CyberWire Daily

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world. read less

Our Editor's Take

CyberWire is a news service that focuses on cybersecurity. It aims to filter unnecessary information and only serve the most reliable, unbiased coverage. The CyberWire Daily podcast takes this mission a step further. The daily briefing sits around the 30-minute mark. It summarizes the most important cybersecurity news of the day. It goes over the key events for people in the industry and those who want to learn more about it.

In today's digital age, much of people's personal and professional lives are online. As a result, society relies on the internet to store and share sensitive information. This includes financial data, personal identification, and confidential business documents. Any piece of this information can be vulnerable to cyber attacks, resulting in theft or misuse of sensitive data. And anyone can be susceptible to such attacks. It can affect individuals, global organizations, and governments alike. So industry leaders will definitely enjoy The CyberWire Daily podcast. But it's also helpful to anyone who wants to feel secure online.

Host Dave Bitter doesn't see himself as the top specialist in the field. Instead, he acts as the bridge between the experts he interviews and the podcast's audience. He is the show's everyman who's not afraid to ask stupid questions. This quality makes the podcast CyberWire Daily as entertaining as it is informative.

read less
NewsNews

Episodes

The hot pursuit of Volt Typhoon.
Yesterday
The hot pursuit of Volt Typhoon.
Volt Typhoon retains the attention of US investigators. The IMF reports a cyber breach. Fujitsu finds malware on internal systems. Securonix researchers describe DEEP#GOSU targeting South Korea. Subsea cable breaks leave West and Central Africa offline. Health care groups oppose enhanced cyber security regulations. A Pennsylvania school district grapples with a ransomware attack. AT&T denies a data leak. Our guest Kevin Magee of Microsoft Canada shared his experiments with board reporting. And Apex Legends eSports competitors get some unexpected upgrades.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Kevin Magee of Microsoft Canada sharing his experiments using N2K’s CSO Rick Howard's forecasting methodology from his Cybersecurity First Principles book regarding board reporting.  Selected Reading US is still chasing down pieces of Chinese hacking operation, NSA official says (The Record) IMF Investigates Serious Cybersecurity Breach (Infosecurity Magazine) Tech giant Fujitsu says it was hacked, warns of data breach (TechCrunch) Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware (securonix) Ghana says repairs on subsea cables could take five weeks  (Reuters) Health care groups resist cybersecurity rules in wake of landmark breach (CyberScoop) Pennsylvania’s Scranton School District dealing with ransomware attack (The Record) AT&T says leaked data of 70 million people is not from its systems (BleepingComputer) The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats (Security Affairs) Massive ‘Apex Legends’ Hack Disrupts NA Finals, Raises Serious Security Concerns (Forbes) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Unveiling the updated NICE Framework & cybersecurity education’s future. [Special Edition]
2d ago
Unveiling the updated NICE Framework & cybersecurity education’s future. [Special Edition]
The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1) provides a set of building blocks for describing the Tasks, Knowledge, and Skills (TKS) that are needed to perform cybersecurity work by individuals or teams. Through these building blocks, the NICE Framework enables organizations to develop their workforces to perform cybersecurity work, and it helps learners to explore cybersecurity work and to engage in appropriate learning activities to develop their knowledge and skills. On this Special Edition podcast, N2K CyberWire's Dave Bittner is joined by the team at NIST and FIU's Jack D. Gordon Institute for Public Policy to delve into the history of the NICE Framework through its latest update and looking into the future. Brian Fonseca, Director at the Jack D. Gordon Institute for Public Policy, shares an introduction to the NICE Framework. Karen Wetzel, NICE Framework Manager, discusses the updates to the framework. Rodney Petersen, Director of NICE, talks about what these updates mean to cybersecurity education's future. Resources: NICE Framework Resource Center Getting Started with the NICE Framework 2024 NICE Conference and Expo: Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap Take advantage of the early bird pricing until March 19, 2024. Don’t miss out on this opportunity! Jack D. Gordon Institute for Public Policy at Florida International University (FIU) Veterans and First Responders Training Initiative Intelligence Fellowship And be sure to check out our live webinar: CISOs are the new Architects (of the Workforce) Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page. Learn more about your ad choices. Visit megaphone.fm/adchoices
Flight fiasco: UK Defence Minister's jet faces GPS jamming.
4d ago
Flight fiasco: UK Defence Minister's jet faces GPS jamming.
Russia’s accused of jamming a jet carrying the UK’s defense minister. Senators introduce a bipartisan Section 702 compromise bill. The Cybercrime Atlas initiative seeks to dismantle cybercrime. StopCrypt ransomware grows stealthier. A Scottish healthcare provider is under cyber attack. Workers in France are at risk of data exposure. CERT-BE warns of critical vulnerabilities in Arcserve UDP software. The FCC approves IoT device labeling. Researchers snoop on AI chat responses. A MITRE-Harris poll tracks citizens’ concern over critical infrastructure. On our Solution Spotlight, N2K President Simone Petrella discusses the shortage of ethical hackers against the rise of AI with IOActive's CTO Gunter Ollmann. The FTC fines notorious tech support scammers.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella discusses the shortage of ethical hackers against the rise of AI with IOActive's CTO Gunter Ollmann. Coming this weekend Tune in to the CyberWire Daily Podcast feed on Sunday for a Special Edition podcast we produced in collaboration with our partners at NICE, “Unveiling the updated NICE Framework & cybersecurity education’s future.” We delve into the history of the NICE Framework, dig into its latest update, and look into the future of cybersecurity education. Selected Reading Defence Secretary jet hit by an electronic warfare attack in Poland (Security Affairs) Russia believed to have jammed signal on UK defence minister's plane - source (Reuters) Senators propose a compromise over hot-button Section 702 renewal (The Record) WEF effort to disrupt cybercrime moves into operations phase (The Register) StopCrypt: Most widely distributed ransomware now evades detection (Bleeping Computer) Scottish health service says ‘focused and ongoing cyber attack’ may disrupt services (The Record) Massive Data Breach Exposes Info of 43 Million French Workers (Hack Read) WARNING: THREE VULNERABILITIES IN ARCSERVE UDP SOFTWARE DEMAND URGENT ACTION, PATCH IMMEDIATELY! (certbe) FCC approves cybersecurity label for consumer devices  (CyberScoop) Hackers can read private AI-assistant chats even though they’re encrypted  (Ars Technica) MITRE-Harris poll reveals US public's concerns over critical infrastructure and perceived risks  (Industrial Cyber) Tech Support Firms Agree to $26M FTC Settlement Over Fake Services (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
A CIA Psychologist on the Minds of World Leaders, Pt. 1 with Dr. Ursula Wilder [SpyCast]
4d ago
A CIA Psychologist on the Minds of World Leaders, Pt. 1 with Dr. Ursula Wilder [SpyCast]
In honor of Women's History Month, please enjoy this episode of the International Spy Museum's SpyCast podcast featuring part 1 of Andrew Hammond's discussion with Dr. Ursula Wilder of the Central Intelligence Agency. Summary Dr. Ursula Wilder (LinkedIn) joins Andrew (X; LinkedIn) to discuss the intersections between psychology and intelligence. Ursula is a clinical psychologist with over two decades of experience working at the Central Intelligence Agency.  What You’ll Learn Intelligence How psychology can be useful to national security Historical examples of leadership analysis  Leadership personality assessments & the Cuban Missile Crisis Psychoanalytic theory and espionage  Reflections Human nature throughout history History repeating itself  And much, much more … Quotes of the Week “Together, these documents are quite powerful. The psych assessments are very, very carefully, tightly held and are classified at a high level. Every intelligence officer has this fantasy about seeing the file that's kept on them by the opponents.” Resources  SURFACE SKIM *SpyCasts* Agent of Betrayal, FBI Spy Robert Hanssen with CBS’ Major Garrett and Friends (2023) The North Korean Defector with Former DPRK Agent Kim, Hyun Woo (2023) SPY@20 – “The Spy of the Century” with Curators Alexis and Andrew on Kim Philby (2022) “How Spies Think” – 10 Lessons in Intelligence with Sir David Omand (2020) *Beginner Resources* What is Psychoanalysis? Institute of Psychoanalysis, YouTube (2011) [3 min. video] Psychologists in the CIA, American Psychological Association (2002) [Short article] 7 Reasons to Study Psychology, University of Toronto (n.d.) [Short article] DEEPER DIVE Books Freud and Beyond, S. A. Mitchell (Basic Books, 2016) Narcissism and Politics: Dreams of Glory, J. M. Post (Cambridge University Press, 2014) The True Believer: Thoughts on the Nature of Mass Movements, E. Hoffer (Harper Perennial Modern Classics, 2010)  Team of Rivals: The Political Genius of Abraham Lincoln, D. K. Goodwin (Simon & Schuster, 2004) Leaders, Fools, and Impostors: Essays on the Psychology of Leadership, M. F. R. Kets de Vries (iUniverse, 2003)  Primary Sources  Charles de Gaulle to Pamela Digby Churchill (1942)  Blood, Toil, Tears and Sweat (1940) Memoirs of Ulysses S. Grant (1885) Gettysburg Address (1863)  House Divided Speech (1858) Excerpt on Cleopatra from Plutarch's Life of Julius Caesar (ca. 2nd century AD) Plutarch’s The Life of Alexander (ca. 2nd century AD)  Appian’s The Civil Wars (ca. 2nd century AD)  Virgil’s The Aeneid (19 B.C.E)  *Wildcard Resource* On Dreams by Sigmund Freud (1901) In this simplified version of the father of psychoanalysis’ seminal book The Interpretation of Dreams, you can get a small taste for Freudian philosophy. Freud believed that dreams were a reflection of the subconscious mind and that studying a person’s dreams can elucidate their inner wants and needs. What are your dreams telling you?  Learn more about your ad choices. Visit megaphone.fm/adchoices
TikTok showdown: U.S. lawmakers target privacy and security.
5d ago
TikTok showdown: U.S. lawmakers target privacy and security.
The US House votes to enact restrictions on TikTok. HHS launches an investigation into Change Healthcare. An Irish Covid-19 portal puts over a million vaccination records at risk. Google distributes $10 million in bug bounty rewards. Nissan Oceana reports a data breach resulting from an Akira ransomware attack. Meta sues a former VP for alleged data theft.  eSentire sees Blind Eagle focusing on the manufacturing sector. Claroty outlines threats to health care devices. A major provider of yachts is rocked by a cyber incident. In our Threat Vector segment, David Moulton explores the new SEC cybersecurity regulations with legal expert and Unit 42 Consultant Jacqueline Wudyka. And ransomware victims want their overtime pay.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Threat Vector segment, host David Moulton explores the new SEC cybersecurity regulations that reshape how public companies handle cyber risks with legal expert and Unit 42 Consultant Jacqueline Wudyka. They discuss the challenges of defining 'materiality,' the enforcement hurdles, and the impact on the cybersecurity landscape.  Selected Reading Bill that could spur TikTok ban gains House OK  (SC Media) What would a TikTok ban look like for users? (NBC News) HHS to investigate UnitedHealth and ransomware attack on Change Healthcare (The Record) How a user access bug in Ireland’s vaccination website exposed more than a million records (ITPro) Google Paid $10m in Bug Bounties to Security Researchers in 2023 (Infosecurity Magazine) Nearly 100K impacted by Nissan Oceania cyberattack (SC Media) Meta Sues Former VP After Defection to AI Startup (Infosecurity Magazine) Malware Analysis: Blind Eagle's North American Journey (esentire) Only 13% of medical devices support endpoint protection agents (Help Net Security) Billion-dollar boat seller MarineMax reports cyberattack to SEC (The Record) City workers not getting paid overtime amid Hamilton's ransomware attack: unions (CBS News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The usual suspects are up to their usual tricks.
6d ago
The usual suspects are up to their usual tricks.
ODNI’s Annual Threat Assessment highlights the usual suspects. The White House meets with UnitedHealth Group’s CEO. A convicted LockBit operator gets four years in prison. The Clop ransomware group leaks data from major universities. Equilend discloses a data breach. Fortinet announces critical and high-severity vulnerabilities. GhostRace exploits speculative race conditions in popular CPUs. Incognito Market pulls the rug and extorts its users. Patch Tuesday notes. On the Learning Layer, Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. They explore Joe's journey on the road to taking his CISSP test. And, I do not authorize Facebook, Meta or any of its subsidiaries to use this podcast. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Join us as a Learning Layer special series kicks off. Over the next several weekly episodes of the Learning Layer, host Sam Meisenberg talks with Joe Carrigan from Johns Hopkins University Information Security Institute, and co-host of Hacking Humans podcast. On this episode, they explore Joe's journey as he embarks on the road to taking his CISSP test after fourteen years in the cyber industry, and why he decided to get it now. Learn more about ISC2’s Certified Information Systems Security Professional (CISSP) certification, and explore our online certification courses, practice tests, and labs that ensure that you’re ready for exam day. Selected Reading ODNI's 2024 Threat Assessment: China, Russia, North Korea pose major cyber threats amid global instability - Industrial Cyber (Industrial Cyber) White House meets with UnitedHealth CEO over hack  (Reuters) LockBit ransomware affiliate gets four years in jail, to pay $860k (bleepingcomputer) Stanford University ransomware attack impacts 27K  (SC Media) EquiLend Employee Data Breached After January Ransomware Attack (HACKread) Fortinet reports two critical and three high severity issues, plan to patch (beyondmachines) Major CPU, Software Vendors Impacted by New GhostRace Attack (SecurityWeek) Incognito Market: The not-so-secure dark web drug marketplace  (Graham Cluley) Microsoft Patch Tuesday – Major Flaws In Office, Exchange And SQL Server (cybersecuritynews) New Facebook photo rule hoax spreads (Malwarebytes)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Biden's budget boost for cybersecurity.
1w ago
Biden's budget boost for cybersecurity.
Biden’s budget earmarks thirteen billion bucks for cybersecurity. DOJ targets AI abuse. A US trade mission to the Philippines includes cyber training. CISA and OMB release a secure software attestation form. CyberArk explores AI worms. Russia arrests a South Korean on cyber espionage charges. French government agencies are hit with DDoS attacks. Jessica Brandt is named director of the Foreign Malign Influence Center. Afternoon Cyber Tea host Ann Johnson speaks with her guest Keren Elazari about the hacker mindset. Google builds itself the Bermuda Triangle of Broadband.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Afternoon Cyber Tea host Ann Johnson talks with her guest Keren Elazari about the hacker mindset. To hear the full conversation, please listen to the episode of Afternoon Cyber Tea. Selected Reading US Federal Budget Proposes $27.5B for Cybersecurity (GovInfo Security) Justice Department Beefs up Focus on Artificial Intelligence Enforcement, Warns of Harsher Sentences (SecurityWeek) Microsoft to train 100,000 Philippine women in AI, cybersecurity (South China Morning Post) US launches secure software development attestation form to enhance federal cybersecurity (Industrial Cyber) The Rise of AI Worms in Cybersecurity (Security Boulevard) South Korean detained earlier this year is accused of espionage in Russia, state news agency says (Associated Press)  Massive cyberattacks hit French government agencies (Security Affairs) ODNI appoints new election security leader ahead of presidential race (The Record) Google’s self-designed office swallows Wi-Fi “like the Bermuda Triangle” ( Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
CISA’s news trifecta.
Mar 11 2024
CISA’s news trifecta.
A roundup of news out of CISA. California reveals data brokers selling the sensitive information of minors. Permiso Security shares an open-source cloud intrusion detection tool. Darktrace highlights a campaign exploiting DropBox.  EU's Cyber Solidarity Act forges ahead. A White House committee urges new economic incentives for securing OT systems. Paysign investigates claims of a data breach.  Our guest is Alex Cox, Director Threat Intelligence, Mitigation, and Escalation at LastPass, to discuss what to expect after LockBit. And Axios highlights the clowns and fools behind ransomware attacks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Alex Cox, Director, Threat Intelligence, Mitigation, Escalation (TIME) at LastPass, joins us to discuss what to expect after LockBit. Selected Reading Top US cybersecurity agency hacked and forced to take some systems offline (CNN Politics) CISA’s open source software security initiatives detailed (SC Media) GAO uncovers mixed feedback on CISA's OT cybersecurity services when it comes to addressing risks (Industrial Cyber) Dozens of data brokers disclose selling reproductive healthcare info, precise geolocation and data belonging to minors (The Record) New Open Source Tool Hunts for APT Activity in the Cloud (SecurityWeek) Dropbox Abused in New Phishing, Malspam Scam to Steal SaaS Logins (HACKREAD) Everything you need to know about the EU's Cyber Solidarity Act (ITPro) White House advisory group says market forces ‘insufficient’ to drive cybersecurity in critical infrastructure (CyberScoop) Paysign investigating reports of consumer information data breach (The Record) The clowns and fools behind ransomware attacks (Axios)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
From breach to battle: The escalating threat of Midnight Blizzard.
Mar 8 2024
From breach to battle: The escalating threat of Midnight Blizzard.
Russian hackers persist against Microsoft’s internal systems. Change Healthcare systems are slowly coming back online. Russian propaganda sites masquerade as local news. Swiss government info is leaked on the darknet.  Krebs on Security turns the tables on the Radaris online data broker. The NSA highlights the fundamentals of Zero Trust. The British Library publishes lessons learned from their ransomware attack. Researchers run a global prompt hacking competition. CheckPoint looks at Magnet Goblin. Experts highlight the need for psychological safety in cyber security. Our guest is Dinah Davis, Founder and Editor-In-Chief of Code Like A Girl, sharing the work they do to inspire young women to consider a career in technology. And the I-Soon leak reveals the seedy underbelly of Chinese cyber operations. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Dinah Davis, Founder and Editor-In-Chief of Code Like A Girl, sharing the work they do to inspire young women to consider a career in technology. Selected Reading Microsoft says Russian-state sponsored hackers have been able to access internal systems  (Reuters)  Change Healthcare brings some systems back online after cyberattack (The Record) Spate of Mock News Sites With Russian Ties Pop Up in U.S  (The New York Times) Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration (Security Affairs) A Close Up Look at the Consumer Data Broker Radaris (krebsonsecurity) NSA Details Seven Pillars Of Zero Trust (GB Hackers) LEARNING LESSONS FROM THE CYBER-ATTACK British Library cyber incident review (British Library) A Taxonomy of Prompt Injection Attacks  (Schneier on Security) https://arxiv.org/pdf/2311.16119.pdf (Research) Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities  (Check Point Research) Why 'psychological safety' is so important for building a robust security culture (ITPro) Inside Chinese hacking company’s culture of influence, alcohol and sex (C4isernet) International Women's Day (International Women’s Day)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Encore: Breaking Through: Securing the advancement of women in cybersecurity. {Special Editions]
Mar 8 2024
Encore: Breaking Through: Securing the advancement of women in cybersecurity. {Special Editions]
In honor of International Women's Day, please enjoy this encore of our 2023 Women in Cyber panel. In the dynamic field of cybersecurity, it’s well established that creating more opportunities for diversity and inclusion is essential for developing a highly skilled workforce. As an industry, we are starting to see the fruits of that labor, but there is a growing need for diverse leadership to nurture continuous innovation and resilience in cybersecurity. As part of N2K’s 2023 Women in Cyber content series, we’re excited to host an engaging virtual panel discussion moderated by N2K's President Simone Petrella featuring insights, experiences, and strategies for advancing more women into leadership roles within the field. This virtual discussion explores different areas including: Navigating the Cybersecurity Landscape: Gain insights into our guests' career journeys, including mentors, challenges, and success, and how the evolving landscape may present different challenges and opportunities for women. Building a Supportive Ecosystem: Explore the importance of mentorship, allyship, and a strong network in propelling women into leadership, and how to create an environment where everyone can thrive. Closing the Gender Gap: Delve into actionable strategies and best practices for organizations to promote gender diversity in their cybersecurity leadership teams. The Future of Cybersecurity Leadership: Gain a forward-looking perspective on the evolving role of women in shaping the future of cybersecurity. This panel discussion is a must-listen event for professionals, leaders, and aspiring cybersecurity experts who are committed to promoting diversity and empowering women to excel in cybersecurity leadership. Don't miss the opportunity to be part of this inspiring conversation and drive positive change in the industry. Panelists: Abisoye Ajayi, Cyber & Analytics Manager at Tulsa Innovation Labs Koma Gandy, VP, Leadership & Business at Skillsoft Lauren Zabierek, Sr. Advisor at CISA Learn more about your ad choices. Visit megaphone.fm/adchoices
A secret scheme resulting in stolen secrets.
Mar 7 2024
A secret scheme resulting in stolen secrets.
A former Google software engineer is charged with stealing AI tech for China. State attorneys general from forty-one states call out Meta over account takeover issues. Researchers demonstrate a Stuxnet-like attack using PLCs. Buyer beware - A miniPC comes equipped with pre installed malware. A Microsoft engineer wants the FTC to take a closer look at Copilot Designer. There’s a snake in Facebook’s walled garden. Bruce Schneier wonders if AI can strengthen democracy. On our Industry Voices segment, guest Jason Lamar, Senior Vice President of Product at Cobalt, joins us to discuss offensive security strategy. And NIST works hard to keep their innovations above water. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, guest Jason Lamar, Senior Vice President of Product at Cobalt, joins us to discuss offensive security strategy. You can find out more from Cobalt’s OffSec Shift report here.  Selected Reading Former Google Engineer Charged With Stealing AI Secrets (Infosecurity Magazine) Several States Attorneys General have written to Meta demanding better account recovery (NY gov) Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers  (SecurityWeek) Whoops! ACEMAGIC ships mini PCs with free bonus pre-installed malware  (Graham Cluley) Microsoft AI engineer warns FTC about Copilot Designer safety concerns  (The Verge) Snake, a new Info Stealer spreads through Facebook messages (Security Affairs) NSA Details Seven Pillars Of Zero Trust (gbhackers) How Public AI Can Strengthen Democracy  (Schneier on Security) This agency is tasked with keeping AI safe. Its offices are crumbling. (WashingtonPost) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
No cyber blues on Super Tuesday.
Mar 6 2024
No cyber blues on Super Tuesday.
CISA says Super Tuesday ran smoothly. The White House sanctions spyware vendors. The DoD launches its Cyber Operational Readiness Assessment program. NIST unveils an updated NICE Framework. Apple patches a pair of zero-days. The GhostSec and Stormous ransomware gangs join forces. Cado Security tracks a new Golang-based malware campaign. Google updates its search algorithms to fight spammy content. Canada's financial intelligence agency suffers a cyber incident. On our Industry Voices segment, our guest Amitai Cohen, Attack Vector Intel Lead at Wiz joins us to discuss cloud threats. Moonlighting on the dark side.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, our guest Amitai Cohen, Attack Vector Intel Lead at Wiz and host of their Crying Out Cloud podcast, joins us to discuss cloud threats. Learn more in Wiz's State of the AI Cloud report.  Selected Reading No security issues as Super Tuesday draws to a close, CISA official says (The Record) Biden administration sanctions makers of commercial spyware used to surveil US (CNN Business) US DoD launches CORA program to revolutionize cybersecurity strategy (Industrial Cyber) Unveiling NICE Framework Components v1.0.0: Explore the Latest Updates Today! (NIST) Update your iPhones and iPads now: Apple patches security vulnerabilities in iOS and iPadOS (Malwarebytes) Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks (Security Affairs) Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware (Bleeping Computer) Google is starting to squash more spam and AI in search results (The Verge) Cyberattack forces Canada’s financial intelligence agency to take systems offline (The Record) Cyber Pros Turn to Cybercrime as Salaries Stagnate (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices