CyberWire Daily

A rundown of Iran-linked MuddyWater intrusions and their backdoors hitting U.S. and Israeli networks. Coverage of China-associated campaigns targeting South American telecoms. Alerts about critical Cisco firewall fixes and actively exploited Hikvision and Rockwell vulnerabilities. A deep dive into the Anthropic–Pentagon fallout and the Pentagon’s pivot to OpenAI. A bizarre Wikimedia JavaScript worm incident adds unexpected chaos.

Simone Petrella, cybersecurity leader and founder of CyberVista with DoD and private-sector experience, joins to debate the role of certifications. They explore how certs can open doors, limitations of multiple-choice testing, costs and incentive misalignment, and ways to redesign standards to better serve hiring and diversity goals.

Andy Piazza, Senior Director of Threat Intelligence at Unit 42 with 20+ years in security ops, and Justin Moore, Senior Manager of Threat Intelligence Research with prior intelligence officer roles, discuss Iran-linked hacktivist activity. They cover observed group behaviors, how Iran's internet outages change the threat landscape, dispersed operators and proxy dynamics, and immediate defensive priorities like DDoS protection, backups, MFA, and validation of claims.

Daniel Barbu, Director of EMEA Security at Adobe, talks about making AI security human-centered and collaboration-driven. He describes building a Security AI Guild, cultural shifts needed for AI adoption, and practical, people-first steps for trustworthy systems. The conversation highlights principles like shared ownership, transparency, and human-in-the-loop design.

Brian Long, CEO and co-founder of Adaptive Security, explains how AI is changing social engineering and impersonation. He walks through rising phishing and deepfake trends, the shift toward internal impersonation attacks, and why defenders face alert fatigue. He also discusses gaps across email, calls, and video and recommends identity habits and verification steps to counter AI-enabled fraud.

Evan Gordenker, Director of AI Security and DPRK Operations at Unit 42, investigates North Korea’s tech labor and recruitment schemes. He discusses how generative AI powers fraudulent interviews, code and deepfakes. He outlines accomplice networks, paid proxies, and why HR and cross-organization detection must evolve. Conversation highlights the growing scale and hybrid tactics of DPRK hiring operations.

A candid look at why diversity matters for cybersecurity innovation and resilience. Discussion covers how varied life experiences improve critical thinking and problem solving. Examples include usability lessons from PGP and troubling workforce demographics. Practical hiring steps and ways to encourage diverse applicants are outlined.

Tim Starks, senior reporter at CyberScoop covering national cybersecurity policy and CISA. He walks through leadership turmoil and staffing losses at CISA. He assesses acting leadership credibility and political pressures shaping agency effectiveness. He also covers parallel cyber conflicts, high-profile hacks, and notable vulnerabilities affecting government and healthcare systems.

A reflective look at NATO’s collective cyber training and what it signals about alliance cohesion. Vivid scenes from Tallinn highlight protests, Ukrainian solidarity, and Estonia’s 2007 cyber history. The conversation emphasizes the human side of defence, time invested in exercises, and the broader geopolitical stakes of shared cyber vigilance.

Larry Cashdollar, Principal Security Intelligence Response Engineer at Akamai with decades in Unix admin and vulnerability research. He recounts a lifelong love of computers and the twists that led him into Linux and security. He reflects on long tenure at Akamai, the evolving cloud and edge landscape, and the challenge of staying current while balancing family and learning.