CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

https://thecyberwire.com/podcasts/daily-podcast

Eine durchschnittliche Folge dieses Podcasts dauert 22m. Bisher sind 2261 Folge(n) erschienen. Jeden Tag erscheint eine Folge dieses Podcasts.

Gesamtlänge aller Episoden: 33 days 21 hours 28 minutes

subscribe
share






episode 1678: Updated mitigations for ProxyNotShell. Lloyd’s investigates cyber incident. Killnet hits US state government sites. Election security. Credential theft. Verdict in Uber breach case.


Microsoft updates mitigations for ProxyNotShell. Lloyd's of London investigates a suspected cyberattack. Killnet hits networks of US state governments. The FBI and CISA weigh in on election security. Credential theft in the name of Zoom. Tim Eades from Cyber Mentor Fund on the move to early-stage investing in times of war and recession. Our guest is Nick Lumsden of Tenacity Cloud on cloud infrastructure sprawl...


share








   31m
 
 

episode 1677: Sniffing at the DIB. Sideloading cryptojacking campaign. Nord Stream and threats to critical infrastructure. US Cyber Command describes hunting forward in Ukraine. Fraud meets romance.


Data’s stolen from a US "Defense Industrial Base organization." Major sideloading cryptojacking campaign is in progress. Nord Stream and threats to critical infrastructure. US Cyber Command describes "hunt forward" missions in Ukraine. Andrew Hammond from SpyCast speaks with hacker Eric Escobar about the overlap of traditional intelligence and cybersecurity. Our guest is AJ Nash from ZeroFox with an update on the current threat landscape. Fraud meets romance...


share








   33m
 
 

episode 33: CISA Alert AA22-277A – Impacket and exfiltration tool used to steal sensitive information from defense industrial base organization.


From November 2021 through January 2022, the CISA responded to APT activity against a Defense Industrial Base organization’s enterprise network. During incident response activities, CISA discovered that multiple APT groups compromised the organization’s network, and some APT actors had long-term access to the environment...


share








   2m
 
 

episode 1676: CISA issues Binding Operational Directive 23-01. LAUSD says ransomware operators missed most sensitive PII. Trends in API protection SaaS security. Making a pest of oneself in a hybrid war.


CISA issues a Binding Operational Directive. An LA school district says ransomware operators missed most sensitive PII. An API protection report describes malicious transactions. Analysis of cyber risk in relation to SaaS applications. Joe Carrigan describes underground groups using stolen identities and deepfakes. Our guest is Eve Maler from ForgeRock on consumer identity breaches. And someone is making a nuisance of themself in Russia...


share








   37m
 
 

episode 1675: Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.


Two Microsoft Exchange zero-days exploited in the wild. A supply chain attack, possibly from Chinese intelligence services. There’s new Lazarus activity: bring-your-own-vulnerable-driver. The Mexican government falls victim to apparent hacktivism. Flying under partial mobilization’s radar. Betsy Carmelite from Booz Allen Hamilton talks about addressing the cyber workforce skills gap. Our guest Rachel Tobac from SocialProof Security brings a musical approach to security awareness training...


share








   35m
 
 

episode 119: Kayla Williams: Not everything related to cybersecurity is a fire drill. [CISO] [Career Notes]


Kayla Williams, CISO of Devo, sits down to share her story, from graduating with a finance degree to rising to where she is now. She quickly learned that finance was not for her and changed paths, working towards gaining an information security certificate. From there she was able to excel and was offered the opportunity to move to England which changed her life. Working in her new role, she really enjoys thriving with her team...


share








   10m
 
 

episode 38: The OSINT revolution: How cyber and physical security teams are leveraging open source intelligence. [CyberWire-X]


On this episode of CyberWire-X, we dive into the essential role of open-source intelligence in identifying cyber and physical threats and reducing risk across your organization. The CyberWire's CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined in the first half by Hash Table members Dr. Georgianna Shea, CCTI and TCIL Chief Technologist at the Foundation for Defense of Democracies, and Bob Turner, Field CISO – Education at Fortinet...


share








   28m
 
 

episode 252: Targeting your browser bookmarks? [Research Saturday]


David Prefer from SANS sits down with Dave to discuss how a new covert channel exfiltrates data via a browser's built-in bookmark sync. David goes on to describe how this research will "describe how the ability to synchronize bookmarks across devices introduces a novel vector for data exfiltration and other misuses...


share








   22m
 
 

episode 1674: Espionage, both online and in-person. Sabotage, both kinetic and (maybe eventually) cyber. Waterin holes, deepfakes, and the pushing of naughty words.


North Korean operators "weaponize" open-source software. The SolarMarker info-stealer returns. A quick review of Fast Company's WordPress hijacking incident. Deepfakes, and their evolution into an underworld and influence ops tool. Kinetic sabotage in the Baltic raises concerns about threats to infrastructure in cyberspace. Chris Novak from Verizon with a mid-year check in...


share








   35m
 
 

episode 1673: Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.


Gray-hat support for Iranian dissidents. Selling access wholesale in the C2C market. Novel malware’s discovered targeting VMware hypervisors. The Witchetty espionage group uses an updated toolkit. Deepen Desai from Zscaler has a Technical Analysis of Industrial Spy Ransomware. Ann Johnson of Afternoon Cyber Tea speaks with Michal Braverman-Blumenstyk, CTO for Microsoft Security, about Israel's cyber innovation. And Russian troops phone call revelations...


share








   28m