CyberWire Daily

Kevin Lentz, Team Leader of the Cyber Pacific Project at the Global Disinformation Lab, dives into cyber competition between the U.S. and China. He discusses a recent threatcasting report predicting future cyber threats in the Indo-Pacific. Highlighting the importance of collaboration across sectors, Lentz shares insights on strategic defenses and narrative storytelling within cybersecurity practices. The conversation emphasizes innovative strategies to tackle emerging threats, shaping the future landscape of international security.

In this discussion, Cadet Blizzard, a member of Russia's elite GRU Unit, dives into the shadowy world of cyber warfare, shedding light on the notorious Whisper Gate malware attack on Ukraine. He highlights the urgent vulnerabilities recently uncovered in Apache, SonicWall, and the Linux kernel, prompting calls for enhanced security. A special segment features Mary Haigh, Global CISO of BAE Systems, emphasizing the importance of building diverse cybersecurity teams that go beyond technical skills, fostering collaboration and mentorship in the field.

Join Sara Siegle, Chief of Strategic Communications at the NSA, and Cam Potts, co-host of the new No Such Podcast, as they delve into hot topics in cybersecurity. They discuss the U.S. disruption of Russia's misinformation campaign aimed at the 2024 election and highlight cyber threats from North Korea and Iran. The conversation also touches on a troubling cyberattack on Planned Parenthood and the challenges facing the NSA in talent retention. Insightful and eye-opening, their discussion reveals the complexities of safeguarding national security.

A shocking vulnerability in YubiKeys reveals the risks of cloning attacks. Google issues a grave warning about an Android zero-day threat. Cybercriminals are targeting Latvian websites amid geopolitical unrest. Bitcoin ATM scams are surging, alarming the Federal Trade Commission. D-Link pushes users to dump outdated routers, while Clearview AI faces hefty fines for GDPR breaches. A humorous story about unauthorized Wi-Fi on a Navy ship highlights tech risks. Plus, a guest shares valuable insights from the NSA to venture capital.

Brazil has blocked access to X/Twitter, igniting debates over freedom of expression and accountability for digital platforms. A major cyberattack targeted Transport for London, highlighting the growing cybersecurity threats. There's a significant data breach at CBiz affecting client privacy. Meanwhile, AI's role in software development is evolving, with an emphasis on security and oversight to mitigate vulnerabilities. Controversy brews around AI’s impact on political lobbying, raising questions about ethics and accuracy in the digital realm.

Join Jason Aspiotis, Global Director of In-Space Data & Security at Axiom Space, and Jay Naves, Sr. Solutions Architect at AWS Aerospace & Satellite Solutions, as they dive into the exciting future of commercial space stations. They unveil Axiom Space's plan for the first commercial station, how AWS tech optimizes operations, and the role of AI in mission management. Discover how innovations in space infrastructure could transform economic opportunities while fostering research in microgravity. This conversation is a gateway to the next era of space exploration!

Tom Gorup, Vice President of Security and Support Operations at Alert Logic, shares his journey from military infantry to cybersecurity expert. He discusses how military tactics influence strategic thinking in digital security. Tom highlights his invention, the Grunt, which automates firewall management. He emphasizes the importance of communication and sees failure as a stepping stone to success, urging those entering new fields to embrace setbacks as learning opportunities. His insights blend military discipline with innovative tech approaches.

Danielle Ruderman, Senior Manager for Worldwide Security Specialists at AWS, and Adam Mikeal, CISO at Texas A&M, dive into the vital role of CISO Circles in fostering security culture in higher education. They discuss challenges like adopting generative AI and the importance of trust among security leaders. The conversation highlights the need for collaboration across industries and the strategic approach necessary to navigate future cybersecurity risks, emphasizing digital trust and privacy in an evolving landscape.

Tim Peck, a Senior Threat Researcher at Securonix, delves into the evolving DEV#POPPER campaign targeting software developers. He reveals how North Korean threat actors use social engineering techniques, like fake job interviews, to distribute stealthy malware across various operating systems. The discussion covers the psychological manipulation at play and the security risks of conducting job interviews on business computers. Peck highlights the urgent need for developers to safeguard their systems against such sophisticated threats.

California is pushing forward with new AI safety regulations to combat misuse. DDoS attacks are surging, alongside the emergence of the RansomHub ransomware. A persistent malware campaign targets Roblox developers, while a bizarre swatting incident unfolds involving two European men. The importance of timely software updates is emphasized in light of recent legal battles. Also discussed is a massive password leak that raises security concerns, highlighting the dual edge of AI in aiding and combating cybercrime.