CyberWire Daily

Please enjoy this encore of Career Notes. Principal consultant and pen tester at Secureworks, Eric Escobar, shares his career path translating his childhood favorite Legos to civil engineering and pivoting to cybersecurity. Eric was always headed toward engineering and got both his bachelor and master degrees in civil engineering. Upon breaking into a network with a friend, he was bitten by the cybersecurity bug. Making the switch to the red team and basically becoming a bankrobber for hire, Eric tests the security of many companies' networks. He feels that curiosity is an essential trait for cybersecurity and collaboration is key as no one person knows everything. He advises those interested in cybersecurity to just start. We thank Eric for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Darren Meyer, a Security Research Advocate at Checkmarx, dives into the alarming world of AI vulnerabilities. He introduces 'lies-in-the-loop,' a technique that tricks developers into approving risky AI actions masked as harmless. Using examples with AI code assistants like Claude Code, he explains how prompt injection can lead to catastrophic consequences like remote code execution. With rising AI adoption, he stresses the critical need for better security awareness and protective measures in developer workflows.

Nitay Milner, CEO of Orion Security, shares insights into data loss prevention in the AI era. He highlights the dangers of corporate data leaks into AI tools and discusses the importance of prioritizing DLP for CISOs. Milner addresses the limitations of legacy DLP methods, emphasizing the role of LLMs in improving detection accuracy and reducing false positives. He points out the dual nature of AI as a risk and a resource for enhanced data security, while anticipating new challenges in this rapidly evolving landscape.

Larry Zorio, CISO at Mark43, specializes in public safety cybersecurity. He highlights the pressing insider cyber risks facing first responders and the challenges with legacy systems. Zorio shares insights on how 98% of law enforcement view cybersecurity as critical to tech decisions. He discusses the importance of access controls and concerns about shadow AI. Additionally, he emphasizes funding disparities between large and small agencies and advocates for adopting NIST/ISO/CIS frameworks to enhance security and secure grants.

Doron Davidson, the General Manager and Managing Director of Security Operations at CyberProof Israel, discusses the evolution of security operation capabilities. He highlights the concept of agentic SOCs, emphasizing their potential by 2027 for autonomous alert management. Doron also shares insights on which SOC functions stand to benefit the most from automation and how analysts' roles will transform into consultative and management positions. With a focus on safeguards and practical implementations, he offers valuable advice for organizations starting their agentic transformation.

In this discussion, Christiaan Beek, Senior Director of Threat Intelligence & Analytics at Rapid7, shares his expertise on the rapidly changing landscape of cyber threats. He highlights the alarming surge in ransomware incidents, revealing how attackers are now exploiting vulnerabilities more swiftly than ever. Beek emphasizes the evolving tactics that target critical sectors like healthcare and construction. Additionally, he explores how nation-state actors are enhancing their stealth and persistence methods, while AI-driven strategies bolster their attack capabilities.

Michael Sottile, CISO at a quantum computing firm, shares his extensive cybersecurity experience spanning fintech, healthcare, and defense. He explains why CISOs must prepare for quantum computing now, discussing the risks of data longevity and the looming 'harvest now, decrypt later' threat. Michael demystifies qubits and superposition, outlines how quantum can bolster fraud detection while jeopardizing encryption, and stresses the importance of phased migration plans. He also highlights the challenges posed by legacy devices and emphasizes precise asset inventorying to mitigate risks.

Emergency updates from Apple and Google address critical vulnerabilities. China’s state-backed hackers have been linked to the React2Shell exploits. A serious cyberattack targeted France's Ministry of the Interior. Researchers discovered a giant database with 4.3 billion records exposed online. The MI6 chief warns of escalating threats from Russia. A deep dive into the hacker mindset reveals the dark capabilities within tech companies. Plus, a holiday gift guide to enhance your cybersecurity knowledge!

Amanda Fennell, Chief Security Officer and CIO at Relativity, shares her unique journey from aspiring archaeologist to cybersecurity expert. She recounts how internships in archaeology revealed unexpected realities that led her to digital forensics. Amanda discusses building a security program at Relativity and the lessons learned from fast-paced growth. She emphasizes the importance of curiosity and listening in leadership, while inspiring others to discover the cyber warrior within themselves.

Daniel Schwalbe, Head of Investigations and CISO at DomainTools, dives deep into an extraordinary 500GB leak revealing the inner workings of China's Great Firewall. He discusses the techniques used to analyze this massive dataset, including clustering and keyword searches. Schwalbe explains the firewall's architecture and how it employs deep packet inspection to monitor encrypted traffic. The conversation also touches on the implications of the leak for enterprise monitoring and the cat-and-mouse game between censorship and circumvention tools.