CyberWire Daily

Cyber experts Asheer Malhotra and Vitor Ventura discuss Operation Celestial Force targeting Indian entities by Pakistani threat group Cosmic Leopard. They explore mobile malware use, attribution in cybersecurity, mobile malware operations, advanced tactics in malware deployment, and risks of USB drives in cybersecurity.

Guest Malek Ben Salem, a cybersecurity expert with a background in electrical engineering and a passion for math and astrophysics, shares her journey from childhood curiosity in astrophysics to a career in cybersecurity R&D. She discusses using math for data mining, forecasting, and applying new AI techniques in security at Accenture.

Brigid Johnson, Director of AWS Identity, discusses the importance of identity management in cybersecurity on AWS. Topics include AT&T data breach, NATO cyber defense center, phishing campaign using Microsoft SharePoint, and Germany excluding Huawei and ZTE from 5G infrastructure. The episode also highlights EU regulations on tech platforms and cybersecurity operations.

Topics include a crypto scam empire tied to the Cambodian ruling family, data breach at Lulu Hypermarket, GitLab and Palo Alto Networks security updates, ViperSoftX malware variants, SWATting case in New Mexico, increasing phishing attacks on government employees, GOP's stance on AI regulation, and a deep dive into the evolving threats of AI-generated malware with experts.

Guest Jack Cable, Senior Technical Advisor at CISA, discusses Blast-RADIUS attack, Russian disinformation, and AI use in classrooms. Microsoft and Apple change OpenAI board seats. Australia reviews tech security. Patch Tuesday updates. CISA's Secure by Design Alert series highlighted. Plus, a cyber expert's geeky wedding.

Caroline Wong, CSO at Cobalt, discusses pentesting & AI in cybersecurity. UK's NCSC alerts on APT40, Frankfurt Uni cyberattack, CloudSorcerer spying on Russian agencies, CISA addressing security flaws. Cybersecurity funding rises. Ticketmaster faces scalper challenges.

Topics include Microsoft switching employees in China from Android to iPhones, security flaws in Mastodon, OpenAI breach, 10 billion leaked passwords, CISA requested more info on January hack, Egyptian Health Dept breach, NHLS ransomware attack, Eldorado ransomware, Cisco vulnerability, and discussion on extending security around genAI.

Richard Clarke, a cybersecurity pioneer, shares his journey from being inspired by President Kennedy to creating the first cybersecurity position in federal government. He worked for the Department of Defense and the White House, focusing on counterterrorism and raising cybersecurity awareness. Clarke continues to advise CISOs through Good Harbor Security Risk Management.

Cybersecurity expert Joshua Miller from Proofpoint discusses TA453's phishing attack on a US-based think tank. Topics include Iran's cyber threats, malicious VPN app targeting Macs, analysis of Mac malware, and recommendations against persistent threat actors.

Unit 42's CTO and VP of Engineering, Michael Sikorski, discusses the 2024 Incident Response Report, highlighting cyber threats like AI use, software vulnerabilities, 'living off the land' attacks, and business disruption supply chain attacks. Recommendations on incident response strategies and mitigating cyber threats are shared.