CyberWire Daily

George Monsalvatge, a Microsoft subject matter expert at N2K, tackles pressing cybersecurity issues. He discusses the recent arrest of over 200 Chinese nationals in Sri Lanka for financial scams and the alarming rise in cyberattacks. The conversation highlights critical security patches from Microsoft and Oracle, emphasizing the urgent need for updates. Monsalvatge also dives into the world of Microsoft Azure, offering insights on certification preparation and identity management. With a touch of humor, he shares tales of rogue robotic vacuums, underscoring the importance of device security.

Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and author on security, joins Scott Small, a cyber threat intelligence expert, and Nina Jankowicz, CEO of the American Sunlight Project and disinformation specialist. They dive deep into the challenges of navigating disinformation, especially with AI and deepfakes complicating electoral contexts. The discussion emphasizes the power of informed voting and the critical need for trusted sources to cut through misinformation, ensuring the integrity of future elections.

Matt Radolec, Vice President of Incident Response and Cloud Operations at Varonis, discusses the urgent need for data privacy regulations in the age of AI. He highlights how AI can exacerbate vulnerabilities. The conversation also touches on the rise of cyber threats ahead of the 2024 U.S. elections, including phishing scams and ransomware. Radolec emphasizes the importance of secure practices and encryption, while raising concerns about ethical challenges and user consent in data usage. It's a thought-provoking look at the intersection of technology and privacy.

Join Andy Woolnough, Executive Vice President of Corporate Affairs at ISC2, and Simone Petrella, President of N2K, as they dive into the critical findings of ISC2's 2024 Cybersecurity Workforce Study. They discuss alarming trends such as skills shortages and the growing disconnect between hiring manager demands and the skills that professionals prioritize. The conversation highlights the urgent need for organizations to invest in talent development and address diversity within the industry, ensuring a future-ready cybersecurity workforce.

Billy Wilson, a High Performance Computing Systems Administrator at Brigham Young University, shares his unique journey from language proficiency to technical skills in cybersecurity. He discusses how his passion for writing and experiences in South Korea shaped his career. Billy emphasizes the importance of adaptability in cybersecurity, highlighting his transition from general hacking interests to becoming a penetration tester. He illustrates that pursuing diverse interests can lead to career satisfaction, proving that career paths can be non-linear and multifaceted.

Trevor Hilligoss, VP of SpyCloud Labs, dives into the escalating threat of ransomware and the pivotal role infostealer malware plays in these attacks. He reveals insights from SpyCloud's 2024 Malware and Ransomware Defense Report, noting that 75% of organizations faced repeated attacks last year. Trevor discusses how compromised identity data fuels ransomware operations and highlights the challenges companies encounter. He emphasizes the evolution of cyber threats and the necessity for robust security measures to combat this ever-growing issue.

In this engaging discussion, Dr. Bilyana Lilly, a cybersecurity expert and author of "Digital Mindhunters," dives into the recent rise in ransomware attacks targeting healthcare systems. She highlights the surge in cyber threats like Octo2 malware aimed at Android devices and the critical vulnerabilities in software systems. Additionally, the conversation shifts to legislative efforts in the U.S. and the UK focused on children's online safety, and the creative fusion of fiction with cybersecurity education, featuring a compelling immigrant protagonist.

Ben April, Chief Technology Officer at Maltego Technologies GMBH, dives into the complexities of social media in digital investigations. He discusses the evolution of social media as a tool, from early platforms to today's dynamic environments filled with misinformation. April highlights the challenge of information overload and the need for effective data integration. He also reflects on the balance between in-house capabilities and third-party solutions for data gathering, making it clear that navigating this landscape is more critical than ever.

Simone Petrella interviews Andy Woolnough, ISC2's Executive VP of Corporate Affairs, who unveils the 2024 Cybersecurity Workforce Study. They delve into the stagnation in cybersecurity workforce growth and the skill gaps between hiring managers and professionals. The conversation emphasizes the need for better recognition of cybersecurity roles. They also explore the significance of enhancing cybersecurity education and the fight against misinformation on platforms like Wikipedia. The insights spark a vital discussion on the future of cybersecurity careers.

Nina Jankowicz, Co-Founder and CEO of the American Sunlight Project and author of "How to Lose the Information War," joins Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber, and Renee DiResta, former Technical Research Manager at Stanford's Internet Observatory. They dive into the nuances of modern election propaganda, exploring tactics used by nation-states like Russia to sow discord. They discuss the implications of disinformation campaigns on elections, the importance of recognizing these dynamics, and strategies for safeguarding electoral integrity.