CyberWire Daily

A product leader recounts a nonlinear career path and how wearing many hats helped him grow. He describes juggling marketing, engineering, sales, and customer retention. There is a focus on continual learning, finding opportunities, and democratizing product security. He emphasizes taking calculated risks to advance and achieve mission-driven goals.

A retrospective stroll through the biggest cyber breaches of the last decade. They revisit Sony, OPM, WannaCry, NotPetya, Equifax and SolarWinds and why those incidents mattered. Discussion covers supply-chain risk, long-term intrusions, the rise of ransomware and why healthcare and genetic data are especially vulnerable.

Omer Ninburg, CTO of Novee Security and vulnerability researcher exploring multi-agent LLMs for scaled PDF hunting. He describes how embedded PDF engines and services can be weaponized. He recounts clever bypasses like SVG/HTML nesting and iframe vectors. He explains training agent swarms to reproduce and scale reliable vulnerability discovery across client and server PDF ecosystems.

Urgent AI workflow vulnerability and a critical PTC Windchill flaw put enterprise systems at risk. Phishing and malware spike linked to Middle East conflict. Google accelerates its post-quantum plans. Alleged RedLine developer faces extradition and long prison time. Pro-Ukraine hacktivists deploy disruptive ransomware in Russia.

A candid look at why relationships between security teams and vendors have become strained. Stories about mismatched incentives, communication gaps, and trust issues. Practical expectations for clearer contracts, honest dialogue, and realistic engagements. A call for mutual respect and better alignment to reshape the cyber ecosystem.

Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups, returns from RSAC with on-the-floor interviews. He discusses AI reshaping cyber risk, telecom backbone implants, CISA warnings about weakened defenses, ransomware resurfacing, and startups blending psychology with security. Short, lively street-level reporting from the conference floor.

Dale Hoak, CISO at RegScale, speaks about AI security and compliance automation. Intern Kevin (Kevin McGee/Magee), Microsoft’s Global Director of Cybersecurity Startups, files lively reports from the RSAC floor. They discuss AI risk, supply-chain compromises, critical router and platform vulnerabilities, phishing scams, and browser extensions harvesting AI chats.

Jake Braun, longtime DEF CON organizer and former White House official, discusses hacker community projects and the DEF CON 33 Hackers' Almanack. He talks about mesh networks and resilient backups for cultural artifacts. He outlines volunteer efforts helping small water utilities and highlights youth researchers and unconventional tech like bio-cryptography.

Ed Vasko, CEO of High Wire Networks and serial cybersecurity entrepreneur, shares decades of hands-on SOC-building and workforce development experience. He explores gaps between academic training and real-world ops. He advocates experiential SOCs tied to universities, a three-legged model of knowledge, skills, and experience, and steps to professionalize and scale cyber talent development.

Brandon Karpf, Director of Public-Private Partnerships at NTT, offers a concise take on orbital data centers. He explains cooling and solar-size hurdles, updated power-and-heat models, and why inter-satellite bandwidth limits GPU clustering. He also discusses single-satellite GPU caps and a niche sovereign-cloud business case for space-based infrastructure.