The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
Gesamtlänge aller Episoden: 44 days 18 hours 34 minutes
episode 1675: Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.
Two Microsoft Exchange zero-days exploited in the wild. A supply chain attack, possibly from Chinese intelligence services. There’s new Lazarus activity: bring-your-own-vulnerable-driver. The Mexican government falls victim to apparent hacktivism. Flying under partial mobilization’s radar. Betsy Carmelite from Booz Allen Hamilton talks about addressing the cyber workforce skills gap. Our guest Rachel Tobac from SocialProof Security brings a musical approach to security awareness training...
episode 1676: CISA issues Binding Operational Directive 23-01. LAUSD says ransomware operators missed most sensitive PII. Trends in API protection SaaS security. Making a pest of oneself in a hybrid war.
CISA issues a Binding Operational Directive. An LA school district says ransomware operators missed most sensitive PII. An API protection report describes malicious transactions. Analysis of cyber risk in relation to SaaS applications. Joe Carrigan describes underground groups using stolen identities and deepfakes. Our guest is Eve Maler from ForgeRock on consumer identity breaches. And someone is making a nuisance of themself in Russia...
episode 1677: Sniffing at the DIB. Sideloading cryptojacking campaign. Nord Stream and threats to critical infrastructure. US Cyber Command describes hunting forward in Ukraine. Fraud meets romance.
Data’s stolen from a US "Defense Industrial Base organization." Major sideloading cryptojacking campaign is in progress. Nord Stream and threats to critical infrastructure. US Cyber Command describes "hunt forward" missions in Ukraine. Andrew Hammond from SpyCast speaks with hacker Eric Escobar about the overlap of traditional intelligence and cybersecurity. Our guest is AJ Nash from ZeroFox with an update on the current threat landscape. Fraud meets romance...
episode 1678: Updated mitigations for ProxyNotShell. Lloyd’s investigates cyber incident. Killnet hits US state government sites. Election security. Credential theft. Verdict in Uber breach case.
Microsoft updates mitigations for ProxyNotShell. Lloyd's of London investigates a suspected cyberattack. Killnet hits networks of US state governments. The FBI and CISA weigh in on election security. Credential theft in the name of Zoom. Tim Eades from Cyber Mentor Fund on the move to early-stage investing in times of war and recession. Our guest is Nick Lumsden of Tenacity Cloud on cloud infrastructure sprawl...
episode 1679: A US EO addresses EU data privacy concerns. China’s favorite CVEs. Election security and credit risk. COVID phishbait. Notes from the hybrid war, including some really motivated draft evaders.
A US Executive Order outlines US-EU data-sharing privacy safeguards. CISA, NSA, and the FBI list the top vulnerabilities currently being exploited by China. A look at election security and credit risk to US states. COVID-19-themed social engineering continues. Robert M. Lee from Dragos on securing the food and beverage industry. Carole Theriault interviews Joel Hollenbeck from Check Point Software on threat actors phishing school board meetings...
episode 1680: An update on the hybrid war, where Russia turns to missile strikes, physical sabotage, and nuisance-level DDoS. Surveys look at the state of the SOC and the mind of the CISO.
Russia's Killnet suspected in DDoS attack on major US airports. Starlink service interruptions reported. Bundesbahn communications network sabotaged in northern Germany. Germany's cybersecurity chief faces scrutiny over alleged ties to Russia. Ben Yelin on the FCC's crackdown on robocalls. Ann Johnson from Afternoon Cyber Tea talking with Sounil Yu from JupiterOne about the importance and evolution of cyber resilience...
episode 1681: Caffeine in the C2C market. Refund-fraud-as-a-service. Costs of a nuisance. Staying alert during a hybrid war. Renewed Polonium activity. The Uber case's impact on security professionals.
Refund fraud as a service. Costs of a nuisance. Remaining on alert during a hybrid war. Renewed activity by Polonium. Andrea Little Limbago from Interos discussing quantum computing policy. CyberWire Space Correspondent Maria Varmazis speaks with Dr. Gregory Falco on lessons learned from Russia’s attack on Viasat. Reflections on the Uber case's impact on security professionals. And when it comes to phishing-as-a-service, we’ll take decaf...
episode 1682: What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russia’s hybrid war.
Emotet ups its game. COVID-19 small business grants as phishbait. Google Translate is spoofed for credential harvesting. Research on the Budworm espionage group. Kevin Magee from Microsoft shares why cybersecurity professionals should join company boards. Our guest is Chris Niggel from Okta with a look at identity shortfalls. And Internet outages during missile strikes, and the prospects of Russia’s hybrid war...
episode 1683: Phishing for poll watchers. Impersonating Intrusion Truth. Data breach at the LDS Church. SpaceX asks for help paying for Ukraine’s Starlink. Killnet’s potential. The gamer’s attack surface.
County election workers find themselves targets of phishing. Impersonating Intrusion Truth. The LDS Church discloses data compromise. SpaceX asks for Starlink funding. Does Killnet have potential to do more damage than it so far has? Deepen Desai from Zscaler on Joker, Facestealer and Coper banking malwares on the Google Play store. Our guest is Maxime Lamothe-Brassard of LimaCharlie to discuss how the cybersecurity is following in the footsteps of software engineering...
episode 1684: Tata Power sustains cyberattack. Influence operations and battlespace prep. Ransom Cartel looks a lot like REvil. Notes from Russia’s hybrid war.
There’s been a Cyberattack against Tata Power. The FBI warns US state political parties of Chinese scanning. Russian influence ops play defense; China’s are on the offense. Ransom Cartel and a possible connection to REvil. "Prestige" ransomware is sighted in attacks on Polish and Ukrainian targets. Distributed denial-of-service attacks interfere with Bulgarian websites. Grayson Milbourne of OpenText Security Solutions on SBOMS...