Shachar Menashe, Senior Director of Security Research at JFrog, is talking about "When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI." A security vulnerability in the Vanna.AI tool, called CVE-2024-5565, allows hackers to exploit large language models (LLMs) by manipulating user input to execute malicious code, a method known as prompt injection. This poses a significant risk when LLMs are connected to critical functions, highlighting the need for stronger security me...
Aug 10, 2024•26 min•Ep 341•Transcript available on Metacast Deep firmware vulnerabilities affect chips from AMD. CISA warns of actively exploited Cisco devices. Solar inverters are found vulnerable to disruption. Iran steps up efforts to interfere with U.S. elections. The UN passes its first global cybercrime treaty. ADT confirms a data breach. A longstanding browser flaw is finally fixed. Crash reports help unlock the truth. Rob Boyce of Accenture shares his thoughts live from Las Vegas at the Black Hat conference. These scammers messed with the wrong g...
Aug 09, 2024•29 min•Ep 2126•Transcript available on Metacast Black Hat kicks off with reassurances from global cyber allies. Researchers highlight vulnerabilities in car head units, AWS and 5G basebands. Alleged dark web forum leaders are charged in federal court. Tens of thousands of ICS devices are vulnerable to weak automation protocols. Kimsuky targets universities for espionage. Ransomware claims the life of a calf and its mother. A look at job risk in the face of AI. In our Threat Vector segment, host David Moulton speaks with Nir Zuk, Founder and C...
Aug 08, 2024•33 min•Ep 2129•Transcript available on Metacast Crowdstrike releases a postmortem. LoanDepot puts a multimillion dollar price tag on their ransomware incident. RHADAMANTHYS info stealer targets Israelis. Zola ransomware is an advanced evolution of the Proton family. Firefox fixes several high-severity vulnerabilities. Researchers at Certitude uncover a vulnerability in Microsoft 365’s anti-phishing measures. Threat actors exploit legitimate anti-virus software for malicious purposes. Samsung’s new bug bounty program offers rewards up to a mil...
Aug 07, 2024•31 min•Ep 2124•Transcript available on Metacast Thousands of education sector devices have been maliciously wiped after an attack on a UK MDM firm. A perceived design flaw in Microsoft Authenticator leaves users locked out of accounts. SharpRino charges ahead to deploy ransomware. North Korea’s Stressed Pungsan provides initial access points for malware distribution. Magniber ransomware targets home users and SMBs. Google patches an Android zero-day. A new Senate bill aims to treat ransomware as terrorism. Microsoft ties security to employee ...
Aug 06, 2024•32 min•Ep 2123•Transcript available on Metacast The justice department sues TikTok over alleged violations of children’s online privacy laws. Bad blood between Crowdstrike and Delta Airlines. The UK once again delays upgrades to their cybercrime reporting center. Apache OFBiz users are urged to patch a critical vulnerability. SLUBStick is a newly discovered Linux Kernel attack. CISA releases a handy guide to help software suppliers manage security risk. StormBamboo poisons DNS queries to deliver targeted malware. The White House looks to help...
Aug 05, 2024•40 min•Ep 2122•Transcript available on Metacast Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses the idea that Cybersecurity is radically asymmetrically distributed. It means that cybersecurity risk is not the same for all verticals and knowing that may impact the first principle strategies you choose to protect your enterprise. For a complete reading list and even more information, check out Rick’s more detailed essay on the topic. References: André Munro, 2024. Liberal democracy [Explainer]. Encyclopedia Britannica. D...
Aug 05, 2024•19 min•Ep 95•Transcript available on Metacast This week, we are joined by Jason Baker, Senior Threat Consultant at GuidePoint Security, and he is discussing their work on "Worldwide Web: An Analysis of Tactics and Techniques Attributed to Scattered Spider." In early 2024, a current RansomHub RaaS affiliate was identified as a former Alphv/Black Cat affiliate and is believed to be linked to the Scattered Spider group, known for using overlapping tools, tactics, and victims. The high-confidence assessment by GuidePoint’s DFIR and GRIT teams i...
Aug 03, 2024•25 min•Ep 340•Transcript available on Metacast Director of Cyber Security Insights at Verve Industrial aka self-proclaimed industrial cybersecurity geek Ron Brash shares his journey through the industrial cybersecurity space. From taking his parents 286s and 386s to task to working for the "OG of industrial cybersecurity," Ron has pushed limits. Starting off in technical testing, racing through university at 2x speed, and taking a detour through neuroscience with machine learning, Ron decided to return to critical infrastructure working with...
Aug 03, 2024•8 min•Ep 27•Transcript available on Metacast Notorious Russian cybercriminals head home after an historic prisoner exchange. An Israeli hacktivist group claims responsibility for a cyberattack that disrupted internet access in Iran. The U.S. Copyright Office calls for federal legislation to combat deep fakes. Cybercriminals are using a Cloudflare testing service for malware campaigns. The GAO instructs the EPA to address rising cyber threats to water and wastewater systems. Claroty reports a vulnerability in Rockwell Automation’s ControlLo...
Aug 02, 2024•41 min•Ep 2121•Transcript available on Metacast The U.S. blood supply is under pressure from a ransomware attack. CrowdStrike shareholders sue the company. There’s a critical vulnerability in Bitdefender’s GravityZone Update Server. BingoMod RAT targets Android users. Hackers use Google Ads to trick users into a fake Google Authenticator app. Western Sydney University confirms a major data breach. Marylands leads the way in gift card scam prevention. NSA is all-in on AI. My guest is David Moulton, host of Palo Alto Networks' podcast Threat Ve...
Aug 01, 2024•31 min•Ep 2120•Transcript available on Metacast A global Microsoft outage takes down Outlook and Minecraft. The US Senate passes The Kids Online Safety and Privacy Act. Lame Duck domain names are targets for takeovers. A GeoServer vulnerability exposes thousands to remote code execution. China proposes a national internet ID. Email attacks surge dramatically in 2024. Columbus Ohio thwarts a ransomware attack. When it comes to invading your privacy, the Paris 2024 Olympics app goes for the gold. Our guest is Rakesh Nair, Senior Vice President ...
Jul 31, 2024•35 min•Ep 2119•Transcript available on Metacast ZScaler uncovers the largest ransomware payment to date. IBM says the average cost of a breach is closing in on five million dollars. Hackers exploited Proofpoint's email protection platform to send millions of phishing emails. NIST launches Dioptra to test ML models. AcidPour targets Linux data storage devices for wiping. WhatsApp for Windows allows Python to run wild. The White House releases the National Standards Strategy for Critical and Emerging Technology (USG NSSCET) Implementation Roadm...
Jul 30, 2024•32 min•Ep 2118•Transcript available on Metacast South Korea investigates a substantial leak of military intelligence to the north. Google fixes a Workspace authentication weakness. Wiz identifies an API authentication vulnerability in Selenium Grid. The UK’s Science Secretary warns Britain is highly vulnerable to cyber threats. Global shipping faces a surge in cyber attacks. Apple has resolved the iCloud Private Relay outage. Google Chrome offers to scan encrypted archives for malware. Barath Raghavan and Bruce Schneier examine the brittlenes...
Jul 29, 2024•39 min•Ep 2117•Transcript available on Metacast Rick Howard, N2K CyberWire’s Chief Analyst and Senior Fellow, discusses the current state of zero trust with CyberWire Hash Table guest John Kindervag, the originator of the zero trust idea. References: Jonathan Jones, 2011. “Six Honest Serving Men” by Rudyard Kipling [Video]. YouTube. Dave Bittner, Rick Howard, John Kindervag, Kapil Raina, 2021. Zeroing in on zero trust. [Podcast]. CyberWire-X Podcast - N2K Cyberwire. Dawn Cappelli, Andrew Moore, Randall Trzeciak, 2012. The CERT Guide to Inside...
Jul 29, 2024•18 min•Ep 94•Transcript available on Metacast Cybersecurity attorney Camille Stewart shares how her childhood affinity for making contracts pointed to her eventual career as an attorney. Having a computer scientist father contributed to Camille's technical acumen and desire to include technology in her life's work. Camille has worked various facets of cybersecurity law from the private sector, federal government, on the Hill and in the Executive Branch, and now as part of Big Tech as Head of Security Policy and Election Integrity for Google...
Jul 28, 2024•8 min•Ep 24•Transcript available on Metacast N2K’s Brandon Karpf speaks with guest Justin Fanelli, Acting CTO of the US Navy, about the US Navy streamlining the innovation process. For some background, you can refer to this article. Additional resources: PEO Digital Innovation Adoption Kit Atlantic Council’s Commission on Defense Innovation Adoption For industry looking to engage with PEO Digital: Industry Engagement Learn more about your ad choices. Visit megaphone.fm/adchoices
Jul 28, 2024•40 min•Ep 68•Transcript available on Metacast Dick O'Brien from Symantec Threat Hunter team is talking about their work on "Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day." Also going to provide some background/history on Black Basta. CVE-2024-26169 in the Windows Error Reporting Service, patched on March 12, 2024, allowed privilege escalation. Despite initial claims of no active exploitation, recent analysis indicates it may have been exploited as a zero-day before the patch. The research can be found her...
Jul 27, 2024•19 min•Ep 339•Transcript available on Metacast A North Korean hacker is indicted for major cyberattacks. CrowdStrike’s in recovery mode. Phishing thrives in the wake of BSOD chaos. Wiz spells out no to Alphabet's $23bn offer. France goes full clean-up. Israel's secret shield in spyware saga. KOSA and COPPA 2.0 promise safer surfing for kids. N2K’s CSO Rick Howard speaks with Steve Schmidt, CSO of Amazon, about the culture of security and what it means to the CSO role. And last but not least, hacking can happen to anyone. Miss an episode? Sig...
Jul 26, 2024•36 min•Ep 2116•Transcript available on Metacast A North Korean hacking group targets healthcare, energy and finance. Leaked Leidos documents surface on the dark web. A Middle Eastern financial institution suffered a record-breaking DDoS attack. The latest tally on the fallout from the Crowdstrike outage. A cybersecurity audit of HHS reveals significant cloud security gaps. Docker patches a critical vulnerability for the second time. Google announced enhanced protections for Chrome users. In our latest Threat Vector segment, David Moulton spea...
Jul 25, 2024•33 min•Ep 2115•Transcript available on Metacast Stargazer Goblin hosts malicious code repositories on GitHub. Crowdstrike blames buggy validations checks for last week’s major incident. The Breachforums database reveals threat actor OPSEC. Windows Hello for Business (WHfB) was found vulnerable to downgrade attacks. A medical center in the U.S. Virgin Islands is hit with ransomware. Interisle analyzes the phishing landscape. The FTC orders eight companies to explain algorithmic pricing. Meta cracks down on the Nigerian Yahoo Boys. A fake IT wo...
Jul 24, 2024•39 min•Ep 2114•Transcript available on Metacast UK law enforcement relieves DigitalStress. Congress summons Crowdstrike’s CEO to testify. FrostyGoop malware turned off the heat in Ukraine. EvilVideo is a zero-day exploit for Telegram. Daggerfly targets Hong Kong pro-democracy activists. Google has abandoned its plan to eliminate third-party cookies. The FCC settles with Tracfone Wireless over privacy and cybersecurity lapses. Wiz says no to Google and heads toward an IPO. N2K’s Brandon Karpf speaks with guest Justin Fanelli, Acting CTO of the...
Jul 23, 2024•37 min•Ep 2113•Transcript available on Metacast Mitigation continues on the global CrowdStrike outage. UK police arrest a suspected member of Scattered Spider. A scathing report from DHS says CISA ignored a directive to cut ties with a faulty contractor. Huntress finds SocGholish distributing AsyncRAT. Ransomware takes down the largest trial court in the U.S. A US regulator finds many major banks inadequately manage cyber risk. CISA adds three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Australian police for...
Jul 22, 2024•40 min•Ep 2112•Transcript available on Metacast Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of Cyber Threat Intelligence with CyberWire Hash Table guest John Hultquist, Mandiant’s Chief Analyst. References: Andy Greenberg, 2022. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book]. Goodreads. Josephine Wolff, October 2023. How Hackers Swindled Vegas [Explainer]. Slate. Rick Howard, 2023. Cybersecurity First Principles Book Appendix [Book Support Page]. N2K Cyber...
Jul 22, 2024•18 min•Ep 93•Transcript available on Metacast Founder and CEO of Immersive Labs James Hadley takes us through his career path from university to cybersecurity startup. James tells us about his first computer and how he liked to push it to its limits and then some. He joined GCHQ after college and consulted across government departments. Teaching in GCHQ's cyber summer school was where James felt a shift in his career. As a company founder, he shares that he is very driven, very fast and also very caring. James offers advice to those looking...
Jul 21, 2024•7 min•Ep 25•Transcript available on Metacast This week, we are joined by Selena Larson, Staff Threat Researcher, Lead Intelligence Analysis and Strategy at Proofpoint, as well as host of the "Only Malware in the Building" podcast, as she is discussing their research on "Scammers Create Fraudulent Olympics Ticketing Websites." Proofpoint recently identified a fraudulent website selling fake tickets to the Paris 2024 Summer Olympics and quickly suspended the domain. This site was among many identified by the French Gendarmerie Nationale and ...
Jul 20, 2024•24 min•Ep 338•Transcript available on Metacast A Crowdstrike update takes down IT systems worldwide. A U.S. District Court judge dismissed most charges against SolarWinds. Sophos examines the ransomware threat to the energy sector. European web hosting companies suspend Doppelgänger propaganda. An Australian digital prescription services provider confirms a ransomware attack affecting nearly 13 million. A pair of Lockbit operators plead guilty. N2K’s CSO Rick Howard speaks with AWS’ CISO Chris Betz about strong security cultures and AI. A lo...
Jul 19, 2024•38 min•Ep 2111•Transcript available on Metacast Cisco has identified a critical security flaw in its SSM On-prem. The world's largest recreational boat and yacht retailer reports a data breach. The UK’s NHS warns of critically low blood stocks after a ransomware attack. Port Shadow enables VPN person in the middle attacks. Ivanti patches several high-severity vulnerabilities. FIN7 is advertising a security evasion tool on underground forums. Indian crypto exchange WazirX sees $230 million in assets suspiciously transferred. Wiz documents vuln...
Jul 18, 2024•33 min•Ep 2110•Transcript available on Metacast Interpol pursues West African cybercrime groups. Bassett Furniture shuts down manufacturing following a ransomware attack. A gastroenterologist group notifies patients of a data breach. An Apache HugeGraph flaw is being actively exploited. Octo Tempest updates its toolkit. Satori uncovers evil twin campaigns on Google Play. The cost of the Change Healthcare breach crosses the two billion dollar mark. Cybersecurity venture funding saw a surge last quarter. Cyber regulatory agencies face legal cha...
Jul 17, 2024•36 min•Ep 2109•Transcript available on Metacast Some Squarespace users see their domains hijacked. Kaspersky Lab is shutting down US operations. BackPack APKs break malware analysis tools. Hackers use 7zip files to deliver Poco RAT malware. CISA’s red-teaming reveals security failings at an unnamed federal agency. Microsoft fixes an Outlook bug triggering false security alerts. Switzerland mandates open source software in the public sector. On our Industry Voices segment, N2K’s Rick Howard speaks with Alex Lawrence and Matt Stamper from Sysdi...
Jul 16, 2024•37 min•Ep 2111•Transcript available on Metacast 
