Start tilbuddet

CyberWire Daily

CyberWire Daily

Af
- N2K Networks

0 Anmeldelser: 0
Afsnit: 3420
Gns. varighed: 30M
Sprog: Engelsk
Format
Kategori: Fakta

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Episodes

Regulation takeaways with Ethan Cook. [CISO Perspectives]On this episode, host Kim Jones is joined by Ethan Cook, N2K’s lead analyst and editor, for a deeper, more reflective conversation on cybersecurity regulation, privacy, and the future of policy. This episode steps back from the news cycle to connect the dots and explore where the regulatory landscape is heading — and why it matters. Ethan, who will join the show regularly this season to provide big-picture analysis after major policy conversations, shares his perspective on the evolving balance between government oversight, innovation, and individual responsibility. Learn more about your ad choices. Visit megaphone.fm/adchoices
3420
|
41M
Critical GoAnywhere bug fuels ransomware wave.Microsoft tags a critical vulnerability in Fortra’s GoAnywhere software. A critical Redis vulnerability could allow remote code execution. Researchers tie BIETA to China’s MSS technology enablement. Competing narratives cloud the Oracle E-Business Suite breach. An Ohio-based vision care firm will pay $5 million to settle phishing-related data breach claims. “Trinity of Chaos” claims to be a new ransomware collective. LinkedIn files a lawsuit against an alleged data scraper. This year’s Nobel Prize in Physics recognizes pioneering research into quantum mechanical tunneling. On today’s Industry Voices segment, we are joined by Alastair Paterson from Harmonic Security, discussing shadow AI and the new era of work. Australia’s AI-authored report gets a human rewrite. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices segment, we are joined by Alastair Paterson, CEO and Co-Founder of Harmonic Security, discussing shadow AI and the new era of work. You can hear the full conversation with Alastair here. Selected Reading Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Camp (Infosecurity Magazine) Redis warns of critical flaw impacting thousaRends of instances (Bleeping Computer) BIETA: A Technology Enablement Front for China's MSS (Recorded Future) Well, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882) (Labs) EyeMed Agrees to Pay $5M to Settle Email Breach Litigation (Govinfo Security) Ransomware Group “Trinity of Chaos” Launches Data Leak Site (Infosecurity Magazine) LinkedIn sues ProAPIs for using 1M fake accounts to scrape user data (Bleeping Computer) The Nobel Prize for physics is awarded for discoveries in quantum mechanical tunneling (NPR) Deloitte refunds Australian government over AI in report (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire Daily podcast is a production of N2K Networks, your source for critical industry insights, strategic intelligence, and performance-driven learning products. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
3419
|
32M
Oracle zero-day serves up persistent access.A critical zero-day in Oracle E-Business Suite is under active exploitation. ICE plans a major expansion of its social media surveillance operations. Discord confirms a third-party data breach. A critical vulnerability in the Unity game engine could allow arbitrary code execution. New variants of the XWorm remote access trojan spread through phishing campaigns. Researchers uncover a critical command injection flaw in Dell UnityVSA storage appliances. There’s been a sharp surge in reconnaissance scans targeting Palo Alto Networks login portals. A new hacking competition offers $4.5 million in prizes for exploits targeting major cloud and AI software. Monday Business Brief. On our Afternoon Cyber Tea segment with Microsoft’s Ann Johnson, Ann and guest Volker Wagner⁠, Chief Information Security Officer at BASF, share some Lessons from the Frontlines of Industrial Security. Don’t spend that ParkMobile settlement all in one place. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Afternoon Cyber Tea Segment Today we are highlighting Afternoon Cyber Tea with Ann Johnson. Ann and guest Volker Wagner⁠, Chief Information Security Officer at BASF, share some Lessons from the Frontlines of Industrial Security. You can listen to Ann and Volker's full conversation⁠ here⁠ and catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. Selected Reading PoC Exploit Released for Remotely Exploitable Oracle E-Business Suite 0-Day Vulnerability (Cyber Security News) ICE Wants to Build Out a 24/7 Social Media Surveillance Team (WIRED) Discord blames third-party support outfit for data breach (The Register) Android and Windows gamers worldwide potentially affected by bug in Unity game engine (The Record) XWorm malware resurfaces with ransomware module, over 35 plugins (Bleeping Computer) Patch Now: Dell UnityVSA Flaw Allows Command Execution Without Login (HackRead) Scanning of Palo Alto Portals Surges 500% (Infosecurity Magazine) $4.5 Million Offered in New Cloud Hacking Competition (SecurityWeek) Accenture acquires Japanese AI and DX provider, Aidemy Inc. (N2K Pro Business Briefing) ParkMobile pays... $1 each for 2021 data breach that hit 22 million (Bleeping Computer) Vote for Dave! Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our ⁠brief listener survey⁠. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our ⁠media kit⁠. Contact us at ⁠cyberwire@n2k.com⁠ to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
3418
|
24M
Sloane Menkes: What is the 2%? [Consultant] [Career Notes]Please enjoy this encore of Career Notes. Principal in PricewaterhouseCoopers Cyber Risk and Regulatory Practice, Sloane Menkes, shares her story of how non-linear math helped to shape her life and career. Sloane credits a high school classmate for inspiring her mantra "What is the 2%?" that she employs when she feels like things are shutting down. She talks about her experiences in calculus class at the US AIr Force Academy that helped to enlighten her and inform the intuitive problem solving skill or way of thinking that she'd been employing in her life. She joined Office of Special Investigations and working with Howard Schmidt is where Sloane first started to get interested in cybersecurity. She shares what she loves about the consulting role is that the environment is constantly changing, and she offers some advice for women interested in cybersecurity. We thank Sloane for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
3417
|
11M
2025 DataTribe Challenge: Forging the future of cyber. [Special Edition]The DataTribe Challenge is a launchpad for elite cybersecurity and cyber-adjacent startups ready to break out. 2025 marks the 8th annual edition of the event with a change in venue and some exciting new updates. We take you on a journey from inception with Leo Scott, Managing Director and Chief Innovation Officer at DataTribe, and 3 past DataTribe Challenge winners at different levels on their growth tracks following their participation in the event. You'll meet Anita D'Amico, former CEO of Code DX (acquired by Synopsis in 2021) and 2019 winner; Greg Baker, Co-Founder of Balance Theory and 2022 winner; and Brian Proctor, Founder and CEO of Frenos and 2024 winner. Learn more about your ad choices. Visit megaphone.fm/adchoices
3416
|
58M
China’s stealthiest spy operation yet. [Research Saturday]Assaf Dahan, Director of Threat Research, Cortex XDR, at Palo Alto Networks, discussing Phantom Taurus, a new China APT uncovered by Unit 42. Unit 42 researchers have identified Phantom Taurus, a newly designated Chinese state-aligned APT conducting long-term espionage against government and telecommunications organizations across Africa, the Middle East, and Asia. Distinguished by its stealth, persistence, and rare tactics, the group has recently shifted from email-focused data theft to directly targeting databases and deploying a powerful new malware suite called NET-STAR, designed to compromise IIS web servers and evade detection. This suite, featuring modular, fileless backdoors and advanced evasion capabilities, marks a significant evolution in Phantom Taurus’ operations and underscores the group’s strategic intelligence-gathering objectives. The research can be found here: ⁠Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite Learn more about your ad choices. Visit megaphone.fm/adchoices
3415
|
23M
WhatsApp worm spreads.A fast-spreading malware campaign is abusing WhatsApp as both lure and launchpad. Carmaker Renault suffers a data breach. DrayTek patches a critical router flaw. CISA alerts cover a range of vulnerabilities. A new phishing kit lowers the bar for convincing lures. A Catholic hospital network pays $7.6 million to settle data breach litigation. A major breach at FEMA exposes employee data. Google expands Gmail’s end-to-end encryption (E2EE) capabilities. On our Industry Voices segment, we are joined by Brian Vecci, Field CTO at Varonis, discussing move fast but don’t break things: Innovating at light speed without putting data at risk. The UK’s digital ID is a solution in search of a mandate. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Brian Vecci, Field CTO at Varonis, discussing move fast but don’t break things: Innovating at light speed without putting data at risk. You can listen to Brian’s full conversation here. Selected Reading Threat Actors Leveraging WhatsApp Messages to Attack Windows Systems With SORVEPOTEL Malware (Cybersecurity News) Major car maker confirms customer data stolen in cyber attack (The Independent) Unauthenticated RCE Flaw Patched in DrayTek Routers (SecurityWeek) Organizations Warned of Exploited Meteobridge Vulnerability (SecurityWeek) CISA Releases Two Industrial Control Systems Advisories (CISA.gov) New ‘point-and-click’ phishing kit simplifies malicious attachment creation (SC Media) Hospital Chain to Pay $7.6M to Settle Breach Litigation (Bank Inforsecurity) FEMA cyber breach exposes employee data (SC Media) Gmail business users can now send encrypted emails to anyone (Bleeping Computer) UK government says digital ID won't be compulsory – honest (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
3414
|
35M
CISA furlough sparks fears.CISA furloughs most of its workforce due to the government shutdown. The U.S. Air Force confirms it is investigating a SharePoint related breach. Google warns of a large-scale extortion campaign targeting executives. Researchers uncover Android spyware campaigns disguised as popular messaging apps. An extortion group claims to have breached Red Hat’s private GitHub repositories. A software provider for recreational vehicle and power sport dealers suffers a ransomware breach. Patchwork APT deploys a new Powershell loader using scheduled tasks for persistence. A Tennessee Senator urges aggressive U.S. action to prepare for a post-quantum future. Cynthia Kaiser, SVP of Halcyon’s Ransomware Research Center and former Deputy Assistant Director at the FBI’s Cyber Division, joins us with insights on the government shutdown. A Malaysian man pleads guilty to supporting a massive crypto fraud. Protected health info is not a marketing tool. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Cynthia Kaiser, SVP of Halcyon’s Ransomware Research Center and former Deputy Assistant Director at the FBI’s Cyber Division, joins us with insights on the government shutdown. Selected Reading Shutdown guts U.S. cybersecurity agency at perilous time (CISA) Air Force admits SharePoint privacy issue; reports of breach (The Register) Google warns executives are being targeted for extortion with leaked Oracle data (IT Pro) Researchers uncover spyware targeting messaging app users in the UAE (The Record) Red Hat confirms security incident after hackers claim GitHub breach (Bleeping Computer) 766,000 Impacted by Data Breach at Dealership Software Provider Motility (Security Week) Patchwork APT: Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload (GB Hackers) GOP senator confirms pending White House quantum push, touts legislative alternatives (CyberScoop) Bitcoin Fixer Convicted for Role in Money Laundering Scheme (Bank Infosecurity) Nursing Home Fined $182K for Posting Patient Photos Online (Bank Infosecurity) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
3413
|
26M
When politics break the firewall.Major federal cybersecurity programs expire amidst the government shutdown. Global leaders and experts convene in Riyadh for the Global Cybersecurity Forum. NIST tackles removable media. ICE buys vast troves of smartphone location data. Researchers claim a newly patched VMware vulnerability has been a zero-day for nearly a year. ClickFix-style attacks surge and spread across platforms. Battering RAM defeats memory encryption and boot-time defenses. A new phishing toolkit converts ordinary PDFs into interactive lures. A trio of breaches exposes data of 3.7 million across North America. Tim Starks from CyberScoop unpacks a report from Senate Democrats on DOGE. The Lone Star State proves even the internet isn’t bulletproof. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Tim Starks, Senior Reporter from CyberScoop, is back and joins Dave to discuss a report from Senate Democrats on the Department of Government Efficiency (DOGE). You can read Tim’s article on the subject here. Selected Reading Cyber information-sharing law and state grants set to go dark as Congress stalls over funding (The Record) Live - Global Cybersecurity Forum in Riyadh tackles how technology can shape future of cyberspace (Euronews) NIST Publishes Guide for Protecting ICS Against USB-Borne Threats (SecurityWeek) ICE to Buy Tool that Tracks Locations of Hundreds of Millions of Phones Every Day (404 Media) Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability (SecurityWeek) Don’t Sweat the ClickFix Techniques: Variants & Detection Evolution (Huntress) Battering RAM Attack Breaks Intel and AMD Security Tech With $50 Device (SecurityWeek) New MatrixPDF toolkit turns PDFs into phishing and malware lures (Bleeping Computer) 3.7M breach notification letters set to flood North America's mailboxes (The Register) A Bullet Crashed the Internet in Texas (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
3412
|
28M
One flaw to rule the root.CISA issues an urgent warning about active exploitation of a critical vulnerability in the sudo utility. Broadcom patches two high-severity vulnerabilities in VMware NSX. South Korea raises its national cyber threat level after a datacenter fire. Formbricks patches a critical token validation flaw. Microsoft blocks a credential phishing campaign that made use of malicious SVG files. Landlords are accused of scraping sensitive payroll data. Cybercriminals lay the groundwork for large-scale FIFA fraud. Burnout takes a heavy toll on cybersecurity professionals. On our Threat Vector segment, host David Moulton⁠ is joined by⁠ Kyle Wilhoit⁠ talking about the evolution of hacker culture and cybersecurity. London police bag the biggest bitcoin bust. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On this Threat Vector segment, host David Moulton⁠ is joined by⁠ Kyle Wilhoit⁠ of Unit 42 talking about the evolution of hacker culture and cybersecurity. You can listen to the full conversation⁠ here⁠, and catch new episodes of Threat Vector each Thursday in your podcast app of choice. Selected Reading CISA Issues Alert on Active Exploitation of Linux and Unix Sudo Flaw (GB Hackers) Broadcom fixes high-severity VMware NSX bugs reported by NSA (Bleeping Computer) South Korea raises cyber threat level after huge data centre fire sparks hacking fears (The Guardian) JWT signature verification bypass enables account takeover in Formbricks (Beyond Machines) Microsoft Flags AI Phishing Attack Hiding in SVG Files (Hackread) Landlords Demand Tenants’ Workplace Logins to Scrape Their Paystubs (404 Media) Playing Offside: How Threat Actors Are Warming Up for FIFA 2026 (Check Point Blog) Why burnout is a growing problem in cybersecurity (BBC) Chinese woman convicted after 'world's biggest' bitcoin seizure (BBC) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
3411
|
26M

Lyt når som helst, hvor som helst

Nyd den ubegrænsede adgang til tusindvis af spændende e- og lydbøger - helt gratis

Lyt og læs så meget du har lyst til
Opdag et kæmpe bibliotek fyldt med fortællinger
Eksklusive titler + Mofibo Originals
Opsig når som helst

DK - Details page - Device banner - 894x1036

Cover for Regulation takeaways with Ethan Cook. [CISO Perspectives]

Læs mere

Investor Relations

Tilgængelighedserklæring

Udforsk

Mofibo Originals

Brugbare links

Indløs gavekort

Indløs kampagnekode

Sprog og region

Dansk
Danmark

Følg os

Privatlivspolitik