CyberWire Daily

House passes bill to stop sale of American data to foreign foes. US sanctions Russian entities for disinformation campaign. China warns of cyber threats. Logistics firm isolates Canadian division after cyber attack. Ivanti warns of critical vulnerability. Firebase instances found vulnerable. Microsoft phases out weak encryption. Formula One fans fight phishing. Glassdoor accused of privacy breach. CrowdStrike discusses cloud attacks. Pwn2Own winners get Tesla.

Sloane Menkes shares her journey from high school math to cybersecurity consulting. Her 'What is the 2%?' mantra drives her problem-solving skills. Military experience and Howard Schmidt influenced her journey. She highlights the constant change in consulting and offers advice to women in cybersecurity.

The podcast discusses Biden's cyber initiatives for protecting water systems and investments in U.S. chip manufacturing. It also covers warnings on China's cyber threats, Microsoft's cloud domain services, breaches in pharmaceutical companies and popular Wordpress plugin. Additionally, it includes an online extortion case, SEC fines for AI washing, and insights on CISSP certification journey.

Legal expert Jacqueline Wudyka discusses the new SEC cybersecurity regulations reshaping how public companies handle cyber risks. The episode dives into challenges of defining 'materiality,' enforcement hurdles, and impact on cybersecurity landscape. Packed with insights and strategies for compliance, it's a must-listen for cybersecurity professionals and legal experts.

A SIM-swapper pleads guilty, class action suits against UnitedHealth Group, cyber threats in aviation, major mortgage lender data breach, election misinformation, UK guidance on SCADA system migration, Smoke Loader containment, Earth Krahang malware, AT&T data breach, OpenAI vs. New York Times case unpacked

Listen to Roselle Safran share her journey from civil engineering to cybersecurity, including her roles at the White House and in startups. She encourages others to apply and learn as much as they can in the field of cybersecurity.

US investigators pursue Volt Typhoon. IMF cyber breach. Fujitsu hacked. DEEP#GOSU targets South Korea. Subsea cable breaks cut off West Africa. Health care groups oppose cyber regulations. PA school district hit by ransomware. Microsoft Canada's Kevin Magee on board reporting. Apex Legends eSports upgrades.

A cybersecurity professional shares her journey from wanting to be a rockstar to becoming the 'fairy godmother of security'. She talks about working with the Secret Service during the Olympics in 2002 and her passion for protection. Dawn Cappelli offers words of wisdom for those trying to enter the industry, emphasizing the importance of taking risks.

Delve into the history of the updated NICE Framework for cybersecurity education's future. Explore the pivotal role of the NICE Framework in shaping a skilled cybersecurity workforce, collaborations between academia, industry, and government, and the impact of automation and AI in cybersecurity roles. Learn about enhancements in the NICE Framework, community engagement, and the collaborative process in updating the framework. Discover the evolution and modernization of the NICE Framework, workforce intelligence, security leadership, and compliance automation in cybersecurity.

Exploring how cyber criminals abused SendGrid to launch a phishing campaign impersonating itself. Delving into sophisticated phishing attacks using AES encryption and JavaScript obfuscation. Highlighting the importance of security awareness in email communications to prevent falling victim to phishing scams.