CyberWire Daily

Andrew Maloney, COO and Co-Founder of Query.AI, shares his transformative journey from a blue-collar upbringing to a tech leader in cybersecurity. He discusses how the building blocks of discipline and teamwork he learned in the military shaped his career. Deployed during the Iraq War, Andrew found his passion for technology and security, emphasizing the importance of continuous learning and self-belief. His inspiring message encourages listeners never to sell themselves short and to keep pushing forward.

Selena Larson, co-host of Only Malware in the Building and a Lead Threat Researcher at Proofpoint, dives into the alarming rise of Microsoft OAuth app impersonation campaigns. These sophisticated attacks target users by mimicking trusted services like Adobe and SharePoint, leading to MFA phishing. Larson explains how cybercriminals capture sensitive information through fake login pages, highlighting the importance of user education and vigilance. She also discusses Microsoft’s impending security updates to combat these threats, making cybersecurity awareness paramount.

Aron Anderson, Enterprise Security Manager at Adobe, dives into the evolving landscape of cybersecurity, highlighting a recent cyberattack on Bridgestone and the importance of robust software bill of materials for security. He passionately discusses the transition to zero trust security, debunking myths that it's only for large organizations and demonstrating its relevance for all businesses. By integrating AI and addressing vendor risks, he emphasizes how organizations can adapt to modern threats while securing their operations effectively.

Rick Kaun, Global Director of Cybersecurity Services at Rockwell Automation, dives into the urgent need for IT/OT convergence in securing vital water and wastewater systems. He discusses the ambitious Salt Typhoon campaign by China, which is wreaking havoc on global telecommunications. Kaun highlights the importance of merging legacy systems with modern technologies while addressing vulnerabilities in critical infrastructure. The conversation also touches on recent cyber incidents and the need for accurate reporting in the cybersecurity world.

Tim Starks, a senior reporter at CyberScoop, takes the spotlight, discussing China's reliance on domestic firms for cyber operations. He highlights the significant international threats posed by this strategy and its implications for global businesses. The conversation also delves into major cyber incidents like the Jaguar Land Rover attack. Starks emphasizes the critical need for psychological safety within cybersecurity teams to foster open communication and effectively tackle emerging threats, including the alarming tactics of ransomware gangs targeting the digital art community.

Michael Sikorski, CTO of Unit 42 at Palo Alto Networks, joins forces with Thomas P. Bossert, former Homeland Security Advisor, to delve into the complexities of cyber defense. They discuss a recent disruption of Russia’s Midnight Blizzard cyber campaign and the implications for national security. The conversation highlights the urgency of transitioning from reactive to proactive cybersecurity measures, emphasizing strategies that organizations must adopt to safeguard sensitive data. Tune in for insights on navigating the dynamic realm of cyber threats.

Get ready for a fiery blend of hot wings and cybersecurity insights! The hosts tackle a spicy wing challenge while sharing personal tales about their journeys in tech and security. They mix humor with cautionary stories of phishing and evolving online security. You’ll hear about the mental health challenges in cybersecurity and get a taste of nostalgia as they reminisce about early tech experiences. This special edition is packed with laughs, memorable reactions, and a unique look at the lighter side of serious topics.

Tom Gallagher, VP of Engineering at Microsoft and head of the Security Response Center, discusses the vital role of responsible disclosure in cybersecurity and reveals an exciting $5 million initiative, the Zero Day Quest. Eric Olson, Principal Security Researcher, dives into the rapidly evolving landscape of ransomware, detailing how attackers now operate with alarming speed and organization. They also explore the growing threat of social engineering and AI-enhanced phishing tactics, emphasizing the necessity of robust cybersecurity measures for defense.

Elliot Peltzman, Executive Director of Audio at N2K, discusses the unseen efforts that fuel creative productions. He highlights the synergy between sound design and storytelling, showcasing how collaboration enhances audio artistry. Elliot shares insights into the meticulous crafting of content, from theme music to certification tests. Listeners get a peek into the teamwork that breathes life into broadcasts, and the dynamic interplay of writing and speaking in content creation. This conversation celebrates the passion behind every audio experience.

Marina Ciavatta, CEO of Hekate and a social engineering expert, shares her unique journey from journalism to cybersecurity. She humorously dispels the Hollywood stereotype of hackers, emphasizing the strategic tactics involved in physical pentesting. Marina discusses the importance of understanding human behavior in security and encourages aspiring pentesters to connect with fellow social engineers. Her passion for technology shines through as she reveals insights into navigating vulnerabilities and the ethical responsibilities that come with her thrilling profession.