CyberWire Daily

The podcast covers various cybersecurity news and incidents, including AI as a global threat, social media breach, data broker settlement, massive data leak, airdrop hack claim, and data theft. The guest discusses restoration in incident response. AI-driven misinformation is discussed, emphasizing its impact on the global economy and democracy. Cybersecurity updates, incident response, and the importance of restoration in cyberattack response are covered. The alignment of security vendors with the business and vulnerabilities in everyday objects are also discussed.

Swatting incidents on the rise, with judges and prosecutors targeted. Ransomware attacks hit LoanDepot, Toronto Zoo, and World Council of Churches. Iran-linked hackers target Albania. Avast releases Babuk decryption tool. Joe Carrigan talks about human impact on email security.

Robert M. Lee, CEO of Dragos, discusses intellectual property theft in manufacturing. The podcast covers the conclusion of the xDedic Marketplace investigation, a major cyberattack on a mortgage lender, a breach in the Swiss Air Force, and the Space Force's emphasis on collaboration for cybersecurity. Other topics include DOE's cyber resilience funding, Merck's settlement on NotPetya, NIST's warning about AI threats, and small fines for big tech companies.

Johannes Ullrich, a cybersecurity expert and Dean of Research, shares his journey from studying hard sciences to his career shift. He discusses the importance of basic principles, superhero origin stories, and physics labs in cybersecurity. Teaching for lasting impact in a changing industry is also highlighted.

Guilherme Venere from Cisco Talos joins to discuss their research on "A deep dive into Phobos ransomware, recently deployed by 8Base group." Cisco Talos discovered that 8Base’s Phobos ransomware payload contains an embedded configuration, which is a significant difference between 8Base’s Phobos variant and other Phobos samples that have been observed in the wild since 2019. In this 2-part research series, Talos conducts a deep dive into the Phobos ransomware, including its affiliate structure, activity and capabilities, as well as the one private key that could enable decryption of all the samples analyzed. The research can be found here: A deep dive into Phobos ransomware, recently deployed by 8Base group Understanding the Phobos affiliate structure and activity Learn more about your ad choices. Visit megaphone.fm/adchoices

Topics discussed include a BGP attack disrupting internet service, a data breach at a law firm, activities of threat actor UAC0050, and the discovery of malicious packages in the PIPI repository. There is an interview on tackling the cybersecurity workforce gap and promoting inclusion, and a discussion highlighting the intersection of accounting and cybersecurity. The dangers of love on LinkedIn and the importance of inclusiveness among cyber professionals are also explored.

Garrett Boyd, senior consultant at Palo Alto Networks Unit 42, discusses the importance of internal training and mentorship in cybersecurity. Topics of interest include the 7-month long cyber attack on Ukrainian telecom provider Kyivstar by Russian hackers, flaws in the MD5 hashing algorithm, the need for a ban on ransom payments, and the transformative impact of mentorship in personal and professional growth.

Discussion on cyber-kidnapping in Utah, hospitals suing for data recovery, DHS assessment on cyber threats, rise of Mac malware, Russian intelligence hacking cameras for targeting, ransomware roundup, NPM dependency campaign, Google's enhanced safe browsing, and Accenture's Rob Boyce talking about hacker collaboration.

A zero-click exploit affects iPhones, novel malware used in cyber campaign, Indian government targets Apple over hacking attempts, Microsoft disables App Installer, AV compromised in Australian courts, Cyber Toufan claims attacks against Israeli targets, patients in Oklahoma face online extortion, LoanCare customers' data at risk, Google settles private browsing lawsuit, Barracuda patches zero-day, Caleb Barlow shares password security tips.

Microsoft EVP Charlie Bell, with over four decades in the tech industry, talks about AI in cybersecurity, the importance of collaboration and partnerships, and the role of cloud and AI in addressing the evolving threat landscape.