CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

https://thecyberwire.com/podcasts/daily-podcast

Eine durchschnittliche Folge dieses Podcasts dauert 22m. Bisher sind 2394 Folge(n) erschienen. Jeden Tag erscheint eine Folge dieses Podcasts.

Gesamtlänge aller Episoden: 36 days 5 hours 40 minutes

subscribe
share






Cyber Marketing Con 2022: From the horse’s mouth: CISO Q&A on solving the cyber marketer’s dilemma. [Special Editions]


At the 2022 Cyber Marketing Con, the CyberWire presented a CISO Q&A panel session on how to help cyber marketers reach CISOs and other security executives in the industry. The panel included Rick Howard, CSO of N2K Networks, Jaclyn Miller, Head of InfoSec and IT at DispatchHealth, Ted Wagner, CISO of SAP NS2, and was moderated by board director & and operating partner, Michelle Perry. Listen in as the panel discusses: What works and doesn’t work in getting a security executive’s attention...


share








   1h0m
 
 

episode 1745: Disentangling cybercrime from cyberespionage. A threat to the IoT supply chain. What do you do with the hacktivists when they stop being hacktivists? A retired FBI Special Agent is indicted.


DragonSpark conducts "opportunistic" cyberattacks in East Asia. ProxyNotShell and OWASSRF exploit chains target Microsoft Exchange servers. The IoT supply chain is threatened by exploitation of Realtek Jungle SDK vulnerability. CISA adds an entry to its Known Exploited Vulnerabilities Catalog. A Cisco study finds organizations see positive returns from investment in privacy. What's the hacktivist's postwar future? Joe Carrigan tracks a romance scam targeting seniors...


share








   29m
 
 

episode 1744: Contractor error behind FAA outage. OneNote malspam. Vastflux ad campaign disrupted. Ukraine moves closer to CCDCOE membership. Alerts for gamblers and gamers.


The FAA attributes its January NOTAM outage. Malicious OneNote attachments are appearing in phishing campaigns. The Vastflux ad campaign has been disrupted. Ukraine moves toward closer cybersecurity collaboration with NATO. Rick Howard considers the best of 2022. Deepen Desai from Zscaler looks at VPN Risk. And, finally, we’re betting you want alerts for sports book customers and online gamers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire...


share








   26m
 
 

episode 133: Miriam Wugmeister: Technology's not as complicated as you think. [Data Security] [Career Notes]


Miriam Wugmeister, co-chair of Morrison & Foerster’s Privacy and Data Security practice, sits down to share her in-depth experience and understanding of privacy and data security laws, obligations, and practices across a wide range of industries. She talks about how she grew up not knowing exactly what she wanted to get into as a profession, starting off as a chemical engineering major in college before switching to philosophy...


share








   9m
 
 

episode 44: The power of web data in cybersecurity. [CyberWire-X]


The public web data domain is a fancy way to say that there is a lot of information sitting on websites around the world that is freely available to anybody who has the initiative to collect it and use it for some purpose. When you do that collection, intelligence groups typically refer to it as open source intelligence, or OSINT. Intelligence groups have been conducting OSINT operations for over a century if you consider books and newspapers to be one source of this kind of information...


share








   28m
 
 

episode 265: Billbug infests government agencies. [Research Saturday]


Brigid O. Gorman from Symantec's Threat Hunter Team joins Dave to discuss their report "Billbug - State-sponsored Actor Targets Cert Authority and Government Agencies in Multiple Asian Countries." The team has discovered that state-sponsored actors compromised a digital certificate authority in an Asian country during a campaign in which multiple government agencies were also targeted...


share








   16m
 
 

episode 1743: Ransomware in Costa Rica. Cyberespionage against unpatched FortiOS instances. Credential stuffing PayPal, breaching T-Mobile. Utility business systems hit. Hackathons and phishing in Russia.


Ransomware hits Costa Rican government systems, again. A Chinese threat actor deploys the BOLDMOVE backdoor against unpatched FortiOS. Credential stuffing afflicts PayPal users. T-Mobile discloses a data breach. A cyberattack hits a remote Canadian utility. The Wagner Group sponsors a hackathon. Malek Ben Salem from Accenture describes prompt injection for chatbots. Our guest is Paul Martini of iboss with insights on Zero Trust...


share








   29m
 
 

episode 1742: Criminal-on-criminal action in the dark web. The cyber phases of the hybrid war heat up. ICS vulnerabilities. Codespaces and malware servers. Blank-image attacks. Social engineering.


A hostile takeover of the Solaris contraband market. Ukraine warns that Russian cyberattacks continue. An overview of 2H 2022 ICS vulnerabilities. Codespaces accounts can act as malware servers. Blank-image attacks. Campaigns leveraging HR policy themes. Dinah Davis from Arctic Wolf has tips for pros for security at home. Our guest is Gerry Gebel from Strata Identity describes a new open source standard that aims to unify cloud identity platforms. And travel-themed phishing increases...


share








   29m
 
 

episode 1741: ICS security–vulnerabilities, mitigations, and threats. A Chinese APT prospects Iranian targets. The persistence of nuisance-level hacktivism. And war takes a toll on the criminal economy.


CISA adds to its Known Exploited Vulnerability Catalog. Attacks against industrial systems. DNV is recovering from ransomware. Chinese cyberespionage is reported against Iran. The persistence of nuisance-level hacktivism. Robert M. Lee from Dragos outlines pipeline security. Our guest is Yasmin Abdi from Snap on bringing her team up to speed with zero trust. And a side-effect of Russia's war: a drop in paycard fraud...


share








   32m
 
 

episode 1740: Phishing campaigns (one uses mobilization as phishbait). Credential-stuffing attack affects Norton LifeLock users. Trends in security. Azure SSRF issues fixed. Calls for a “digital UN.”


A Phishing campaign impersonates DHL. Conscription and mobilization provide criminals with phishbait for Russian victims. Norton LifeLock advises customers that their accounts may have been compromised. Trends in data protection. Veracode's report on the state of software application security. Ben Yelin looks at NSO group’s attempt at state sovereignty. Ann Johnson from Afternoon Cyber Tea speaks with Microsoft’s Chris Young about the importance of the security ecosystem...


share








   24m