Siste episoder av CyberWire Daily podcast

1. Chenxi Wang: Overcoming the obstacle of fear. [Venture Capital] [Career Notes]16.11.2025 (00:09:52)

   Please enjoy this encore of Career Notes. Founder and general partner of Rain Capital, Chenxi shares her story and how she conquered and got over the obstacle of fear to reach her goals in life. " I realized a lot of times my obstacle is my own fear rather than a real obstacle" Wang states, she also shares her story of breaking glass ceilings as a female founder and working in the field of cybersecurity. She hopes to be remembered for being a kind person and developing her own venture fund, as she shares her story to the top, she states what she does and how she got to be where she is today. We thank Chenxi for sharing her story. Learn more about your ad choices. Visit megaphone.fm/adchoices

2. When clicks turn criminal. [Research Saturday]15.11.2025 (00:24:25)

   Dr. Renée Burton, Vice President of Threat Intelligence from Infoblox, is sharing the team's work on "Deniability by Design: DNS-Driven Insights into a Malicious Ad Network." Infoblox returns with new threat actor research uncovering Vane Viper, a Cyprus-based holding company behind PropellerAds—one of the world’s largest advertising networks. The report reveals that Vane Viper isn’t just being exploited by criminals but operates as a criminal infrastructure itself, built to profit from fraud, malware, and disinformation through offshore entities and complex ownership structures. The findings highlight the growing convergence between adtech, cybercrime, and state-linked influence operations, suggesting that elements of the global digital advertising ecosystem are now functioning as infrastructure for large-scale cyber and disinformation campaigns. The research can be found here: Deniability by Design: DNS-Driven Insights intoa Malicious Ad Network Learn more about your ad choices. Visit megaphone.fm/adchoices

3. Operation spyGPT.14.11.2025 (00:30:01)

   Anthropic reports China-linked hackers used Claude AI in an automated espionage campaign. Google reconsiders its upcoming “Developer Verification” policy for Android. AT&T customers affected by two data breaches in 2024 can now file claims. Nearly 10,000 Washington Post employees were affected by a data breach. ASUS and Imunify360 patch critical flaws. DoorDash discloses a data breach. Checkout.com donates the ransom to researchers. Kraken ransomware benchmarks systems before encryption. Mike Arrowsmith, Chief Trust Officer of NinjaOne, shares his thoughts on how cyber may be heading for its California fire insurance moment. AI ChatBot toys behave badly.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Mike Arrowsmith, Chief Trust Officer of NinjaOne, is sharing his thoughts on how cyber insurance is heading for its California fire insurance moment. Selected Reading Anthropic Says Chinese Hackers Used Its A.I. in Online Attack (The New York Times) Researchers question Anthropic claim that AI-assisted attack was 90% autonomous (Ars Technica) Google backpedals on new Android developer registration rules (Bleeping Computer) AT&T data breach settlement to pay thousands to claimants. Who is eligible, how to apply (El Paso Times) Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack (SecurityWeek) ASUS warns of critical auth bypass flaw in DSL series routers (Bleeping Computer) Imunify360 Vulnerability Could Expose Millions of Sites to Hacking (SecurityWeek) DoorDash hit by new data breach in October exposing user information (Bleeping Computer) Protecting our Merchants: Standing up to Extortion (Checkout.com) Kraken ransomware benchmarks systems for optimal encryption choice (Bleeping Computer) AI-Powered Toys Caught Telling 5-Year-Olds How to Find Knives and Start Fires With Matches (Futurism) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

4. 404: Cybercrime not found.13.11.2025 (00:29:15)

   Operation Endgame expands global takedowns. The U.S. is creating a Scam Center Strike Force. Microsoft rolls out its delayed “Prevent screen capture” feature for Teams. Proton Pass patches a clickjacking flaw. Researchers uncover previously undisclosed zero-day flaws in both Citrix and Cisco Identity Services Engine. Android-based digital picture frames contain multiple critical vulnerabilities. Lumma Stealer rebounds after last month’s doxxing campaign. Our guest is Garrett Hoffman, Senior Manager of Cloud Security Engineering from Adobe, talking about achieving cloud security at scale. X marks the spot… where your passkey stops working.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Garrett Hoffman, Senior Manager of Cloud Security Engineering from Adobe, talking about achieving cloud security at scale. You can hear the full conversation with Garrett here. Selected Reading End of the game for cybercrime infrastructure: 1025 servers taken down - Operation Endgame’s latest phase targeted the infostealer Rhadamanthys, Remote Access Trojan VenomRAT, and the botnet Elysium (Europol) US announces ‘strike force’ to counter Southeast Asian cyber scams, sanctions Myanmar armed group (The Record) Microsoft rolls out screen capture prevention for Teams users (Bleeping Computer) Proton Pass patches DOM-based clickjacking zero-day vulnerability (Cyberinsider) Amazon discovers APT exploiting Cisco and Citrix zero-days (AWS Security Blog) CISA warns feds to fully patch actively exploited Cisco flaws (Bleeping Computer) Popular Android-based photo frames download malware on boot (Bleeping Computer) Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics (Trend Micro) Elon Musk's X botched its security key switchover, locking users out (TechCrunch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

5. Closing cracks before hackers do.12.11.2025 (00:31:05)

   Patch Tuesday. Google sues a “phishing-as-a-service” network linked to global SMS scams, and launches “private ai compute.” Hyundai notifies vehicle owners of a data breach.  Amazon launches a bug bounty program for its AI models. The Rhadamanthys infostealer operation has been disrupted. An initial access broker is set to plead guilty in U.S. federal court. Our guest is Bob Maley, CSO from Black Kite, discussing a new AI assessment framework. “Bitcoin Queen’s” $7.3 billion crypto laundering empire collapses. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Bob Maley, CSO from Black Kite, discussing a new AI assessment framework. You can hear Bob’s full conversation here. Selected Reading Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday (Infosecurity Magazine) Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Rockwell, Aveva, Schneider (SecurityWeek) Adobe Patches 29 Vulnerabilities (SecurityWeek) High-Severity Vulnerabilities Patched by Ivanti and Zoom (SecurityWeek) Google launches a lawsuit targeting text message scammers (NPR) Private AI Compute: our next step in building private and helpful AI (Google) Hyundai confirms security breach after hackers access sensitive data (CBT News) Amazon rolls out AI bug bounty program (CyberScoop) Rhadamanthys infostealer disrupted as cybercriminals lose server access (Bleeping Computer) Russian hacker admits helping Yanluowang ransomware infect companies (Bitdefender) $7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK (Security Affairs) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

6. The changing face of fraud. [CISO Perspectives]11.11.2025 (00:36:51)

   Fraud has always been a consistent challenge. As the world has continued to become increasingly interconnected and as new technologies have become widely available, threat actors have continued to evolve their tactics. In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Mel Lanning from the Better Business Bureau to discuss fraud and how it has been evolving in recent years. From exploiting cryptocurrencies to utilizing emerging technologies, Kim and Mel look into how threat actors are changing and refining tactics in the current threat landscape. This episode of N2K Pro's CISO Perspectives podcast is brought to you by our sponsor, Meter. Meter provides a full-stack, enterprise-grade networking solution—wired, wireless, and cellular—designed, deployed, and managed end-to-end. From hardware to software, ISP to security, Meter delivers seamless, secure, and scalable connectivity for modern business environments. Learn more about ⁠Meter⁠. Want more CISO Perspectives? Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. Learn more about your ad choices. Visit megaphone.fm/adchoices

7. Transitioning from service to civilian life. [T-Minus Deep Space]11.11.2025 (00:30:05)

   Lieutenant Rob Sarver and Alex Gendzier are the authors of Warrior to Civilian: The Field Manual for the Hero's Journey, the definitive guide to transition to civilian life for veterans and their spouses and families. The book aims to provide actionable advice to veterans looking for work, while coaching those in hiring positions to give veterans the fair shake they deserve after serving our country. Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow T-Minus on LinkedIn and Instagram. T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

8. Rebooting the government, one cyber law at a time.10.11.2025 (00:29:54)

   Ending the government shutdown revives an expired cybersecurity law. The DoD finalizes a new model for building U.S. military cyber forces. A North Korean APT exploits Google accounts for full device control. The EU dials back AI protections in response to pressure from Big Tech companies and the U.S. government. Researchers discover a critical vulnerability in the Monsta FTP web-based file management tool. The Landfall espionage campaign targets Samsung Galaxy devices in the Middle East. Five Eyes partners fret eroding cooperation on counterintelligence and counterterrorism. Israeli spyware maker NSO Group names the former U.S. ambassador to Israel as its new executive chairman. Monday Biz Roundup. Tim Starks from CyberScoop discusses uncertainty in the federal Cyber Corp program, The friendly face of digital villainy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Tim Starks from CyberScoop discussing uncertainty in the federal Cyber Corp program. Selected Reading Cyber information sharing law would get extension under shutdown deal bill (CyberScoop) Don't call it Cyber Command 2.0: Master plan for digital forces will take years to implement (The Record) North Korean hackers hijack Google, KakaoTalk accounts to control South Korean phones: Report (The Straits Times) EU set to water down landmark AI act after Big Tech pressure (The Financial Times) Monsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover (Hackread) Newly identified Android spyware appears to be from a commercial vendor (The Record) F.B.I. Director Is Said to Have Made a Pledge to Head of MI5, Then Broken It (The New York Times) Seeking to get off US blacklist, spyware firm NSO taps ex-envoy Friedman as chairman (The Times of Israel) Google's Wiz acquisition clears DOJ's antitrust review. (The Cyberwire) Tank interview: A hacking kingpin reveals all to the BBC (BBC News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

9. Michael DeBolt: From acting to cyber. [Intelligence] [Career Notes]09.11.2025 (00:07:38)

   Please enjoy this encore of Career Notes. Chief intelligence officer at Intel 471, Michael shares his story where he started as an actor and quickly changed over to intelligence and what the transition was like for him. Michael grew up wanting to be an actor and even was able to land some acting jobs, after going into the Marine Corps he decided to leave acting behind and start a new path in his journey. He says looking for a purpose really helped to shape him, saying "looking back on it, I feel like my life purpose has really been all about kind of this relentless pursuit of justice" and how the risks in his life has helped to right the wrongs of the world. We thank Michael for sharing his story. Learn more about your ad choices. Visit megaphone.fm/adchoices

10. A fine pearl gone rusty. [Research Saturday]08.11.2025 (00:23:59)

    Tal Peleg, Senior Product Manager, and Coby Abrams, Cyber Security Researcher of Varonis, discussing their work and findings on Rusty Pearl - Remote Code Execution in Postgres Instances. The flaw could allow attackers to execute arbitrary commands on a database server’s operating system, leading to potential data theft, destruction, or lateral movement across networks. While the vulnerability existed in PostgreSQL, Amazon RDS and Aurora were not affected, thanks to built-in protections like SELinux and AWS’s automated threat detection. Still, the research underscores the importance of patching and configuration hygiene in managed database environments. The research can be found here: ⁠⁠⁠⁠Rusty Pearl: Remote Code Execution in Postgres Instances Learn more about your ad choices. Visit megaphone.fm/adchoices

11. Legislating in the shadow of hackers.07.11.2025 (00:21:27)

    The CBO was hacked by a suspected foreign actor. Experts worry Trump’s budget cuts weaken U.S. cyber defenses. Regulation shapes expectations. ClickFix evolves on macOS. Notorious cybercrime groups form a new “federated alliance.” Congressional leaders look to counter China’s influence in 6G networks. An EdTech firm pays $5.1 million to settle data breach claims. Nevada did not pay the ransom. Our guest is CEO and Co-Founder Ben Nunez from Evercoast, winner of the 8th Annual DataTribe Challenge. The FBI tries to uncover the archivist. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Evercoast, winner of the 8th Annual DataTribe Challenge, is redefining Training Data for Embodied AI with enriched 4D spatial data from real-world environments to better train robots. CEO and Co-Founder Ben Nunez joins Dave Bittner to discuss their win and what’s next for the company. Selected Reading Congressional Budget Office believed to be hacked by foreign actor (The Washington Post) Trump budget cuts, agency gutting, leave Americans and economy at greater risk of being hacked, experts warn (CNBC) The quiet revolution: How regulation is forcing cybersecurity accountability (CyberScoop) ClickFix Attacks Against macOS Users Evolving (SecurityWeek) “I Paid Twice” Phishing Campaign Targets Booking.com (Infosecurity Magazine) Scattered Spider, LAPSUS$, and ShinyHunters form extortion alliance (SC Media) Congressional leaders want an executive branch strategy on China 6G, tech supply chain (CyberScoop) Ed tech company fined $5.1 million for poor data security practices leading to hack (The Record) Nevada government declined to pay ransom, says cyberattack traced to breach in May (The Record) FBI Tries to Unmask Owner of Infamous Archive.is Site (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

12. The role of AI in Zero Trust. [CyberWire-X]06.11.2025 (00:23:25)

    Zero Trust has been top of mind for years, but how is AI changing what that actually looks like in practice? In this episode of CyberWire-X, Dave Bittner is joined by Deepen Desai, Chief Security Officer at Zscaler, to discuss the transformative impact of AI on Zero Trust security frameworks. The discussion outlines how AI enhances threat prevention, automates data discovery, and improves user experience while addressing the practical financial implications of adopting AI in security. Hear how organizations must embrace AI to stay competitive and secure against evolving threats. For additional resources on Zero Trust + AI, visit Zscaler's Replace Legacy Systems for Better Security. Learn more about your ad choices. Visit megaphone.fm/adchoices

13. Stomping out critical bugs. 06.11.2025 (00:23:07)

    Cisco patches critical vulnerabilities in its Unified Contact Center Express (UCCX) software. CISA lays off 54 employees despite a federal court order halting workforce reductions. Gootloader malware returns. A South Korean telecom is accused of concealing a major malware breach. Russia’s Sandworm launches multiple wiper attacks against Ukraine. China hands out death sentences to scam compound kingpins. My guest is Dr. Sasha O'Connell, Senior Director for Cybersecurity Programs at Aspen Digital. Meta’s moral compass points to profit. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Dr. Sasha O'Connell, Senior Director for Cybersecurity Programs at Aspen Digital, joins us to preview her Caveat podcast interview about "10 Years of Cybersecurity Progress & What Comes Next." Listen to Sasha and Dave’s full conversation on this week’s Caveat episode.  Selected Reading Critical Cisco UCCX flaw lets attackers run commands as root (Bleeping Computer) CISA plans to fire 54 employees despite court injunction (Metacurity) CISA reports active exploitation of critical vulnerability in CentOS Web Panel (Beyond Machines) Gootloader malware is back with new tricks after 7-month break (Bleeping Computer) KT accused of concealing major malware infection, faces probe over customer data breach (The Korea Times) Sandworm hackers use data wipers to disrupt Ukraine's grain sector (Bleeping Computer) ⁠China sentences 5 Myanmar scam kingpins to death ⁠(The Record) ⁠“Hackers” rig elections to IAN executive committee⁠ (Mumbai News) Meta is earning a fortune on a deluge of fraudulent ads, documents show (Reuters) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

14. From small charges to big busts.05.11.2025 (00:22:48)

    Operation “Chargeback” takes down global fraud networks. An investigation reveals the dangers of ADINT. M&S profits plunge after a cyberattack. Google patches a critical Android flaw. Asian prosecutors seize millions from an accused Cambodian scam kingpin. Ohio residents are still guessing water bills months after a cyberattack. Houston firefighters deny blame in city data breach. Nikkei reports a slack breach exposing 17,000 records.The Google–Wiz deal clears DOJ review. Ann Johnson welcomes her Microsoft colleague Frank X. Shaw⁠ to Afternoon Cyber Tea. Norway parks its Chinese Bus in a cave, just in case.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Afternoon Cyber Tea On this month's segment from Afternoon Cyber Tea, host Ann Johnson welcomes Frank X. Shaw⁠, Chief Communications Officer at Microsoft, to explore the critical role of communication in cybersecurity. They discuss how transparency and trust shape effective response to cyber incidents, the importance of breaking down silos across teams, and how AI is transforming communication strategies. You can listen to Ann and Frank's full conversation here, and catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. Selected Reading Operation Chargeback: 4.3 million cardholders affected, EUR 300 million in damages - Three criminal networks suspected of misusing credit card data from cardholders across 193 countries; 18 suspects arrested (Europol) Databroker Files: Targeting the EU (Netzpolitik) M&S profits almost wiped out after cyber hack left shelves empty (BBC News) Google releases November 2025 Android patch, fixes critical zero-click flaw (Beyond Machines) Prosecutors seize yachts, luxury cars from man accused of running Cambodia cyberscams (NPR) Cyberattack that crippled Middletown's systems shows how hackers target smaller cities (Cincinnati.com) Houston data breach exposes firefighters’ personal info, union says they’re being blamed (Click2Houston) Japanese publishing company Nikkei suffers Slack compromise exposing data of over 17,000 people (Beyond Machines) Google Clears DOJ Antitrust Hurdle for $32 Billion Wiz Deal (Bloomberg) Dybt i et norsk fjeld blev en kinesisk bybus splittet ad. En status på vores frygt (Zetland) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

15. A storm brews behind the firewall.04.11.2025 (00:25:02)

    China-Linked hackers target Cisco firewalls. MIT Sloan withdraws controversial “AI-Driven Ransomware” paper. A new study questions the value of cybersecurity training. Hackers exploit OpenAI’s API as a malware command channel. Apple patches over 100 Security flaws across devices. A Florida-based operator of mental health and addiction treatment centers exposes sensitive patient information. OPM plans a “mass deferment” for Cybercorps scholars affected by the government shutdown. Lawmakers urge the FTC to investigate Flock Safety’s cybersecurity gaps. Cybercriminals team with organized crime for high-tech cargo thefts. Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies discussing ICE’s controversial facial scanning initiative. A priceless theft meets a worthless password.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies discussing ICE’s controversial facial scanning initiative. You can read more about Ben’s topic from 404 Media: You Can't Refuse To Be Scanned by ICE's Facial Recognition App, DHS Document Says. Selected Reading China-Linked Hackers Target Cisco Firewalls in Global Campaign (Hackread) MIT Sloan shelves paper about AI-driven ransomware (The Register) CyberSlop — meet the new threat actor, MIT and Safe Security (DoublePulsar) Study concludes cybersecurity training doesn’t work (KPBS Public Media) Microsoft: OpenAI API moonlights as malware HQ (The Register) Apple Patches 19 WebKit Vulnerabilities (SecurityWeek) Data Theft Hits Behavioral Health Network in 3 States (Bank Infosecurity) OPM plans to give CyberCorps members more time to find jobs after shutdown ends (CyberScoop) Lawmakers ask FTC to probe Flock Safety’s cybersecurity practices (The Record) Cybercriminals, OCGs team up on lucrative cargo thefts (The Register) Louvre Robbery: Security Flaws: The (Obviously) Password Was "Louvre" (L’Unione Sarda) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

16. Privacy needs where you least expect it. [CISO Perspectives]04.11.2025 (00:36:08)

    When discussing privacy risks, many often look to implementing strong encryption, secure data storage practices, and data sanitization processes to help ensure sensitive information remains protected. Though these practices are good and should be prioritized, many often miss other key areas that need just as much focus. As the internet of things has only continued to grow larger and larger, so has the risk these devices inherently create as they collect and store more information than many would instinctively assume. In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Merry Marwig, the Vice President of Global Communications & Advocacy at Privacy4Cars, to explore how privacy risks are in places many do not think to look. Together, Merry and Kim discuss why security leaders need to rethink how they approach privacy and consider how the devices we use every day could inadvertently expose our sensitive information. This episode of N2K Pro's CISO Perspectives podcast is brought to you by our sponsor, Meter. Meter provides a full-stack, enterprise-grade networking solution—wired, wireless, and cellular—designed, deployed, and managed end-to-end. From hardware to software, ISP to security, Meter delivers seamless, secure, and scalable connectivity for modern business environments. Learn more about ⁠Meter⁠. Want more CISO Perspectives? Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. Learn more about your ad choices. Visit megaphone.fm/adchoices

17. FCC resets cyber oversight.03.11.2025 (00:26:02)

    The FCC plans to roll back cybersecurity mandates that followed Salt Typhoon. The alleged cybercriminal MrICQ has been extradited to the U.S. Ransomware negotiators are accused of conducting ransomware attacks. Ernst & Young accidentally exposed a 4-terabyte SQL Server backup. A hacker claims responsibility for last week’s University of Pennsylvania breach. The UK chronicles cyberattacks on Britain’s drinking water suppliers. Monday business brief. Our guest is Caleb Tolin, host of Rubrik's Data Security Decoded podcast. Hackers massage the truth.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Caleb Tolin, host of Rubrik's Data Security Decoded podcast, as he is introducing himself and his show joining the N2K CyberWire network. You can catch new episodes of Data Security Decoded the first and third Tuesdays of each month on your favorite podcast app. Selected Reading FCC plans vote to remove cyber regulations installed after theft of Trump info from telecoms (The Record) Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody (Krebs on Security) Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says (Chicago Sun Times) Ernst & Young cloud misconfiguration leaks 4TB SQL Server backup on Microsoft Azure (Beyond Machines) Penn hacker claims to have stolen 1.2 million donor records in data breach (Bleeping Computer) Hackers are attacking Britain’s drinking water suppliers (The Record) JumpCloud acquires Breez. Chainguard secures $280 million in growth financing. Sublime Security closes $150 million Series C round. (N2K Pro) Hackers steal data, extort $350,000 from massage parlor clients (Korea JoongAng Daily) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

18. Arti Lalwani: Supporting and being the change. [Risk Management] [Career Notes]02.11.2025 (00:08:28)

    Risk Management and Privacy Knowledge Leader at A-LIGN, Arti Lalwani shares her story from finance to risk management and how she made the transition. Arti started her career in finance after graduating with a finance degree. Quickly learning the field was not for her, she decided to dip her toes into the tech world. She credits her mentors for helping her and said "they were able to push me up and get me there faster than I even thought." Arti says that she would like to be a part, and hopes to be apart, of the change where women are supporting women in the field. We thank Arti for sharing her story. Learn more about your ad choices. Visit megaphone.fm/adchoices

19. Attack of the automated ops. [Research Saturday]01.11.2025 (00:19:40)

    Today we are joined by Dario Pasquini, Principal Researcher at RSAC, sharing the team's work on WhenAIOpsBecome “AI Oops”: Subverting LLM-driven IT Operations via Telemetry Manipulation. A first-of-its-kind security analysis showing that LLM-driven AIOps agents can be tricked by manipulated telemetry, turning automation itself into a new attack vector. The researchers introduce AIOpsDoom, an automated reconnaissance + fuzzing + LLM-driven telemetry-injection attack that performs “adversarial reward-hacking” to coerce agents into harmful remediations—even without prior knowledge of the target and even against some prompt-defense tools. They also present AIOpsShield, a telemetry-sanitization defense that reliably blocks these attacks without harming normal agent performance, underscoring the urgent need for security-aware AIOps design. The research can be found here: ⁠When AIOps Become “AI Oops”: Subverting LLM-driven IT Operations via Telemetry Manipulation Learn more about your ad choices. Visit megaphone.fm/adchoices

20. CISA’s steady hand in a stalled senate.31.10.2025 (00:24:55)

    CISA says cooperation between federal agencies and the private sector remains steady. Long-standing Linux kernel vulnerability in active ransomware campaigns confirmed. A Chinese-linked group targets diplomatic organizations in Hungary, Belgium, and other European nations. A government contractor breach exposes data of over 10 million Americans. Luxury fashion brands fall victim to impersonation scams. Phishing shifts from email to LinkedIn. Advocacy groups urge the FTC to block Meta from using chatbot interactions to target ads. A man pleads guilty to selling zero-days to the Russians. Emily Austin, Principal Security Researcher at Censys, discusses why nation state attackers continue targeting critical infrastructure. When M&S went offline, shoppers hit ‘Next’. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Emily Austin, Principal Security Researcher at Censys, as she discusses why nation state attackers continue targeting critical infrastructure. Selected Reading Cyber info sharing ‘holding steady’ despite lapse in CISA 2015, official says (The Record) CISA: High-severity Linux flaw now exploited by ransomware gangs (Bleeping Computer) CISA and NSA share tips on securing Microsoft Exchange servers (Bleeping Computer) UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities (Arctic Wolf) More than 10 million impacted by breach of government contractor Conduent (The Record) Luxury Fashion Brands Face New Wave of Threats in Lead-up to 2025 Holiday Shopping Season (BforeAI) LinkedIn phishing targets finance execs with fake board invites (Bleeping Computer) Coalition calls on FTC to block Meta from using chatbot interactions to target ads, personalize content (The Record) Ex-L3Harris exec pleads guilty to selling zero-day exploits to Russian broker (CyberScoop) Business rival credits cyberattack on M&S for boosting profits (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

21. The Malware Mash!31.10.2025 (00:03:06)

    Happy Halloween from the team at N2K Networks! We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video ⁠here⁠. Lyrics I was coding in the lab late one night when my eyes beheld an eerie sight  for my malware threat score began to rise  and suddenly to my surprise... It did the Mash  It did the Malware Mash  The Malware Mash  It was a botnet smash  It did the Mash  It caught on 'cause of Flash  The Malware Mash  It did the Malware Mash From the Stuxnet worm squirming toward the near east  to the dark web souqs where the script kiddies feast  the APTs left their humble abodes  to get installed from rootkit payloads.  They did the Mash  They did the Malware Mash  The Malware Mash  It was an adware smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They did the Malware Mash The botnets were having fun  The DDoS had just begun  The viruses hit the darknet,  with ransomware yet to come.  The keys were logging, phishing emails abound,  Snowden on chains, backed by his Russian hounds.  The Shadow Brokers were about to arrive  with their vocal group, "The NotPetya Five." They did the Mash  They played the Malware Mash The Malware Mash  It was a botnet smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They played the Malware Mash Somewhere in Moscow Vlad's voice did ring  Seems he was troubled by just one thing.  He opened a shell then shook his fist  and said, "Whatever happened to my Turla Trojan twist."  It's now the Mash  It's now the Malware Mash  The Malware Mash  And it's a botnet smash  It's now the Mash  It caught on 'cause of Flash  The Malware Mash  It's now the Malware Mash Now everything's cool, Vlad's a part of the band  And the Malware Mash is the hit of the land.  For you, defenders, this mash was meant to  when you get to my door, tell them Creeper sent you. Then you can Mash  Then you can Malware Mash  The Malware Mash  And be a botnet smash  It is the Mash  Don't you dare download Flash  The Malware Mash  Just do the Malware Mash Learn more about your ad choices. Visit megaphone.fm/adchoices

22. Dial M for malware.30.10.2025 (00:26:19)

    A Texas telecom confirms a nation-state attack. A global outage disrupts Azure and Microsoft 365 services.  Malicious npm packages steal sensitive data from Windows, Linux, and macOS systems.  Hacktivists have breached multiple critical infrastructure systems across Canada. Major chipmakers spill the TEE. TP-Link home routers fall under federal scrutiny. Cloud Atlas targets Russia’s agricultural sector. Israel’s cloud computing deal with Google and Amazon allegedly includes a secret “winking mechanism.”The FCC tamps down on overseas robocalls. Mike Anderson, from Netskope, discusses why CIOs should think like HR leaders when considering Agentic AI. Danes Draw the line at digital doppelgängers.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Mike Anderson, Netskope’s Chief Digital and Information Officer, to discuss why CIOs must think like HR leaders when considering Agentic AI. Selected Reading US company with access to biggest telecom firms uncovers breach by nation-state hackers (Reuters) Huge Microsoft outage hit 365, Xbox, and beyond — deployment of fix for Azure breakdown rolled out (Tom's Hardware) Malicious NPM packages fetch infostealer for Windows, Linux, macOS (Bleeping Computer) Canada says hacktivists breached water and energy facilities (Bleeping Computer) New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel (Ars Technica) U.S. agencies back banning top-selling home routers on security grounds (The Washington Post) Cloud Atlas hackers target Russian agriculture sector ahead of industry forum (The Record) Revealed: Israel demanded Google and Amazon use secret ‘wink’ to sidestep legal orders (The Guardian) FCC adopts new rule targeting robocalls (The Record) Denmark to tackle deepfakes by giving people copyright to their own features (The Guardian) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

23. Logging off in Myawaddy.29.10.2025 (00:28:27)

    Explosions rock a shuttered Myanmar cybercrime hub. The Aisuru botnet shifts from DDoS to residential proxies. Dentsu confirms data theft at Merkle. Boston bans biometrics. Proton restores journalists’ email accounts after backlash. Memento labs admits Dante spyware is theirs. Australia accuses Microsoft of improperly forcing users into AI upgrades. CISA warns of active exploitation targeting manufacturing management software. A covert cyberattack during Trump’s first term disabled Venezuela’s intelligence network. Our guest is Ben Seri, Co-Founder and CTO of Zafran, discussing the trend of AI native attacks. New glasses deliver fashionable paranoia. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today’s guest is Ben Seri, Co-Founder and CTO of Zafran, discussing the trend of AI native attacks and how defenders should use AI to defend and remediate. Selected Reading Stragglers from Myanmar scam center raided by army cross into Thailand as buildings are blown up (AP News) Aisuru Botnet Shifts from DDoS to Residential Proxies (Krebs on Security) Advertising giant Dentsu reports data breach at subsidiary Merkle (Bleeping Computer) Boston Police Can No Longer Use Facial Recognition Software (Built in Boston) Proton Mail Suspended Journalist Accounts at Request of Cybersecurity Agency (The Intercept) CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware (TechCrunch) Australia sues Microsoft for forcing Copilot AI onto Office 365 customers (Pivot to AI) CISA warns of actively exploited flaws in Dassault DELMIA Apriso manufacturing software (Beyond Machines) CIA cyberattacks targeting the Maduro regime didn’t satisfy Trump in his first term. Now the US is flexing its military might (CNN Politics) Zenni’s Anti-Facial Recognition Glasses are Eyewear for Our Paranoid Age (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

24. Windows servers under siege28.10.2025 (00:24:32)

    WSUS attacks escalate as emergency patch fails to fully contain exploited flaw. Schneider Electric and Emerson are listed among victims in the Oracle EBS cyberattack. Google debunks reports of a massive GMail breach. A new banking trojan mimics human behavior for stealth. Sweden’s power grid operator confirms a cyberattack. Italian spyware targets Russian and Belarusian organizations. The U.S. declines to sign the new UN cyber treaty. Ransomware payments fall to record lows. U.S. Cyber Chief calls for a “clean American tech stack” to counter China's global surveillance push. On today's Threat Vector segment, David Moulton⁠ speaks with two cybersecurity leaders from Palo Alto Networks:⁠ Sarit Tager⁠ and⁠ Krithivasan Mecheri⁠. AI mistakes Doritos for a deadly weapon.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector On today's Threat Vector segment, David Moulton⁠ speaks with two cybersecurity leaders from Palo Alto Networks:⁠ Sarit Tager⁠ and⁠ Krithivasan Mecheri⁠ (Krithi). Together, they dive into the urgent challenges of securing modern development in the age of AI and "Shifting Security Left". You can listen to their full conversation here, and catch new episodes every Thursday on your favorite podcast app.  Selected Reading Microsoft WSUS attacks hit 'multiple' orgs, Google warns (The Register) Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack (SecurityWeek) Google says talk of Gmail breach impacting millions not true (The Register) 'Herodotus' Android Trojan Mimics Human Sluggishness (Gov Infosecurity) Hackers Target Swedish Power Grid Operator  (SecurityWeek) Italian-made spyware spotted in breaches of Russian, Belarusian systems  (The Record) US declines to join more than 70 countries in signing UN cybercrime treaty (The Record) Ransomware profits drop as victims stop paying hackers (Bleeping Computer) National cyber director says U.S. needs to counter Chinese surveillance, push American tech (CyberScoop) Armed police handcuff teen after AI mistakes crisp packet for gun in US (BBC News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

25. The impact of data privacy on cyber. [CISO Perspectives]28.10.2025 (00:42:04)

    Privacy is one of the most universally valued rights. Yet, despite its importance, data breaches exposing millions of people's sensitive information have become routine. Many have come to assume that their personal data has already been, or inevitably will be, compromised. Despite this reality, prioritizing privacy is more important than ever. In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Kristy Westphal, the Global Security Director of Spirent Communications, to explore data privacy's impacts on cybersecurity efforts. Together, Kristy and Kim discuss why privacy cannot be an afterthought but rather must be something actively addressed through proactive security efforts, shifting security culture mindsets, and staying ahead of rapidly changing technologies. This episode of N2K Pro's CISO Perspectives podcast is brought to you by our sponsor, Meter. Meter provides a full-stack, enterprise-grade networking solution—wired, wireless, and cellular—designed, deployed, and managed end-to-end. From hardware to software, ISP to security, Meter delivers seamless, secure, and scalable connectivity for modern business environments. Learn more about ⁠Meter⁠. Want more CISO Perspectives? Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. Learn more about your ad choices. Visit megaphone.fm/adchoices