CyberWire Daily

Guests Rohit Dhamankar, Fortra's Vice President of Product Strategy, and Steve Winterfeld, Akamai's Advisory CISO, discuss CISO initiatives including vendor consolidation, automation, and attack surface management. They explore the potential and limitations of AI and machine learning in cybersecurity, emphasize the importance of risk assessment and reduction, and examine the pros and cons of security orchestration.

Patch Tuesday retrospective. Malicious Google ads by BlackCat. Social engineering in Q3 2023. Small businesses in ransomware denial. Molerats' new tools. Israel using Pegasus to locate hostages. Potential aftermath of Russian group hitting Chinese bank. Strategy for CISSP CAT. Cyberespionage campaign linked to Russia's SVR.

Updates on Royal Ransomware and Smash-and-grab attacks. Card skimmers on the rise pre-Black Friday. Role of AI in cybersecurity highlighted. LockBit cyber attacks and potential consequences. AI's role in defense and cross-organizational data sharing. Phishing email targeting BitRex users discussed.

Attacker Lace Tempest targets SysAid with Cl0p ransomware. Ransomware hits China's largest bank. LockBit doxes Boeing. Rick Howard analyzes SEC targeting of SolarWinds' CISO. Anonymous Sudan claims responsibility for attacks on ChatGPT and Cloudflare. SEC adopts new disclosure rules for cyber incidents, highlighting SolarWinds attack. Communication gap between cybersecurity and business leaders.

Former UK Diplomatic Service member, Grace Cassy, discusses her career path from advising Prime Minister Tony Blair to investing in cybersecurity companies. Topics include transitioning to the technology world, investing in startups, opportunities in cybersecurity, and the need for gender diversity in the industry.

Topics discussed include the launch of the Shields Ready campaign for critical infrastructure security, ransomware attacks through third-party tools, phishing campaign targeting Bittrex customers, Imperial Kitten's actions against Israeli targets, Iranian cyberattacks on Israel, cloud identity attacks, evolving fraud landscape in retail, targeted attacks on support systems, and the importance of intelligence collection in cybersecurity.

CISA reports no credible threats to the US elections. Criminals target the .ai domain. Singapore resort experiences a cyberattack. Holiday cyber threats discussed. Chinese cyberespionage against Cambodia. Four phases of cyberwar explained. Robert M. Lee explains outside forces' impact on critical infrastructure security. Guests discuss reliance on real-time analytics. Space systems face cyber and electronic threats.

Sharon Barber, CIO at Lloyds Banking Group, discusses cyber trends in financial services. Topics include the availability of sensitive personal information of military personnel, new Mac OS malware, and the lack of regulation around data brokers. The chapter also highlights the importance of innovation and the need for new ideas to combat threats in the cyber industry.

Joe Nocera from PwC discusses the Global Digital Trust Insights survey and SEC's cybersecurity disclosure rules. Topics include call center attacks, data and identity decoupling, cyber front in the Hamas-Israeli war, hacktivism, TASS case, and TOITOIN Trojan.

The podcast discusses the CyberCon event and its focus on a mix of critical infrastructure and cybersecurity. It explores the origins and growth of the event, the success and adaptability of Bismarck State College, and the opportunities for speakers. The speakers also discuss aspirations, tribal partners, and unique opportunities in North Dakota, as well as provide career advice for cybersecurity professionals. They conclude by discussing the challenges of creating a conference on critical infrastructure and cybersecurity.