CyberWire Daily

Rick Howard, N2K’s CSO, talks about cybersecurity breaches at Snowflake and Hugging Face. Australian legislation targets deepfake porn. CISA adds vulnerabilities to KEV catalog. Spanish police investigate driver's license breach. NSA shares mobile device best practices. Everbridge reports a data breach. Google explains weird AI search results. CSO Perspectives Season 14 launches. Cybersecurity incidents, SEC actions, and cybersecurity principles discussed.

Guests Steve Winterfeld and Ted Wagner discuss the SEC's fraud charges against SolarWinds CISO post-cyber espionage, highlighting material cybersecurity risks and the role of a CSO in a company. The podcast delves into the complexities of the SolarWinds breach by Russian SVR, critiquing the SEC's amended complaint and mandate on disclosure.

Deneen DiFiore, CISO of United Airlines, discusses her cybersecurity career journey with focus on attracting diverse talent, forming cybersecurity groups within organizations, collaboration to bridge talent gap, and success stories in aviation cybersecurity innovation.

Explore the Business Roundtable's efforts to bridge the cybersecurity workforce gap with the launch of a Cybersecurity Workforce Corporate Initiative and Playbook. Learn about innovative strategies for entry-level cybersecurity roles, the importance of AI protection, and internal staff training programs. Get a sneak peek into the 2024 NICE Conference and United Airlines Keynote, highlighting partnership and collaboration in addressing cybersecurity challenges.

Diane M. Janosek, Commandant for NSA's National Cryptologic School, shares her journey from law clerk to orchestrating education for cyber and cryptologists worldwide. She emphasizes the importance of diverse talent in the cybersecurity field and encourages those who love to learn to join this multidisciplinary field.

Amit Malik, Director of Threat Research at Uptycs, discusses the discovery of a large-scale Log4j campaign involving over 1700 IPs deploying XMRig cryptominer malware. The research unveils the JNDI plugin's usage by attackers and emphasizes the importance of patch management in protecting against such cyber threats.

A new cybersecurity bill aims to simplify federal regulations. Personal info of business leaders and politicians for sale on the dark web. BBC pension scheme breached. OpenAI disrupts covert influence operations. Over 600,000 routers bricked by hackers. Cracked Microsoft Office copies deliver malware. Senator calls for accountability in ransomware attack. SpyCloud's Chip Witt discusses digital identity exposure. Florida man becomes Moscow's fake-news puppet.

CISO Greg Jones from Xavier University shares insights on security measures. Topics include botnet arrests, Ticketmaster breach, Pegasus spyware, and NIST clearing NVD backlog. Eric Goldstein discusses software security. LightSpy malware on macOS and ChatGPT updates mentioned.

Google's search algorithm leak challenges transparency. Critical router vulnerability discovered. Ransomware hits Seattle Public Library. Georgia man gets 10 years for scams. Treasury sanctions botnet operators. Major breach affects 44,000 individuals. North Korea's Moonstone Sleet described. Architectural approach in cybersecurity advocated. Cracked password leads to multimillion-dollar windfall. Gender diversity in cybersecurity discussed. CISSP certification journey explored. Cryptocurrency recovery adventure shared.

Guest Carrie Hernandez Marshall from Rebel Space Technologies discusses extending cybersecurity to space. FBI investigates Scattered Spider. RansomHub deadlines. Data breaches in India. Check Point warns on VPNs. Internet Archive hit by DDoS. Minesweeper clone installs malware. Podcast explores cyber attacks, space cybersecurity, and CEO's background.