CyberWire Daily

Caroline Wong, CSO at Cobalt, discusses pentesting & AI in cybersecurity. UK's NCSC alerts on APT40, Frankfurt Uni cyberattack, CloudSorcerer spying on Russian agencies, CISA addressing security flaws. Cybersecurity funding rises. Ticketmaster faces scalper challenges.

Topics include Microsoft switching employees in China from Android to iPhones, security flaws in Mastodon, OpenAI breach, 10 billion leaked passwords, CISA requested more info on January hack, Egyptian Health Dept breach, NHLS ransomware attack, Eldorado ransomware, Cisco vulnerability, and discussion on extending security around genAI.

Richard Clarke, a cybersecurity pioneer, shares his journey from being inspired by President Kennedy to creating the first cybersecurity position in federal government. He worked for the Department of Defense and the White House, focusing on counterterrorism and raising cybersecurity awareness. Clarke continues to advise CISOs through Good Harbor Security Risk Management.

Cybersecurity expert Joshua Miller from Proofpoint discusses TA453's phishing attack on a US-based think tank. Topics include Iran's cyber threats, malicious VPN app targeting Macs, analysis of Mac malware, and recommendations against persistent threat actors.

Unit 42's CTO and VP of Engineering, Michael Sikorski, discusses the 2024 Incident Response Report, highlighting cyber threats like AI use, software vulnerabilities, 'living off the land' attacks, and business disruption supply chain attacks. Recommendations on incident response strategies and mitigating cyber threats are shared.

Dave Bittner, cybersecurity expert, and Selena Larson discuss the disappearance of IcedID malware and the emergence of Latrodectus, both tied to ransomware. They explore the transition, cybercrime dynamics, and connections between the two malware variants, highlighting the need to address initial access threats.

The podcast discusses the Supreme Court overturning Chevron deference affecting cyber regulations, revealing online sex abusers with stolen credentials, CISA's updates for online maritime resilience tools, Patelco Credit Union's ransomware attack, arrests in a vishing fraud scheme, Splunk's critical vulnerabilities, HHS fining a Health System for HIPAA violations, and Joe Carrigan's CISSP certification journey.

Cybersecurity expert Johannes Ullrich talks defending against API attacks and new ransomware threats like Volcano Demon. They discuss a new OpenSSH vulnerability, Chinese hackers exploiting a Cisco zero-day, and unauthorized access at HubSpot. Google launches a KVM bug bounty program while addressing dangerous attack techniques and the impact of AI on cybersecurity.

The guest Rick Howard discusses topics such as emergency patches for router vulnerabilities, phishing attacks, data breaches, Trojanized software installers, and the importance of identity and access management in implementing a Zero Trust strategy.

Guests Ted Wagner and Cassio Sampaio discuss the current state of Identity and Access Management, emphasizing Zero Trust security concepts and the importance of IAM in cybersecurity. They explore challenges in workforce and customer identity, the evolution of authentication methods, and address password insecurity.