE UNRELIABLE FOR CYBER THREAT INTELLIGENCE (ARXIG)
Nissan Leaf Hacked for Remote Spying, Physical Takeover (SecurityWeek)
TP-Link IoT Smart Hub Vulnerability Exposes Wi-Fi Credentials (Cyber Security News)
Study Identifies 20 Most Vulnerable Connected Devices of 2025 (SecurityWeek)
Authorities Seized Smokeloader Malware Operators & Seized Servers (Cyber Security News)
Flipper Zero maker unveils ‘Busy Bar,’ a new ADHD productivity tool (Bleeping Computer)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Treasury’s OCC reports a major email breach. Patch Tuesday updates. A critical vulnerability in AWS Systems Manager (SSM) Agent allowed attackers to execute arbitrary code with root privileges. Experts urge Congress to keep strict export controls to help slow China’s progress in AI. A critical bug in WhatsApp for Windows allows malicious code execution.CISA adds multiple advisories on actively exploited vulnerabilities. Insider threat allegations rock a major Maryland medical center. Microsoft’s Ann Johnson from Afternoon Cyber Tea is joined by Jack Rhysider, the creator and host of the acclaimed podcast Darknet Diaries. Feds Aim to Rewrite Social Security Code in Record Time.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
In this episode of Afternoon Cyber Tea, Ann Johnson is joined by Jack Rhysider, the creator and host of the acclaimed podcast Darknet Diaries. You can hear the full conversation here. Be sure to catch new episodes of Afternoon Cyber Tea every other Tuesday on N2K CyberWIre and your favorite podcast app.
Selected Reading
Treasury's OCC Says Hackers Had Access to 150,000 Emails (SecurityWeek)
Microsoft Fixes Over 130 CVEs in April Patch Tuesday (Infosecurity Magazine)
Vulnerabilities Patched by Ivanti, VMware, Zoom (SecurityWeek)
Fortinet Patches Critical FortiSwitch Vulnerability (SecurityWeek)
ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider (SecurityWeek)
AWS Systems Manager Plugin Vulnerability Let Attackers Execute Arbitrary Code (Cyber Security News)
Tech experts recommend full steam ahead on US export controls for AI (CyberScoop)
Don't open that file in WhatsApp for Windows just yet (The Register)
CISA Warns of Microsoft Windows CLFS Vulnerability Exploited in Wild (Cyber Security News)
CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days (SecurityWeek)
Pharmacist accused of spying on women using work, home cams (The Register)
DOGE Plans to Rebuild SSA Code Base in Months, Risking Benefits and System Collapse (WIRED)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Is DOGE using AI to monitor federal employees? Google’s latest Android update addresses two zero-days. Scattered Spider continues its phishing and malware campaigns. Ransomware’s grip is slipping. ToddyCat exploits a critical flaw in ESET products. Oracle privately confirms a legacy system breach. Over 5,000 Ivanti Connect Secure appliances remain exposed online to a critical remote code execution vulnerability. CISA confirms active exploitation of a critical vulnerability in CrushFTP. In our Industry Voices segment, we are joined by Matt Radolec, VP of Incident Response at Varonis, on turning to gamers to to Build Resilient Cyber Teams. AI outphishes human red teams.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
In our Industry Voices segment, we are joined by Matt Radolec, VP of Incident Response, Cloud Operations & SE EU from Varonis, as he is discussing research on “From Gamer to Leader: How to Build Resilient Cyber Teams.” Catch Matt’s keynote at RSAC 2025 on April 30th.
Selected Reading
Exclusive: Musk's DOGE using AI to snoop on U.S. federal workers, sources say (Reuters)
Tariff Wars: The Technology Impact (BankInfo Security)
Google Patched Android 0-Day Vulnerability Exploited in the Wild (Cyber Security News)
Scattered Spider adds new phishing kit, malware to its web (The Register)
Ransomware Underground Faces Declining Relevance (BankInfo Security)
ESET Vulnerability Exploited for Stealthy Malware Execution (SecurityWeek)
Oracle Confirms that Hackers Broke Systems & Stole Client Login Credentials (Cyber Security News)
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk (SecurityWeek)
CISA Warns of CrushFTP Vulnerability Exploitation in the Wild (Infosecurity Magazine)
AI Outsmarts Human Red Teams in Phishing Tests (GovInfo Security)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
UK court blocks government's attempt to keep Apple encryption case secret. Port of Seattle says last year's breach affected 90,000 people. Verizon Call Filter App flaw exposes millions' call records. Hackers hit Australian pension funds. A global threat hiding in plain sight. Cybercriminals are yelling CAPTCH-ya! Meta retires U.S. fact-checking program. Our guest today is Rob Boyce from Accenture and he’s discussing Advanced Persistent Teenagers (APTeens). And Google’s AI Goes Under the Sea.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Rob Boyce, Global Lead for Cyber Resilience at Accenture, joins to discuss Advanced Persistent Teenagers (APTeens). Advanced Persistent Teenagers (APTeens) have rapidly become a significant enterprise risk by demonstrating capabilities once limited to organized ransomware groups, the threat from juvenile, homegrown threat-actors has risen steadily.
Selected Reading
UK Effort to Keep Apple Encryption Fight Secret Blocked in Court (Bloomberg)
Port of Seattle says ransomware breach impacts 90,000 people (BleepingComputer)
Call Records of Millions Exposed by Verizon App Vulnerability (SecurityWeek)
Cybercriminals are trying to loot Australian pension accounts in new campaign (The Record)
NEPTUNE RAT Attacking Windows Users to Exfiltrate Passwords from 270+ Apps (Cyber Security News)
Threat Actors Using Fake CAPTCHAs and CloudFlare Turnstile to Deliver LegionLoader (Cyber Security News)
Meta ends its fact-checking program in the US later today, replaces it with Community Notes (Techspot)
Suspected Scattered Spider Hacker Pleads Guilty (SecurityWeek)
This Alphabet Spin-off Brings “Fishal Recognition” to Aquaculture (IEEE Spectrum)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore of Career Notes.
Chief Security Officer, Chief Analyst, and Senior Fellow at the CyberWire, Rick Howard, shares his travels through the cybersecurity job space. The son of a gold miner who began his career out of West Point in the US Army, Rick worked his way up to being the Commander of the Army's Computer Emergency Response Team. Rick moved to the commercial sector working for Bruce Schneier running Counterpane's global SOC. Rick's first CSO job was for Palo Alto Networks where he was afforded the opportunity to create the Cybersecurity Canon Hall of Fame and the Cyber Threat Alliance. Upon considering retirement, Rick called up on the CyberWire to ask about doing a podcast and he was hired on to the team. Rick shares a proud moment through a favorite story. We thank Rick for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Zach Edwards from Silent Push is discussing their work on "New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks." Silent Push analysts uncovered significant infrastructure used by the Lazarus APT Group, linking them to the $1.4 billion Bybit crypto heist through the domain bybit-assessment[.]com registered just hours before the attack.
The investigation revealed a pattern of test entries, VPN usage, and fake job interview scams targeting crypto users, with malware deployment tied to North Korean threat actor groups like TraderTraitor and Contagious Interview. The team also identified numerous companies being impersonated in these scams, including major crypto platforms like Coinbase, Binance, and Kraken, to alert potential victims.
The research can be found here:
Silent Push Pivots into New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks
Learn more about your ad choices. Visit megaphone.fm/adchoices -
President Trump fires the head of NSA and Cyber Command. The Health Sector Coordinating Council asks the White House to abandon Biden-era security updates. Senators introduce bipartisan legislation to help fight money laundering. A critical vulnerability has been discovered in the Apache Parquet Java library. The State Bar of Texas reports a ransomware-related data breach. New Android spyware uses a password-protected uninstallation method. A Chinese state-backed threat group exploits a critical Ivanti vulnerability for remote code execution. Today’s guest is Dave Dewalt, Founder and CEO of NightDragon, with the latest trends and outlook from cyber leaders. Malware masquerades as the tax man.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today’s guest is Dave Dewalt, Founder and CEO of NightDragon, sharing 2024 trends and a 2025 outlook.
Selected Reading
Haugh fired from leadership of NSA, Cyber Command (The Record)
Defense Sec Hegseth in Signalgate Pentagon watchdog probe (The Register)
HSCC Urges White House to Shift Gears on Health Cyber Regs (BankInfo Security)
Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering (The Record)
Critical Apache Parquet RCE Vulnerability Lets Attackers Run Malicious Code (Cyber Security News)
State Bar of Texas Says Personal Information Stolen in Ransomware Attack (SecurityWeek)
New Android Spyware That Asks Password From Users to Uninstall (TechCrunch)
Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw (Infosecurity Magazine)
Hackers Leveraging URL Shorteners & QR Codes for Tax-Related Phishing Attacks (Microsoft)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A joint advisory labels Fast Flux a national security threat. Europol shuts down a major international CSAM platform. Oracle verifies a data breach. A new attack targets Apache Tomcat servers. The Hunters International group pivots away from ransomware. Hackers target Juniper routers using default credentials. A controversy erupts over a critical CrushFTP vulnerability. Johannes Ullrich, Dean of Research at SANS Technology Institute unpacks Next.js. Abracadabra, alakazam — poof! Your credentials are gone.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Johannes Ullrich, Dean of Research at SANS Technology Institute, is discussing Next.js and how similar problems have led to vulnerabilities recently.
Selected Reading
Fast Flux: A National Security Threat (CISA)
Don’t cut CISA personnel, House panel leaders say, as they plan legislation giving the agency more to do (CyberScoop)
CSAM platform Kidflix shut down by international operation (The Record)
AI Image Site GenNomis Exposed 47GB of Underage Deepfakes (Hackread)
Oracle tells clients of second recent hack, log-in data stolen, Bloomberg News reports (Reuters)
Hackers Exploiting Apache Tomcat Vulnerability to Steal SSH Credentials & Gain Server Control (Cyber Security News)
Hunters International Ransomware Gang Rebranding, Shifting Focus (SecurityWeek)
Hackers Actively Scanning for Juniper’s Smart Router With Default Password (Cyber Security News)
Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability (SecurityWeek)
New Malware Attacking Magic Enthusiasts to Steal Login Credentials (Cyber Security News)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Google and Mozilla patch nearly two dozen security flaws. The UK’s Royal Mail Group sees 144GB of data stolen and leaked. A bizarre campaign looks to recruit cybersecurity professionals to hack Chinese websites. PostgreSQL servers with weak credentials have been compromised for cryptojacking. Google Cloud patches a vulnerability affecting its Cloud Run platform. Oracle faces a class-action lawsuit over alleged cloud services data breaches. CISA releases ICS advisories detailing vulnerabilities in Rockwell Automation and Hitachi Energy products. General Paul Nakasone offers a candid assessment of America’s evolving cyber threats. On today’s CertByte segment, a look at the Cisco Enterprise Network Core Technologies exam. Are AI LLMs more like minds or mirrors?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K’s suite of industry-leading certification resources, this week, Chris is joined by Troy McMillan to break down a question targeting the Cisco Enterprise Network Core Technologies (350-401 ENCOR) v1.1 exam. Today’s question comes from N2K’s Cisco CCNP Implementing and Operating Cisco Enterprise Network Core Technologies ENCOR (350-401) Practice Test.
The ENCOR exam enables candidates to earn the Cisco Certified Specialist - Enterprise Core certification, which can also be used to meet exam requirements for several other Cisco certifications.
Have a question that you’d like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify.To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Additional source: https://www.cisco.com/site/us/en/learn/training-certifications/exams/encor.html
Selected Reading
Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities (SecurityWeek)
Royal Mail Group Loses 144GB to Infostealers: Same Samsung Hacker, Same 2021 Infostealer Log (Infostealers)
Someone is trying to recruit security researchers in bizarre hacking campaign (TechCrunch)
Ongoing cryptomining campaign hits over 1.5K PostgreSQL servers (SC Media)
ImageRunner Flaw Exposed Sensitive Information in Google Cloud (SecurityWeek)
Google Brings End-to-End Encrypted Emails to All Enterprise Gmail Users (SecurityWeek)
Oracle now faces class action amid alleged data breaches (The Register)
CISA Releases Two ICS Advisories for Vulnerabilities, & Exploits Surrounding ICS (Cyber Security News)
Exclusive: Gen. Paul Nakasone says China is now our biggest cyber threat (The Record)
Large AI models are cultural and social technologies (Science)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Visa fler
![Rich Hale: Understanding the data. [CTO] [Career Notes]](https://is5-ssl.mzstatic.com/image/thumb/Podcasts116/v4/12/16/ca/1216caa3-af21-5352-8400-c6e0e84332b5/mza_6844882071149318753.jpg/80x80bb.jpg)