CyberWire Daily podcast

24:35

Cyber Command ordered to halt offensive operations against Russia during Ukraine negotiations. Ransomware actors exploit Paragon Partition Manager vulnerability. Amnesty International publishes analysis of Cellebrite exploit chain. California orders data broker to shut down for violating the Delete Act. On our Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." And it’s the end of an era. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . Afternoon Cyber Tea segment. On our monthly Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." Ann and Igor share an engaging conversation on the challenges and optimism driving the fight against cyber threats. To hear the full conversation on Ann’s show, check out the episode here . You can catch new episodes of Afternoon Cyber Tea every other Tuesday on N2K CyberWire network and on your favorite podcast app. Selected Reading Exclusive: Hegseth orders Cyber Command to stand down on Russia planning (The Record) As Trump warms to Putin, U.S. halts offensive cyber operations against Moscow (The Washington Post) Hegseth Orders Pentagon to Stop Offensive Cyberoperations Against Russia (The New York Times) Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (Bleeping Computer) VU#726882 - Paragon Partition Manager contains five memory vulnerabilities within its BioNTdrv.sys driver that allow for privilege escalation and denial-of-service (DoS) attacks (Carnegie Mellon University Software Engineering Institute CERT Coordination Center) Cellebrite zero-day exploit used to target phone of Serbian student activist (Amnesty International Security Lab) California shuts down data broker for failing to register (The Record) Research finds 12,000 ‘Live’ API Keys and Passwords in DeepSeek's Training Data (Truffle Security) Cyberattack detected at Polish space agency, minister says (Reuters) Polish space agency confirms cyberattack (The Register) As Skype shuts down, its legacy is end-to-end encryption for the masses (TechCrunch) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Taree Reardon: A voice for women in cyber. [Career Notes] 7:56

for 2 dage siden7:56

7:56

Senior Threat Analyst and Shift Lead for VMware Taree Reardon shares her journey to becoming leader for women in the cybersecurity field. A big gamer who has always been interested in hacking and forensics, Taree found her passion while learning about cybersecurity. She's dedicated to diversity and inclusion and found her footing on a team made up of 50% women. Taree spends her days tracking and blocking attacks and as a champion for women. Trusting yourself is top on her list of advice. We thank Taree for sharing her story. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Caught in the contagious interview. [Research Saturday] 29:10

for 3 dage siden29:10

29:10

This week we are joined by Phil Stokes , threat researcher at SentinelOne's SentinelLabs, discussing their work on "macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed." Apple recently pushed an update to its XProtect tool, blocking several variants of the DPRK-linked Ferret malware family, which targets victims through the "Contagious Interview" campaign. The malware uses fake job interview processes to trick users into installing malicious software, and new variants, including FlexibleFerret, remain undetected by XProtect. SentinelOne's research reveals a deeper investigation into this malware, which uses social engineering to expand its attack vectors, including targeting developers through platforms like GitHub. The research can be found here: macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Pay the ransom or risk data carnage. 31:19

for 3 dage siden31:19

31:19

Qilin ransomware gang claims responsibility for attack against Lee Enterprises. Thai police arrest suspected hacker behind more than 90 data leaks. JavaGhost uses compromised AWS environments to launch phishing campaigns. LotusBlossum cyberespionage campaigns target Southeast Asia. Malware abuses Microsoft dev tunnels for C2 communication. Protecting the food supply. Today’s guest is Keith Mularski, Chief Global Ambassador at Qintel and former FBI Special Agent, discussing crypto being the target of the cyber underground. And an interview with Iron Man? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Today we share Dave’s conversation with Keith Mularski , Chief Global Ambassador at Qintel and former FBI Special Agent, discussing crypto being the target of the cyber underground. Selected Reading Ransomware Group Takes Credit for Lee Enterprises Attack (SecurityWeek) Hacker Behind Over 90 Data Leaks Arrested in Thailand (SecurityWeek) JavaGhost’s Persistent Phishing Attacks From the Cloud (Unit 42) Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools (Cisco Talos) Njrat Campaign Using Microsoft Dev Tunnels (SANS Internet Storm Center) New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins (Cyber Security News) How pass the cookie attacks can bypass your MFA (Longwall Security) Farm and Food Cybersecurity Act reintroduced to protect food supply chain from cyber threats (Industrial Cyber) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
The masterminds behind a $1.5 billion heist. 33:08

for 4 dage siden33:08

33:08

FBI attributes $1.5 billion Bybit hack to DPRK hackers. Cellebrite suspends services in Serbia following allegations of misuse. A Belgium spy agency is hacked. New groups, bigger attacks. Sticky Werewolf strikes again. US DNI orders legal review of UK's request for iCloud backdoor. A cybersecurity veteran takes CISA’s lead. DOGE accesses sensitive HUD data. Cleveland Municipal Court remains closed following cyber incident. Our guest today is an excerpt from our Caveat podcast. Adam Marré, Arctic Wolf CISO and former FBI special agent, joins Dave to discuss banning TikTok and increasing regulations for social media companies. And can hacking be treason? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Our guest today is an excerpt from our Caveat podcast. Adam Marré , Arctic Wolf CISO and former FBI special agent, joins Dave to discuss banning TikTok and increasing regulations for social media companies. You can hear Adam and Dave’s full discussion on today’s Caveat episode . Listen to Dave and co-host Ben Yelin discuss the issue following the interview on Caveat. Selected Reading FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist (Bleeping Computer) Cellebrite suspends Serbia as customer after claims police used firm's tech to plant spyware (TechCrunch) Belgium probes suspected Chinese hack of state security service (The Record) It's not just Salt Typhoon: All China-backed attack groups are showcasing specialized offensive skills (CyberScoop) Angry Likho APT Resurfaces with Lumma Stealer Attacks Against Russia (Hackread) Gabbard: UK demand to Apple for backdoor access is 'grave concern' to US (The Record) Karen Evans steps into a leading federal cyber position: executive assistant director for cybersecurity at CISA (CyberScoop) DOGE Gains Access to Confidential Records on Housing Discrimination, Medical Details — Even Domestic Violence (ProPublica) ‘Cyber incident’ shuts down Cleveland Municipal Court for third straight day (The Record) Cyber threat shuts down Cleveland Municipal Court for second day (News5 Cleveland) U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason” (Krebs on Security) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Live from Orlando, it's Hacking Humans! [Hacking Humans] 30:51

for 5 dage siden30:51

30:51

In this special live episode of Hacking Humans , recorded at ThreatLocker’s Zero Trust World 2025 conference in Orlando, Florida, Dave Bittner is joined by T-Minus host Maria Varmazis . Together, they explore the latest in social engineering scams, phishing schemes, and cybercriminal exploits making headlines. Their guest, Seamus Lennon , ThreatLocker’s VP of Operations for EMEA, shares insights on Zero Trust security and the evolving threat landscape. Maria's story this week follows the IRS warning about a fake “Self Employment Tax Credit” scam on social media, urging taxpayers to ignore misinformation and consult professionals. Dave's got the story of the Better Business Bureau’s annual Scam Tracker report, revealing that online shopping scams continue to top the list for the fifth year, with phishing and employment scams remaining major threats, while fraudsters increasingly use AI and deepfake technology to deceive victims. Our catch of the day comes from Diesel in West Virginia, and features a scammer who tried to panic their target with a classic “We’ve frozen your account” scam—only to get hilariously mixed up with actual embryo freezing. Resources and links to stories: Better Business Bureau reveals top local scams of 2024 IRS warns taxpayers about misleading claims about non-existent “Self Employment Tax Credit;” promoters, social media peddling inaccurate eligibility suggestions BBB Scam Tracker Got a $1,400 rebate text from the IRS? It's a scam, Better Business Bureau warns. You can hear more from the T-Minus space daily show here . Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@n2k.com . Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Hacked in plain sight. 30:56

for 5 dage siden30:56

30:56

A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGE’s negligent cybersecurity practices. Critical vulnerabilities in Rsync allow attackers to execute remote code. A class action lawsuit claims Amazon violates Washington State’s privacy laws. CISA warns that attackers are exploiting Microsoft’s Partner Center platform. A researcher discovers a critical remote code execution vulnerability in MITRE’s Caldera security training platform. An analysis of CISA’s JCDC AI Cybersecurity Collaboration Playbook. Ben Yelin explains Apple pulling iCloud end-to-end encryption in response to the UK Government. A Disney employee’s cautionary tale. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest We are joined by Caveat podcast co-host Ben Yelin to discuss Apple pulling iCloud end-to-end encryption in response to the UK Government. You can read the article from Bleeping Computer here . Ben is the Program Director for Public Policy & External Affairs at University of Maryland Center for Health and Homeland Security . You can catch Caveat every Thursday here on the N2K CyberWire network and on your favorite podcast app. Selected Reading 3.3 Million People Impacted by DISA Data Breach (SecurityWeek) DOGE must halt all ‘negligent cybersecurity practices,’ House Democrats tell Trump (The Record) Signal May Exit Sweden If Government Imposes Encryption Backdoor (Infosecurity Magazine) Rsync Vulnerabilities Let Hackers Gain Full Control of Servers - PoC Released (Cyber Security News) Lawsuit: Amazon Violates Washington State Health Data Law (BankInfo Security) CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in Wild (Cyber Security News) MITRE Caldera security suite scores perfect 10 for insecurity (The Register) CISA’s AI cybersecurity playbook calls for greater collaboration, but trust is key to successful execution (CyberScoop) A Disney Worker Downloaded an AI Tool. It Led to a Hack That Ruined His Life. (Wall Street Journal) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Orange you glad you didn't fall for this? 33:18

for 6 dage siden33:18

33:18

A hacker claims to have stolen internal documents from a major French telecommunications company. A security breach hits Russia’s financial sector. Cyberattacks targeting ICS and OT surged dramatically last year. Chinese group Silver Fox is spoofing medical software. The UK Home Office’s new vulnerability reporting policy risks prosecuting ethical hackers. Ransomware actors are shifting away from encryption. A sophisticated macOS malware campaign is distributing Poseidon Stealer. The LightSpy surveillance framework evolves into a cross-platform espionage tool. A Chinese botnet is targeting Microsoft 365 accounts using password spraying attacks. Our guest today is Lauren Buitta, Founder and CEO at Girl Security, discussing mentoring and intergenerational strategies. There may be a backdoor in your front door. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Our guest today is Lauren Buitta , Founder and CEO at Girl Security , discussing mentoring and intergenerational strategies. Selected Reading Orange Group confirms breach after hacker leaks company documents (Bleeping Computer) Russia warns of breach of major IT service provider LANIT serving the financial sector (Beyond Machines) Dragos: Surge of new hacking groups enter ICS space as states collaborate with private actors (CyberScoop) China's Silver Fox spoofs medical imaging apps to hijack patients' computers (The Register) UK Home Office’s new vulnerability reporting mechanism leaves researchers open to prosecution (The Record) Only a Fifth of Ransomware Attacks Now Encrypt Data (Infosecurity Magazine) Poseidon Stealer Malware Attacking Mac Users via Fake DeepSeek Site (Cyber Security News) Exploits for unpatched Parallels Desktop flaw give root on Macs (Bleeping Computer) LightSpy Malware Expands with 100+ Commands to Target Users Across All Major OS Platforms (GB Hackers) Chinese Botnet Bypasses MFA in Microsoft 365 Attacks (Infosecurity Magazine) CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability (SecurityWeek) A single default password exposes access to dozens of apartment buildings (TechCrunch) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Can the U.S. keep up in cyberspace? 35:34

for 7 dage siden35:34

35:34

Retired Gen. Paul Nakasone warns the U.S. is falling behind in cyberspace. Australia orders government entities to remove and ban Kaspersky products. FatalRAT targets industrial organizations in the APAC region. A major cryptocurrency exchange reports the theft of $1.5 billion in digital assets. Apple removes end-to-end encryption (E2EE) for iCloud in the UK. Researchers uncover a LockBit ransomware attack exploiting a Windows Confluence server. Researchers uncover zero-day vulnerabilities in a widely used cloud logging utility.A PayPal email scam is tricking users into calling scammers. Republican leaders in the House request public input on national data privacy standards. A Michigan man faces charges for his use of the Genesis cybercrime marketplace. Our guest is Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, explaining the domino effect of a cyberattack on the power grid. Meta sues an Insta Extortionist. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Today, Dave speaks with Karl Sigler , Senior Security Research Manager from Trustwave SpiderLabs , about the domino effect of a cyberattack on the power grid. You can dig into the details in their report . Selected Reading Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace (CyberScoop) Kaspersky Banned on Australian Government Systems (SecurityWeek) Chinese Hackers Attacking Industrial Organizations With Sophisticated FatalRAT (Cyber Security News) Bybit Hack Drains $1.5 Billion From Cryptocurrency Exchange (SecurityWeek) Experts Slam Government After “Disastrous” Apple Encryption Move (Infosecurity Magazine) Confluence Exploit Leads to LockBit Ransomware (The DFIR Report) Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks (Cyber Security News) Beware: PayPal "New Address" feature abused to send phishing emails (Bleeping Computer) Top House E&C Republicans query public for ideas on data privacy law (CyberScoop) US Charges Genesis Market User (SecurityWeek) Meta Sues Alleged Instagram Extortionist (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Dwayne Price: Sharing information. [Project Management] [Career Notes] 7:55

for 9 dage siden7:55

7:55

Please enjoy this encore of Career Notes. Senior technical project manager Dwayne Price takes us on his career journey from databases to project management. Always fascinated with technology and one who appreciates the aspects of the business side of a computer implementations, Dwayne attended UMBC for both his undergraduate and graduate degrees in information systems management. A strong Unix administration background prepared him to understand the relationship between Unix administration and database security. He recommends those interested in cybersecurity check out the NICE Framework as it speaks to all the various different types of roles in cybersecurity, Dwayne prides himself on his communication skills and openness. We thank Dwayne for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
From small-time scams to billion-dollar threats. [Research Saturday] 27:06

for 10 dage siden27:06

27:06

This week, we are joined by Selena Larson from Proofpoint, and co-host of the "Only Malware in the Building" podcast, as she discusses the research on "Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk." The cybersecurity industry has historically prioritized Advanced Persistent Threats (APTs) from nation-state actors over cybercrime, but this distinction is outdated as cybercriminals now employ equally sophisticated tactics. Financially motivated threat actors, especially ransomware groups, have evolved to the point where they rival state-backed hackers in technical capability and impact, disrupting businesses, infrastructure, and individuals on a massive scale. To enhance security, defenders must shift focus from an APT-centric mindset to a broader approach that equally prioritizes combating cybercrime, which poses an immediate and tangible risk to global stability. The research can be found here: Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
The political shake-up at the FBI. 33:34

for 10 dage siden33:34

33:34

The Senate confirms Kash Patel as FBI director. The SEC rebrands its Crypto Assets and Cyber Unit. Microsoft's quantum chip signals an urgent need for post-quantum security. Chat log leaks reveal the inner workings of BlackBasta. CISA advisories highlight Craft CMS and ICS devices. Researchers release proof-of-concepts for Ivanti Endpoint Manager vulnerabilities. Warby Parker gets a $1.5 million HIPAA fine. Our guest is Steve Schmidt, Amazon CSO, with a behind the scenes look at securing a major event. Researchers explore the massive, mysterious YouTube wormhole. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Our guest is Steve Schmidt , Amazon CSO, talking about integrating physical and logical security measures. Learn more: " Securing a city-sized event: How Amazon integrates physical and logical security at re:Invent ." Selected Reading Trump loyalist Kash Patel is confirmed as FBI director by the Senate despite deep Democratic doubts (AP) SEC rebrands cryptocurrency unit to focus on emerging technologies (CyberScoop) Microsoft’s Quantum Chip Breakthrough Accelerates Threat to Encryption (Infosecurity Magazine) BlackBasta Ransomware Chatlogs Leaked Online (Infosecurity Magazine) CISA Warns of Attacks Exploiting Craft CMS Vulnerability (SecurityWeek) CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits (Cyber Security News) Ivanti endpoint manager can become endpoint ravager (The Register) Feds Fine Eyeglass Retailer $1.5M for HIPAA Lapses in Hacks (GovInfo Security) How a computer that 'drunk dials' videos is exposing YouTube's secrets (BBC) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
No rest for the patched. 33:54

for 11 dage siden33:54

33:54

The CISA and FBI warn that Ghost ransomware has breached organizations in over 70 countries. President Trump announces his pick to lead the DOJ’s National Security Division. A new ransomware strain targets European healthcare organizations. Researchers uncover four critical vulnerabilities in Ivanti Endpoint Manager. Microsoft has patched a critical improper access control vulnerability in Power Pages. The NSA updates its Ghidra reverse engineering tool. A former U.S. Army soldier admits to leaking private call records. Our guest is Stephen Hilt, senior threat researcher at Trend Micro, sharing the current state of the English cyber underground market. The pentesters’ breach was simulated — their arrest was not. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Our guest is Stephen Hilt , senior threat researcher at Trend Micro , sharing the current state of the English cyber underground market. Learn more in the report . Selected Reading CISA and FBI: Ghost ransomware breached orgs in 70 countries (Bleeping Computer) Trump to nominate White House insider from first term to lead DOJ’s National Security Division (The Record) New NailaoLocker ransomware used against EU healthcare orgs (Bleeping Computer) PoC Exploit Published for Critical Ivanti EPM Vulnerabilities (SecurityWeek) Microsoft Patches Exploited Power Pages Vulnerability (SecurityWeek) NSA Added New Features to Supercharge Ghidra 11.3 (Cyber Security News) Army soldier linked to Snowflake extortion to plead guilty (The Register) Katie Arrington Returns to Pentagon as DoD CISO (GovInfo Security) Penetration Testers Arrested by Police During Authorized Physical Penetration Testing (Cyber Security News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
Pennies for access. 35:20

for 12 dage siden35:20

35:20

Credential theft puts sensitive corporate and military networks at risk. A federal judge refuses to block DOGE from accessing sensitive federal data. New York-based Insight Partners confirms a cyber-attack. BlackLock ransomware group is on the rise. OpenSSH patches a pair of vulnerabilities. Russian threat actors are exploiting Signal’s “Linked Devices” feature. Over 12,000 GFI KerioControl firewalls remain exposed to a critical remote code execution (RCE) vulnerability.CISA issued two ICS security advisories. Federal contractors pay $11 million in cybersecurity noncompliance fines. In our CertByte segment, Chris Hare is joined by Steven Burnley to break down a question targeting the ISC2® SSCP - Systems Security Certified Practitioner exam.Sweeping cybercrime reforms are unveiled by…Russia? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare , a content developer and project management specialist at N2K , we share practice questions from N2K’s suite of industry-leading certification resources, for the past 25 years, N2K's practice tests have helped more than half a million IT and cyber security professionals reach certification success. Have a question that you’d like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify . Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Additional source: https://www.isc2.org/certifications/sscp Selected Reading Hundreds of US Military and Defense Credentials Compromised (Infosecurity Magazine) DOGE Team Wins Legal Battle, Retains Access to Federal Data (GovInfo Security) Musk Ally Demands Admin Access to System That Lets Government Text the Public (404 Media) Cyber Investor Insight Partners Suffers Security Breach (Infosecurity Magazine) BlackLock On Track to Be 2025’s Most Prolific Ransomware Group (Infosecurity Magazine) Qualys reports two flaws in OpenSSH, one critical DDoS (Beyond Machines) Russian phishing campaigns exploit Signal's device-linking feature (Bleeping Computer) Over 12,000 KerioControl firewalls exposed to exploited RCE flaw (Bleeping Computer) CISA Releases Two New ICS Advisories Exploits Following Vulnerabilities (Cyber Security News) Managed healthcare defense contractor to pay $11 million over alleged cyber failings (The Record) Russian Government Proposes Stricter Penalties to Tackle Cybercrime (GB Hackers) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…

1
PAN-ic mode: The race to secure PAN-OS. 35:23

for 13 dage siden35:23