CyberWire Daily

Join Martin Zujek, Technical Solutions Director at Bitdefender, as he dives into the cunning world of the Curly Comrades APT. He reveals how this newly identified Chinese group employs EggStreme, a sophisticated malware framework targeting a Philippine military company. Martin details the group's stealthy tactics like DLL sideloading and in-memory execution, making detection a challenge. He shares insights on their geopolitical motivations, persistence methods, and defensive measures organizations can take to combat such advanced threats.

Dan Trujillo, a leader at the Air Force Research Laboratory's Space Vehicles Directorate, dives into the crucial realm of securing satellites from cyber threats. He discusses the growing demand for expertise in space cybersecurity and offers invaluable career advice for those looking to enter this exciting field. Trujillo highlights the rapidly evolving space industry and the importance of resilience against cyber attacks, making a case for why aspiring professionals should consider this path.

Michele Kellerman, a cybersecurity engineer at Johns Hopkins University, dives into the privacy storm surrounding women’s health and period-tracking apps. She highlights how HIPAA protections often don’t cover these apps, leaving users vulnerable. Following the Dobbs decision, privacy concerns have intensified, as data from these apps could potentially be misused in legal contexts. Kellerman also explores ongoing legislative efforts to protect reproductive health data amidst a patchwork of state laws.

Jason Clark, Chief Strategy Officer at Cyera, dives into the security challenges posed by agentic AI. He emphasizes that organizations must adapt to this transformative technology to stay competitive. Clark discusses the risks of traditional security controls breaking down and highlights the pressing need for holistic visibility and behavior analytics. He argues for proactive strategies to monitor shadow AI usage and balance productivity with security, predicting that successful adopters will treat AI agents as powerful users and create dedicated AI security teams.

Kim Jones, host of CISO Perspectives and senior cybersecurity leader, discusses the evolving challenges faced by CISOs, highlighting leadership strategies and the integration of AI in cybersecurity. He previews his upcoming season, emphasizing critical topics such as regulation and private sector relationships. The conversation also touches on recent security threats like North Korean espionage tactics and major cyber incidents affecting companies like Jaguar Land Rover. Additionally, a humorous note arises with an attorney penalized for AI-generated inaccuracies.

Milenko Starcik, a leading cybersecurity expert at VisionSpace Technologies, joins the conversation about pressing cyber threats. They discuss the alarming ransomware attack affecting European airports and the impending expiration of critical cyber legislation. Starcik also reveals findings from Black Hat, including vulnerabilities in mission control software that could compromise satellites. Additionally, the conversation touches on the dangers of social engineering showcased by a teen's scam that led to significant fraud, emphasizing the need for awareness in cybersecurity.

Roselle Safran, CEO and founder of KeyCaliber, has an impressive background in computer forensics and cybersecurity, having worked at the DHS and the White House. In this engaging discussion, she shares her unexpected journey from civil engineering to cybersecurity. Roselle emphasizes the importance of resilience and seizing opportunities in startups. She encourages aspiring cybersecurity professionals, particularly women, to apply fearlessly and embrace learning. Her insights on leadership and the value of collaborative teams make for an inspiring listen!

Nati Tal, Head of Guardio Labs, dives into the alarming trend of ClickFix, a browser-based threat that exploits fake CAPTCHAs to execute malware without downloads. He reveals how this tactic evolved from malvertising to leveraging compromised sites, tricking users into executing harmful commands. Tal emphasizes the importance of behavioral protections over traditional signature-based defenses and discusses strategies for mitigation, including enhancing user awareness and disabling PowerShell. This innovative approach could change how we defend against online threats.

Karin Ophir Zimet, Chief People Officer at TORQ, discusses an innovative internship program aimed at enhancing AI skills and workforce literacy. She delves into training methods that teach coding with AI, fostering critical thinking, and improving speed and accuracy in product development. The conversation highlights the importance of preparing the workforce for an AI-driven future, alongside insights into the dynamic landscape of cybersecurity.

In this discussion, Brock Lupton, a Product Strategist at Maltego with a focus on open source intelligence, explores the human dimension of intelligence work. He emphasizes the importance of curiosity and skepticism in investigations. Brock also highlights how mentorship and a balance between automation and human insight are crucial for effective intelligence teams. Delving deep into the dynamics of investigative tradecraft, he shares insights on navigating challenges and the value of productive mistakes in the field.