CyberWire Daily

Politically motivated hacktivism in Belarus. The Taliban’s data grab in Afghanistan. Four rising ransomware operations. Mike Benjamin from Black Lotus Labs on UDP reflectors. Our guest is Chris Grove of Nozomi Networks with insights on OT/IoT Security. And the White House says “concrete announcements” are expected after today’s meetings on cybersecurity with industry leaders, so we’ll be staying tuned.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/164 Learn more about your ad choices. Visit megaphone.fm/adchoices

Guest David Derigiotis, Corporate Senior Vice President at Burns & Wilcox, joins Dave and Ben for an in-depth discussion this episode. Departing from our usual format, we take a closer look at the implications of Apple’s recent announcements that they will be enabling scanning for Child Sexual Abuse Materials, CSAM, on iOS devices. We devote the entire episode to this topic and hope you will join us. Learn more about your ad choices. Visit megaphone.fm/adchoices

More hacktivism appears to have hit Iran. Misconfigured Power Apps portals expose data on millions. The FBI warns of the activities of a ransomware affiliate gang. Mr. White Hat really does seem to have given back all that stolen alt-coin. Ben Yelin checks in on Apple’s CSAM plans. Our guest is Charles DeBeck from IBM Security on the true cost Cost of a Data Breach. And, finally, dog bites man: criminals cheat other criminals.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/163 Learn more about your ad choices. Visit megaphone.fm/adchoices

The Taliban consolidates control over Afghanistan, and it’s doing so online as well as on the ground. Reports say the US State Department has come under cyberattack; State says that any such incident was without significant effect. The ShinyHunters say they’ve obtained a great deal of PII from AT&T, but AT&T says that, whatever the crooks have, it didn’t come from AT&T. Rick Howard on orchestration. Carole Theriault on women in cybersecurity - are thing getting any better? And exploitation gives organizations even more incentive to patch Microsoft Exchange server instances.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/162 Learn more about your ad choices. Visit megaphone.fm/adchoices

The recent frequency of ransomware attacks and heightened visibility of supply chain risks has garnered the attention of executive teams and boards of directors for companies of all sizes, across all industries. For CISOs, these recent events have significantly amplified the importance of establishing and maintaining effective relationships and lines of communication with boards of directors. CISOs are now spending more time than ever engaging, reporting, and answering to boards regarding questions around where their organization is on the cyber risk spectrum. For CISOs, this heightened risk environment presents both a challenge and an opportunity.In this episode of CyberWire-X, guest ret. Major General Zan Vautrinot and Sponsor JM Search's Jamey Cummings joins the CyberWire's Rick Howard to discuss how today’s CISOs are challenged to develop an ever-expanding skill set to effectively execute in their role while also satisfying concerns and areas of interest of their board of directors. Jamey will also discuss how the evolving role of the CISO is unlocking opportunities for CISOs to elevate their stature, and can open the door for them to serve in board roles as companies are increasingly prioritizing information security and technology risk management skills for their directors.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Vice President for Cyber and Information Solutions within Mission Systems at Northrop Grumman, Jennifer Walsmith takes us on her pioneering career journey. Following in her father's footsteps at the National Security Agency, Jennifer began her career out of high school in computer systems analysis. Jennifer notes she saw the value of a college degree and at her parents' urging attended night school. She completed her bachelors in computer science at University of Maryland, Baltimore County with the support of the NSA. Jennifer talks about the support of her team at NSA where she was one of the first women to have a career and a family, raising two children while working. Upon retirement from government service, Jennifer chose an organization with values that closely matched her own and uses her position to help her team define possible where they sometimes think they can't. We thank Jennifer for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Guest Tomislav Peričin, Reversing Labs' Chief Software Architect and Co-Founder, joins Dave to discuss his team's research that addresses the importance of validating third-party software components as a way to manage the risks that they can introduce. Developing software solutions is a complex task requiring a lot of time and resources. In order to accelerate time to market and reduce the cost, software developers create smaller pieces of functional code which can be reused across many projects. The concept of code reuse is one of the cornerstones of modern software engineering and it is universally accepted that everybody should strive towards it. However, in addition to the positives, organizations need to be aware of the security risks introduced by such third-party components.The growing number of cyber incidents that target the software supply chain are focused on high-value target compromises. With the latest surge and public uproar, the US President Biden has issued the Executive Order on Improving the Nation’s Cybersecurity in order to create an institutional framework addressing these kinds of security risks.The research can be found here:Third-party code comes with some baggage Learn more about your ad choices. Visit megaphone.fm/adchoices

Pilferage reported from Liquid Global’s alt-coin warm wallets. CISA offers advice on reducing the risk of ransomware. The FCC is looking into the T-Mobile breach, and Moody’s raises questions about the telco’s risk management. China passes its own version of GDPR. The FTC refiles its monopoly complaint against Facebook. Caleb Barlow on 3rd Party Breach Notifications and finding out if your information is being traded on the dark web. Rick Howard speaks with hash table member Zan Vautrinot about serving on boards. And the FBI warns that insiders can be recruited for industrial espionage.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/161 Learn more about your ad choices. Visit megaphone.fm/adchoices

T-Mobile describes what it intends to do for those who may have been affected by its big data breach. The Taliban is taking care not to get banned from social media. Apple defends its CSAM measures against a technical objection, but advocacy groups see a slippery policy slope. The US FDA warns of vulnerabilities in an OS used by medical devices. A report on a 2020 incident at the US Census Bureau. David Dufour shares a few surprises from Webroot’s 2021 Threat Report. Our guest is Brandon Hoffman from Intel 471 on cybercriminals creating turbulence for the transportation industry. And a Bitcoin tumbler cops a guilty plea.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/160 Learn more about your ad choices. Visit megaphone.fm/adchoices

The Taliban now has, among other things, a lot of biometric devices. T-Mobile concludes that some customer data were compromised in last week’s incident. InkySquid’s in the watering hole. Brazil’s Treasury sustained, and says it contained, a ransomware attack. Siamese Kitten’s social engineering on behalf of Tehran. Sewage systems hacked in rural Maine. Josh Ray from Accenture Security on what nation state adversaries may have learned from observing the events surrounding Colonial pipeline. Our guest Manish Gupta from ShiftLeft looks at issues with the Software Bill of Materials. And an IoT vulnerability is disclosed, and mitigations are recommended.For links to all of today's stories check out our CyberWire daily news briefing:https://www.thecyberwire.com/newsletters/daily-briefing/10/159 Learn more about your ad choices. Visit megaphone.fm/adchoices