The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
📻 Siste episoder av CyberWire Daily
Her er de nyeste episodene tilgjengelige via RSS-feeden:
While our team is out on winter break, please enjoy this episode of Threat Vector from our partners at Palo Alto Networks.
In this episode of Threat Vector, host David Moulton talks with Wendi Whitmore, Chief Security Intelligence Officer at Palo Alto Networks, about the increasing scale of China-linked cyber threats and the vulnerabilities in outdated OT environments.
Wendi shares critical insights on how nation-state threats have evolved, why AI must be part of modern defense strategies, and the importance of real-time intelligence sharing. They also dive into scenario planning as a key to resilience. If you want to know how cybersecurity leaders are preparing for the next wave of threats, this episode is a must-listen.
From the show:
ASEAN Entities in the Spotlight: Chinese APT Group Targeting
Preparing for a Secure Paris 2024
Unit 42 Predicts the Year of Disruption and Other Top Threats in 2025
FBI talks about how China is testing AI in cyberattacks
Hear more from Wendi Whitmore on Threat Vector:
Episode 5: From Nation States to Cybercriminals
Join the conversation on our social media channels:
Website: https://www.paloaltonetworks.com/
Threat Research: https://unit42.paloaltonetworks.com/
Facebook: https://www.facebook.com/LifeatPaloAltoNetworks/
LinkedIn: https://www.linkedin.com/company/unit42/
YouTube: @paloaltonetworks
Twitter: https://twitter.com/PaloAltoNtwks
About Threat Vector
Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.
The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.
Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.
Palo Alto Networks
Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. http://paloaltonetworks.com
Learn more about your ad choices. Visit megaphone.fm/adchoices
Lorrie Cranor: Why Security Fails Real People [Afternoon Cyber Tea] (00:23:45)
While our team is out on winter break, please enjoy this episode of Afternoon Cyber Tea with Ann Johnson from our partners at Microsoft Security.
Dr. Lorrie Cranor, Director of the CyLab Security and Privacy Institute at Carnegie Mellon University joins Ann Johnson, Corporate Vice President, Microsoft, on this week's episode of Afternoon Cyber Tea to discuss the critical gap between security design and real-world usability. They explore why security tools often fail users, the ongoing challenges with passwords and password less authentication, and how privacy expectations have evolved in an era of constant data collection. Dr. Cranor emphasizes the importance of user-centered design, practical research, behavioral insights, and simpler, more transparent systems to help CISOs build security programs that truly work for people.
Resources:
View Lorrie Cranor on LinkedIn
View Ann Johnson on LinkedIn
Related Microsoft Podcasts:
Microsoft Threat Intelligence Podcast
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Afternoon Cyber Tea with Ann Johnson is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.
Learn more about your ad choices. Visit megaphone.fm/adchoices
The New Frontlines of Cybersecurity: Lessons from the 2025 Digital Defense Report [Microsoft Threat Intelligence Podcast] (00:47:29)
While our team is out on winter break, please enjoy this episode of The Microsoft Threat Intelligence Podcast from our partners at Microsoft.
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Chloé Messdaghi and Crane Hassold to unpack the key findings of the 2025 Microsoft Digital Defense Report; a comprehensive look at how the cyber threat landscape is accelerating through AI, automation, and industrialized criminal networks.
They explore how nation-state operations and cybercrime have fused into a continuous cycle of attack and adaptation, with actors sharing tooling, infrastructure, and even business models. The conversation also examines AI’s growing impact, from deepfakes and influence operations to the defensive promise of AI-powered detection, and how identity compromise has become the front door to most intrusions, accounting for over 99% of observed attacks.
Listeners will gain perspective on:
How AI is shaping both attacker tradecraft and defensive response.
Why identity remains the cornerstone of global cyber risk.
What Microsoft’s telemetry—spanning 600 million daily attacks—reveals about emerging threats and evolving defender strategies.
Questions explored:
How are threat actors using AI to scale deception and influence operations?
What does industrialized cybercrime mean for organizations trying to defend at scale?
How can defenders harness AI responsibly without overreliance or exposure?
Resources:
Download the report and executive summary
Register for Microsoft Ignite
View Chloé Messdaghi on LinkedIn
View Crane Hassold on LinkedIn
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
Learn more about your ad choices. Visit megaphone.fm/adchoices
Season finale: Leading security in a brave new world. [CISOP] (00:43:59)
In the season finale of CSO Perspectives, Ethan Cook and Kim Jones reflect on a season of conversations exploring what it means to lead security in a rapidly evolving “brave new world.” From the realities behind AI hype and the slow-burn impact of quantum computing to the business forces shaping cybersecurity innovation, they revisit key lessons and lingering challenges facing today’s CISOs. The episode closes with an optimistic—but candid—look at why fundamentals, critical thinking, and leadership still matter as the industry moves forward.
Want more CISO Perspectives?
Check out companion blog posts by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements episodes throughout the season.
Learn more about your ad choices. Visit megaphone.fm/adchoices
The Hidden Risk in Your Stack [Data Security Decoded] (00:27:12)
While our team is out on winter break, please enjoy this episode of Data Security Decoded from our partners at Rubrik.
In this episode of Data Security Decoded, host Caleb Tolin sits down with Hayden Smith, CEO of Hunted Labs, as he breaks down how software supply chain attacks really work, why open source dependencies create unseen exposure, and what modern threat actors are doing to exploit trust at scale. Caleb and Hayden dive deep into real-world attacks, emerging TTPs, AI-powered threat hunting, and what organizations must do today to keep pace. Listeners walk away with a clear picture of the problem—and a practical blueprint for reducing supply chain risk.
What You’ll Learn
How modern attackers infiltrate open source ecosystems through fake accounts and counterfeit package contributions.
Why dependency chains dramatically amplify both exposure and attacker leverage.
How to use threat intelligence and threat hunting to proactively evaluate upstream packages before adoption.
Where AI-powered code analysis is changing the ability to discover hidden vulnerabilities and suspicious patterns.
Why dependency pinning, SBOM discipline, and continuous monitoring now define a strong supply chain posture.
Episode Highlights
00:00 — Welcome + Why Software Supply Chain Risk Matters
02:00 — Hayden’s Non-Cyber Passion + Framing Today’s Topic
03:00 — Why Open Source Powers Everything—and Why That Creates Exposure
06:00 — The Real Attack Vector: Contribution as Initial Access
08:00 — Inside the Indonesian “Fake Package” Campaign
10:30 — How to Evaluate Code + Contributor Identity Together
12:00 — Threat Hunting and AI-Enabled Code Interrogation
15:00 — The Challenge of Undisclosed Vulnerabilities in Widely Used Components
16:30 — How Recovery Works When Malware Is Already in Your Stack
19:00 — Continuous Monitoring as the Foundation of Modern Supply Chain Security
22:00 — Pinning, Maintainer Analysis, and Code Interrogation Best Practices
24:00 — Where to Learn More About Hunted Labs
Episode Resources
Hunted Labs — https://huntedlabs.com
Hunted Labs Entercept
Hunted Labs “Hunting Ground” research blog
Open Source Malware (Paul McCarty)
Learn more about your ad choices. Visit megaphone.fm/adchoices
Charity Wright: Pursue what you love. [Threat intelligence] [Career Notes] (00:09:50)
While our team is out on winter break, please enjoy this episode of Career Notes.
Threat intelligence analyst at Recorded Future, Charity Wright, shares her story from the army to her career today. Transitioning from the army to cybersecurity was an exciting change for her. During college she was recruited by the U.S. army where she started her journey and learned new skills paving her pathway to threat intelligence where she is now. She shares that she works with a great team of junior analysts who are constantly checking each others' biases which helps keep Charity grounded in her work. Charity spends her days keeping an eye on threats around the world where she says there is never a dull day in her line of work. We thank Charity for sharing her story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices
While our team is out on winter break, please enjoy this episode of Research Saturday.
This week, we are joined by Tom Hegel, Principal Threat Researcher from SentinelLabs research team, to discuss their work on "Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition." The latest Ghostwriter campaign, linked to Belarusian government espionage, is actively targeting Ukrainian military and government entities as well as Belarusian opposition activists using weaponized Excel documents.
SentinelLabs identified new malware variants and tactics, including obfuscated VBA macros that deploy malware via DLL files, with payload delivery seemingly controlled based on a target’s location and system profile. The campaign, which began preparation in mid-2024 and became active by late 2024, appears to be an evolution of previous Ghostwriter operations, combining disinformation with cyberattacks to further political and military objectives.
The research can be found here:
Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition
Learn more about your ad choices. Visit megaphone.fm/adchoices
Beyond cyber: Securing the next horizon. [Special Edition] (01:00:13)
While our team is out on winter break, please enjoy this Special Edition episode.
Cybersecurity is no longer confined to the digital world or just a technical challenge, it’s a global imperative. The NightDragon Innovation Summit convened a group of industry leaders to discuss how public and private entities can work together to address emerging threats and harness the power of AI, cybersecurity, and innovation to strengthen national defense.
In this special edition podcast, we capture a glimpse into the knowledge and expertise shared at the NightDragon Innovation Summit. We are joined by NightDragon Founder and CEO Dave DeWalt, DataBee CEO Nicole Bucala, Liberty Mutual Insurance EVP and CISO Katie Jenkins, Sophos CEO Joe Levy, and Dataminr VP of Sales Engineering Michael Mastrole.
Learn more about your ad choices. Visit megaphone.fm/adchoices
Yippee-ki-yay, cybercriminals! [OMITB] (00:40:18)
While our team is out on winter break, please enjoy this episode of Only Malware in the Building.
Welcome in! You’ve entered, Only Malware in the Building. Wrap yourself in a warm blanket, pour your favorite mug of tea, and join us each month as we unwrap the season’s juiciest cyber mysteries. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel.
Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore Remote access, real cargo: cybercriminals targeting trucking and logistics. From clever schemes to protect shipments to the tools cybercriminals use, our guests discuss how organizations can safeguard physical goods in an increasingly connected world—because even during the season of hustle and bustle, the threats don’t take a holiday.
Learn more about your ad choices. Visit megaphone.fm/adchoices
Tech Investment Strategies and Overview [CISOP] (00:48:39)
In this CISOP episode of CSO Perspectives, Host Kim Jones sits down with John Funge, venture capitalist at DataTribe, to explore how investors view the cybersecurity landscape. Kim reflects on the tension between innovation, profit motives, and the real needs of security practitioners—raising questions about whether the industry prioritizes mitigation over true solutions. John offers a candid look inside the VC decision-making process, breaking down how teams, market fit, and long-term defensibility shape investment choices. Together, they examine how founders, investors, and CISOs can better align to drive meaningful, effective security innovation.
Want more CISO Perspectives?
Check out a companion blog post by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode.
Learn more about your ad choices. Visit megaphone.fm/adchoices
Eric Escobar: Collaboration is key. [Pen tester] [Career Notes] (00:08:42)
Please enjoy this encore of Career Notes.
Principal consultant and pen tester at Secureworks, Eric Escobar, shares his career path translating his childhood favorite Legos to civil engineering and pivoting to cybersecurity. Eric was always headed toward engineering and got both his bachelor and master degrees in civil engineering. Upon breaking into a network with a friend, he was bitten by the cybersecurity bug. Making the switch to the red team and basically becoming a bankrobber for hire, Eric tests the security of many companies' networks. He feels that curiosity is an essential trait for cybersecurity and collaboration is key as no one person knows everything. He advises those interested in cybersecurity to just start. We thank Eric for sharing his story with us.
Learn more about your ad choices. Visit megaphone.fm/adchoices
The lies that let AI run amok. [Research Saturday] (00:24:36)
Darren Meyer, Security Research Advocate at Checkmarx, is sharing their work on "Bypassing AI Agent Defenses with Lies-in-the-Loop." Checkmarx Zero researchers introduce “lies-in-the-loop,” a new attack technique that bypasses human‑in‑the‑loop AI safety controls by deceiving users into approving dangerous actions that appear benign.
Using examples with AI code assistants like Claude Code, the research shows how prompt injection and manipulated context can trick both the agent and the human reviewer into enabling remote code execution. The findings highlight a growing risk as AI agents become more common in developer workflows, underscoring the limits of human oversight as a standalone security control.
The research can be found here:
Bypassing AI Agent Defenses With Lies-In-The-Loop
Learn more about your ad choices. Visit megaphone.fm/adchoices
Where encryption meets executive muscle. (00:27:37)
In this episode, host Kim Jones tacks a topic that is rapidly moving from theoretical to operational reality: quantum computing. While classical computing will remain the backbone of our systems for years to come, quantum technologies are advancing fast enough that CISOs must begin preparing today. Kim explores what quantum computing really means, why it matters for cybersecurity, and how leaders should begin planning for its inevitable impact. To help demystify the subject, Kim is joined by longtime colleague and cybersecurity practitioner Michael Sottile—now the CSO of a quantum computing firm—who brings decades of hands-on experience across industries and a front-row seat to quantum's evolution.
Want more CISO Perspectives?
Check out a companion blog post by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode.
Learn more about your ad choices. Visit megaphone.fm/adchoices
Amanda Fennell: There's a cyber warrior in all of us [Information] [Career Notes] (00:09:33)
Please enjoy this encore of Career Notes.
Chief security officer and chief information officer at Relativity, Amanda Fennell shares her story from archeology to cybersecurity. She shares the path that lead her towards becoming an archeologist and how it turned out not being exactly what she expected. She then shares how she got into the cyber business and how her past has impacted what she's doing now. She describes how she would like to be remembered in the cyber world, she says "I do hope that I left things better than I found them, not just the security of a product or a company, but I believe strongly that every person has a little cyber warrior inside of them." We thank Amanda for sharing her story.
Learn more about your ad choices. Visit megaphone.fm/adchoices
Root access to the great firewall. [Research Saturday] (00:26:06)
Daniel Schwalbe, DomainTools Head of Investigations and CISO, is sharing their work on "Inside the Great Firewall." This two-part research project analyzes an extraordinary 500–600GB leak that exposes the internal architecture, tooling, and human ecosystem behind China’s Great Firewall.
Across both parts, you break down thousands of leaked documents, source code repositories, diagrams, packet captures, and telemetry that reveal how systems like the Traffic Secure Gateway, MAAT, Redis-based analytics, and modular DPI engines work together to censor, surveil, and fingerprint users at scale. Taken together, the research shows how the Great Firewall functions not just as a technical system, but as a living censorship-industrial complex that adapts, learns, and coordinates across government, telecoms, and security vendors.
The research can be found here:
Inside the Great Firewall Part 1: The Dump
Inside the Great Firewall Part 2: Technical Infrastructure
Learn more about your ad choices. Visit megaphone.fm/adchoices
