CyberWire Daily

Critical security flaw in Cisco's SSM On-prem, yacht retailer data breach, NHS ransomware attack. Port Shadow VPN attack, Ivanti high-severity patches. FIN7's security evasion tool, Indian crypto exchange transfer, SAP AI Core vulnerabilities. DDoS for hire team arrests. Guest discusses risk assessments on open-source software. Traffic light controller flaw discovery.

Interpol targets West African cybercrime groups. Bassett Furniture hit by ransomware. Gastroenterologist data breach. Apache HugeGraph flaw exploited. Updates on Octo Tempest. Satori finds evil twin campaigns on Google Play. Change Healthcare breach cost surpasses $2 billion. Surge in cybersecurity venture funding. Legal challenges for cyber regulatory agencies. Industry Insights on cybercrime enablement services. Challenges in fighting disinformation.

Sysdig guests Alex Lawrence and Matt Stamper discuss the 555 Cloud Security Benchmark. Squarespace domains hijacked, Kaspersky Lab closes US division, Poco RAT malware via 7zip files, CISA red-teaming, and Switzerland mandates open source software. Bellingcat locates alleged cartel member.

The podcast delves into conspiracy theories following an assassination attempt on Trump, AT&T paying to delete stolen data, Rite Aid's ransomware recovery, a hacktivist group breaching Disney’s Slack, Python packages exfiltrating data, upgraded HardBit ransomware, weaponizing PoC exploits, Google potentially acquiring Wiz, and Rick Howard's analysis of the MITRE ATT&CK framework.

Frank Duff, Amy Robertson, and Rick Doten discuss the current state of MITRE ATT&CK, delving into topics like the evolution of the Intrusion Kill Chain Prevention Strategy, collaborative cybersecurity efforts, the relationship between MITRE ATT&CK, the Diamond Model, and the Kill Chain Strategy, and exploring adversary behaviors and threat intelligence sources.

Cyber experts Asheer Malhotra and Vitor Ventura discuss Operation Celestial Force targeting Indian entities by Pakistani threat group Cosmic Leopard. They explore mobile malware use, attribution in cybersecurity, mobile malware operations, advanced tactics in malware deployment, and risks of USB drives in cybersecurity.

Guest Malek Ben Salem, a cybersecurity expert with a background in electrical engineering and a passion for math and astrophysics, shares her journey from childhood curiosity in astrophysics to a career in cybersecurity R&D. She discusses using math for data mining, forecasting, and applying new AI techniques in security at Accenture.

Brigid Johnson, Director of AWS Identity, discusses the importance of identity management in cybersecurity on AWS. Topics include AT&T data breach, NATO cyber defense center, phishing campaign using Microsoft SharePoint, and Germany excluding Huawei and ZTE from 5G infrastructure. The episode also highlights EU regulations on tech platforms and cybersecurity operations.

Topics include a crypto scam empire tied to the Cambodian ruling family, data breach at Lulu Hypermarket, GitLab and Palo Alto Networks security updates, ViperSoftX malware variants, SWATting case in New Mexico, increasing phishing attacks on government employees, GOP's stance on AI regulation, and a deep dive into the evolving threats of AI-generated malware with experts.

Guest Jack Cable, Senior Technical Advisor at CISA, discusses Blast-RADIUS attack, Russian disinformation, and AI use in classrooms. Microsoft and Apple change OpenAI board seats. Australia reviews tech security. Patch Tuesday updates. CISA's Secure by Design Alert series highlighted. Plus, a cyber expert's geeky wedding.