CyberWire Daily

Debra Danielson shares her inspiring journey from aspiring astronaut to Chief Technology Officer. She discusses the gender shift within tech, revealing how the number of women dwindled as she advanced. Debra emphasizes the importance of taking risks early in one's career, as challenges often lead to growth and opportunity. With a keen focus on fearlessness, her insights resonate especially for women in a male-dominated field. Her story showcases resilience and the significance of embracing challenges in pursuit of success.

Noah Pack, a SANS Internet Storm Center intern, dives into the fascinating world of AWS API keys. He shares the alarming risks associated with accidental leaks and the surprising outcomes of his experiment where keys were intentionally exposed. The discussion covers protective measures like canary tokens and the importance of security tool integration. Noah emphasizes the critical need for identity management and proactive security practices to shield businesses from potential chaos. His real-world insights underscore why every developer should care about credential safety.

Ronald D. Moore, renowned for his work on 'Star Trek' and 'Battlestar Galactica,' joins a captivating discussion about the influence of science fiction on space exploration. He shares how classic shows inspired the emotional connections in the aerospace industry and sparked collective aspirations for a 'Star Trek future.' Moore reflects on the evolving television landscape, addressing the complexities of storytelling amidst changing societal norms. The conversation also touches on the intersection of space exploration and spirituality, pondering humanity's purpose as we reach for the stars.

Lee Parrish, CISO at Newell Brands and author of 'The Shortest Hour,' dives into the significance of cybersecurity governance. He shares practical strategies for managing cyber risks and enhancing security practices. The discussion highlights the critical role of leadership and strategic hiring to fill skill gaps within security teams. Parrish stresses the importance of building strong relationships with stakeholders and navigating SEC regulations around cybersecurity disclosures, making security relationship management essential for effective governance.

Damon Fleury, Chief Product Officer at SpyCloud and expert in digital identity, joins the conversation to tackle the surge in cyber threats during the holiday season. He emphasizes the need for comprehensive digital identity strategies to bolster cyber defense. The discussion highlights new malware delivery methods exploiting gaming engines and the implications of AI-driven scams for consumers. Fleury also sheds light on the evolving tactics of cybercriminals and the importance of adapting cybersecurity education to address modern threats.

Clemence Poirier, a Senior Cyberdefense Researcher at ETH Zurich, dives into the thrilling world of cybersecurity attacks in space. She discusses the alarming rise of threats targeting space systems amid the Ukraine conflict, with a spotlight on the Viasat cyber attack. Poirier also highlights the role of hacktivist groups like CyberVolk and their unique challenges in hacking space networks. Additionally, she addresses the complexities of protecting space cybersecurity and the implications of emerging tech vulnerabilities in this new frontier.

Lesley Carhart, Technical Director at Dragos and expert in OT incident response, dives into the shifting landscape of cybersecurity. She dissects APT28's cunning Wi-Fi attack techniques for advanced espionage. Listeners learn about trends in phishing scams, specifically targeting Apple users. Carhart emphasizes the need for enhanced security measures and effective tool integration, particularly in complex OT environments. With a focus on governance and risk management, she offers insights on how organizations can better prepare for evolving cyber threats.

Explore Greg Bell's diverse career journey, from human rights to Hollywood, before returning to his tech roots. He emphasizes the significance of mentorship and the power of open source communities in shaping a fulfilling career. Greg shares insights on navigating changes and finding joy in learning, offering guidance to newcomers in cybersecurity. His mission-driven approach aims to improve the world, making his journey an inspiring tale for anyone looking to make their mark in the tech industry.

Ami Luttwak, Co-founder and CTO of Wiz, dives into a critical NVIDIA vulnerability that affects over 35% of cloud environments using AI. He reveals how this flaw could let attackers break out of containers, jeopardizing sensitive data. Discussing the need for robust security measures, he highlights the vulnerabilities in AI codebases. Luttwak also emphasizes effective isolation techniques and the role of collaboration in addressing these security challenges, paving the way for stronger AI governance and risk mitigation.

Meta is cracking down on pig-butchering scams as a major telecom hack raises national security alarms. Microsoft disrupts a phishing platform while a gambling provider faces a cyberattack. As Black Friday approaches, experts warn of scams targeting shoppers, detailing phishing tactics and counterfeit promotions. Discussions also highlight online security vulnerabilities that retailers face and offer tips for safe shopping. The legacy of BASIC programming is celebrated, emphasizing its role in making tech accessible and fostering creativity.