CyberWire Daily

Deepen Desai, Chief Security Officer and EVP of Cyber and AI Engineering at Zscaler, dives into the latest activities of the Mustang Panda group. He reveals the new arsenal, including advanced backdoors like TONEINS and tools for stealthy surveillance. Discussions include their phishing tactics and the development of custom keyloggers, PAKLOG and CorKLOG. Desai emphasizes the importance of a comprehensive defense strategy and the role of AI in both cyberattacks and cybersecurity measures, highlighting the ongoing battle against sophisticated threats.

In this conversation, Jeffrey Wheatman, Cyber Risk Expert at Black Kite, shares insights on critical cybersecurity challenges. He emphasizes the dangers of silent breaches and the threat posed by AI in revealing sensitive information. The discussion touches on Operation Endgame's impact on cybercriminal networks and the ethical dilemmas surrounding AI, especially regarding privacy. Wheatman also addresses the complexities of third-party risk management and the complications faced by hackers in navigating event participation amid current travel concerns.

David Holmes, CTO for Application Security at Imperva, shares his expertise on the surge of AI in bot attacks. The conversation dives into the dismantling of Lumma's malicious infrastructure and the alarming rise in automated attacks. Holmes highlights critical vulnerabilities, like those affecting Lexmark printers, and discusses the evolving tactics of cybercriminals. He emphasizes the pressing need for enhanced security measures and the role of AI in combating these sophisticated threats. Tune in for insights that every cybersecurity enthusiast won't want to miss!

Rob Allen, Chief Product Officer at ThreatLocker, dives into the concept of zero trust and the deliberate simplicity of fundamental controls. He discusses how token theft and phishing can circumvent traditional security measures like MFA, allowing attackers easy access to critical systems. The conversation also highlights the increasing sophistication of cybercriminal tactics, particularly in targeting logistics and healthcare sectors. Allen underscores the need for organizations to adopt proactive endpoint protection and implement a 'deny by default' approach to enhance cybersecurity.

Chris Novak, Vice President of Global Cybersecurity Solutions at Verizon, discusses the newly signed Take It Down Act targeting non-consensual intimate images and its implications for free expression. He highlights the alarming rise in ransomware and exploitation of vulnerabilities, especially affecting small businesses. The conversation also touches on the urgent need for patching critical vulnerabilities and the broader challenges facing the cybersecurity workforce, stressing the importance of data-driven analysis in understanding global breaches.

Ian Tien, CEO of Mattermost, discusses the recent Ministry of Justice breach, emphasizing the critical need for collaborative cybersecurity efforts. He sheds light on emerging threats like the Pupkin Stealer malware and its implications for data protection. Tien also stresses the importance of secure communication in critical infrastructures and how ethical hacking can bolster defenses against cybercrime. The conversation highlights the urgency of proactive measures to safeguard personal data in an increasingly digital landscape.

Dive into a fascinating journey from childhood puppet shows to a career in cybersecurity. Discover how early ambitions shaped a unique path in television and tech. Learn about the importance of mentorship and kindness in leadership. Hear about the challenges of team dynamics and the tough choices leaders face to maintain respect. It's a tale of creativity, resilience, and growth, mixing fun anecdotes with valuable life lessons.

Max Gannon, Intelligence Manager at Cofense, explores the escalating tactics of credential phishing. He discusses how cybercriminals are using precision validation to target high-value victims with tailored attacks. This technique enhances their phishing campaigns by validating email addresses in real time, making detection increasingly difficult for defenders. Gannon also emphasizes the importance of strong communication within organizations to counter these threats and protect sensitive information, particularly in critical sectors like oil and gas.

Christopher Cleary, VP of ManTech's Global Cyber Practice, shares insights on the evolving cyber battlespace. He discusses NATO's largest cyber defense exercise and Japan's new Active Cyberdefense Law, emphasizing proactive measures against cyber threats. Key topics include recent cryptocurrency theft charges and vulnerabilities in Avanti Endpoint Manager Mobile. The conversation also highlights the delicate balance of offense and defense in cyber warfare, as well as the need for specialized resources to address national security challenges.

Devin Ertel, Chief Information Security Officer at Menlo Security, dives into redefining enterprise security with a focus on zero trust. He reveals alarming vulnerabilities in Chrome and BitLocker encryption that attackers can exploit in moments. The conversation highlights the recent shutdown of a major black market and a cyberespionage effort targeting vulnerable webmail servers. Ertel also discusses the importance of integrating AI and remote browser isolation to enhance cybersecurity measures.