CyberWire Daily

Dr. Renée Burton, VP of Infoblox Threat Intel and researcher on domain name abuse. She explores how parked lookalike domains and direct-search advertising funnel users to scams and malware. Discussion covers typosquatting, DNS tricks like double fast flux, traffic distribution and device fingerprinting that cloak malicious behavior.

Jeff Williams, founder of OWASP and CTO of Contrast Security, explains shifts in how vulnerabilities are tracked globally. He discusses NIST’s CVE backlog, the EU’s new federated GCVE approach, and risks from multiple authorities. Short takes cover Wi‑Fi bypasses, EV charger flaws, a Juniper router patch, and a major data breach.

Britta Glade, SVP of Content and Communities at RSAC, curates conference programming. Linda Gray Martin, Chief of Staff and SVP at RSAC, shapes strategic direction. They preview RSAC 2026 and its community-driven theme. Conversations touch on Cisco SD‑WAN exploits, rising ransomware trends, AI misuse in breaches, gaming industry backlash to AI, and European credential‑harvesting takedowns.

Andrew Dunbar, CISO at Shopify who focuses on identity, trust, and open commerce protocols, joins to explore how identity and trust become the new perimeter. He discusses agent-driven shopping, how AI changes product discovery, the need for authentication in purchases, and why Shopify is pushing an open commerce protocol to enable secure, interoperable agent commerce.

Krishna Sai, CTO at SolarWinds and applied AI leader, talks about measuring AI ROI and turning pilots into operational tools. He discusses concrete AI use cases that move metrics like MTTR and MTTD. Conversation covers balancing innovation with safety and separating reasoning from execution to keep systems auditable.

Maria Vermazis, T-Minus Space Daily host and space policy commentator, and Brandon Karpf, NTT partnerships leader and risk-forecasting practitioner. They tackle digital and supply-chain sovereignty, Europe's push for sovereign space systems, sovereign cloud and data localization, and the practical limits and costs of achieving independence in cyber and space.

Major Tyler Smith, a cyber operations attorney with the U.S. 16th Air Force, explains legal-team scenarios and cross-border information-sharing challenges. The conversation covers a day inside NATO’s cyber headquarters. Topics include collaborative defensive exercises, legal limits on sharing, coordination with civilian infrastructure, and how rapport and procedures shape multinational cyber defense.

Mary Writz, VP of Product Strategy at ForgeRock and former ethical hacker, shares career turns from accounting to security and product leadership. She talks about leading mostly male, senior teams, using public speaking to clarify tech, framing identity access for users, building high-performing teams, and turning setbacks into opportunities with energy and focus.

Tomer Bar, VP of Security Research at SafeBreach Labs and lead author of the 'Prince of Persia' report, walks through a decade of Iranian-linked APT activity. He highlights new Foudre and Tonnerre malware variants. He discusses evolving C2 over time, Telegram-based command-and-control, expanded campaign scale, and tactics like fake installers and supply-chain lures.

James Turgal, a 22-year FBI veteran and Optiv VP focused on cyber risk, talks about a surge in tax scams and IRS fraud. He explores how generative AI and aggregated breached data make phishing, vishing, and smishing far more convincing. He outlines practical protections and where to report incidents. The conversation centers on social engineering as the dominant threat and rising multi-channel attacks.