CyberWire Daily

The Five Eyes issue a rare joint warning on China. Jen Easterly weighs in on Trump’s AI EO. Researchers warn everyday notifications can become AI attack vectors. IronWorm is a sophisticated Rust-based infostealer targeting software developers. Cisco patches a critical vulnerability in its Unified Communications Manager platform. Anthropic maps AI-enabled cyber activity to the MITRE ATT&CK framework. Authorities dismantle an online counterfeit identity marketplace. Our guest is Jason Kikta, CTO from Automox, discussing AI vulnerabilities, real risk, and the speed problem. An extortion crew is forced to open a customer support ticket.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today on our Industry Voices segment, we are joined by Jason Kikta, CTO from Automox, who is discussing AI vulnerabilities, real risk, and the speed problem. If you enjoyed this conversation, check out the full interview here. 

Selected Reading⁠

U.S. and intelligence allies issue rare joint warning about China (Washington Post)

Safeguarding Our Secrets (MI5)

Opinion | The Government Is Finally Taking A.I. Risk Seriously (New York Times)

CISA directive for AI executive order to be released this week, Andersen says (The Record)

Gemini Voice Assistant Hijacked via Messaging Notifications (SecurityWeek)

IronWorm: Shai-Hulud's rustier cousin (JFrog Security Research)

Cisco warns of critical Unified CM flaw with PoC exploit code (Bleeping Computer)

Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator (Anthropic)

Police dismantles fake ID marketplace used by migrant smugglers (Bleeping Computer)

Over 1.4 Million Accounts Disrupted in Cybercrime Crackdown (SecurityWeek) 

'Dumbass' criminal breaks the 'first rule of ransomware club' (The Register)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

AI oversight arrives at the White House. A Cyber Force gains momentum. Critical infrastructure comes under cyberattack. Acer faces zero-day trouble. A stock exchange executive gets spied on for months. HTTP/2 Bomb threatens web servers. Quantum’s classical side grows bigger. Britain's military chooses Starshield. Spain’s infamous hacker gets sentenced. Our guest is Benjamin Morrell, Vice President, Security Strategy at Coro Cybersecurity, discussing the role of MSPs. Meta’s productivity panopticon pauses for personal pitstops. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices, we are joined by Benjamin Morrell, Vice President, Security Strategy at Coro Cybersecurity, discussing the role MSPs are playing in cybersecurity. If you enjoyed this conversation be sure to check out the full conversation here. 

Selected Reading

Trump Signs Executive Order Seeking Oversight of A.I. Models (The New York Times)

New cyber force would cost up to $11 billion to start, commission says (The Record)

CISA Warns of Cyberattacks Targeting U.S. Tank Gauge Systems (GB Hackers)

Acer working to patch max severity zero-days in Wave 7 routers (Bleeping Computer)

Espionage Campaign Targeted Stock Exchange Executive for Five Months (Security.com)

'HTTP/2 Bomb' Exploit Knocks Web Servers Offline in Seconds (SecurityWeek)

The Classical Advances Needed to Make Quantum Computers Tick (IEEE)

Alcasec, "Robin Hood of Spanish Hackers," Jailed for 31 Months Over Data Theft (Hackread)

Exclusive: UK adopts SpaceX's Starshield for military operations, sources say (Reuters)

Meta will reportedly let employees take 30-minute breaks from its tracking program (Engadget)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Steam comments. Researchers spot AI-assisted malware development. Attackers compromise Red Hat’s npm namespace. DriveSurge spreads malware through ClickFix and fake updates. FreePBX patches a critical flaw. And Dashlane responds to a brute-force attack. Our guest is ⁠Laure Lydon⁠, Opening Chair for Infosecurity Europe and VP of Security and Infrastructure, Flo Health, sharing her expertise on digital health platforms. Meta’s AI support bot proves a bit too eager to help.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today, Maria Varmazis speaks with ⁠Laure Lydon⁠, Opening Chair for Infosecurity Europe and VP of Security and Infrastructure, Flo Health, sharing her expertise on privacy, security, and trust in digital health platforms, especially in sensitive areas like women's health. This interview is part of our partnership with Infosecurity Europe.

Selected Reading

Inspector general finds NIST mistakes have made vulnerability database ineffective (The Record)

Google fixes one actively exploited Android zero-day, 124 flaws (Bleeping Computer)

Uncovering Webloc: An Analysis of Penlink’s Ad-based Geolocation Surveillance Tech (The Citizen Lab)

GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure (Security Affairs)

Threat Actor Uses AI to Build EDR Evasion Tools (Infosecurity Magazine)

Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets (Infosecurity Magazine)

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks (Bleeping Computer)

Critical Hard-Coded Credentials Vulnerability in FreePBX User Control Panel (Beyond Machines)

Dashlane password manager users locked out by brute force attacks (Bleeping Computer)

Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Battlefield AI sparks debate. Election cyber threats rise. A critical Windows flaw is under active attack. CISA weighs new reporting rules. Russian targets face a stealthy hacking campaign. A 19-year-old Linux bug gets its day in the sun. Today’s business update. Our guest is Heather Ceylan,  CISO at Box, discussing how governed AI starts with solving the unstructured data problem. Microsoft hits refresh on research relations. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On today’s Industry Voices we are joined by Heather Ceylan,  CISO at Box, discussing how governed AI starts with solving the unstructured data problem. If you enjoyed this conversation, you can catch the full interview here.

Selected Reading

As the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge Caution (SecurityWeek)

Why a surge of election-related websites could spell rising cyber threats for the midterms (PBS News)

Election threats are focused on campaign systems, not voting machines (CyberScoop)

Critical Windows Netlogon RCE flaw now exploited in attacks (Bleeping Computer)

U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog (Security Affairs)

CISA Town Halls Set Final Stage for CIRCIA Debate (BankInfo Security)

Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years (The Record)

19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access (SecurityWeek)

Indian Exam Board Admits to Cybersecurity Holes Found by Teen (Bloomberg)

Zscaler intends to acquire identity mapping company Symmetry Systems. (N2K Pro Business Briefing)

Microsoft says it will not pursue security researchers after zero-day backlash (The Record)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner consider the tactics, trends, and turning points that shaped the threat landscape over the last decade of ransomware.

Ransomware has evolved from small-scale extortion and opportunistic attacks to sprawling, sophisticated, organized crime and state-sponsored attacks. Cryptocurrency plays a pivotal role in enabling ransomware's growth by providing untraceable payment methods.

Join us as we explore key incidents like WannaCry and NotPetya, the shift from street crime to organized and nation-state cyber threats, and AI's impact on the future of ransomware.
Learn more about your ad choices. Visit megaphone.fm/adchoices