CyberWire Daily

Jake Braun, former White House Principal Deputy National Cyber Director and current Executive Director of the Cyber Policy Initiative at the University of Chicago, joins to discuss pressing cyber threats. They delve into the recent Oracle Health data breach, highlighting vulnerabilities in healthcare. The conversation shifts to the unique cybersecurity challenges in space, advocating for its designation as critical infrastructure. They also touch on the innovative tactics used by cybercriminals like the Lazarus Group and offer insights into strengthening defenses for startups.

Alyssa Miller, Business Information Security Officer at S&P Global Ratings, champions inclusivity in cybersecurity. She shares her unique journey from programmer to security leader, reflecting on cultural shocks and challenges along the way. Alyssa emphasizes the importance of diverse perspectives in enhancing problem-solving within teams. She believes that by elevating others and fostering acceptance, the industry can achieve greater success. Her insights inspire a more welcoming and collaborative cybersecurity community.

Jon Williams, a vulnerability researcher at Bishop Fox, sheds light on his captivating work in decrypting SonicWall's SonicOSX firmware. He discusses the intricate challenges of reverse-engineering encrypted systems and the creation of Sonicrack, a new tool for extracting keys from VMware images. The conversation also touches on the ethics of disclosing security tools publicly, emphasizing the balance between transparency and potential misuse. Williams highlights the importance of independent research in enhancing cybersecurity and shares vital recommendations for managing firmware security.

Chris Wysopal, the Founder and Chief Security Evangelist of Veracode, delves into the alarming increase in the average fix time for security flaws, shedding light on how modern technology complicates the issue. He reveals that many organizations are sitting on critical security debt for over a year. The conversation also touches on significant vulnerabilities affecting both Firefox and Chrome. Additionally, the RedCurl gang's first foray into ransomware adds a chilling twist to current cyber threats, while innovative automation in cybersecurity is showcased.

Tal Skverer, Research Team Lead from Astrix, sheds light on the resurgence of China's FamousSparrow hacking group and its impact on cybersecurity. The conversation dives into the dangers of exposed data from misconfigured Amazon S3 buckets and a sophisticated Linux backdoor aimed at industrial systems. Tal discusses the significance of the OWASP NHI Top 10 framework for securing non-human identities, offering crucial insights on best practices and the risks of improper off-boarding. The episode also touches on automated credential stuffing and the evolving cyber threat landscape.

Brian Levine, Co-founder and CEO of FormerGov.com, discusses the vital role of networking for former government and military professionals. He sheds light on the challenges they face transitioning to private sector jobs and the importance of a dedicated directory to facilitate connections. The conversation also touches on the rising cyber threats, including attacks on laid-off government workers and the implications for the cybersecurity landscape. Levine emphasizes creating visibility and community in an increasingly digital age.

Ben Yelin, Caveat co-host and Program Director at the University of Maryland Center for Health and Homeland Security, dives into the alarming Signal national security leak. He discusses serious vulnerabilities in Kubernetes systems and details the shocking breach that revealed sensitive military discussions. The conversation extends to the rise of cybercrime in Africa and critiques the current administration's accountability issues surrounding national security communications. With expert insights, Yelin underscores the pressing need for secure digital practices in an ever-evolving cyber landscape.

Join Joe Ryan, Head of Customer Enablement at Maltego Technologies, as he dives into the dark underbelly of online scams thriving in Cambodia. Learn how celebratory fireworks mark successful fraud while cybercriminal networks exploit cryptocurrencies. Joe highlights the challenges faced by analysts in resource-limited settings and stresses the critical need for effective training and communication in cybersecurity. Discover the implications of recent high-profile data breaches and the importance of innovative tools like Cloudflare’s AI Labyrinth for enhanced protection.

Andrew Hammond, a Historian and Curator at the International Spy Museum, shares his fascinating journey from the Royal Air Force to the world of espionage. He discusses the impact of 9/11 on his career choices and how studying history shaped his understanding of global events. Hammond delves into the power of artifacts in telling the stories of intelligence, particularly during World War II, showcasing the evolving role of museums in education and memory. His passion for engaging with history breathes life into the narratives of espionage.

Tom Hegel, Principal Threat Researcher at SentinelLabs, delves into the alarming tactics of the Ghostwriter cyber group targeting Ukraine and Belarus. He reveals how weaponized Excel documents are exploited in sophisticated malware attacks. The discussion highlights new obfuscation techniques and the strategic targeting of political opposition during wartime. Hegel emphasizes the importance of understanding basic cyber threats and fortifying defenses against relentless and clever attacks that can compromise even well-guarded systems.