CyberWire Daily

Guest Ashley Rose from Living Security talks about measuring human risk. Topics covered include a malicious app targeting Israeli users, a new backdoor for cyber espionage, a zero-day vulnerability in Cisco software, security measures on Steam, an advisory for Atlassian Confluence, updates on security guidelines, and cyber activities like hacktivist attacks and scams.

Jason Birmingham, guest from Broadridge Financial Solutions, discusses asset management challenges in cybersecurity. Topics include the cyber activities in the conflict between Hamas and Israel, risks of coin mining installations, and the importance of asset management for safeguarding customer data and financial assets.

Susan Hinrichs, Chief Scientist at Aviatrix with over 30 years of experience in networking and security disciplines, discusses her career journey, including designing network security tools at Cisco and teaching computer and network security. She emphasizes the value of talking about interesting projects in interviews and shares the importance of hands-on experience and collaboration in the field. The chapter also includes an advertisement for complimentary briefings on Lucur3 threat group.

Amit Malik from Uptycs discusses their research on a new threat called QwixxRAT, which harvests a wide range of information from browser histories to credit card details. The tool poses a risk to businesses and individuals. The podcast also explores the functionality and distribution of QuickSrat malware, capabilities of a remote access Trojan (RAT) malware, and recommendations for protecting against malware attacks.

Guest Mike Walters from Action1 discusses hacktivism and nation-state involvement in the Middle East cyber war. Topics include healthcare cybersecurity, FTX looting, and CISA releasing resources to counter ransomware. The history and impact of Patch Tuesday are also explored.

Topics in this podcast include hacktivists joining both sides of the Hamas-Israel conflict, content moderation challenges on social media, Atlassian 0-day exploit, vulnerabilities in Curl and Libcurl, expanding the Cyber Talent Pool, and insights from the CIO of North Dakota on securing rural communities.

Cyber operations in the war between Hamas and Israel, cryptocurrency funding, and hacktivist auxiliaries. Novel DDoS attacks and a resurgent credential phishing campaign. AI impact and cyberintelligence in the medical vertical. Patch Tuesday recap.

Topics discussed include disinformation and hacktivism in the Israel-Palestine conflict, DPRK cyber operations, Magecart campaigns, data breaches, compromised voter records, ransom payments, challenges of dealing with unstructured data, and collaborations to address the cybersecurity talent gap.

Diane Janosek, Executive Director of Capitol Technology University's Center for Women in Cyber, discusses pathways and initiatives in cybersecurity, promoting diversity in the field, the White House cyber workforce strategy, and the inclusivity and benefits of the cybersecurity field. She highlights the efforts to address the shortage of cybersecurity professionals, the lack of diversity in CAE institutions, and emphasizes the importance of promoting cybersecurity as a profession at a young age. The chapter concludes with an advertisement for Hermiso, a company offering complimentary briefings on a threat group called Lucur 3.

Susie Squier, President of the Retail and Hospitality ISAC, shares her journey into the cyber community and offers advice on managing, handling adversity, and trying new things. She emphasizes the importance of teamwork and encourages people to dive into the world of cyber with an open mind. A great episode filled with insights!