CyberWire Daily

It was DDoS, not us.

Jan 28, 2025

Bogdan Botezatu is the Director of Threat Research and Reporting at Bitdefender, bringing deep expertise in cybersecurity. He discusses the intriguing parallels between dark market subcultures and holiday shopping trends. The conversation touches on how illicit goods are exchanged with alarming ease and the challenges law enforcement faces in combating these markets. Botezatu also dives into the ethical implications of AI technology in the cybersecurity realm, shedding light on significant vulnerabilities and the impact of advanced cyber threats.

34:20

Creator website

Episode guests

Bogdan Botezatu

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

DeepSeek's recent DDoS attack raised concerns about the security vulnerabilities of its R1 AI model amidst geopolitical tensions.

The AT&T data breach emphasizing the exploitation of telecom vulnerabilities showcases significant national security risks and the need for improved encryption.

Deep dives

DeepSeek's DDoS Attack and Security Concerns

A DDoS attack caused registration outages for the Chinese AI company DeepSeek, temporarily halting new user registrations while existing users remained unaffected. This incident has raised questions regarding the security vulnerabilities of DeepSeek’s competitive R1 AI model, which had been touted as an alternative to OpenAI's ChatGPT and Google's Gemini. Security firm Kila reported successfully jailbreaking DeepSeek's model, demonstrating its ability to fabricate sensitive data, which highlighted concerns over the model's reliability and the potential risks to privacy and data security. Experts emphasize the importance of critically assessing data origins and ethical considerations surrounding foreign AI technologies, particularly given the geopolitical tensions in the tech landscape.

Intro

3min

Cybersecurity Breaches and Geopolitical Implications

3min

Recent Cybersecurity Insights

10min

Exploring the Dark Markets of the Web

9min

Cybersecurity Challenges and AI Compliance

6min

DeepSeek blames DDoS for recent outages. Hackers behind last year’s AT&T data breach targeted members of the Trump family, Kamala Harris, and Marco Rubio’s wife.The EU sanctions Russians for cyberattacks against Estonia. ENGlobal confirms personal information was taken in last year’s ransomware attack. CISA issues a critical warning about a SonicWall vulnerability actively exploited. A large-scale phishing campaign exploits users’ trust in PDF files and the USPS. Apple patches a zero-day affecting many of their products. A ransomware attack on an Ohio-based operator of skilled nursing and rehabilitation facilities affects over 70,000. President Trump has a tumultuous first week back in office. Our guest is Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. A nonprofit aims to clean up the AI industry’s mess.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

We are joined by Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. Check out Bitdefender’s research on the topic here.

Selected Reading

DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge (SecurityWeek)

DeepSeek FAQ (Stratechery)

We tried out DeepSeek. It worked well, until we asked it about Tiananmen Square and Taiwan (The Guardian)

Hackers Mined AT&T Breach for Data on Trump's Family, Kamala Harris (404 Media)

European Union Sanctions Russian Nationals for Hacking Estonia (SecurityWeek)

ENGlobal Says Personal Information Accessed in Ransomware Attack (SecurityWeek)

CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild (Cyber Security News)

Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam (Security Boulevard)

Amazon Prime Security Warning As Hackers Strike—What You Need To Know (Forbes)

Apple plugs exploited security hole in iOS, updates macOS (The Register)

Nursing Home, Rehab Chain Says Hack Affects Nearly 70,000 (GovInfo Security)

A Tumultuous Week for Federal Cybersecurity Efforts (Krebs on Security)

Initiative Aims to Enable Ethical Coding LLMs (IEEE Spectrum)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

It was DDoS, not us.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

DeepSeek's DDoS Attack and Security Concerns

AT&T Data Breach Targeting High-Profile Individuals

Ransomware Attacks and Cybersecurity Measures

CyberWire Guest

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts