CyberWire Daily

In this engaging discussion, Noelle Russell, CEO of the AI Leadership Institute and an advocate for responsible AI, explains how enterprises can scale AI beyond the hype. She emphasizes the necessity of prioritizing accuracy, fairness, and security as fundamental elements in AI development. The conversation touches on the recent bid by House Republicans to restrict state regulation of AI and highlights the vital role of governance in ensuring ethical AI deployment. Noelle's insights challenge listeners to consider the larger implications of emerging technologies.

Tim Starks, Senior Reporter at CyberScoop, sheds light on the recent ClickFix social engineering attack impacting a major student platform. He discusses Google’s hefty privacy settlement with Texas and alarming data breaches affecting healthcare providers. The conversation dives into the zero-day vulnerabilities in SAP and cybersecurity threats facing IT admins. Additionally, Starks analyzes congressional reactions to proposed CISA budget cuts and their potential consequences on national security amid escalating cyber threats.

Limor Kessem, an Executive Security Advisor at IBM Security, transitioned from a childhood dream of medicine to a vibrant career in cybersecurity. She discusses the importance of passion, discipline, and continual learning in navigating the tech landscape. Limor highlights the need for innovation while tightening security measures. She also sheds light on the challenges women face in the industry, advocating for allyship and the need for diversity. Her journey emphasizes standing up for others, motivating both herself and those around her.

In a special edition, cybersecurity experts share vital insights. Dave DeWalt, founder of NightDragon, highlights the latest cybersecurity trends and innovations. Nicole Bucala of DataBee emphasizes data-driven security amidst CISO challenges. Liberty Mutual's CISO Katie Jenkins discusses emerging threats and the role of AI in collaboration. Joe Levy from Sophos explores AI and integration across security platforms. Michael Mastrole from Dataminr explains how agentic AI keeps security teams ahead of threats, showcasing a future where collaboration and technology are paramount.

This week, we are joined by Lucija Valentić, Software Threat Researcher from ReversingLabs, who is discussing "Atomic and Exodus crypto wallets targeted in malicious npm campaign." Threat actors have launched a malicious npm campaign targeting Atomic and Exodus crypto wallets by distributing a fake package called "pdf-to-office," which secretly patches locally installed wallet software to redirect crypto transfers to attacker-controlled addresses. ReversingLabs researchers discovered that this package used obfuscated JavaScript to trojanize specific files in targeted wallet versions, enabling persistence even after the malicious package was removed. This incident highlights the growing threat of software supply chain attacks in the cryptocurrency space and underscores the need for vigilant monitoring of both open-source repositories and local applications. The research can be found here: ⁠⁠Atomic and Exodus crypto wallets targeted in malicious npm campaign Learn more about your ad choices. Visit megaphone.fm/adchoices

In this engaging discussion, Alex Cox, Director of Information Security at LastPass, highlights the growing threats facing tax preparation agencies during the busy refund season. He navigates through the dangers of tax-related phishing attacks, urging vigilance among filers. The conversation also covers recent breaches affecting messaging apps used by government agencies and a notable data breach at a health system. Listeners will find insight into the evolving tactics of cybercriminals and the importance of robust password management.

Caleb Barlow, CEO of Cyberbit, dives into the pressing issue of the cyber skills gap, highlighting the contradictions between academic training and employer needs. He advocates for upskilling existing employees rather than just hiring new talent. Barlow also discusses the recent surge in cyber threats, such as new malware and high-profile data breaches, including the education sector. The conversation reveals the importance of practical experience and the evolving landscape of cybersecurity, emphasizing adaptability to meet modern security challenges.

Join AJ Gemer, co-founder and CTO of Lunar Outpost, and Salem El Nimri, CTO at AWS Aerospace & Satellite, as they venture into the future of space exploration. They discuss groundbreaking innovations in lunar robotics, including AI-driven navigation and the intricacies of the Stargate system for data analysis. The duo also highlights how AWS technology is revolutionizing missions on the Moon and Mars, emphasizing collaborative efforts in overcoming challenges. Learn how advanced rovers and swarm robotics are unlocking lunar mysteries!

Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups, joins to share high-energy insights from the RSAC show floor. He highlights the fallout from a $167 million verdict against NSO Group and discusses urgent hacktivist threats to U.S. infrastructure. Magee also delves into privacy risks with government apps and outlines the implications of NSA workforce reductions and evolving deepfake technologies. With server room humor, he wraps up a whirlwind of cybersecurity challenges and emerging AI trends.

Monzy Merza, Co-Founder and CEO of Crogl, dives into the pressing issues faced by Chief Information Security Officers in a rapidly evolving AI landscape. The podcast discusses a critical vulnerability in Samsung’s MagicINFO, which is currently being exploited. Malware threats like ClickFix and sophisticated phishing tactics from the Luna Moth Group are highlighted. Merza also emphasizes the need for innovative tools to enhance security analysis, as traditional methods struggle to keep up with increasing cyber threats.