CyberWire Daily

The Biden administration is pushing for stronger cybersecurity measures through a new executive order. Critical vulnerabilities have been exposed in various software, including a zero-day flaw in Ivanti and a breach involving over 360,000 records. A guest discusses the balance of AI and human oversight in security. Fake exploits targeting researchers spark concern, while a phony recruitment phishing campaign emerges. Fellow tech enthusiasts humorously critique the least desirable gadgets showcased at CES. It's a landscape ripe with threats and innovative solutions.

A new Mirai-based botnet has emerged, raising alarms in the cybersecurity world. Researchers reveal advanced voice phishing schemes exploiting major platforms. Japan attributes over 200 cyberattacks to a hacking group, while ongoing vulnerabilities in SonicWall software are concerning for users. A new government program aims to guide consumers in choosing secure devices. Plus, a discussion highlights the privacy risks of misconfigured license plate readers, showcasing the challenges in our surveillance-driven society.

Margaret Kelley is a cybersecurity expert specializing in cloud security breaches. In this insightful discussion, she delves into the implications of U.S. sanctions on China, particularly on major firms like Tencent. The rising tide of cyberattacks on educational institutions and health sectors is alarming. Kelley also highlights the evolution of cloud security, addressing vulnerabilities and the effects of automation. Additionally, the ongoing legal battle over a cryptocurrency scam against banks underscores critical compliance challenges.

Tim Starks, Senior Reporter at CyberScoop, discusses the implications of a proposed United Nations cybercrime treaty and the U.S.'s cautious stance on it. He highlights potential misuse by authoritarian regimes and the challenges of treaty ratification. Starks also delves into the alarming hacking activities of Chinese groups impacting U.S. infrastructure, emphasizing the urgent need for enhanced cybersecurity strategies. Additionally, he touches on the rising threats targeting gamers and the critical importance of software upgrades for data protection.

Dominique West, a technical account manager who shifted from engineering to cybersecurity after experiencing credit card fraud, shares her enlightening journey. She recounts her initial encounters in technology, including working at a museum’s help desk. Feeling isolated as a visible minority in tech, she founded Security in Color to promote diversity and provide resources for newcomers. Dominique emphasizes the importance of hands-on experience in cybersecurity and encourages aspiring professionals to explore their interests and engage with the community.

Karlo Zanki, a Reverse Engineer at ReversingLabs, specializes in the identification and analysis of malware. He discusses the discovery of a malicious PyPI package named aiocpa that masqueraded as a legitimate crypto client to steal cryptocurrency wallet info. Zanki emphasizes the shift from basic attacks to increasingly clever tactics exploiting open-source packages. The conversation highlights the necessity for advanced security tools in the evolving landscape of software supply chains and the steps needed to fortify package repositories against these sophisticated threats.

Joe Saunders, Co-founder and CEO of RunSafe Security, dives into the pressing challenges of protecting critical infrastructure from cyber threats. He emphasizes the role of both government and commercial sectors in fortifying security measures while grappling with outdated technologies. The conversation also touches on the geopolitical implications of cybersecurity, particularly regarding China and Taiwan. Lastly, they introduce a unique CAPTCHA game to make security awareness more engaging, blending fun with essential protection strategies.

Mick Baccio, Global Security Advisor at Splunk, discusses the alarming breach of the U.S. Treasury by Chinese hackers and the vulnerabilities exposed in Chrome extensions and cloud servers. He highlights the urgent need for enhanced cybersecurity measures and the importance of collaboration between public and private sectors. Topics include proposed HIPAA updates to protect health data and the implications of recent legislative efforts. Baccio emphasizes the resilience gap and the critical need for effective security training to navigate evolving cyber threats.

Sharon Lemac-Vincere, an academic specializing in the intersection of cybersecurity and space, shares her insights on Scotland's potential leadership in these critical fields. She discusses the importance of integrating security into satellite design and emphasizes how small enterprises can overcome funding challenges. Sharon also highlights exciting opportunities for collaboration between cybersecurity experts and the space industry. Additionally, she reveals plans for a distinctive tartan spacesuit to showcase Scottish heritage in space exploration.

In this enlightening discussion, Richard Boscovich, Assistant General Counsel at Microsoft, Jason Lyons, Principal Investigator, and Bob Erdman, Associate VP at Fortra, dive into the serious issue of cracked Cobalt Strike software, often exploited in ransomware attacks. They reveal innovative uses of DMCA notifications to disrupt cybercrime globally and share insights on the significant decline in active threats due to their collaborative efforts. The conversation also touches on automation's role in detecting threats and enhancing cybersecurity measures.