CyberWire Daily

Jamie Levy, Director of Adversary Tactics at Huntress, unveils alarming details about the active exploitation of SonicWall VPNs. She discusses how attackers bypass MFA and pivot to domain controllers, deploying Akira ransomware. The chat covers techniques like credential theft and using legitimate drivers for attacks, highlighting the urgent need for organizations to restrict VPN access and hunt for indicators of compromise. Levy emphasizes that cybersecurity is a collaborative effort, with research communities playing a crucial role in combating these evolving threats.

Kathleen Peters, Chief Innovation Officer at Experian North America, joins the discussion on the paradox of AI in fraud. She explains how AI is both accelerating fraudulent activities and helping to mitigate them. The conversation touches on a ransomware attack impacting Swedish municipalities and rising threats in cybersecurity. Peters also highlights the evolving landscape of fraud tactics and the importance of innovative strategies for detection. Law enforcement's efforts against identity fraud and emerging scams are also key points of interest.

Brandon Karpf, founder of T-Minus Space Daily and a cybersecurity expert, dives into the fascinating intersection of space and cybersecurity with Maria Varmazis. He discusses the alarming Salt Typhoon breach affecting U.S. communications and the need for collaboration to address evolving cyber threats. The conversation also touches on Google's new cyber disruption unit and the implications of AI-driven ransomware. They explore how advancements in satellite technology could revolutionize internet infrastructure, boosting global data transmission efficiency.

Harry Thomas, Founder and CTO at Frenos, shares insights on the crucial role of curated AI training data in cybersecurity. The conversation uncovers a whistleblower's alarming claims about sensitive data breaches and sheds light on sophisticated phishing campaigns. Thomas emphasizes how proprietary data can outperform web-scraped alternatives in training models for enhanced security. They also address the growing issue of phantom job postings and the need for transparency in hiring, tying these challenges to broader implications for data integrity and compliance.

Cristian Rodriguez, Field CTO for the Americas at CrowdStrike, reveals the growing three-front war in AI. He discusses a cyberattack disrupting Nevada's state systems and a Chinese cyber threat targeting Southeast Asian diplomats. The conversation dives into alarming new methods where attackers hide prompts in AI-processed images, raising concerns about AI's role in escalating attacks. Rodriguez also examines the implications of AI in the job market and the urgent need for stronger safeguards against emerging cybersecurity threats.

A major data breach at Farmers Insurance exposes over a million users. Cybercriminals are targeting macOS users with clever scams disguised as tech support. In a surprising twist, a bill is proposed to grant hackers special permissions against foreign enemies. Meanwhile, privacy advocates rejoice as the UK drops demands for backdoor access to Apple data. The discussion also highlights the growing threat of malware and the importance of robust cybersecurity measures. Additionally, AI tools face their own risks, revealing the vulnerabilities of digital advancements.

Julian Waits, Senior VP at Rapid7 and Chairman of Cyversity, shares his inspiring journey shaped by childhood heroes like Superman. He discusses transitioning from aspiring musician to tech leader, fueled by a desire to impact society positively. Julian highlights the importance of mentorship and diversity in cybersecurity, breaking stereotypes about necessary skills. He recounts his early tech experiences and emphasizes finding one's niche in a competitive landscape while advocating for inclusive learning opportunities in the field.

Renée Burton, VP of Threat Intelligence at Infoblox, dives into the world of digital fraud through VexTrio, a traffic distribution system behind extensive scams. She reveals how just 250 virtual machines orchestrate a massive global ad fraud operation, connecting to individuals and shell companies across Europe. The discussion highlights VexTrio’s criminal supply chain—featuring fake apps and dating scams—and calls for accountability in the adtech industry to combat these threats. Burton sheds light on the critical yet overlooked role of cybersecurity in preserving trust in digital ecosystems.

Brandon Karpf, a former colleague at N2K CyberWire, shares fascinating insights from his experience with fraudulent North Korean job applicants. The discussion highlights how smooth-talking candidates can infiltrate the cybersecurity landscape. They delve into the broader implications of hiring fraud, emphasizing the need for vigilance during interviews. Topics also include recent cyber threats, such as the actions of the Murky Panda group, and the pressing challenges in verifying the authenticity of applicants in a rapidly evolving tech job market.

Ron Zayas, CEO of Ironwall by Incogni, dives into the hidden data sharing and privacy risks associated with Buy Now Pay Later apps. He discusses how these services, while enticing for consumers, can lead to significant privacy concerns due to extensive data collection practices. Zayas highlights the impulsive buying behavior particularly among younger users and the implications of such trends. He also touches on the need for transparency and ethical practices in the evolving landscape of financial technology.