Welcome to the T-Minus Overview Radio Show. In this program we’ll feature some of the conversations from our daily podcast with the people who are forging the path in the new space era, from industry leaders, technology experts and pioneers, to educators, policy makers, research organizations, and more. In this episode we’re covering cybersecurity for space. What is it? What are the threats to space systems, why is there such an emphasis on it right now, and what are people doing about it? Remem...
Dec 29, 2023•21 min•Season 1Ep. 5
In this episode, Marc catches up with Mimecast CEO and co-founder Peter Bauer. They cover Peter's CEO journey, including what it was like growing up in South Africa, why he opted out of attending university, highlights from Mimecast's 20-year history, and what Peter learned from taking the company public — and then private again. You'll also learn: When and how to raise capital, and how to manage meeting the board's expectations. How CEOs can overcome self-doubt and continuously reimagine their ...
Dec 28, 2023•44 min•Season 2Ep. 10
Rockwell Stratix routers vulnerable to Cisco zero-day. SecurityWeek’s ICS Cyber Security Conference. Malware attacks against IoT devices increase by 400%. Nuclear power plant operator cited over cybersecurity plan. CISA’s ICS advisories. Guest Garrett Bladow, Distinguished Engineer at Dragos, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Garrett discusses active visibility into OT systems. On the Learning Lab, Mark Urban shares the second part of his conversation about cyber t...
Dec 27, 2023•43 min•Season 2Ep. 37
In this episode of the Retail & Hospitality ISAC podcast, host Luke Vander Linden is joined by John Scrimsher, chief information security officer (CISO) at Kontoor Brands, Inc., and Marcel Bucsescu, senior director of credentialing and strategic engagement at NACD, to expand upon the NACD Accelerate program. Then Ian Furr, security integration engineer at RH-ISAC, talks about his volunteer work with the Information Technology Disaster Resource Center (ITDRC) and the Fairfax County Fire and Rescu...
Dec 27, 2023•1 hr 8 min•Season 2Ep. 10
On this episode, Perry celebrates the one year birthday of ChatGPT by taking a look at AI from technological, philosophical, and folkloric perspectives. We see how AI was formed based on human words and works, and how it can now shape the future of human legend and belief. Guests: Brandon Karpf, Vice President at N2K Networks (LinkedIn) (Website) Dr. Lynne S. McNeill, Associate Professor at Utah State University (LinkedIn) (Twitter) Dr. John Laudun, Professor at University of Louisiana at Lafaye...
Dec 26, 2023•1 hr 8 min•Season 4Ep. 10
Summary Cathy Hackl (Twitter, LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss the potential implications of the metaverse on intelligence. Cathy has been called the “Godmother of the Metaverse.” What You’ll Learn Intelligence What the metaverse is Security and counterintelligence in a virtual world Futurism within intelligence agencies Potential risks and consequences of the metaverse Reflections How virtual spaces can affect our physical world The necessity to evolve alongside technology ...
Dec 26, 2023•1 hr 2 min•Ep. 577
This interview from August 18th, 2023 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Simone Petrella sits down with Camille Stewart Gloster, Deputy National Cyber Director at the The White House discuss the White House's cybersecurity workforce and education strategy. Learn more about your ad choices. Visit megaphone.fm/adchoices
Dec 25, 2023•20 min•Season 4Ep. 183
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of C...
Dec 23, 2023•7 min
A Lapsus$ hacker is sentenced to hospital detention. Online ads and phishing drain crypto wallets. Cyberespionage continues. LockBit and ALPHV say they want to form a ransomware cartel. The 8220 gang's cryptojacking. DarkGate RAT's propagation. The evolution of Bandook. A prominent title insurance company takes systems offline. Rick Howard speaks with guests John Goodman & Amanda Satterwhite of Accenture Federal Services about the launch of a public sector Cybersecurity Center of Excellence. And...
Dec 22, 2023•30 min•Season 7Ep. 1973
German officials take down a dark web market. Google patched zero-day. Terrapin attack targets SSL. A look at payment fraud. Agent Tesla is spreading through an old vulnerability. An iPhone thief explains his techniques. Ukrainian reprisals for Russia's Kyivstar attack. Israeli officials warn of data wipers. Rick Howard speaks with Scott Roberts of Interpress about Driving Intelligence with MITRE ATT&CK, and leveraging limited resources to build an evolving threat repository. And go ahead and cl...
Dec 21, 2023•28 min•Season 7Ep. 1972
Interpol leads cybercrime take downs. ALPHV/Blackcat is in a “tug of Tor” with the FBI. The Senate confirms a new leader for Cyber Command and NSA. Rite Aid is banned from using facial recognition. CISA prepares a new approach to information sharing. Remote encryption of ransomware. CitrixBleed is exploited to access customer data. An update on the Kyivstar cyberattack. The Tallinn Mechanism solidifies Western support for Ukraine's cybersecurity. In today’s Learning Layer segment, host Sam Meise...
Dec 20, 2023•34 min•Season 7Ep. 1971
The FBI takes down ALPHV/BlackCat. Comcast reveals breach of nearly 36 million Xfinity customers. Microsoft and Cyberspace Solarium Commission release water sector security report. Malware increasingly uses public infrastructure. Iran's Seedworm and its telco targets. QR code scams. Feds release joint analysis of 2022 election integrity. Joint advisory on Play ransomware group. In today’s Mr Security Answer Person, John Pescatore considers the risks of AI. Rick Howard talks with Lauren Brennan o...
Dec 19, 2023•35 min•Season 7Ep. 1970
A US mortgage company reveals major data breach. Updates from CISA. NSA provides guidance on SBOMs. MongoDB warns customers of a breach. BlackCat/ALPHV is still a market leader, but feeling competitive pressure. Reassessing the effects of Log4shell. The International Committee of the Red Cross calls for restraint in cyber warfare. Ransomware hits a cancer center. Ann Johnson, host of Microsoft Security’s Afternoon Cyber Tea podcast goes beyond basics with her guest Tanya Janca, founder of WeHack...
Dec 18, 2023•29 min•Season 7Ep. 1969
Oren Koren, Co-Founder and Chief Product Officer from Veriti sits down to share his amazing story. Before entering the vendor side of the cyber world, Oren served for 14 years in the Israeli 8200 unit where he led a variety of cybersecurity activities and researches that eventually earned him four 8200-unit cyber innovation awards. When he left the Israel Defense Forces, he joined Check Point Software to lead their AI-based innovations and advanced data analytics projects that redefined threat h...
Dec 17, 2023•8 min•Season 4Ep. 179
Host of the CyberWire Daily podcast segment Threat Vector, David Moulton sits down with Mike "Siko" Sikorski from Palo Alto Networks Unit 42 to discuss their research on "Fighting Ursa Aka APT28: Illuminating a Covert Campaign." Unit 42 just published new threat intelligence on Fighting Ursa (aka APT28), a group associated with Russia's military intelligence, on how they are exploiting a Microsoft Outlook vulnerability (CVE-2023-23397) to target organizations in NATO member countries, Ukraine, J...
Dec 16, 2023•22 min•Season 7Ep. 310
Google boosts Maps privacy, a court shields password disclosure, feds foil a massive scam operation, Iran-Israel cyber tensions escalate, Idaho National Labs reports a significant data breach, a security engineer's cybercrime confession. N2K’s Rick Howard reports from the recent MITRE ATT&CK con, speaking with Blake Strom of Microsoft about 10 years of the MITRE ATT&CK Framework. And Brian Krebs' relentless investigation into the Target breach. Remember to leave us a 5-star rating and review in ...
Dec 15, 2023•30 min•Season 7Ep. 1968
Microsoft takes down the Storm-1152 cybercrime operation. “GambleForce” is a newly discovered threat actor. The SVR exploits a JetBrains TeamCity vulnerability. US Postal Service impersonation. Malicious ads associated with Zoom. An update on the cyberattack against Kyivstar. Apache issues a Struts 2 security advisory. The FCC adopts new data breach rules. In our latest Threat Vector segment, David Moulton and Palo Alto Networks Madeline Sedgwick discuss the skills and methods necessary for unde...
Dec 14, 2023•31 min•Season 7Ep. 1967
The UK faces a looming threat of a catastrophic ransomware attack. The Senate confirms a new National Cyber Director. The rivalry between malware groups BatLoader and FakeBat. BazarCall phishing attack and its unusual use of Google Forms. A serious vulnerability threatens K-12 student data. Spiderman game developer Insomniac Games becomes the latest ransomware victim. Today’s guest is Tim Starks from the Washington Post’s Cybersecurity 202 with China’s influence operations in Taiwan, along with ...
Dec 13, 2023•31 min•Season 7Ep. 1966
A cyberattack on Ukraine's largest telecom operator. Ukraine's GUR claims a hit on Russia's tax service, while the fate of the ALPHV/BlackCat group remains shrouded in mystery. The Air Force disciplines members over a classified documents breach, and Apple releases urgent security updates. From Spain, a significant arrest in the Kelvin Security hacking group. On today’s Industry Voices segment, my conversation with Andre Durand, CEO and Founder of Ping Identity, on digital experiences, brand tru...
Dec 12, 2023•32 min•Season 7Ep. 1965
China allegedly targets US critical infrastructure, while a small Irish village goes without water due to an Iranian CyberAv3ngers attack. The EU sets a global precedent with new AI regulations. Unraveling the latest maneuvers of the Lazarus Group. The Sandman APT's links to Chinese cyber threats. "5Ghoul" vulnerabilities represent a new challenge in telecom security. The deceptive dangers of the MrAnon infostealer in a booking app. The GRU's phishing tactics lead to the spread of Headlace malwa...
Dec 11, 2023•36 min•Season 7Ep. 1964
Cyber analyst, Tracy Maleeff, shares her unexpected journey from the library to cybersecurity and offers advice for those both seeking to make a change and those doing the hiring. It's not just about the invitation, it's more than that. Our thanks to Tracy for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Dec 10, 2023•4 min•Season 1Ep. 1
You can learn more about AWS in Orbit at space.n2k.com/aws. Baptiste Tripard is the Chief Marketing Officer at Alteia. Aiga Stokenberga is the Senior Transport Economist at the World Bank. We explore how Alteia and the World Bank are leveraging AWS's cloud, AI, and space capabilities to monitor critical road networks at scale to support large scale infrastructure investments. From road networks to bridges, they share real-world applications that are making a difference in emerging economies. AWS...
Dec 09, 2023•39 min•Season 1Ep. 3
Dana Behling, researcher from Carbon Black, sharing their work on "Hunting Vulnerable Kernel Drivers." The Carbon Black Threat Analysis Unit (TAU) discovered 34 unique vulnerable drivers, six of which allow kernel memory access, accepting firmware access. TAU reported the issues to the vendors whose drivers had valid signatures at the time of discovery, but only two vendors fixed the vulnerabilities. TAU is calling for more comprehensive approaches in the future than the current banned-list meth...
Dec 09, 2023•15 min•Season 7Ep. 309
Legal action against Star Blizzard's FSB operators. A critical Bluetooth vulnerability has been discovered. How the GRU faked celebrity videos in its Doppelgänger campaign. The persistence of Log4j vulnerabilities. Lack of encryption as a contributor to data loss. Supply chain breaches plague the energy sector. Our guest is Allan Liska, creator of a new comic book featuring the adventures of Johnny Dollar, a hard-nosed cyber insurance investigator. And Russian activists make clever use of QR cod...
Dec 08, 2023•32 min•Season 7Ep. 1963
Unpacking LogoFAIL's threat to Windows and Linux. The US DHS's new healthcare cybersecurity strategy, and dual Russian influence campaigns. A look at supply chain risks, increased bot activity in retail, Meta's end-to-end encryption in Messenger and Android's Autospill vulnerability. On today’s Industry Voices segment, we welcome Todd Thorsen, CISO from CrashPlan, with insights on data resiliency. And the discovery of an alleged software 'kill switch' in Polish trains. Remember to leave us a 5-s...
Dec 07, 2023•34 min•Season 7Ep. 1962
Governments target push notification metadata. Dissecting the latest GRU cyber activities. A look at Russia's AI-powered Doppelgänger influence campaigns, and how cyber warfare is evolving beyond the battlefield. We've got updates on the Adobe ColdFusion vulnerability, the expanding 23andMe data breach, and insights into the financial impacts of ransomware. Our guest is Camille Stewart Gloster, Deputy National Cyber Director for Technology & Ecosystem Security from the Office of the National Cyb...
Dec 06, 2023•26 min•Season 7Ep. 1961
The UK Government's denial of a cyber incident at Sellafield. There’s been a surge in Iranian cyberattacks on US infrastructure. Misuse of Apple's lockdown mode, the mysterious AeroBlade's activities in aerospace, and a clever "Disney+" scam. Plus The latest application security trends, and a new cybersecurity futures study. In our Industry Voices segment, On today’s Industry Voices segment, we welcome Matt Radolec, Vice President of Incident Response and Cloud Operations at Varonis explaining t...
Dec 05, 2023•23 min•Season 7Ep. 1960
The US and Israel attribute attacks on PLCs to Iran. Agent Raccoon backdoors organizations on three continents. XDSpy is reported to be phishing the Russian defense sector. Trends in digital banking fraud. Repojacking Go module repositories. Ann Johnson from Afternoon Cyber Tea speaks with Lynn Dohm, executive director of WiCyS, about the power of diverse perspectives. And when it comes to security, don't look to the stars. CyberWire Guest Guest is Ann Johnson from Afternoon Cyber Tea talking wi...
Dec 04, 2023•19 min•Season 7Ep. 1959
Bernard Brantley, CISO from Corelight sits down to share his inspiring career path with others. Bernard started at the very bottom of the tech stack, and shares how he was extremely unclear about what it was that he wanted to do in life and how he was going to get there. Ultimately he reached a point now where he has the self confidence and an incredible level of success that allows him to be authentic and proudly share his story. Bernard overcame dropping out of the military academy and was try...
Dec 03, 2023•9 min•Season 4Ep. 178
Ryan from Bishop Fox joins to describe their work on "Building an Exploit for FortiGate Vulnerability CVE-2023-27997." After Lexfo published details of a pre-authentication remote code injection vulnerability in the Fortinet SSL VPN, Bishop Fox worked up a proof of concept demo. This research share how they were able to create that proof-of-concept exploit, step by step. The researchers state "Our debugging environment consisted of a FortiGate 7.2.4 virtual machine which we modified to disable s...
Dec 02, 2023•19 min•Season 7Ep. 308
