CyberWire Daily

Dick O'Brien, a cybersecurity researcher from Symantec's Threat Hunter team, discusses the ominous rise of the Black Basta ransomware group. He dives into a specific vulnerability, CVE-2024-26169, which allowed attackers to exploit privilege escalation as a zero-day before being patched. O'Brien outlines the group's origins and operational strategies, reveals their historical ties to the Quackbot botnet, and highlights essential cybersecurity measures for defending against such sophisticated threats. Tune in for vital insights into the evolving landscape of ransomware!

Rick Howard, N2K's Chief Security Officer, teams up with Steve Schmidt, Amazon's CSO, to dive deep into security culture's significance in tech leadership. They discuss the recent indictment of a North Korean hacker and CrowdStrike's recovery efforts. The duo emphasizes the necessity of security awareness training across organizations, highlighting that cybersecurity isn't just a security team's job. They also touch on the SEC's regulatory impact and how innovations like AI are reshaping security challenges, urging adaptive strategies for the future.

A North Korean hacking group targets healthcare, energy, and finance sectors. Leaked documents from Leidos appear on the dark web. A Middle Eastern bank faces a massive DDoS attack. Crowdstrike outage fallout updates. HHS cybersecurity audit reveals cloud security gaps. Docker patches critical vulnerability again. Google enhances Chrome user protections. Threat Vector segment explores social engineering attacks with a focus on vishing and smishing. AI cameras in Paris for the Summer Olympics.

The podcast discusses a malicious code repository on GitHub, Windows vulnerability, ransomware attack in US Virgin Islands, phishing landscape analysis, algorithmic pricing explanations, crackdown on Nigerian Yahoo Boys, fake IT worker getting caught, and a conversation with the co-hosts of Microsoft Security's The Bluehat Podcast.

Acting CTO of N2K, Justin Fanelli, discusses US Navy innovation streamlining. UK shuts down DDoS marketplace. Congress summons Crowdstrike's CEO. Google ditches plan on third-party cookies. FCC settles with Tracfone Wireless. Wiz rejects Google for IPO. Target's AI chatbot fails. Insights on public-private partnerships in cybersecurity and DOD innovation adoption.

Global CrowdStrike outage, UK arrest Scattered Spider member, DHS criticizes CISA contractor ties, Huntress finds SocGholish distributing AsyncRAT, ransomware hits US trial court, US regulator criticizes banks cyber risk management, CISA adds critical vulnerabilities, Australian police combat SMS phishing. Chris Grove from Nozomi Networks discusses challenges of protecting Summer Olympics. Rick Howard talks Cyber Threat Intelligence, interns value in cybersecurity.

John Hultquist, Mandiant’s Chief Analyst, discusses Cyber Threat Intelligence's evolution in intrusion prevention strategies and tracking espionage actors. The podcast also explores the recent Las Vegas ransomware attacks and insights shared at the MOIS conference on cyber intelligence and blockchain technology.

James Hadley, CEO of Immersive Labs, shares his journey from programming enthusiast to cybersecurity entrepreneur. He emphasizes the importance of practical skills over certifications and advises pursuing personal interests in the industry. Reflects on the inadequacy of traditional classroom learning in cybersecurity.

Selena Larson, from Proofpoint, discusses the research on fraudulent Olympics ticketing websites. Scammers create fake sites mimicking legitimate ticketing platforms, using deceptive tactics like phony QR codes. Law enforcement and Olympics partners have shut down 51 out of 338 fraudulent websites, cautioning against purchasing tickets from unofficial sources.

Rick Howard, CSO of N2K, discusses strong security cultures and AI with AWS’ CISO. They also cover the impact of a worldwide IT outage, ransomware threats to the energy sector, and a live-fire cyber-defense exercise. The episode explores the importance of language, leadership, and generative AI in cybersecurity operations.