Avsnitt
-
DOGE’s unchecked access to federal networks sparks major cybersecurity fears. Senator Hawley’s AI ban targets China and raises free speech concerns. Apple service ticket portal vulnerability exposed millions of users’ data. North Korean ‘FlexibleFerret’ malware targets macos via job scams and fake zoom apps. February 2025 android security update fixes 48 vulnerabilities, including exploited zero-day. Grubhub data breach exposes customer and driver information. Abandoned cloud infrastructure creates major security risks. Texas to launch its own Cyber Command amid rising cyber threats. Dell PowerProtect vulnerabilities pose critical security risks. On our Threat Vector segment, David Moulton and his guests look at the potential dangers of DeepSeek. U.S. Government is quietly altering the Head Start database. And a moment of inspiration from a spacefaring poet.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
Artificial intelligence is advancing fast, but with innovation comes risk. In this segment of Threat Vector, host David Moulton sits down with Sam Rubin, SVP of Consulting and Threat Intelligence at Unit 42, and Kyle Wilhoit, Director of Threat Research, to explore the vulnerabilities of DeepSeek, a new large language model. To listen to the full discussion, please check out the episode here or on your favorite podcast app, and tune in to new episodes of Threat Vector by Palo Alto Networks every Thursday.
Selected Reading
Musk’s DOGE effort could spread malware, expose US systems to threat actors (CSO Online)
As DOGE teams plug into federal networks, cybersecurity risks could be huge, experts say (The Record)
Senator Hawley Proposes Jail Time for People Who Download DeepSeek (404 Media)
Apple Service Ticket portal Vulnerability Exposes Millions of Users Data (Cyber Security News)
N. Korean ‘FlexibleFerret’ Malware Hits macOS with Fake Zoom, Job Scams (Hackread)
Google fixes Android kernel zero-day exploited in attacks (Bleeping Computer)
GrubHub Data Breach - Customers Phone Numbers Exposed (Cyber Security News)
Here’s all the ways an abandoned cloud instance can cause security issues (CyberScoop)
Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks (Infosecurity Magazine)
Multiple Dell PowerProtect Vulnerabilities Let Attackers Compromise System (Cyber Security News)
‘Forbidden Words’: Github Reveals How Software Engineers Are Purging Federal Databases (404 Media)
T-Minus Deep Space: Inspiration4 with Dr. Sian “Leo” Proctor. (T-Minus Deep Space podcast)
Dr. Sian Proctor got her ticket to space after being selected for her poetry (Instagram)
2025 SpaceCom: Interview with Dr. Sian Proctor (YouTube)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Federal agencies become battlegrounds in an unprecedented power struggle. XE Group evolves from credit-card skimming to exploiting zero-day vulnerabilities. WhatsApp uncovers a zero-click spyware attack linked to an Israeli firm.Texas expands its ban on Chinese-backed AI and social media apps. Data breaches expose the personal and medical information of over a million people.NVIDIA patches multiple critical vulnerabilities. Arm discloses critical vulnerabilities affecting its Mali GPU Kernel Drivers and firmware. The UK government aims to set the global standard for securing AI. Tim Starks from CyberScoop has the latest from Senate confirmation hearings. The National Cryptologic Museum rights a wrong.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Joining us today is Tim Starks, Senior Reporter from CyberScoop, to discuss two of his recent articles:
FBI nominee Kash Patel getting questions on cybercrime investigations, Silk Road founder, surveillance powers
Even the US government can fall victim to cryptojacking
Selected Reading
Top Security Officials at Aid Agency Put on Leave After Denying Access to Musk Team (New York Times)
Exclusive: Musk aides lock workers out of OPM computer system (Reuters)
Federal Workers Block Doors of Admin Building Over Elon Musk Data Breach (DC Media Group)
Trump Broke the Federal Email System and Government Employees Got Blasted With Astonishingly Vulgar Messages (Futurism)
CISA employees told they are exempt from federal worker resignation program (The Record)
From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts (CyberScoop)
Israeli Firm Paragon Attack WhatsApp With New Zero-Click Spyware (Cyber Security News)
Texas Gov. Greg Abbott bans DeepSeek, RedNote and other Chinese-backed AI platforms (Statesman)
Hundreds of Thousands Hit by Data Breaches at Healthcare Firms in Colorado, North Carolina (SecurityWeek)
Insurance Company Globe Life Notifying 850,000 People of Data Breach (SecurityWeek)
NVIDIA GPU Display Driver Vulnerability Lets Attackers Steal Files Remotely - Update Now (Cyber Security News)
Arm Mali GPU Kernel Driver 0-Day Vulnerability Actively Exploited in the Wild (Cyber Security News)
UK Announces “World-First” AI Security Standard (Infosecurity Magazine)
Larry Pfeiffer on Bluesky (Bluesky)
Possibly related to the Bluesky post: Trailblazers in U.S. Cryptologic History
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Saknas det avsnitt?
-
Please enjoy this encore episode with Principal Research Scientist for Human Behavior at Forcepoint, Margaret Cunningham. She shares her story of how she landed in cybersecurity. With a background in psychology and counseling and not feeling that one-on-one counseling was her thing, Margaret had a transformational moment in her PhD program in applied experimental technology when she realized she could "provide helping services and good work services at a broader scale." Margaret found her professional footing at DHS's Human Systems Integration Branch of Science and Technology Department as the person who figured out how to measure how new technologies impacted human performance. Margaret points out that making connections and reading whatever you can is important to stay up to date in the field. She notes that her statistical analysis skills are an asset. She hopes to create champions in human behavior and performance in the world of technology. We thank Margaret for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, Dave Bittner is joined by Juan Andres Guerrero-Saade (JAGS) from SentinelOne's SentinelLabs to discuss the work his team and Tinexta Cyber did on "Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels."
Tinexta Cyber and SentinelLabs have been tracking threat activities targeting business-to-business IT service providers in Southern Europe. Based on the malware, infrastructure, techniques used, victimology, and the timing of the activities, we assess that it is highly likely these attacks were conducted by a China-nexus threat actor with cyberespionage motivations.
The relationships between European countries and China are complex, characterized by cooperation, competition, and underlying tensions in areas such as trade, investment, and technology. Suspected China-linked cyberespionage groups frequently target public and private organizations across Europe to gather strategic intelligence, gain competitive advantages, and advance geopolitical, economic, and technological interests.
The research can be found here:
Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Authorities dismantle a Pakistan-based cybercrime network. Lawmakers question the feasibility of establishing a U.S. Cyber Force as a standalone military branch. The DOJ sues to block HPE’s acquisition of Juniper Networks. Tangerine Turkey deploys cryptomining malware. Major healthcare providers send breach notifications. Norwegian police seize a Russian-crewed ship suspected of damaging a communications cable. Researchers discover critical vulnerabilities in GitHub Copilot. D-Link patches a critical router vulnerability. CISA and the FDA have warned U.S. healthcare organizations of severe security vulnerabilities in Chinese-made patient monitors. Pauses in funding create confusion for federal cybersecurity vendors. We bid a fond farewell to a pair of N2K colleagues. The case of the disappearing government data.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today’s guest segment is bittersweet as we offer our thanks and see you laters to two of our beloved colleagues N2K President Simone Petrella, who’s taking her leadership role to our advisory board, and Executive Editor Brandon Karpf, who will be taking up the mantle of protecting our national security starting his own company, Hedy Cyber. Join us in celebrating their incredible journeys, contributions to our successes, and letting them both know just how deeply they will be missed by all of us here at N2K.
Selected Reading
US, Dutch Authorities Disrupt Pakistani Hacking Shop Network (SecurityWeek)
Lawmakers push for guardrails, deadline on cyber military study (The Record)
US Sues to Stop HPE $14 Billion Deal to Buy Juniper Networks (Bloomberg)
Tangerine Turkey mines cryptocurrency in global campaign (Red Canary)
US healthcare provider data breach impacts 1 million patients (Bleeping Computer)
NorthBay Health Data Breach Impacts 569,000 Individuals (SecurityWeek)
Norway seizes ship suspected of sabotage, says crew are Russian nationals (The Record)
GitHub Copilot Jailbreak Vulnerability Let Attackers Train Malicious Models (Cyber Security News)
D-Link Routers Vulnerability Let Attackers Gain Full Router Control Remotely (Cyber Security News)
CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors (SecurityWeek)
Federal Cybersecurity Contractors Whiplashed By Uncertainty (GovInfo Security)
Archivists Work to Identify and Save the Thousands of Datasets Disappearing From Data.gov (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
International law enforcement takes down a pair of notorious hacking forums. Wiz discovers an open DeepSeek database. Time Bandit jailbreaks ChatGPT. Ransomware hits one of the largest U.S. blood centers. A cyberattack takes the South African Weather Service offline. Researchers describe a new “browser syncjacking” attack. TeamViewer patches a high-severity privilege escalation flaw. Over three dozen industry groups urge Congress to pass a national data privacy law. CISA faces an uncertain future. N2K’s Brandon Karpf speaks with Ellen Chang, Vice President Ventures at BMNT and Head of BMNT Ventures. OpenAI Cries Foul After Getting a Taste of Its Own Medicine.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Today, N2K’s Brandon Karpf speaks with Ellen Chang, Vice President Ventures at BMNT and Head of BMNT Ventures, about the venture model, why it exists, how it works, and its impact.
Selected Reading
Police seizes Cracked and Nulled hacking forum servers, arrests suspects (Bleeping Computer)
Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History (Wiz)
Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics(Bleeping Computer)
US blood donation giant warns of disruption after ransomware attack (TechCrunch)
South Africa’s government-run weather service knocked offline by cyberattack (The Record)
Syncjacking Attack Enables Full Browser and Device Takeover (Infosecurity Magazine)
TeamViewer Patches High-Severity Vulnerability in Windows Applications (SecurityWeek)
Industry groups call on Congress to enact federal data privacy law (The Record)
US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration (SecurityWeek)
OpenAI Furious DeepSeek Might Have Stolen All the Data OpenAI Stole From Us (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Hackers linked to China and Iran are using AI to enhance cyberattacks. An AI-powered messaging tool for Slack and Discord is reportedly leaking user data. British engineering giant Smiths Group suffers a cyberattack. Rockwell Automation details critical and high-severity vulnerabilities. Researchers warn of new side-channel vulnerabilities in Apple CPUs. The Hellcat ransomware gang looks to humiliate its victims. SparkRAT targets macOS users and government entities. Flashpoint looks at FleshStealer malware. Cybercriminals leverage trust in government websites. Our guest is Ivan Novikov, CEO at Wallarm, sharing insights on the recent United States ruling that bars certain Chinese and Russian connected car tech from being imported into the US. QR code shenanigans.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Ivan Novikov, CEO at Wallarm, sharing insights on the recent United States ruling that bars certain Chinese and Russian connected car tech from being imported into the US and its impact.
Selected Reading
Chinese and Iranian Hackers Are Using U.S. AI Products to Bolster Cyberattacks (Wall Street Journal)
Update: Cybercriminals still not fully on board the AI train (yet) (Sophos)
Unprotected AI service streams private Slack messages for 30 bucks a month (Cybernews)
Engineering giant Smiths Group discloses security breach (Bleeping Computer)
Rockwell Patches Critical, High-Severity Vulnerabilities in Several Products (SecurityWeek)
New Apple CPU side-channel attacks steal data from browsers (Bleeping Computer)
SLAP (Predictors Fail)
Meow-ware gang: the cyber cats who humiliate their prey (Cybernews)
Hackers Attacking Windows, macOS, and Linux systems With SparkRAT (GB Hackers)
Unmasking FleshStealer: A New Infostealer Threat in 2025 (Flashpoint)
Threat Actors Exploit Government Websites for Phishing (Infosecurity Magazine)
Christian Walther: "@gvy_dvpont Got me thinking… c…" (Mastodon)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
DeepSeek blames DDoS for recent outages. Hackers behind last year’s AT&T data breach targeted members of the Trump family, Kamala Harris, and Marco Rubio’s wife.The EU sanctions Russians for cyberattacks against Estonia. ENGlobal confirms personal information was taken in last year’s ransomware attack. CISA issues a critical warning about a SonicWall vulnerability actively exploited. A large-scale phishing campaign exploits users’ trust in PDF files and the USPS. Apple patches a zero-day affecting many of their products. A ransomware attack on an Ohio-based operator of skilled nursing and rehabilitation facilities affects over 70,000. President Trump has a tumultuous first week back in office. Our guest is Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. A nonprofit aims to clean up the AI industry’s mess.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
We are joined by Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. Check out Bitdefender’s research on the topic here.
Selected Reading
DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge (SecurityWeek)
DeepSeek FAQ (Stratechery)
We tried out DeepSeek. It worked well, until we asked it about Tiananmen Square and Taiwan (The Guardian)
Hackers Mined AT&T Breach for Data on Trump's Family, Kamala Harris (404 Media)
European Union Sanctions Russian Nationals for Hacking Estonia (SecurityWeek)
ENGlobal Says Personal Information Accessed in Ransomware Attack (SecurityWeek)
CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild (Cyber Security News)
Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam (Security Boulevard)
Amazon Prime Security Warning As Hackers Strike—What You Need To Know (Forbes)
Apple plugs exploited security hole in iOS, updates macOS (The Register)
Nursing Home, Rehab Chain Says Hack Affects Nearly 70,000 (GovInfo Security)
A Tumultuous Week for Federal Cybersecurity Efforts (Krebs on Security)
Initiative Aims to Enable Ethical Coding LLMs (IEEE Spectrum)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Chinese AI startup DeepSeek shakes up the market. Trump freezes cyber diplomacy funding and puts a vital U.S.-EU data-sharing agreement at risk. A trojanized RAT targets script kiddies. U.K. telecom giant TalkTalk investigates a data breach. Researchers uncover a critical flaw in Meta’s Llama Stack AI framework. Attackers leverage hidden text salting in emails. The “FlowerStorm” phishing framework targets multiple brands to steal customer credentials. A critical zero-day hits SonicWall VPN appliances. Swedish authorities seized a cargo ship suspected of damaging a key fiber optic cable. Freezing out crypto-kidnappers. Our guest is Jon Miller, CEO and Co-founder from Halcyon, sharing trends in ransomware and insights on Brain Cipher. The British Museum defends its artefacts from IT attacks.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Jon Miller, CEO and Co-founder from Halcyon, sharing trends in ransomware along with some insights on Brain Cipher. For more detail, check out Halcyon’s Power Rankings: Ransomware Malicious Quartile Q4-2024.
Selected Reading
A shocking Chinese AI advancement called DeepSeek is sending US stocks plunging (CNN Business)
Politicization of intel oversight board could threaten key US-EU data transfer agreement (The Record)
Cyber diplomacy funding halted as US issues broad freeze on foreign aid (The Record)
Weaponised XWorm RAT builder Attacking script kiddies to Steal Sensitive Data (GB Hackers)
Change Healthcare Breach Almost Doubles in Size to 190 Million Victims (Infosecurity Magazine)
TalkTalk investigating data breach after hacker claims theft of customer data (TechCrunch)
Meta rushes to fix critical Llama Stack AI flaw (Cybernews)
Seasoning email threats with hidden text salting (Cisco Talos)
New Phishing Framework Attacking Multiple Brands To Steal Customer Logins (Cyber Security News)
More than 2,000 SonicWall devices vulnerable to critical zero-day (The Record)
Sweden seizes vessel after another undersea cable damaged (The Register)
Nicolas Bacca: "We have invented a unique organisational model for intervening in cryptocurrency ransom" (The Big Whale)
British Museum hit by alleged IT attack by ex-worker (BBC News)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore episode with VP of Information Security at Barracuda Dave Farrow, and how he shares how a teenage surfer fell in love with software development and made his way in the cybersecurity field. Dave chose to study electrical engineering in college because he wanted to learn something that didn't make sense to him. He says he's done things in his career that he said he'd never do: for example, he went into and fell in love with software development. Taking on leadership of a bug bounty program at Barracuda blossomed into the creation of an internal security team. Dave wants to be the guy who enables the business and not the one who prevented it. He hopes all will come to recognize that there are other threats besides cybersecurity threats to business. We thank Dave for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
This week, we are joined by Ismael Valenzuela, VP of Threat Research & Intelligence, and Jacob Faires, Principal Threat Researcher, from Blackberry discussing the team's work on "LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign." In April 2024, BlackBerry uncovered a significant evolution of the LightSpy malware campaign, attributed to Chinese cyber-espionage group APT41.
The newly introduced DeepData framework, a modular Windows-based surveillance tool, expands data theft capabilities with 12 specialized plugins for tasks like communication surveillance, credential theft, and system intelligence gathering. The campaign targets a wide range of communication platforms, including WhatsApp, Signal, and WeChat, with advanced techniques for monitoring and stealing sensitive information from victims across the Asia-Pacific region.
The research can be found here:
LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A federal court finds the FBI’s warrantless section 702 searches unconstitutional. The DOJ charges five in a fake IT worker scheme. The Texas Attorney General expands his investigation into automakers’ data sharing. CISA highlights vulnerabilities in the aircraft collision avoidance system. Estonia will host Europe's new space cybersecurity testing ground. Hackers use hardware breakpoints to evade EDR detection. Subaru’s Starlink connected vehicle service exposed sensitive customer and vehicle data. Asian nations claim progress against criminal cyber-scam camps. Our guest today is Dr. Chris Pierson, Founder and CEO of BlackCloak, with his outlook on 2025. Sticking AI crawlers in the tar pit.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Dr. Chris Pierson, Founder and CEO of BlackCloak, joining us to share trends he sees coming our way in 2025.
Selected Reading
Court rules FBI’s warrantless searches violated Fourth Amendment (Ars Technica)
US Charges Five People Over North Korean IT Worker Scheme (SecurityWeek)
Texas probes four more car companies over how they collect and sell consumer data (The Record)
CISA Warns of Flaws in Aircraft Collision Avoidance Systems (BankInfo Security)
ESA - Estonia to host Europe's new space cybersecurity testing ground (European Space Agency)
Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level (Cyber Security News)
Subaru Starlink Vulnerability Exposed Cars to Remote Hacking (SecurityWeek)
China and friends say they're hurting cyber-slave scam camps (The Register)
Developer Creates Infinite Maze That Traps AI Training Bots (404 Media)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
CISA and FBI detail exploit chains used by Chinese hackers to compromise Ivanti Cloud Service Appliances. Energy systems in Central Europe use unencrypted radio signals. A critical SonicWall vulnerability is under active exploitation. The Nnice ransomware strain isn’t. Cisco discloses a critical vulnerability in its Meeting Management tool. GhostGPT is a new malicious generative AI chatbot. ClamAV patches critical vulnerabilities in the open-source anti-virus engine. A new report questions the effectiveness of paying ransomware demands. DOGE piggybacks on the United States Digital Service. On our Industry Voices segment, we are joined by Joe Gillespie, Senior Vice President at Booz Allen, discussing Cyber AI. Jen Easterly leaves CISA a legacy of resilience and dedication.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Industry Voices
Today on our Industry Voices segment, we are joined by Joe Gillespie, Senior Vice President at Booz Allen, discussing Cyber AI.
Selected Reading
FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know (SecurityWeek)
Researchers say new attack could take down the European power grid (Ars Technica)
Critical SonicWall Vulnerability Exploited In Attacks Execute Arbitrary OS Commands (Cyber Security News)
Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques (GB Hackers)
Cisco Fixes Critical Vulnerability in Meeting Management (Infosecurity Magazine)
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing (Infosecurity Magazine)
Open-Source ClamAV Releases Critical Security Patch Updates – What’s Inside! (Cyber Security News)
Companies who pay off ransomware attackers rarely get their data back, survey shows (Cybernews)
Elon Musk Plays DOGE Ball—and Hits America’s Geek Squad (WIRED)
Under Trump, US Cyberdefense Loses Its Head (WIRED)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The latest cyber moves from the Trump White House. Pompompurin faces resentencing. An attack on a government IT contractor impacts Medicaid, child support, and food assistance programs. Helldown ransomware targets unpatched Zyxel firewalls. Murdoc is a new Mirai botnet variant. Cloudflare maps the DDoS landscape. North Korea’s Lazarus group uses fake job interviews to deploy malware. Hackers are abusing Google ads to spread AmosStealer malware. Pwn2Own Automotive awards over $382,000 on its first day. In our CertByte segment, Chris Hare and Steven Burnley take on a question from N2K’s Agile Certified Practitioner (PMI-ACP)® Practice Test. NYC Restaurant week tries to keep bots off the menu.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CertByte Segment
Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K’s suite of industry-leading certification resources, and a study tip to help you achieve the professional certifications you need to fast-track your career growth in IT, cyber security, or project management.
In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by Steven Burnley to break down a question targeting the CC - Certified in Cyber Security certification by ISC2®. Today’s question comes from N2K’s Agile Certified Practitioner (PMI-ACP)® Practice Test.
Have a question that you’d like to see covered? Email us at [email protected]. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro.
Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.
Additional sources:
https://www.pmi.org/certifications/agile-acp
https://www.pmi.org/-/media/pmi/documents/public/pdf/certifications/agile-certified-exam-outline.pdf
Selected Reading
Trump Fires DHS Board Probing Salt Typhoon Hacks (Dark Reading)
TSA chief behind cyber directives for aviation, pipelines and rail ousted by Trump team (The Record)
Trump pardons Silk Road dark web market creator Ross Ulbricht (BBC)
BreachForums Admin Conor Fitzpatrick (Pompompurin) to Be Resentenced (Hackread)
Government IT contractor Conduent says 'third-party compromise’ caused outages (The Record)
Helldown Ransomware Exploiting Zyxel Devices Using Zero-Day Vulnerability (Cyber Security News)
New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers (Security Affairs)
Record-Breaking DDoS Attack Reached 5.6 Tbps (SecurityWeek)
InvisibleFerret Malware Attacking Windows Users Through Fake Job Interview Tactics (Cyber Security News)
Fake Homebrew Google ads target Mac users with malware (Bleeping Computer)
Over $380,000 Paid Out on First Day of Pwn2Own Automotive 2025 (SecurityWeek)
Security Alert: Bots Target NYC Restaurant Week (DataDome)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
President Trump rolls back AI regulations and throws TikTok a lifeline. Attackers pose as Ukraine’s CERT-UA tech support. A critical vulnerability is found in the Brave browser. Sophos observes hacking groups abusing Microsoft 365 services and exploiting default Microsoft Teams settings. Researchers uncover critical flaws in tunneling protocols. A breach exposes personal information of thousands of students and educators. Oracle patches 320 security vulnerabilities. Kaspersky reveals over a dozen vulnerabilities in a Mercedes-Benz infotainment system. Tim Starks from CyberScoop discusses executive orders on cybersecurity and the future of CISA. We preview coming episodes of Threat Vector. Honesty isn’t always the best policy.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
Threat Vector Segment
On our Threat Vector podcast preview today:
IoT devices are everywhere, with billions deployed globally in industries like healthcare, manufacturing, and critical infrastructure. But this explosion of connectivity brings unprecedented security challenges. Host David Moulton speaks with Dr. May Wang, CTO of IoT Security at Palo Alto Networks, about how AI is transforming IoT security. Stay tuned for the full conversation this Thursday.
CyberWire Guest
Our guest is Tim Starks from CyberScoop discussing executive orders on cybersecurity and the future of CISA. You can read Tim’s article on the recent Biden EO here.
Selected Reading
Trump revokes Biden executive order on addressing AI risks (Reuters)
TikTok is back up in the US after Trump says he will extend deadline (Bleeping Computer)
Hackers impersonate Ukraine’s CERT to trick people into allowing computer access (The Record)
Brave Browser Vulnerability Let Malicious Website Mimic as Legitimate One (Cyber Security News)
Ransomware Groups Abuse Microsoft Services for Initial Access (SecurityWeek)
Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally (Hackread)
Students, Educators Impacted by PowerSchool Data Breach (SecurityWeek)
Oracle To Address 320 Vulnerabilities in January Patch Update (Infosecurity Magazine)
Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities (SecurityWeek)
Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes (SecurityWeek)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
You can learn more about AWS in Orbit at space.n2k.com/aws.
Our guests today are Araz Feyzi, Co-founder and CTO at Kayhan Space and Tim Sills, Lead Security Solutions Architect at AWS for Aerospace and Satellite.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Be sure to follow T-Minus on LinkedIn and Instagram.
Selected Reading
AWS Aerospace and Satellite
Audience Survey
We want to hear from you! Please complete our short survey. It’ll help us get better and deliver you the most mission-critical space intel every day.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
Want to join us for an interview?
Please send your pitch to [email protected] and include your name, affiliation, and topic proposal.
T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Please enjoy this encore of the Managing Director at Cerberus Sentinel, Chief Compliance Officer and the President of TalaTek, Baan Alsinawi as she shares her cybersecurity journey from a teenager who wanted to understand computers and held several positions in IT from help desk to systems engineering and cybersecurity. Founding her own business focusing on compliance, Baan says she spends maybe only 20% of her day on technical tasks and that there is always so more to do. Finding the right people for her team is a marker of success for Baan. She talks of the importance of sharing the sense of community of women in technology and nurturing women in the field. We thank Baan for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Nati Tal, Head of Guardio Labs, sits down to share their work on “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack. Guardio Labs has uncovered a critical vulnerability in the Opera browser, enabling malicious extensions to exploit Private APIs for actions like screen capturing, browser setting changes, and account hijacking.
Highlighting the ease of bypassing extension store security, researchers demonstrated how a puppy-themed extension exploiting this flaw could infiltrate both Chrome and Opera's extension stores, potentially reaching millions of users. This case underscores the delicate balance between enhancing browser productivity and ensuring robust security measures, revealing the alarming tactics modern threat actors employ to exploit trusted platforms.
The research can be found here:
“CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The FBI warns agents of hacked call and text logs. The US Treasury sanctions entities tied to North Korea’s fake IT worker operations. Russian hacking group Star Blizzard attempted to infiltrate WhatsApp accounts of nonprofits supporting Ukraine. Yubico discloses a critical vulnerability in its Pluggable Authentication Module)software. Google releases an open-source library for software composition analysis. CISA hopes to close the software understanding gap. Pumakit targets critical infrastructure. Simplehelp patches multiple flaws in their remote access software. The FTC bans GM from selling driver data. HHS outlines their efforts to protect hospitals and healthcare. Our guest Maria Tranquilli, Executive Director at Common Mission Project, speaks with N2K’s Executive Editor Brandon Karpf about the origins and impact of Hacking for Defense. Even the best of red teamers are humbled by AI.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest Maria Tranquilli, Executive Director at Common Mission Project, speaks with N2K’s Executive Editor Brandon Karpf about the origins and impact of Hacking for Defense, and how universities can get involved.
Selected Reading
FBI Has Warned Agents It Believes Hackers Stole Their Call Logs (Bloomberg)
US Announces Sanctions Against North Korean Fake IT Worker Network (SecurityWeek)
Russian Star Blizzard hackers exploit WhatsApp accounts to spy on nonprofits aiding Ukraine (The Record)
Yubico PAM Module Vulnerability Let Attackers Bypass Authentications In Certain Configurations (Cyber Security News)
Google Releases Open Source Library for Software Composition Analysis (SecurityWeek)
Closing the Software Understanding Gap (CISA)
Pumakit - A Sophisticated Linux Rootkit Attack Critical Infrastructure (Cyber Security News)
Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise (SecurityWeek)
FTC hands GM a 5-year ban on selling sensitive driver info to data brokers (The Record)
How HHS has strengthened cybersecurity of hospitals and health care systems (CyberScoop)
Microsoft AI Red Team says security work will never be done (The Register)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
President Biden issues a comprehensive cybersecurity executive order. Updates on Silk Typhoon’s US Treasury breach. A Chinese telecom hardware firm is under FBI investigation. A critical vulnerability has been found in the UEFI Secure Boot mechanism. California-based cannabis brand Stiiizy suffers a data breach. North Korea’s Lazarus Group lures freelance developers. The FTC highlights major security failures at web hosting giant GoDaddy. Veeam patches a critical vulnerability in their Backup for Microsoft Azure product. Hackers leak sensitive data from over 15,000 Fortinet firewalls. Our guest today is Oren Koren, Veriti's Co-founder and CPO, sharing insights about the state of healthcare cybersecurity. Shiver me timbers! Meta’s AI trains on a treasure chest of pirated books.
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest today is Oren Koren, Veriti's Co-founder and CPO, sharing insights about the state of healthcare cybersecurity. You can read more in their “The State of Healthcare Cybersecurity 2025” report.
Selected Reading
Biden to sign executive order on AI and software security (Axios)
Treasury Breach by Chinese Sponsored Hackers Focused on Sanctions, Report Says (Bloomberg)
Exclusive: Chinese tech firm founded by Huawei veterans in the FBI's crosshairs (Reuters)
New UEFI Secure Boot Bypass Vulnerability Exposes Systems to Malicious Bootkits (Cyber Security News)
380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy (SecurityWeek)
North Korean Hackers Targeting Freelance Software Developers (SecurityWeek)
GoDaddy Accused of Serious Security Failings by FTC (Infosecurity Magazine)
Veeam Azure Backup Solution Vulnerability Allows Attackers To Enumerate Network (Cyber Security News)
Hacking group leaks Fortinet users’ details on dark web (Computing)
Meta Secretly Trained Its AI on a Notorious Piracy Database, Newly Unredacted Court Docs Reveal (WIRED)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices - Visa fler
