CyberWire Daily

Ryan Whelan, Managing Director and Global Head of Accenture Cyber Intelligence, joins to discuss a critical vulnerability in SUSE Manager, revealing how it can be exploited for root access. He delves into recent hackers planting Raspberry Pis in banks and Russian state-backed attacks on diplomats. The conversation shifts to Scattered Spider, a financially motivated group using advanced social engineering, and highlights the urgent need for better cybersecurity measures amid rising threats and an evolving landscape of cyber tactics.

In this discussion, Ann Galchutt, Technical Lead at CISA, sheds light on their groundbreaking open-source eviction strategy tool aimed at enhancing cyber incident response. She reveals how the tool addresses vulnerabilities exposed by major malware campaigns, including those from North Korea's Lazarus Group. The conversation also highlights the importance of community collaboration and proactive measures in refining incident response strategies. Jermaine Roebuck from CISA joins her to emphasize a new approach to tackling emerging cyber threats, including clever mobile malware.

In this discussion, Keith Mularski, a retired FBI Special Agent and Chief Global Ambassador at Qintel, shares insights on a state of emergency declared in St. Paul due to a major cyberattack. He highlights urgent cybersecurity threats, including a critical vulnerability in SAP NetWeaver and the implications of personal data exposure in AI datasets. Mularski also discusses his transition from FBI investigations to the private sector, emphasizing the cultural shifts and challenges in combating cybercrime. Expect a mix of serious topics and engaging anecdotes!

Jason Schultz, a Technical Leader for Cisco Talos, dives into critical cybersecurity issues, particularly focusing on the vulnerabilities lurking in PDF files. He discusses the alarming Tea dating app breach, revealing the personal data at stake. The conversation delves into government actions against cyber threats and the exploitation of software flaws, emphasizing the necessity for enhanced security measures. Through thrilling insights, Schultz highlights the tricks attackers use in phishing scams, making the case for increased awareness and user education.

In this installment, Ben Yelin, from the University of Maryland Center for Cyber Health and Hazard Strategies, delves into major cyber breaches impacting Russia's Aeroflot and U.S. insurance giant Allianz Life. He highlights the emergence of the Chaos ransomware group and the need for new regulations on data brokers. There’s critical discussion on the Cybersecurity and Information Sharing Act’s impending expiration, including its role in fostering collaboration against cyber threats amidst rising tensions.

Ryan Kovar, a Distinguished Security Strategist at Splunk, shares his journey from the US Navy to leading the SURGe research team. He emphasizes the importance of diversity in thought and the constantly evolving nature of cybersecurity. His transition from military life to innovative strategies at DARPA highlights the value of collaboration and learning from failures. Kovar's mantra is to 'assume compromise' daily, reflecting a proactive mindset essential in today's security landscape.

In this engaging discussion, Kristopher Russo, a principal threat researcher at Unit 42, and Sam Rubin, the head of Unit 42 with over 20 years of cyber expertise, delve into the rising threat posed by the Muddled Libra group. They explore the shift to destructive extortion tactics and cloud-first strategies that make traditional defenses obsolete. Real-world examples emphasize the need for robust cybersecurity measures, including a focus on zero trust principles and enhancing internal trust models to combat today's sophisticated threats.

Brandon Karp, a cybersecurity expert and founder of T-Minus Space Daily, joins Maria Varmazis to discuss groundbreaking insights on space-based telecom architectures. They dive into how these innovations could secure agentic AI systems. Karp reveals the implications of recent cyber threats, including attacks on critical infrastructure and vulnerabilities in popular software tools. The conversation also explores the transformative potential of satellite technology in enhancing internet security and protecting against industrial espionage. A must-listen for tech enthusiasts!

The White House reveals ambitious plans to lead in AI while tackling pressing cybersecurity issues. Microsoft warns of ransomware linked to its SharePoint vulnerabilities. A phishing campaign targets the U.S. Department of Education, and the FBI raises alarms about a dangerous cybercriminal group. Joe Carrigan discusses risks tied to misconfigured point-of-sale systems. Plus, a new decryption tool offers hope for Phobos ransomware victims, but AI's rapid evolution raises real concerns in digital security.

In this discussion, guest Tim Starks, a senior reporter at CyberScoop, delves into the recent Microsoft SharePoint zero-day vulnerability affecting organizations like the National Nuclear Security Administration. He highlights the rising threat of cyberattacks on critical infrastructure and the urgent need for improved operational technology security. The conversation also covers the UK's sanctions against Russian cyber operatives and Clorox's costly lawsuit against its former IT service provider, illustrating the growing stakes in cybersecurity.