CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Eine durchschnittliche Folge dieses Podcasts dauert 21m. Bisher sind 2822 Folge(n) erschienen. Dies ist ein täglich erscheinender Podcast.

Gesamtlänge aller Episoden: 42 days 11 hours 54 minutes


episode 267: Can ransomware turn machines against us? [Research Saturday]

Tom Bonner and Eoin Wickens from HiddenLayer's SAI Team to discuss their research on weaponizing machine learning models with ransomware. Researchers at HiddenLayer’s SAI Team have developed a proof-of-concept attack for surreptitiously deploying malware, such as ransomware or Cobalt Strike Beacon, via machine learning models...


 February 4, 2023  18m

episode 268: Knocking down the legs of the industrial security triad. [Research Saturday]

Pascal Ackerman, OT Security Strategist from Guidepoint Security, joins Dave to discuss his work on discovering a vulnerability in the integrity of common HMI client-server protocol...


 February 11, 2023  19m

episode 269: Implementing and achieving security resilience. [Research Saturday]

Wendy Nather from Cisco sits down with Dave to discuss their work on "Cracking the Code to Security Resilience: Lessons from the Latest Cisco Security Outcomes Report." The report describes what security resilience is, while also going over how companies can achieve this resilience...


 February 18, 2023  20m

episode 270: The next hot AI scam. [Research Saturday]

Andy Patel from WithSecure Labs joins with Dave to discuss their study that demonstrates how GPT-3 can be misused through malicious and creative prompt engineering. The research looks at how this technology, GPT-3 and GPT-3.5, can be used to trick users into scams. GPT-3 is a user-friendly tool that employs autoregressive language to generate versatile natural language text using a small amount of input that could inevitably interest cybercriminals...


 February 25, 2023  25m

episode 271: New exploits are tricking Chrome. [Research Saturday]

Dor Zvi, Co-Founder and CEO from Red Access to discuss their work on "New Chrome Exploit Lets Attackers Completely Disable Browser Extensions." A recently patched exploit is tricking Chrome browsers on all popular OSs to not only give attackers visibility of their targets’ browser extensions, but also the ability to disable all of those extensions...


 March 4, 2023  15m

episode 271: Files stolen from a sneaky SymStealer. [Research Saturday]

Ron Masas of Imperva discusses their work, the "Google Chrome “SymStealer” Vulnerability. How to Protect Your Files from Being Stolen." By reviewing the ways the browser handles file systems, specifically searching for common vulnerabilities relating to how browsers process symlinks, the Imperva Red Team discovered that when files are dropped onto a file input, it’s handled differently...


 March 11, 2023  13m

episode 273: ChatGPT grants malicious wishes? [Research Saturday]

Bar Block, Threat Intelligence Researcher at Deep Instinct, joins Dave to discuss their work on "ChatGPT and Malware - Making Your Malicious Wishes Come True." Deep Instinct goes into depth on just how dangerous ChatGPT can be in the wrong hands as well as how artificial intelligence is better at creating malware than providing ways to detect it...


 March 18, 2023  16m

episode 274: Popunders are not the good kind of ads. [Research Saturday]

On this episode, Jérôme Segura, senior threat researcher at Malwarebytes, shares his team's work, "WordPress sites backdoored with ad fraud plugin." WordPress is an immensely popular content management system (CMS) powering over 43% of all websites. Many webmasters will monetize their sites by running ads and need to draw particular attention to search engine optimization (SEO) techniques to maximize their revenues...


 March 25, 2023  24m

episode 275: Blackfly flies back again. [Research Saturday]

Dick O'Brien from Symantec’s Threat Hunter team discusses their research on "Blackfly - Espionage Group Targets Materials Technology." Researchers say the Blackfly espionage group (aka APT41), has been mounting attacks against Asian materials and composite organizations in attempts to steal intellectual property. This group has been known as one of the longest known Chinese advanced persistent threat (APT) groups since at least 2010...


 April 1, 2023  13m

episode 276: A dark side to LLMs. [Research Saturday]

Sahar Abdelnabi from CISPA Helmholtz Center for Information Security sits down with Dave to discuss their work on "A Comprehensive Analysis of Novel Prompt Injection Threats to Application-Integrated Large Language Models." There is currently a large advance in the capabilities of Large Language Models or LLMs, as well as being integrated into many systems, including integrated development environments (IDEs) and search engines...


 April 8, 2023  17m