CyberWire Daily - podcast cover

CyberWire Daily

N2K Networksthecyberwire.com
News
Tech News
Daily News
Technology
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
Follow on
Metacast
Apple Podcasts
Spotify
Youtube
RSS

Episodes

When fake fixes hide real attacks.

Adversary nations are using ClickFix in cyber espionage campaigns. Japan’s Financial Services Agency issues an urgent warning after hundreds of millions in unauthorized trades. The critical Erlang/OTP’s SSH vulnerability now has public exploits. A flawed rollout of a new Microsoft Entra app triggers widespread account lockouts. The alleged operator of SmokeLoader malware faces federal hacking charges. A new scam blends social engineering, malware, and NFC tech to drain bank accounts. GSA employe...

Apr 21, 202532 minSeason 10Ep. 2291

Rich Hale: Understanding the data. [CTO] [Career Notes]

Please enjoy this encore episode of Career Notes. Chief Technology Officer of ActiveNav Rich Hale takes us through his career aspirations of board game designer (one he has yet to realize), through his experience with the Royal Air Force to the commercial sector where his firm works to secure dark data. During his time in the Air Force, Rich was fortunate to serve on a wide range of different platforms from training aircraft to bombers, and all the way into procurement and policy. Transitioning ...

Apr 20, 20258 minSeason 2Ep. 64

Crafting malware with modern metals. [Research Saturday]

This week, we are joined by Nick Cerne, Security Consultant from Bishop Fox, to discuss "Rust for Malware Development." In pursuit of simulating real adversarial tactics, this blog explores the use of Rust for malware development, contrasting it with C in terms of binary complexity, detection evasion, and reverse engineering challenges. The author demonstrates how Rust's inherent anti-analysis traits and memory safety features can create more evasive malware tooling, including a simple dropper t...

Apr 19, 202520 minSeason 9Ep. 373

SSH-attered trust.

A critical vulnerability in Erlang/OTP SSH allows unauthenticated remote code execution. There’s a bipartisan effort to renew a key cybersecurity info sharing law. A newly discovered Linux kernel vulnerability allows local attackers to escalate privileges. A researcher uncovers 57 risky Chrome extensions with a combined 6 million users. AttackIQ shares StrelaStealer simulations. A major live events service provider notifies employees and customers of a data breach. CISA warns of an actively expl...

Apr 18, 202533 minSeason 10Ep. 2290

Microsoft squashes windows server bug.

Microsoft issues emergency updates for Windows Server. Apple releases emergency security updates to patch two zero-days. CISA averts a CVE program disruption. Researchers uncover Windows versions of the BrickStorm backdoor. Atlassian and Cisco patch several high-severity vulnerabilities. An Oklahoma cybersecurity CEO is charged with hacking a local hospital. A Fortune 500 financial firm reports an insider data breach. Researchers unmask IP addresses behind the Medusa Ransomware Group. CISA issue...

Apr 17, 202536 minSeason 10Ep. 2289

Is the cyber talent ecosystem broken? [CISO Perspectives]

We're sharing a episode from another N2K show we thought you might like. It's the first episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy! Show Notes: The cyber talent ecosystem faces severe indigestion, which has stifled growth and closed doors to new talent. In this episode of CISO Perspectives, host Kim Jones sits down with Ed Adams, the Head of Cybersecurity for North America at the Bureau Veritas Group, to discuss what has caused this indigestion and how leadersh...

Apr 17, 202542 minSeason 16Ep. 107

CVE program gets last-minute lifeline.

The CVE program gets a last-minute reprieve. A federal whistleblower alleges a security breach at the NLRB. Texas votes to spin up their very own Cyber Command. BreachForums suffers another takedown. A watchdog group sues the federal government over SignalGate allegations. The SEC Chair reveals a 2016 hack. ResolverRAT targets the healthcare and pharmaceutical sectors worldwide. Microsoft warns of blue screen crashes following recent updates. On our CertByte segment, Chris Hare is joined by Troy...

Apr 16, 202534 minSeason 10Ep. 2288