CyberWire Daily

Max Gannon, Intelligence Manager at Cofense, explores the escalating tactics of credential phishing. He discusses how cybercriminals are using precision validation to target high-value victims with tailored attacks. This technique enhances their phishing campaigns by validating email addresses in real time, making detection increasingly difficult for defenders. Gannon also emphasizes the importance of strong communication within organizations to counter these threats and protect sensitive information, particularly in critical sectors like oil and gas.

Christopher Cleary, VP of ManTech's Global Cyber Practice, shares insights on the evolving cyber battlespace. He discusses NATO's largest cyber defense exercise and Japan's new Active Cyberdefense Law, emphasizing proactive measures against cyber threats. Key topics include recent cryptocurrency theft charges and vulnerabilities in Avanti Endpoint Manager Mobile. The conversation also highlights the delicate balance of offense and defense in cyber warfare, as well as the need for specialized resources to address national security challenges.

Devin Ertel, Chief Information Security Officer at Menlo Security, dives into redefining enterprise security with a focus on zero trust. He reveals alarming vulnerabilities in Chrome and BitLocker encryption that attackers can exploit in moments. The conversation highlights the recent shutdown of a major black market and a cyberespionage effort targeting vulnerable webmail servers. Ertel also discusses the importance of integrating AI and remote browser isolation to enhance cybersecurity measures.

Neil Hare-Brown, CEO of STORM Guidance, dives into the urgent world of Cyber Incident Response. He discusses the crucial updates from Patch Tuesday, warning of vulnerabilities in power inverters and Intel CPUs. Neil sheds light on the financial aftermath of cyberattacks, including a UK retailer's hefty insurance claim. He also emphasizes the evolving nature of the CVE program and the necessity for a holistic incident response strategy that includes legal support and crisis management. It's a must-listen for anyone concerned about cybersecurity!

In this engaging discussion, Noelle Russell, CEO of the AI Leadership Institute and an advocate for responsible AI, explains how enterprises can scale AI beyond the hype. She emphasizes the necessity of prioritizing accuracy, fairness, and security as fundamental elements in AI development. The conversation touches on the recent bid by House Republicans to restrict state regulation of AI and highlights the vital role of governance in ensuring ethical AI deployment. Noelle's insights challenge listeners to consider the larger implications of emerging technologies.

Tim Starks, Senior Reporter at CyberScoop, sheds light on the recent ClickFix social engineering attack impacting a major student platform. He discusses Google’s hefty privacy settlement with Texas and alarming data breaches affecting healthcare providers. The conversation dives into the zero-day vulnerabilities in SAP and cybersecurity threats facing IT admins. Additionally, Starks analyzes congressional reactions to proposed CISA budget cuts and their potential consequences on national security amid escalating cyber threats.

Limor Kessem, an Executive Security Advisor at IBM Security, transitioned from a childhood dream of medicine to a vibrant career in cybersecurity. She discusses the importance of passion, discipline, and continual learning in navigating the tech landscape. Limor highlights the need for innovation while tightening security measures. She also sheds light on the challenges women face in the industry, advocating for allyship and the need for diversity. Her journey emphasizes standing up for others, motivating both herself and those around her.

In a special edition, cybersecurity experts share vital insights. Dave DeWalt, founder of NightDragon, highlights the latest cybersecurity trends and innovations. Nicole Bucala of DataBee emphasizes data-driven security amidst CISO challenges. Liberty Mutual's CISO Katie Jenkins discusses emerging threats and the role of AI in collaboration. Joe Levy from Sophos explores AI and integration across security platforms. Michael Mastrole from Dataminr explains how agentic AI keeps security teams ahead of threats, showcasing a future where collaboration and technology are paramount.

This week, we are joined by Lucija Valentić, Software Threat Researcher from ReversingLabs, who is discussing "Atomic and Exodus crypto wallets targeted in malicious npm campaign." Threat actors have launched a malicious npm campaign targeting Atomic and Exodus crypto wallets by distributing a fake package called "pdf-to-office," which secretly patches locally installed wallet software to redirect crypto transfers to attacker-controlled addresses. ReversingLabs researchers discovered that this package used obfuscated JavaScript to trojanize specific files in targeted wallet versions, enabling persistence even after the malicious package was removed. This incident highlights the growing threat of software supply chain attacks in the cryptocurrency space and underscores the need for vigilant monitoring of both open-source repositories and local applications. The research can be found here: ⁠⁠Atomic and Exodus crypto wallets targeted in malicious npm campaign Learn more about your ad choices. Visit megaphone.fm/adchoices

In this engaging discussion, Alex Cox, Director of Information Security at LastPass, highlights the growing threats facing tax preparation agencies during the busy refund season. He navigates through the dangers of tax-related phishing attacks, urging vigilance among filers. The conversation also covers recent breaches affecting messaging apps used by government agencies and a notable data breach at a health system. Listeners will find insight into the evolving tactics of cybercriminals and the importance of robust password management.