Safe Mode Podcast

In case you didn't have the chance to attend CyberTalks, we have the keynote address from the event: National Cyber Director Harry Coker highlighted the White House's focus on strategy and policy to address internet routing vulnerabilities, particularly with the Border Gateway Protocol (BGP). Coker emphasized the importance of Resource Public Key Infrastructure (RPKI) for authenticating BGP routing information, acknowledging its slow adoption and implementation challenges, but reported progress with expectations for significant federal coverage by year's end. In our reporter chat, Greg Otto talks with Tim Starks about his story examining the legal barriers anti-spyware advocates are dealing with in a number of high-profile court cases aimed at bringing victims justice. LINK: https://cyberscoop.com/spyware-court-cases-nso-group-meta-whatsapp-apple/

Sean McNee, Head of Threat Research at DomainTools, shares his expertise on how China is monitoring the Russia-Ukraine conflict to strategize its potential moves regarding Taiwan. He delves into the increasing cyber threats from China, including espionage operations like those from the Typhoon group. Derek B. Johnson discusses the U.S. government's efforts to regulate data brokers and protect personal data from foreign adversaries, emphasizing the urgency for stronger privacy laws to safeguard individual rights.

This episode of Safe Mode explores the critical issue of software supply chain security with Saša Zdjelar, ReversingLabs' chief trust officer. Discover why the hidden components of commercial off-the-shelf software pose significant risks to enterprises and how current security practices fall short. We'll discuss the explosive growth in breaches due to third-party software, the limited utility of Software Bill of Materials (SBOMs), and the need for more comprehensive security assessments. Saša will share insights on how to effectively "open the black box," enabling companies to identify threats and ensure compliance before deploying applications. In our reporter chat, CyberScoop senior reporter Tim Starks talks with Greg Otto about the indictments brought against Anonymous Sudan. LINK: https://cyberscoop.com/alleged-anonymous-sudan-leaders-charged-prolific-gangs-tool-disabled/

How can small nonprofits and civic organizations defend themselves against some of the most insidious malware on the planet? By reaching out to Elijah Baucom. The director of Citizen Clinic at UC Berkeley, Baucom runs a public-interest cybersecurity program that trains students to support organizations in defending against cyber threats. A digital security expert and educator, Baucom talks with Greg Otto about making cybersecurity resources accessible to all students and vulnerable groups, drawing on his extensive background in management consulting and network engineering. In our reporter chat, Greg talks with Derek Johnson about the work OpenAI is doing to prevent malicious actors from user generative AI in their schemes. LINK: https://cyberscoop.com/openai-threat-report-foreign-influence-generative-ai/

Since 2022, Mandiant has tracked North Korean IT workers who, posing as non-North Koreans, secure employment in various industries to fund DPRK's weapons programs, often engaging in cyber intrusions with the help of foreign facilitators. In this episode, CyberScoop Editor-in-Chief Greg Otto talks with Mandiant’s Michael Barnhart on what is going on in terms of North Korea’s goals, and how organizations can take precautions to prevent remote worker fraud. Greg also talks to CyberScoop reporter AJ Vicens on the latest LockBit takedown, which was conducted by a host of different countries. LINK: https://cyberscoop.com/russian-cybercrime-raids-cryptex-uaps/

In a captivating discussion, John Fokker, Head of Threat Intelligence at Trellix and a leading expert on ransomware-as-a-service, shares insights on the evolving cybercrime landscape. AJ Vicens, a cybersecurity reporter, dives into the Snowflake breach, exploring how a notorious cybercriminal is facing increasing pressure from law enforcement. The conversation also highlights how AI is reshaping threat tactics, with criminals experimenting with new tools while law enforcement struggles to keep up. A must-listen for anyone interested in the future of cybersecurity!

AI is transforming how companies secure their IT infrastructure, especially in industries like airlines, health care, retail, and telecommunications, which rely on applications and APIs for seamless digital experiences. However, there's a risk of companies improperly deploying AI tools or using insecure vendors, potentially leading to widespread data breaches and operational outages. CyberScoop Editor-in-Chief Greg Otto talks with F5 Networks CTO Kunal Anand about the increasing challenges in IT security and complexity as more AI applications are adopted and what companies should focus on to safeguard their systems as policies and regulations evolve. CyberScoop reporter Derek B. Johnson also sits down with Greg to talk about a congressional hearing that heavily focused on cybersecurity issues for election officials ahead of November.

Secure-by-design transforms secure code from an afterthought to an inherent feature, weaving a resilient shield directly into the fabric of every application and device from the ground up. But while everyone’s mind gravitates toward the ocean of software we all use, how does secure-by-design translate to the Internet of Things? In this episode, CyberScoop Editor-in-Chief Greg Otto talks with RunSafe CEO Joe Saunders on how to incentivize manufacturers to create secure IoT devices. CyberScoop reporter Christian Vasquez also sits down with Greg to talk about two projects launched at this year’s DEF CON aimed at using volunteers to respond to localized cyber incidents.

If you want to understand cybersecurity policy, it’s not enough to focus on Washington D.C. — you have to also grok the American tech industry. Few people have bridged that divide more effectively than Ted Schlein, the legendary venture capitalist who is currently at Ballistic Ventures. On this episode of Safe Mode, he sits down with host Elias Groll to discuss Washington D.C., Silicon Valley and the relationship between the two. CyberScoop senior reporter AJ Vicens also joins the show to discuss the latest developments regarding Iran’s efforts to hack Donald Trump’s presidential campaign.

With Election Day rapidly approaching in the United States, the Trump campaign claims that the first major hack-and-leak operation has arrived. After a handful of U.S. media outlets received leaked material on vice presidential candidate JD Vance, the Trump campaign said it had been the victim of an Iranian hacking operation. On this episode of Safe Mode, CyberScoop senior reporter Tim Starks sits down with host Elias Groll to discuss what we know about the operation and its significance. Also on this episode, John Hammond of Huntress provides a technical deep dive on how an errant CrowdStrike software update managed to break large parts of the internet.