CyberWire Daily

Amanda Fennell, Chief Security Officer and CIO at Relativity, shares her unique journey from aspiring archaeologist to cybersecurity expert. She recounts how internships in archaeology revealed unexpected realities that led her to digital forensics. Amanda discusses building a security program at Relativity and the lessons learned from fast-paced growth. She emphasizes the importance of curiosity and listening in leadership, while inspiring others to discover the cyber warrior within themselves.

Daniel Schwalbe, Head of Investigations and CISO at DomainTools, dives deep into an extraordinary 500GB leak revealing the inner workings of China's Great Firewall. He discusses the techniques used to analyze this massive dataset, including clustering and keyword searches. Schwalbe explains the firewall's architecture and how it employs deep packet inspection to monitor encrypted traffic. The conversation also touches on the implications of the leak for enterprise monitoring and the cat-and-mouse game between censorship and circumvention tools.

Mark Lance, Vice President for DFIR and Threat Intelligence at GuidePoint Security, brings deep expertise in cyber incident response. He dives into the importance of purple team tabletop exercises tailored for AI-generated threats, highlighting their role in preparing organizations for automated phishing and model misuse. Mark discusses structuring these exercises to include realistic scenarios while emphasizing the need for collaboration among technical and executive teams. He also shares insights on evaluating organizational maturity to determine the cadence of these critical preparedness drills.

Kavitha Mariappan, Chief Transformation Officer at Rubrik and expert in data security, delves into the rising challenges of identity-driven threats. She emphasizes the urgency of bolstering identity resilience in response to increasing attacks. Kavitha also discusses the importance of managing non-human identities, advocating for human oversight in AI systems, and implementing zero-trust controls. Listeners gain insights into crafting effective identity recovery plans and the critical need for observability in today's digital landscape.

In this discussion, Dick O'Brien, Principal Intelligence Analyst at Symantec and Carbon Black Threat Hunter Team, sheds light on the 'Unwanted Gifts' campaign, where attackers lure victims with fake party invites. He explains how these scams exploit legitimate communications and outlines the evolving tactics of cybercriminals using event-themed lures. O'Brien emphasizes the need for vigilance over unexpected emails and offers actionable advice for safeguarding against remote management tools that attackers might exploit.

In this discussion, Dave Lindner, CISO of Contrast Security and an expert in application security, dives into the critical React2Shell vulnerability that has organizations on high alert. He explores how nation-state adversaries are focusing on source code infiltrations, aiming for both public and private sectors. Lindner highlights the stealth tactics used in supply-chain attacks, and shares practical defenses for businesses facing these threats. The conversation also touches on the implications of AI in cybersecurity and the evolving landscape of digital risks.

Tony Gauda, Vice President of Cybersecurity Architecture at Intuit, shares his expertise in AI-driven fraud detection and cybersecurity. He discusses the critical balance between AI innovation and security, emphasizing the need for responsible adoption amidst risks like data governance. The conversation dives into designing AI-centric systems for quicker decision-making and the accountability challenges they pose. Tony highlights the importance of fostering a culture of experimentation and empowering teams to chase bold AI goals.

Tim Starks, a senior reporter at CyberScoop, dives into President Trump's impending cybersecurity strategy and its implications. He reveals the assertive 'America First' tone of the strategy aimed at showcasing U.S. power in cyberspace. Starks discusses concerns over the brevity of the draft and whether its leak was intentional. He also delves into the challenges facing Sean Plankey's nomination to CISA, connecting it to broader issues in cybersecurity and Coast Guard reform. The conversation illuminates critical aspects of national cybersecurity policy.

Jon DiMaggio, Chief Security Strategist at Analyst1, shares his journey from aspiring actor to cybersecurity expert. He highlights his self-taught approach to technology and how early career hurdles, including a crucial firing, pushed him to deepen his skills. Jon emphasizes the importance of resilience, networking, and self-driven learning in building a successful career. His experience in signals intelligence shapes his unique perspective on blending technical expertise with analytical insights, inspiring others to break into the cybersecurity field.

Jaron Bradley, Director of Jamf Threat Labs and macOS security expert, dives into the chilling world of ChillyHell, a newly discovered backdoor for macOS. He discusses how this modular malware, disguised as legitimate software, employs robust host profiling and clever stealth techniques, including timestomping to evade detection. With impressive capabilities like self-updating and brute-force attacks, ChillyHell represents a serious threat as it gains traction in enterprise environments. Jaron emphasizes the need for heightened security awareness among Mac users.