CyberWire Daily

• Lessons from the latest breach reports.

  Verizon and Mandiant call for layered defenses against evolving threats. Cisco Talos describes ToyMaker and Cactus threat actors. Researchers discover a major Linux security flaw which allows rootkits to bypass traditional detection methods. Ransomware groups are experimenting with new business models. Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division shares the latest on Salt Typhoon. Global censorship takes a coffee break. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Dave sits down with Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division who shares  a PSA on Salt Typhoon. Selected Reading 2025 Data Breach Investigations Report (Verizon) Mandiant M-Trends 2025 Report (Mandiant) Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs (Ciso Talos) Linux 'io_uring' security blindspot allows stealthy rootkit attacks (bleepingcomputer) Ransomware groups test new business models to hit more victims, increase profits (the record) Cloudflare: Government-backed internet shutdowns plummet to zero in first quarter (the record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  28:57
• Are we a trade or a profession? [CISO Perspectives]

  We're sharing a episode from another N2K show we thought you might like. It's the first episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy! Show Notes: Cybersecurity has an identity problem where the industry as a whole is struggling to determine whether it is a trade or a profession. In this episode of CISO Perspectives, host Kim Jones sits down with Larry Whiteside Jr., the Chief Advisory Officer for The CISO Society, to discuss this identity crisis and how the industry as a whole connects to both of these labels. Throughout the conversation, Larry and Kim will discuss the merits and drawbacks of both labels and how cybersecurity does not solely fall into one category or the other. Want more CISO Perspectives?: Check out a companion blog post by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. It’s the perfect follow-up if you’re curious about the cyber talent crunch and how we can reshape the ecosystem for future professionals. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  47:03
• States struggle with cyber shift.

  The White House’s shift of cybersecurity responsibilities to the states is met with skepticism. Baltimore City Public Schools suffer a ransomware attack. Russian state-backed hackers target Dutch critical infrastructure. Microsoft resolves multiple Remote Desktop issues. A new malware campaign is targeting Docker environments for cryptojacking. A new phishing campaign uses weaponized Word documents to steal Windows login credentials. Zyxel Networks issues critical patches for two high-severity vulnerabilities. CISA issues five advisories highlighting critical vulnerabilities in ICS systems. Our guest is Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, sharing the findings of their latest IC3 report. So long, Privacy Sandbox.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, as she is sharing the findings of their latest IC3 report. Selected Reading Trump is shifting cybersecurity to the states, but many aren’t prepared (Stateline) Baltimore City Public Schools report data breach (beyondmachines) Russia attempting cyber sabotage attacks against Dutch critical infrastructure (record) Microsoft fixes Remote Desktop freezes caused by Windows updates (bleepingcomputer) New Malware Hijacking Docker Images with Unique Obfuscation Technique (cybersecuritynews) Hackers Exploit Weaponized Word Docs to Steal Windows Login Credentials (gbhackers) Kelly Benefits Data Breach Impacts 260,000 People (SecurityWeek) Data Breach at Onsite Mammography Impacts 350,000 (SecurityWeek) Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls (cybersecuritynews) CISA Releases Five Advisories Covering ICS Vulnerabilities & Exploits (cybersecuritynews) RIP to the Google Privacy Sandbox (The Register) 2024 IC3 ANNUAL REPORT  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  34:49
• Proton66’s malware highway.

  The Russian Proton66 is tied to cybercriminal bulletproof hosting services. A new Rust-based botnet hijacks vulnerable routers. CISA budget cuts limit the use of popular analysis tools. A pair of healthcare providers confirm ransomware attacks. Researchers uncover the Scallywag  ad fraud network. The UN warns of cyber-enabled fraud in Southeast Asia expanding at an industrial scale. Fog ransomware resurfaces and points a finger at DOGE. The cybercrime marketplace Cracked relaunches under a new domain. On our Industry Voices segment, Bob Maley, CSO of Black Kite, shares insights on the growing risk of third-party cyber incidents. Taking the scenic route through Europe's digital landscape. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kim Jones, the new Host of CISO Perspectives podcast, previewing the latest episode where Kim is joined by Larry Whiteside Jr. discussing “Are we a trade or a profession?” Industry Voices On our Industry Voices segment, Bob Maley, CSO of Black Kite, sharing insights on the growing risk of third-party cyber incidents. Selected Reading Many Malware Campaigns Linked to Proton66 Network (SecurityWeek) New Rust Botnet Hijacking Routers to Inject Commands Remotely (Cyber Security News) CISA Issues Warning Against Using Censys, VirusTotal in Threat Hunting Ops (GB Hackers) Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000 (SecurityWeek) Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily (Infosecurity Magazine) $40bn Southeast Asian Scam Sector Growing “Like a Cancer” (Infosecurity Magazine) Fog ransomware notes troll with DOGE references, bait insider attacks (SC World) Reborn: Cybercrime Marketplace Cracked Appears to Be Back (BankInfo Security) Nemesis darknet market founder indicted for years-long “borderless powerhouse of criminal activity” (Cybernews) Digital Weaning Guide from the United States (Dagbladet Information) Two top cyber officials resign from CISA (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  42:36
• When fake fixes hide real attacks.

  Adversary nations are using ClickFix in cyber espionage campaigns. Japan’s Financial Services Agency issues an urgent warning after hundreds of millions in unauthorized trades. The critical Erlang/OTP’s SSH vulnerability now has public exploits. A flawed rollout of a new Microsoft Entra app triggers widespread account lockouts.  The alleged operator of SmokeLoader malware faces federal hacking charges. A new scam blends social engineering, malware, and NFC tech to drain bank accounts. GSA employees may have been oversharing sensitive documents. Yoni Shohet, Co-Founder and CEO of Valence Security, who cautions financial organizations of coming Chinese open source AI. Crosswalks in the crosshairs of satirical hacking. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Yoni Shohet, Co-Founder and CEO of Valence Security, discussing how the onslaught of more open source AI tools coming out of China will be difficult to manage for companies especially those in the financial sector. Selected Reading North Korea, Iran, Russia-Backed Hackers Deploy ClickFix in New Attacks (Hackread) Countries Shore Up Their Digital Defenses as Global Tensions Raise the Threat of Cyberwarfare (SecurityWeek) Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts (The Record) Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (Bleeping Computer) Widespread Microsoft Entra lockouts tied to new security feature rollout (Bleeping Computer) Alleged SmokeLoader malware operator facing federal charges in Vermont (The Record) New payment-card scam involves a phone call, some malware and a personal tap (The Record) Sensitive files, including White House floor plans, shared with thousands (The Washington Post) Hacking US crosswalks to talk like Zuck is as easy as 1234 (The Register)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  31:36

Mais podcasts de Notícias

Podcasts em tendência em Notícias

Sobre CyberWire Daily

CyberWire Daily: Podcast do grupo