CyberWire Daily

Jeffrey Wheatman, Cyber Risk Evangelist, shares his career journey and passion for cyber. He emphasizes the importance of being open about mistakes and inviting others to ask for help. The podcast also discusses the value of soft skills, effective communication, and continuous learning.

Researchers Aleksandar Milenkoski and JAGS from SentinelOne discuss Sandman APT, a mysterious threat group targeting telcos. They explain Sandman's use of a Lua-based backdoor called Lua Dream, their motivations for targeting telecommunication providers, and the limitations of legacy SIM systems. They also cover methods of attack and defense, as well as the importance of using Logic Gates Risk Cloud Cyber Risk and Controls Compliance Solution to mitigate cyber threats.

Simone Petrella and Rick Howard discuss the article 'Is there really an information security jobs crisis?' and the SEC's disclosure rules. Microsoft highlights the advantage of cyber defense over offense. The podcast also covers exploited vulnerabilities, data breaches, and the challenges of measuring return on security investment. China's tech companies and concerns about Taiwan are explored.

Tim Starks, a journalist covering the SEC's case against Solar Winds, discusses the Bletchley Declaration on AI governance. Other topics include blockchain engineering by Lazarus Group, cyber incident affecting Boeing, NodeStealer attacks on Facebook accounts, and the exploitation of Citrix Bleed vulnerability. MuddyWater spearphishing Israeli targets, India investigating attacks on iPhones. Threat Vector segment covers attack surface management, and Venomous Bear introduces new tools.

Recent cyber activities in the Hamas-Israel war, including hacktivism and improved cyberespionage capabilities of Iran. Also, discussions on URL shorteners, takedown of the Mozi botnet, ransomware in healthcare, and arrests of hackers working for Ukraine. Sponsored segments on a new threat framework for the cloud and an online course on cybersecurity first principles. Plus, a satirical message about Russia's currency and upcoming podcast segments.

Insights from a cybersecurity workforce study. Malicious packages attached to NuGet. Russia developing its own substitute for VirusTotal. Cheap turnkey malware kits. The growing cybersecurity workforce gap. President Biden's Executive Order on AI. The significance of multi-factor authentication.

David Brumley, cybersecurity professor at Carnegie Mellon and CEO of software security, discusses spooky zero days and vulnerabilities, deep fakes' impact on disinformation campaigns, executive impersonations on social media, and the US Executive Order on artificial intelligence.

Exploring various malware threats including botnets, adware, flash vulnerabilities, DDoS attacks, ransomware, and phishing emails. The impact of the shadow brokers. Importance of staying vigilant and avoiding downloading flash.

Nicole Sundin, Chief Product Officer from Axio, discusses her career path and being a woman in cybersecurity. She emphasizes the importance of usable security, building diverse teams, and being a role model. Topics include data visualization, designing cybersecurity products for different personas, and empowering women in the industry.

Danny Adamitis, Lumen's Black Lotus Labs researcher, discusses the HiatusRAT malware targeting business-grade routers. The research reveals a shift in targeting towards a US military procurement system and Taiwan-based organizations, aligning with the strategic interest of the People's Republic of China. The podcast also highlights the importance of replacing legacy SIMs, securing data through Microsoft's mission innovation, upgrading end-of-life routers, and monitoring and updating old hardware devices in cybersecurity.