CyberWire Daily

Dick O'Brien from Symantec Threat Hunter Team discusses ransomware operators' adaptability. Topics include Acuity breach, new malware strains, Russian credit card theft arrests, AI model vulnerabilities, and UK honey traps.

George Jones, CISO at Critical Start, discusses cybersecurity investment strategies for optimal risk reduction. Topics include State Department breach, AI-related job losses, cookie protections, and recent cyberattacks. Contrasting US and UK cyber approaches, maximizing ROI in cybersecurity tools, and communicating financial benefits of security initiatives.

Microsoft faces harsh criticism from Cyber Safety Review Board. Ransomware attack in Jackson County, Missouri prompts state of emergency. Chinese brands pose threat to U.S. infrastructure. Malware campaigns using YouTube, data breach warning from OWASP. LockBit ransomware gang struggles. India's government cloud leaks personal data. ChatGPT jailbreaks on hacker forums. Hosts discuss CISSP study journey. Transition to studying Domain 1. Amazon grocery stores now require checkout.

Jeff Reich, Executive Director of IDSA, discusses identity security best practices, AI's impact, and upcoming events. Google settles class action lawsuit, NIST tackles NVD backlog, India rescues citizens from cybercrime, UK-US AI collaboration, FTC tracks impersonation fraud surge, breach exposes customer data, and Prudential Financial informs of data breach. Hotel chain vulnerability also discussed.

Yameen Huq from the Aspen Institute discusses cybersecurity topics including a backdoor in open source, AT&T password resets, macOS info-stealer, Poland's Pegasus spyware investigation, and the evolving Vultur banking trojan. A Solution Spotlight features team retention strategies. The podcast also covers a ghost ship affecting Africa's internet connectivity and pays tribute to security legend Ross Anderson.

Liji Samuel, Chief of Standards and Certification at NSA, shares her career journey in STEM, overcoming barriers in cybersecurity. She emphasizes resilience and leadership skills. She contrasts profit-driven private sector practices with government's resource management for public good, advocating for investment in future technical professionals.

Elad, Senior Security Researcher at Cycode, shares research on a supply chain vulnerability in Bazel affecting projects like Kubernetes and Google. The podcast discusses AI in cyber attacks, workflow vulnerabilities, composite actions, GitHub attack scenarios, and sponsor emphasis for risk mitigation.

Guests Linda Gray Martin and Britta Glade discuss Pentagon's cybersecurity roadmap, health insurer data breach, credential stuffing, and more. They also talk about RSA Conference highlights and insights from CISA's Eric Goldstein. The podcast covers evolving cyber threats, incident reporting regulations, and the impact of social media post-Baltimore Bridge Collapse.

Baptiste Tripard, CMO at Alteia, and Aiga Stokenberga, Sr. Transport Economist at the World Bank, discuss leveraging AWS cloud, AI, and space tech to monitor critical road networks for infrastructure investments. They highlight real-world applications in emerging economies and the impact on infrastructure resilience and economic analysis. The podcast explores the synergy between technology, environment, and the transformative power of AI in processing vast data.

Sam Rubin, VP at Unit 42, discusses ransomware attacks, AI, and cybersecurity education. Topics include malware threats, AI governance, phishing as a service, and Chrome updates. The podcast emphasizes the need for defense strategies against sophisticated ransomware attacks and the importance of cybersecurity education.