CyberWire Daily

AI ambitions clash with cyber caution.

Apr 14, 2025

Tim Starks, a Senior Reporter at CyberScoop, delves into the recent shakeup in federal cybersecurity, examining the fallout from the removal of key officials. He discusses the DOJ's efforts to shield citizen data from foreign threats and the emergence of vulnerabilities like dangling DNS attacks. Starks highlights Microsoft’s urgent updates for Active Directory issues, while exploring legal actions against tech firms for privacy breaches. The podcast also tackles the rising risks of phishing services, including Tycoon2FA, and the implications of AI in cybersecurity compliance.

34:12

Creator website

Episode guests

Tim Starks

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The dismissal of cybersecurity leaders in the Department of the Interior indicates a troubling shift in federal cybersecurity strategies amidst AI-related budget debates.

The DOJ's new initiative aims to block foreign adversaries from accessing personal data, highlighting the critical need for stringent data protection measures amid rising espionage threats.

Deep dives

Cybersecurity Leadership Changes

The removal of key cybersecurity and technology officials from the U.S. Department of the Interior reflects growing tensions surrounding federal cybersecurity strategies. The department's CIO and CISO were dismissed amidst disputes related to a push for AI-driven federal spending cuts, leading to criticisms about bypassing essential security protocols. This shakeup is part of a broader trend of leadership changes in various federal agencies, raising concerns over the stability and effectiveness of U.S. cybersecurity efforts. Experts caution that such personnel shifts could hinder the agencies' ability to respond to evolving cyber threats effectively.

Intro

3min

Federal Cybersecurity Shakeup and Threats

6min

Enhanced Security Measures and Emerging Phishing Threats

4min

Cybersecurity Under Fire: The Trump Era

10min

Navigating Compliance and AI Risks in Cybersecurity

5min

The Department of the Interior removes top cybersecurity and tech officials. The DOJ looks to block foreign adversaries from acquiring sensitive personal data of U.S. citizens. Microsoft issues emergency updates to fix an Active Directory bug. Hackers are installing stealth backdoors on FortiGate devices. Researchers warn of a rise in “Dangling DNS” attacks. A pair of class action lawsuits allege a major adtech firm secretly tracks users online without consent. Google is fixing a 20-year-old Chrome privacy flaw. The Tycoon2FA phishing-as-a-service platform continues to evolve. My guest is Tim Starks from CyberScoop, discussing the latest from CISA and Chris Krebs. Slopsquatting AI totally harshes the supply chain vibe.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Tim Starks from CyberScoop, and he is discussing the latest with CISA and Chris Krebs.

Selected Reading

Interior Department Ousts Key Cyber Leaders Amid DOGE Spat (Data Breach Today)

US Blocks Foreign Governments from Acquiring Citizen Data (Infosecurity Magazine)

Microsoft: New emergency Windows updates fix AD policy issues (Bleeping Origin)

Fortinet Issues Fixes After Attackers Bypass Patches to Maintain Access (Hackread)

Dangling DNS Attack Let Hackers Gain Control Over Organization’s Subdomain (Cyber Security News)

Two Lawsuits Allege The Trade Desk Secretly Violates Consumer Privacy Laws (AdTech)

Chrome 136 fixes 20-year browser history privacy risk (Bleeping Computer)

Tycoon2FA phishing kit targets Microsoft 365 with new tricks (Bleeping Computer)

AI Hallucinations Create a New Software Supply Chain Threat (SecurityWeek)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CyberWire Daily

AI ambitions clash with cyber caution.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Cybersecurity Leadership Changes

DOJ's New Data Security Initiative

Emerging Phishing Trends

CyberWire Guest

Selected Reading

Share your feedback.

Want to hear your company in the show?

Remember Everything You Learn from Podcasts