Expansion - par Eric Flag

Bob Maley, CSO of Black Kite, shares his expertise on the escalating risks of third-party cyber incidents. The conversation dives into the nefarious activities of the Russian group Proton66 and emerging threats like a new Rust-based botnet targeting routers. Maley emphasizes the impact of CISA budget cuts and the rise of ransomware in healthcare. Additionally, the relaunch of the cybercrime marketplace Cracked raises alarms about compliance risks and the need for improved cybersecurity measures across industries.

Yoni Shohet, Co-founder and CEO of Valence Security, discusses critical cybersecurity threats posed by Chinese open source AI, particularly for financial institutions. He highlights the alarming use of ClickFix in state-sponsored cyber espionage, alongside Japan's urgent warnings about unauthorized trades. The conversation dives into the vulnerabilities of new Microsoft tools and the complexities of navigating AI risks in organizations. Shohet emphasizes the need for robust security measures as the landscape of cyber threats continues to evolve.

Rich Hale shares his unique journey from aspiring board game designer to Chief Technology Officer. He discusses his diverse experiences in the Royal Air Force and their surprising applicability to cybersecurity. The conversation emphasizes the critical issue of securing dark data and why organizations must prioritize it. Hale also offers insightful leadership advice, advocating for empowering teams and embracing career transitions, reminding listeners to weigh their choices wisely before making significant leaps.

Join Nick Cerne, a Security Consultant from Bishop Fox with expertise in offensive security and malware development, as he dives into the fascinating realm of Rust in malware creation. He discusses how Rust's memory safety and anti-analysis features can enhance evasion tactics compared to traditional languages like C. Listeners will learn about the challenges of modern malware analysis and how evolving programming languages impact both malware development and cybersecurity defenses. Nick’s insights into realistic adversarial simulation are both enlightening and alarming!

A critical vulnerability in Erlang/OTP SSH allows unauthenticated remote code execution. There’s a bipartisan effort to renew a key cybersecurity info sharing law. A newly discovered Linux kernel vulnerability allows local attackers to escalate privileges. A researcher uncovers 57 risky Chrome extensions with a combined 6 million users. AttackIQ shares StrelaStealer simulations. A major live events service provider notifies employees and customers of a data breach. CISA warns of an actively exploited SonicWall vulnerability. An airport retailer agrees to a multi-million dollar settlement stemming from a ransomware attack. A preview of RSAC 2025 with Linda Gray Martin and Britta Glade. Zoom-a-zoom zoom, it’s always DNS. Remember to leave us a 5-star rating and review in your favorite podcast app.Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire GuestToday Dave sits down with Linda Gray Martin, Chief of Staff, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2025.Selected ReadingCritical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (Bleeping Computer)Bipartisan duo wants to renew 10-year-old cyberthreat information sharing law (The Record)Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released (Cyber Security News)Chrome extensions with 6 million installs have hidden tracking code (Bleeping Computer)Emulating the Stealthy StrelaStealer Malware (AttackIQ)Live Events Giant Legends International Hacked (SecurityWeek)CISA tags SonicWall VPN flaw as actively exploited in attacks (Bleeping Computer)Airport retailer agrees to $6.9 million settlement over ransomware data breach (The Record)Global Zoom Outage Caused by Server Block Imposed from GoDaddy Registry (Cyber Security News)Share your feedback.We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show?You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Rob Allen, Chief Product Officer at ThreatLocker, dives into the layered approach to zero trust, emphasizing its importance in today's cybersecurity landscape. He explains how this strategy helps mitigate risks from threat actors exploiting legitimate applications. The discussion also highlights Microsoft’s emergency updates for Windows Server and the pressing need for organizations to proactively address vulnerabilities, particularly in the wake of high-profile breaches. Allen's insights provide vital direction for navigating complex security challenges.

Ed Adams, Head of Cybersecurity for North America at Bureau Veritas Group and author of 'See Yourself in Cyber', explores the severe disconnect in the cyber talent ecosystem. He discusses the urgency of addressing outdated job qualifications and the need for practical skill development to meet evolving industry demands. Adams also shares insights on fostering diversity in cybersecurity, advocating for inclusive hiring practices. His unique perspective emphasizes the importance of soft skills and collaboration across teams to reshape the industry's future.

The CVE program faces a critical last-minute reprieve amid allegations of a security breach at the NLRB. Texas is gearing up to launch its own Cyber Command, highlighting increasing state-level cybersecurity efforts. ResolverRAT poses new threats in healthcare globally, while Microsoft warns about blue screen crashes linked to recent updates. Plus, insights into the Certified Ethical Hacker exam reveal vital tools like NMAP for effective test preparation. Meanwhile, 4chan's vulnerabilities raise red flags in online security compliance.

A major breach at the OCC has caused U.S. banks to suspend communication, raising significant cybersecurity concerns. Fraudsters are now using generative AI to craft fake documents, highlighting a new wave of cybercrime. Meanwhile, emerging macOS malware poses new threats, while a UK man faces justice for creating a phishing platform. The discussion also delves into the challenges in the cybersecurity job market, particularly the gap between demand and the skills of new professionals, as well as compliance needs in an age of AI-generated threats.

Tim Starks, a Senior Reporter at CyberScoop, delves into the recent shakeup in federal cybersecurity, examining the fallout from the removal of key officials. He discusses the DOJ's efforts to shield citizen data from foreign threats and the emergence of vulnerabilities like dangling DNS attacks. Starks highlights Microsoft’s urgent updates for Active Directory issues, while exploring legal actions against tech firms for privacy breaches. The podcast also tackles the rising risks of phishing services, including Tycoon2FA, and the implications of AI in cybersecurity compliance.