![Michael Bishop Jr.: Good, bad or indifferent. [Security] [Career Notes]](https://is5-ssl.mzstatic.com/image/thumb/Podcasts116/v4/12/16/ca/1216caa3-af21-5352-8400-c6e0e84332b5/mza_6844882071149318753.jpg/250x250bb.jpg)
Avsnitt
-
DeepSeek blames DDoS for recent outages. Hackers behind last year’s AT&T data breach targeted members of the Trump family, Kamala Harris, and Marco Rubio’s wife.The EU sanctions Russians for cyberattacks against Estonia. ENGlobal confirms personal information was taken in last year’s ransomware attack. CISA issues a critical warning about a SonicWall vulnerability actively exploited. A large-scale phishing campaign exploits users’ trust in PDF files and the USPS. Apple patches a zero-day affecting many of their products. A ransomware attack on an Ohio-based operator of skilled nursing and rehabilitation facilities affects over 70,000. President Trump has a tumultuous first week back in office. Our guest is Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. A nonprofit aims to clean up the AI industry’s mess.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
We are joined by Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. Check out Bitdefender’s research on the topic here.
Selected Reading
DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge (SecurityWeek)
DeepSeek FAQ (Stratechery)
We tried out DeepSeek. It worked well, until we asked it about Tiananmen Square and Taiwan (The Guardian)
Hackers Mined AT&T Breach for Data on Trump's Family, Kamala Harris (404 Media)
European Union Sanctions Russian Nationals for Hacking Estonia (SecurityWeek)
ENGlobal Says Personal Information Accessed in Ransomware Attack (SecurityWeek)
CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild (Cyber Security News)
Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam (Security Boulevard)
Amazon Prime Security Warning As Hackers Strike—What You Need To Know (Forbes)
Apple plugs exploited security hole in iOS, updates macOS (The Register)
Nursing Home, Rehab Chain Says Hack Affects Nearly 70,000 (GovInfo Security)
A Tumultuous Week for Federal Cybersecurity Efforts (Krebs on Security)
Initiative Aims to Enable Ethical Coding LLMs (IEEE Spectrum)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Chinese AI startup DeepSeek shakes up the market. Trump freezes cyber diplomacy funding and puts a vital U.S.-EU data-sharing agreement at risk. A trojanized RAT targets script kiddies. U.K. telecom giant TalkTalk investigates a data breach. Researchers uncover a critical flaw in Meta’s Llama Stack AI framework. Attackers leverage hidden text salting in emails. The “FlowerStorm” phishing framework targets multiple brands to steal customer credentials. A critical zero-day hits SonicWall VPN appliances. Swedish authorities seized a cargo ship suspected of damaging a key fiber optic cable. Freezing out crypto-kidnappers. Our guest is Jon Miller, CEO and Co-founder from Halcyon, sharing trends in ransomware and insights on Brain Cipher. The British Museum defends its artefacts from IT attacks.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Jon Miller, CEO and Co-founder from Halcyon, sharing trends in ransomware along with some insights on Brain Cipher. For more detail, check out Halcyon’s Power Rankings: Ransomware Malicious Quartile Q4-2024.
Selected Reading
A shocking Chinese AI advancement called DeepSeek is sending US stocks plunging (CNN Business)
Politicization of intel oversight board could threaten key US-EU data transfer agreement (The Record)
Cyber diplomacy funding halted as US issues broad freeze on foreign aid (The Record)
Weaponised XWorm RAT builder Attacking script kiddies to Steal Sensitive Data (GB Hackers)
Change Healthcare Breach Almost Doubles in Size to 190 Million Victims (Infosecurity Magazine)
TalkTalk investigating data breach after hacker claims theft of customer data (TechCrunch)
Meta rushes to fix critical Llama Stack AI flaw (Cybernews)
Seasoning email threats with hidden text salting (Cisco Talos)
New Phishing Framework Attacking Multiple Brands To Steal Customer Logins (Cyber Security News)
More than 2,000 SonicWall devices vulnerable to critical zero-day (The Record)
Sweden seizes vessel after another undersea cable damaged (The Register)
Nicolas Bacca: "We have invented a unique organisational model for intervening in cryptocurrency ransom" (The Big Whale)
British Museum hit by alleged IT attack by ex-worker (BBC News)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Saknas det avsnitt?
-
Please enjoy this encore episode with VP of Information Security at Barracuda Dave Farrow, and how he shares how a teenage surfer fell in love with software development and made his way in the cybersecurity field. Dave chose to study electrical engineering in college because he wanted to learn something that didn't make sense to him. He says he's done things in his career that he said he'd never do: for example, he went into and fell in love with software development. Taking on leadership of a bug bounty program at Barracuda blossomed into the creation of an internal security team. Dave wants to be the guy who enables the business and not the one who prevented it. He hopes all will come to recognize that there are other threats besides cybersecurity threats to business. We thank Dave for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Ismael Valenzuela, VP of Threat Research & Intelligence, and Jacob Faires, Principal Threat Researcher, from Blackberry discussing the team's work on "LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign." In April 2024, BlackBerry uncovered a significant evolution of the LightSpy malware campaign, attributed to Chinese cyber-espionage group APT41.
The newly introduced DeepData framework, a modular Windows-based surveillance tool, expands data theft capabilities with 12 specialized plugins for tasks like communication surveillance, credential theft, and system intelligence gathering. The campaign targets a wide range of communication platforms, including WhatsApp, Signal, and WeChat, with advanced techniques for monitoring and stealing sensitive information from victims across the Asia-Pacific region.
The research can be found here:
LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A federal court finds the FBI’s warrantless section 702 searches unconstitutional. The DOJ charges five in a fake IT worker scheme. The Texas Attorney General expands his investigation into automakers’ data sharing. CISA highlights vulnerabilities in the aircraft collision avoidance system. Estonia will host Europe's new space cybersecurity testing ground. Hackers use hardware breakpoints to evade EDR detection. Subaru’s Starlink connected vehicle service exposed sensitive customer and vehicle data. Asian nations claim progress against criminal cyber-scam camps. Our guest today is Dr. Chris Pierson, Founder and CEO of BlackCloak, with his outlook on 2025. Sticking AI crawlers in the tar pit.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Dr. Chris Pierson, Founder and CEO of BlackCloak, joining us to share trends he sees coming our way in 2025.
Selected Reading
Court rules FBI’s warrantless searches violated Fourth Amendment (Ars Technica)
US Charges Five People Over North Korean IT Worker Scheme (SecurityWeek)
Texas probes four more car companies over how they collect and sell consumer data (The Record)
CISA Warns of Flaws in Aircraft Collision Avoidance Systems (BankInfo Security)
ESA - Estonia to host Europe's new space cybersecurity testing ground (European Space Agency)
Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level (Cyber Security News)
Subaru Starlink Vulnerability Exposed Cars to Remote Hacking (SecurityWeek)
China and friends say they're hurting cyber-slave scam camps (The Register)
Developer Creates Infinite Maze That Traps AI Training Bots (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA and FBI detail exploit chains used by Chinese hackers to compromise Ivanti Cloud Service Appliances. Energy systems in Central Europe use unencrypted radio signals. A critical SonicWall vulnerability is under active exploitation. The Nnice ransomware strain isn’t. Cisco discloses a critical vulnerability in its Meeting Management tool. GhostGPT is a new malicious generative AI chatbot. ClamAV patches critical vulnerabilities in the open-source anti-virus engine. A new report questions the effectiveness of paying ransomware demands. DOGE piggybacks on the United States Digital Service. On our Industry Voices segment, we are joined by Joe Gillespie, Senior Vice President at Booz Allen, discussing Cyber AI. Jen Easterly leaves CISA a legacy of resilience and dedication.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Industry Voices
Today on our Industry Voices segment, we are joined by Joe Gillespie, Senior Vice President at Booz Allen, discussing Cyber AI.
Selected Reading
FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know (SecurityWeek)
Researchers say new attack could take down the European power grid (Ars Technica)
Critical SonicWall Vulnerability Exploited In Attacks Execute Arbitrary OS Commands (Cyber Security News)
Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques (GB Hackers)
Cisco Fixes Critical Vulnerability in Meeting Management (Infosecurity Magazine)
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing (Infosecurity Magazine)
Open-Source ClamAV Releases Critical Security Patch Updates – What’s Inside! (Cyber Security News)
Companies who pay off ransomware attackers rarely get their data back, survey shows (Cybernews)
Elon Musk Plays DOGE Ball—and Hits America’s Geek Squad (WIRED)
Under Trump, US Cyberdefense Loses Its Head (WIRED)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The latest cyber moves from the Trump White House. Pompompurin faces resentencing. An attack on a government IT contractor impacts Medicaid, child support, and food assistance programs. Helldown ransomware targets unpatched Zyxel firewalls. Murdoc is a new Mirai botnet variant. Cloudflare maps the DDoS landscape. North Korea’s Lazarus group uses fake job interviews to deploy malware. Hackers are abusing Google ads to spread AmosStealer malware. Pwn2Own Automotive awards over $382,000 on its first day. In our CertByte segment, Chris Hare and Steven Burnley take on a question from N2K’s Agile Certified Practitioner (PMI-ACP)® Practice Test. NYC Restaurant week tries to keep bots off the menu.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K’s suite of industry-leading certification resources, and a study tip to help you achieve the professional certifications you need to fast-track your career growth in IT, cyber security, or project management.
In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Steven Burnley to break down a question targeting the CC - Certified in Cyber Security certification by ISC2®. Today’s question comes from N2K’s Agile Certified Practitioner (PMI-ACP)® Practice Test.
Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Additional sources:
https://www.pmi.org/certifications/agile-acp
https://www.pmi.org/-/media/pmi/documents/public/pdf/certifications/agile-certified-exam-outline.pdf
Selected Reading
Trump Fires DHS Board Probing Salt Typhoon Hacks (Dark Reading)
TSA chief behind cyber directives for aviation, pipelines and rail ousted by Trump team (The Record)
Trump pardons Silk Road dark web market creator Ross Ulbricht (BBC)
BreachForums Admin Conor Fitzpatrick (Pompompurin) to Be Resentenced (Hackread)
Government IT contractor Conduent says 'third-party compromise’ caused outages (The Record)
Helldown Ransomware Exploiting Zyxel Devices Using Zero-Day Vulnerability (Cyber Security News)
New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers (Security Affairs)
Record-Breaking DDoS Attack Reached 5.6 Tbps (SecurityWeek)
InvisibleFerret Malware Attacking Windows Users Through Fake Job Interview Tactics (Cyber Security News)
Fake Homebrew Google ads target Mac users with malware (Bleeping Computer)
Over $380,000 Paid Out on First Day of Pwn2Own Automotive 2025 (SecurityWeek)
Security Alert: Bots Target NYC Restaurant Week (DataDome)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
President Trump rolls back AI regulations and throws TikTok a lifeline. Attackers pose as Ukraine’s CERT-UA tech support. A critical vulnerability is found in the Brave browser. Sophos observes hacking groups abusing Microsoft 365 services and exploiting default Microsoft Teams settings. Researchers uncover critical flaws in tunneling protocols. A breach exposes personal information of thousands of students and educators. Oracle patches 320 security vulnerabilities. Kaspersky reveals over a dozen vulnerabilities in a Mercedes-Benz infotainment system. Tim Starks from CyberScoop discusses executive orders on cybersecurity and the future of CISA. We preview coming episodes of Threat Vector. Honesty isn’t always the best policy.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
On our Threat Vector podcast preview today:
IoT devices are everywhere, with billions deployed globally in industries like healthcare, manufacturing, and critical infrastructure. But this explosion of connectivity brings unprecedented security challenges. Host David Moulton speaks with Dr. May Wang, CTO of IoT Security at Palo Alto Networks, about how AI is transforming IoT security. Stay tuned for the full conversation this Thursday.
CyberWire Guest
Our guest is Tim Starks from CyberScoop discussing executive orders on cybersecurity and the future of CISA. You can read Tim’s article on the recent Biden EO here.
Selected Reading
Trump revokes Biden executive order on addressing AI risks (Reuters)
TikTok is back up in the US after Trump says he will extend deadline (Bleeping Computer)
Hackers impersonate Ukraine’s CERT to trick people into allowing computer access (The Record)
Brave Browser Vulnerability Let Malicious Website Mimic as Legitimate One (Cyber Security News)
Ransomware Groups Abuse Microsoft Services for Initial Access (SecurityWeek)
Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally (Hackread)
Students, Educators Impacted by PowerSchool Data Breach (SecurityWeek)
Oracle To Address 320 Vulnerabilities in January Patch Update (Infosecurity Magazine)
Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities (SecurityWeek)
Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes (SecurityWeek)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
You can learn more about AWS in Orbit at space.n2k.com/aws.
Our guests today are Araz Feyzi, Co-founder and CTO at Kayhan Space and Tim Sills, Lead Security Solutions Architect at AWS for Aerospace and Satellite.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Be sure to follow T-Minus on LinkedIn and Instagram.
Selected Reading
AWS Aerospace and Satellite
Audience Survey
We want to hear from you! Please complete our short survey. It’ll help us get better and deliver you the most mission-critical space intel every day.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
Want to join us for an interview?
Please send your pitch to [email protected] and include your name, affiliation, and topic proposal.
T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore of the Managing Director at Cerberus Sentinel, Chief Compliance Officer and the President of TalaTek, Baan Alsinawi as she shares her cybersecurity journey from a teenager who wanted to understand computers and held several positions in IT from help desk to systems engineering and cybersecurity. Founding her own business focusing on compliance, Baan says she spends maybe only 20% of her day on technical tasks and that there is always so more to do. Finding the right people for her team is a marker of success for Baan. She talks of the importance of sharing the sense of community of women in technology and nurturing women in the field. We thank Baan for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Nati Tal, Head of Guardio Labs, sits down to share their work on “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack. Guardio Labs has uncovered a critical vulnerability in the Opera browser, enabling malicious extensions to exploit Private APIs for actions like screen capturing, browser setting changes, and account hijacking.
Highlighting the ease of bypassing extension store security, researchers demonstrated how a puppy-themed extension exploiting this flaw could infiltrate both Chrome and Opera's extension stores, potentially reaching millions of users. This case underscores the delicate balance between enhancing browser productivity and ensuring robust security measures, revealing the alarming tactics modern threat actors employ to exploit trusted platforms.
The research can be found here:
“CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The FBI warns agents of hacked call and text logs. The US Treasury sanctions entities tied to North Korea’s fake IT worker operations. Russian hacking group Star Blizzard attempted to infiltrate WhatsApp accounts of nonprofits supporting Ukraine. Yubico discloses a critical vulnerability in its Pluggable Authentication Module)software. Google releases an open-source library for software composition analysis. CISA hopes to close the software understanding gap. Pumakit targets critical infrastructure. Simplehelp patches multiple flaws in their remote access software. The FTC bans GM from selling driver data. HHS outlines their efforts to protect hospitals and healthcare. Our guest Maria Tranquilli, Executive Director at Common Mission Project, speaks with N2K’s Executive Editor Brandon Karpf about the origins and impact of Hacking for Defense. Even the best of red teamers are humbled by AI.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest Maria Tranquilli, Executive Director at Common Mission Project, speaks with N2K’s Executive Editor Brandon Karpf about the origins and impact of Hacking for Defense, and how universities can get involved.
Selected Reading
FBI Has Warned Agents It Believes Hackers Stole Their Call Logs (Bloomberg)
US Announces Sanctions Against North Korean Fake IT Worker Network (SecurityWeek)
Russian Star Blizzard hackers exploit WhatsApp accounts to spy on nonprofits aiding Ukraine (The Record)
Yubico PAM Module Vulnerability Let Attackers Bypass Authentications In Certain Configurations (Cyber Security News)
Google Releases Open Source Library for Software Composition Analysis (SecurityWeek)
Closing the Software Understanding Gap (CISA)
Pumakit - A Sophisticated Linux Rootkit Attack Critical Infrastructure (Cyber Security News)
Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise (SecurityWeek)
FTC hands GM a 5-year ban on selling sensitive driver info to data brokers (The Record)
How HHS has strengthened cybersecurity of hospitals and health care systems (CyberScoop)
Microsoft AI Red Team says security work will never be done (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
President Biden issues a comprehensive cybersecurity executive order. Updates on Silk Typhoon’s US Treasury breach. A Chinese telecom hardware firm is under FBI investigation. A critical vulnerability has been found in the UEFI Secure Boot mechanism. California-based cannabis brand Stiiizy suffers a data breach. North Korea’s Lazarus Group lures freelance developers. The FTC highlights major security failures at web hosting giant GoDaddy. Veeam patches a critical vulnerability in their Backup for Microsoft Azure product. Hackers leak sensitive data from over 15,000 Fortinet firewalls. Our guest today is Oren Koren, Veriti's Co-founder and CPO, sharing insights about the state of healthcare cybersecurity. Shiver me timbers! Meta’s AI trains on a treasure chest of pirated books.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Oren Koren, Veriti's Co-founder and CPO, sharing insights about the state of healthcare cybersecurity. You can read more in their “The State of Healthcare Cybersecurity 2025” report.
Selected Reading
Biden to sign executive order on AI and software security (Axios)
Treasury Breach by Chinese Sponsored Hackers Focused on Sanctions, Report Says (Bloomberg)
Exclusive: Chinese tech firm founded by Huawei veterans in the FBI's crosshairs (Reuters)
New UEFI Secure Boot Bypass Vulnerability Exposes Systems to Malicious Bootkits (Cyber Security News)
380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy (SecurityWeek)
North Korean Hackers Targeting Freelance Software Developers (SecurityWeek)
GoDaddy Accused of Serious Security Failings by FTC (Infosecurity Magazine)
Veeam Azure Backup Solution Vulnerability Allows Attackers To Enumerate Network (Cyber Security News)
Hacking group leaks Fortinet users’ details on dark web (Computing)
Meta Secretly Trained Its AI on a Notorious Piracy Database, Newly Unredacted Court Docs Reveal (WIRED)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The FBI deletes PlugX malware from thousands of U.S. computers. Researchers uncover vulnerabilities in Windows 11 allowing attackers to bypass protections and execute code at the kernel level. A look at (a busy) Patch Tuesday. Researchers uncovered six critical vulnerabilities in a popular Linux file transfer tool. Texas sues Allstate for allegedly collecting, using, and selling driving data without proper consent. An executive order enables AI developers to build data centers on federal lands. On our Industry Voices segment, we are joined by Mike Hamilton, Chief Information Officer at Cloudflare, discussing how tech sprawl emulates the snake game. Meta profits while users suffer.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Industry Voices Segment
On our Industry Voices segment, we are joined by Mike Hamilton, Chief Information Officer at Cloudflare, discussing how tech sprawl emulates the snake game. You can read Mike’s thoughts here.
Selected Reading
FBI deletes Chinese PlugX malware from thousands of US computers (Bleeping Computer)
Windows 11 Security Features Bypassed to Obtain Arbitrary Code Execution in Kernel Mode (Cyber Security News)
Microsoft Patches Eight Zero-Days to Start the Year (Infosecurity Magazine)
Chrome 132 Patches 16 Vulnerabilities (SecurityWeek)
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities (SecurityWeek)
Ivanti Patches Critical Vulnerabilities in Endpoint Manager (SecurityWeek)
Zoom Patches Multiple Vulnerabilities That Let Attackers Escalate Privileges (Cyber Security News)
Apple Patches Flaw That Allows Kernel Security Bypassing (GovInfo Security)
ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA (SecurityWeek)
Linux Rsync File Transfer Tool Vulnerability Let Attackers Execute Arbitrary Code (Cyber Security News)
Allstate car insurer sued for tracking drivers without permission (Bleeping Computer)
Biden Opens US Federal Sites for AI Data Center Growth (BankInfo Security)
Instagram Ads Send This Nudify Site 90 Percent of Its Traffic (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A draft cybersecurity executive order from the Biden administration seeks to bolster defenses. Researchers identify a “mass exploitation campaign” targeting Fortinet firewalls. A Chinese-language illicit online marketplace is growing at an alarming rate. CISA urges patching of a second BeyondTrust vulnerability. The UK proposes banning ransomware payments by public sector and critical infrastructure organizations. A critical flaw in Google’s authentication flow exposes millions to unauthorized access.OWASP releases its first Non-Human Identities (NHI) Top 10. A Microsoft lawsuit targets individuals accused of bypassing safety controls in its Azure OpenAI tools. Our guest is Chris Pierson, Founder and CEO of BlackCloak, discussing digital executive protection. The feds remind the health care sector that AI must first do no harm.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Chris Pierson, Founder and CEO of BlackCloak, discussing digital executive protection.
Selected Reading
Second Biden cyber executive order directs agency action on fed security, AI, space (CyberScoop)
Snoops exploited Fortinet firewalls with 'probable' 0-day (The Register)
The ‘Largest Illicit Online Marketplace’ Ever Is Growing at an Alarming Rate, Report Says (WIRED)
CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks (SecurityWeek)
UK Considers Ban on Ransomware Payments by Public Bodies (Infosecurity Magazine)
Google OAuth "Sign in with Google" Vulnerability Exposes Millions of Accounts to Data Theft (Cyber Security News)
OWASP Publishes First-Ever Top 10 “Non-Human Identities (NHI) Security Risks (Cyber Security News)
Microsoft Sues Harmful Fake AI Image Crime Ring (GovInfo Security)
Feds Tell Health Sector to Watch for Bias in AI Decisions (BankInfo Security)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
An MFA outage affects Microsoft 365 Office apps. The Biden administration introduces new export controls to block adversaries from accessing advanced AI chips. A Dutch university cancels lectures after a cyberattack. Three Russian nationals have been indicted for operating cryptocurrency mixers. Juniper Networks releases security updates for Junos OS. Spain’s largest telecommunications company confirms a data breach. The “Banshee” infostealer leverages a stolen Apple encryption algorithm. Researchers uncover a novel ransomware campaign targeting Amazon S3 buckets. A major data broker suffers a major data breach. Our guest Philippe Humeau, CEO and Founder of CrowdSec, shares the biggest issues currently facing cybersecurity and how open-source cybersecurity platforms combat them. The weirdness of AI.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest Philippe Humeau, CEO and Founder of CrowdSec, shares the biggest issues currently facing cybersecurity and how open-source cybersecurity platforms combat them.
Selected Reading
Microsoft MFA outage blocking access to Microsoft 365 apps (Bleeping Computer)
White House Moves to Restrict AI Chip Exports (GovInfo Security)
New Ransomware Group Uses AI to Develop Nefarious Tools (Infosecurity Magazine)
Cyberattack forces Dutch university to cancel lectures (The Record)
3 Russians Indicted for Operating Blender.io and Sinbad.io Crypto Mixers (Hackread)
Juniper Networks Fixes High-Severity Vulnerabilities in Junos OS (SecurityWeek)
Aviatrix Controller RCE Vulnerability Exploited In The Wild (Cyber Security News)
Hackers Exploiting YouTube to Spread Malware That Steals Browser Data (GB Hackers)
Banshee 2.0 Malware Steals Apple's Encryption to Hide on Macs (Dark Reading)
A breach of a data broker's trove of location data threatens the privacy of millions (TechCrunch)
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C (Halcyon)
AI Mistakes Are Very Different Than Human Mistakes (IEEE Spectrum)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Kyla Cardona and Aurora Johnson from SpyCloud discussing their research "China’s Surveillance State Is Selling Citizen Data as a Side Hustle." Chinese technology companies, under CCP mandate, collect vast amounts of data on citizens, creating opportunities for corrupt insiders to steal and resell this information on dark markets. These stolen datasets, aggregated into "Social Work Libraries" (SGKs), mirror lower-tech versions of CCP internal security databases.
Kyla and Aurora discuss how Chinese cybercriminals use these SGKs and their implications compared to Western, European, and Russian cybercrime ecosystems. With expertise in Chinese OSINT and cybersecurity policy, both researchers bring deep insights into the geopolitical and technical dynamics of China's digital landscape.
The research can be found here:
“Pantsless Data”: Decoding Chinese Cybercrime TTPs
A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem
China’s Surveillance State Is Selling Citizen Data as a Side Hustle
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode, where we are joined by Senior Security Officer at Centers for Medicare and Medicaid Services Michael Bishop Jr. as he shares his journey from Army infantryman deployed to Iraq to working in cybersecurity. After 12 years in the U.S. Army, Mike found himself in a rough spot. Looking for work and having some personal challenges, Mike's mentor, an Army officer he met while enlisted, recognized Mike's struggles and helped to nudge him toward cybersecurity. Mike credits his mentor with helping him transition to where he is today. Undergoing training for cybersecurity, he was tested in many areas and found the route he wanted to go. We thank Michael for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
New details emerge about Chinese hackers breaching the US Treasury Department. The Supreme Court considers the TikTok ban. Chinese hackers exploit a zero-day flaw in Ivanti Connect Secure VPN. A new credit card skimmer malware targets WordPress checkout pages. The Banshee macOS info-stealer has been updated. A California health services organization reports a data breach. A Florida firm pays a $337,750 HIPAA settlement following a 2018 breach. Samsung patches Android devices. A Proton Mail outage hits users worldwide. A popular e-card site recovers from malware. CertByte segment host Chris Hare interviews our guest Casey Marks, ISC2's Chief Qualifications Officer, about the future of certifications. That’s a feature, not a hack.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
CertByte segment host Chris Hare interviews our guest Casey Marks, ISC2's Chief Qualifications Officer, about certifications and where they could be heading. You can check out their 2024 ISC2 Cybersecurity Workforce study here.
Selected Reading
Chinese hackers breached US government office that assesses foreign investments for national security risks (CNN)
Supreme Court considers whether to allow TikTok ban to take effect (NBC News)
Ivanti VPN zero-day exploited by Chinese hackers (SC Media)
New Skimmer Malware Hijacking WordPress Websites to Steal Credit Cards (Cyber Security News)
Banshee macOS Malware Expands Targeting (SecurityWeek)
BayMark Health Services Reports Data Breach, Exposing Patient Information (The Cyber Express)
Florida Firm Fined $337K by Feds for Data Deleted in Hack (BankInfo Security)
Samsung Patches Multiple Vulnerabilities That Let Attackers Execute Arbitrary Code (Cyber Security News)
Proton Mail still down as Proton recovers from worldwide outage (Bleeping Computer)
GroupGreeting e-card site attacked in “zqxq” campaign (Malwarebytes)
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures (SecurityWeek)
Facebook awards researcher $100,000 for finding bug that granted internal access (RocketNews)
Developers sent into security panic by 'useful feature' (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The Biden administration is finalizing an executive order to bolster U.S. cybersecurity. Ivanti releases emergency updates to address a critical zero-day vulnerability. A critical vulnerability is discovered in Kerio Control firewall software. Palo Alto Networks patches multiple vulnerabilities in its retired migration tool. Fake exploits for Microsoft vulnerabilities lure security researchers. A medical billing company data breach affects over 360,000. A cyberattack disrupts the city of Winston-Salem. CrowdStrike identifies a phishing campaign exploiting its recruitment branding. Our guest is Danny Allen, CTO from Snyk, sharing how a balanced approach between AI and human oversight can strengthen cybersecurity. The worst of the worst from CES.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Danny Allen, CTO from Snyk, sharing how a balanced approach between AI and human oversight can strengthen cybersecurity. Learn more in Snyk’s AI Readiness Report about how some companies are still hesitant to adopt AI, despite its clear benefits in addressing human error and keeping up with fast-evolving technology.
Selected Reading
White House Rushes to Finish Cyber Order After China Hacks (Bloomberg)
Zero-Day Patch Alert: Ivanti Connect Secure Under Attack (GovInfo Security)
GFI KerioControl Firewall Vulnerability Exploited in the Wild (SecurityWeek)
Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool (SecurityWeek)
Security pros baited by fake Windows LDAP exploits (The Register)
Major US medical billing firm breached, 360K+ customers' healthcare data leaked (Cybernews)
Recruitment Phishing Scam Imitates CrowdStrike Hiring Process (CrowdStrike)
Some Winston-Salem city services knocked offline by cyberattack (The Record)
Excelsior Orthopaedics Data Breach Impacts 357,000 People (SecurityWeek)
The 'Worst in Show' CES Products Put Your Data at Risk and Cause Waste, Privacy Advocates Say (SecurityWeek)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Visa fler
