CyberWire Daily

Peter Baumann, CEO of ActiveNav, shares his journey from childhood experiments with electronics to spearheading data discovery solutions. He discusses how his background in electrical engineering and business shaped his entrepreneurial spirit. Baumann emphasizes the importance of managing unstructured digital data and fostering a culture of safety within teams. He also provides insights into the evolving landscape of cybersecurity and the pivotal role of data protection for organizations. A must-listen for those interested in data management!

Silas Cutler, Principal Security Researcher at Censys, dives into the enigmatic Volt Typhoon and its botnet, KV. He explains how the FBI's efforts disrupted infected systems without affecting the control infrastructure, suggesting a stealthy operator behind the scenes. Analysis reveals shifts in the botnet’s control servers in response to law enforcement. The conversation also tackles the challenges of attributing cyber threats, the strategic use of U.S. hosting for disguise, and the surprising links between patent databases and cybersecurity vulnerabilities.

Law enforcement shutters Garantex crypto exchange. NTT discloses breach affecting corporate customers. Malvertising campaign hits nearly a million devices. AI’s role in Canada’s next election. Scammers target Singapore’s PM in AI fraud. Botnets exploit critical IP camera vulnerability. In our International Women's Day and Women’s History Month special, join Liz Stokes as she shares the inspiring stories of women shaping the future of cybersecurity. And how did Insider threats turn a glitch into a goldmine?Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire GuestIn this special International Women’s Day edition, we shine a spotlight on the incredible women in and around our network who are shaping the future of cybersecurity. Join Liz Stokes as we celebrate Selena Larson, Threat Researcher at Proofpoint, and co-host of Only Malware in the Building, Gianna Whitver, CEO & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Maria Velasquez, Chief Growth Officer & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Chris Hare, Project Management Specialist and Content Developer at N2K Networks, and host of CertByte, Ann Lang, Project Manager at N2K Networks, Jennifer Eiben, Executive Producer at N2K Networks, and Maria Varmazis, host of the T-Minus Space Daily show at N2K Networks for their achievements, resilience, and the invaluable contributions they make to keeping our digital world secure.Selected ReadingRussian crypto exchange Garantex’s website taken down in apparent law enforcement operation (The Record)Data breach at Japanese telecom giant NTT hits 18,000 companies (BleepingComputer)Malvertising campaign leads to info stealers hosted on GitHub (Microsoft)Canadian intelligence agency warns of threat AI poses to upcoming elections (The Record) Deepfakes of Singapore PM Used to Sell Crypto, Residency Program (Bloomberg) Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets (SecurityWeek)Magecart: How Akamai Protected a Global Retailer Against a Live Attack (Akamai) Cybercrime 'crew' stole $635,000 in Taylor Swift concert tickets (BleepingComputer)Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this discussion, cybersecurity expert Dave Bittner sheds light on the U.S. Justice Department's charges against Chinese IT contractors for cyber espionage linked to Silk Typhoon. He explores the vulnerabilities in the IT supply chain and the challenges posed by advanced hacking groups. The conversation also dives into how innovations like passwordless security are reshaping cybersecurity. Bittner and his co-hosts address the growing impact of technologies like AI on cybercrime and underscore the critical need for robust data privacy measures.

US Treasury Department sanctions Iranian national accused of running the Nemesis criminal marketplace. Hunters International threatens to leak data stolen from Tata Technologies. Apple challenges U.K.’s iCloud encryption backdoor order. UK competition regulator says no investigation into Microsoft's OpenAI partnership. Stealthy malware campaign targets the UAE's aviation and satellite industry. This week on our CertByte segment, N2K’s Chris Hare is joined by Troy McMillan to break down a question targeting the Cisco Certified Network Associate (CCNA) exam. And hackers hit the books.Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CertByte SegmentWelcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K. This week, Chris is joined by Troy McMillan to break down a question targeting the Cisco Certified Network Associate (CCNA) exam, 201-301, version 1.1 exam. Today’s question comes from N2K’s Cisco Certified Network Associate (CCNA 200-301) Practice Test. According to Cisco, the CCNA is the industry’s most widely recognized and respected associate-level certification. To learn more about this and other related topics under this objective, please refer to the following resource: https://learningnetwork.cisco.com/s/article/protection-techniques-nbsp-from-wardriving-attack To get the full news to knowledge experience, learn more about our N2K Pro subscription at https://thecyberwire.com/pro. Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers.Additional source: https://www.cisco.com/site/us/en/learn/training-certifications/certifications/enterprise/ccna/index.htmlSelected ReadingTreasury sanctions Iranian national behind defunct Nemesis darknet marketplace (The Record)Ransomware Group Claims Attack on Tata Technologies (SecurityWeek) Apple is challenging U.K.’s iCloud encryption backdoor order (TechCrunch)UK's competition regulator says Microsoft's OpenAI partnership doesn't qualify for investigation (TechCrunch)  Call It What You Want: Threat Actor Delivers Highly Targeted Multistage Polyglot Malware (Proofpoint)Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear (GuidePoint Security)Fake police call cryptocurrency investors to steal their funds (Bitdefender)Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (Bleeping Computer)  Investigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcement (CyberScoop) Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

CISA is closely monitoring Russian cyber threats while notable companies like Broadcom and Google tackle critical vulnerabilities. A ransomware attack recently impacted Palau's health ministry, revealing the urgent need for improved cybersecurity measures. Upcoming discussions will dive into IoT security risks and showcase inspiring women in the field, celebrating their contributions to cybersecurity. Additionally, the threat of deepfakes is explored, emphasizing the importance of enhanced identity verification to counter sophisticated scams.

A recent directive pauses U.S. cyber operations against Russia amidst Ukraine negotiations, raising big discussions about cybersecurity strategies. Ransomware groups take advantage of vulnerabilities, and there's concern over government misuse of tech against activists. A breach at Poland's space agency prompts a return to traditional communication. The importance of collaboration in rising cyber threats and empathy among cybersecurity professionals is highlighted, showcasing the changing landscape and the need for robust security measures.

Taree Reardon, a Senior Threat Analyst at VMware Carbon Black, shares her inspiring journey in cybersecurity as a fierce advocate for women. Passionate about hacking and forensics, she highlights the importance of representation and mentorship in a male-dominated field. Taree discusses her daily work in tracking and blocking cyber threats, her commitment to a diverse team, and shares valuable advice on trusting yourself. Her story is a testament to resilience and the power of support in navigating career paths in cybersecurity.

Phil Stokes, a threat researcher at SentinelOne's SentinelLabs, delves into the alarming world of macOS malware, particularly the FlexibleFerret variant linked to North Korean actors. He discusses the 'Contagious Interview' campaign, where fake job interviews lure developers into installing malicious software. The conversation highlights the gaps in Apple's security measures, the significance of robust data protection, and the misconception that macOS is invulnerable. Stokes emphasizes the need for proactive security practices in a landscape where all operating systems are at risk.

Keith Mularski, Chief Global Ambassador at Qintel and former FBI Special Agent, shares his insights on the booming intersection of cryptocurrency and cybercrime. He discusses the alarming rise of cyberattacks targeting crypto assets and the tactics employed by criminals in the underground. The conversation highlights the challenges law enforcement faces in tackling these threats and emphasizes the crucial role of regulatory measures to enhance consumer protection. Additionally, they explore strategies for securely storing cryptocurrencies amidst growing vulnerabilities.