app_store_button

google_play_button

is Device Banner Block 894x1036

Stígðu inn í heim af óteljandi sögum

Hlustaðu og lestu

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily

Explosions rock a shuttered Myanmar cybercrime hub. The Aisuru botnet shifts from DDoS to residential proxies. Dentsu confirms data theft at Merkle. Boston bans biometrics. Proton restores journalists’ email accounts after backlash. Memento labs admits Dante spyware is theirs. Australia accuses Microsoft of improperly forcing users into AI upgrades. CISA warns of active exploitation targeting manufacturing management software. A covert cyberattack during Trump’s first term disabled Venezuela’s intelligence network. Our guest is Ben Seri, Co-Founder and CTO of Zafran, discussing the trend of AI native attacks. New glasses deliver fashionable paranoia.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today’s guest is Ben Seri, Co-Founder and CTO of Zafran, discussing the trend of AI native attacks and how defenders should use AI to defend and remediate.

Selected Reading

Stragglers from Myanmar scam center raided by army cross into Thailand as buildings are blown up (AP News)

Aisuru Botnet Shifts from DDoS to Residential Proxies (Krebs on Security)

Advertising giant Dentsu reports data breach at subsidiary Merkle (Bleeping Computer)

Boston Police Can No Longer Use Facial Recognition Software (Built in Boston)

Proton Mail Suspended Journalist Accounts at Request of Cybersecurity Agency (The Intercept)

CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware (TechCrunch)

Australia sues Microsoft for forcing Copilot AI onto Office 365 customers (Pivot to AI)

CISA warns of actively exploited flaws in Dassault DELMIA Apriso manufacturing software (Beyond Machines)

CIA cyberattacks targeting the Maduro regime didn’t satisfy Trump in his first term. Now the US is flexing its military might (CNN Politics)

Zenni’s Anti-Facial Recognition Glasses are Eyewear for Our Paranoid Age (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Logging off in Myawaddy.

WSUS attacks escalate as emergency patch fails to fully contain exploited flaw. Schneider Electric and Emerson are listed among victims in the Oracle EBS cyberattack. Google debunks reports of a massive GMail breach. A new banking trojan mimics human behavior for stealth. Sweden’s power grid operator confirms a cyberattack. Italian spyware targets Russian and Belarusian organizations. The U.S. declines to sign the new UN cyber treaty. Ransomware payments fall to record lows. U.S. Cyber Chief calls for a “clean American tech stack” to counter China's global surveillance push. On today's Threat Vector segment, David Moulton⁠ speaks with two cybersecurity leaders from Palo Alto Networks:⁠ Sarit Tager⁠ and⁠ Krithivasan Mecheri⁠. AI mistakes Doritos for a deadly weapon. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector

On today's Threat Vector segment, David Moulton⁠ speaks with two cybersecurity leaders from Palo Alto Networks:⁠ Sarit Tager⁠ and⁠ Krithivasan Mecheri⁠ (Krithi). Together, they dive into the urgent challenges of securing modern development in the age of AI and "Shifting Security Left". You can listen to their full conversation here, and catch new episodes every Thursday on your favorite podcast app. 

Selected Reading

Microsoft WSUS attacks hit 'multiple' orgs, Google warns (The Register)

Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack (SecurityWeek)

Google says talk of Gmail breach impacting millions not true (The Register)

'Herodotus' Android Trojan Mimics Human Sluggishness (Gov Infosecurity)

Hackers Target Swedish Power Grid Operator (SecurityWeek)

Italian-made spyware spotted in breaches of Russian, Belarusian systems (The Record)

US declines to join more than 70 countries in signing UN cybercrime treaty (The Record)

Ransomware profits drop as victims stop paying hackers (Bleeping Computer)

National cyber director says U.S. needs to counter Chinese surveillance, push American tech (CyberScoop)

Armed police handcuff teen after AI mistakes crisp packet for gun in US (BBC News)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Windows servers under siege

Privacy is one of the most universally valued rights. Yet, despite its importance, data breaches exposing millions of people's sensitive information have become routine. Many have come to assume that their personal data has already been, or inevitably will be, compromised. Despite this reality, prioritizing privacy is more important than ever. 

In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Kristy Westphal, the Global Security Director of Spirent Communications, to explore data privacy's impacts on cybersecurity efforts. Together, Kristy and Kim discuss why privacy cannot be an afterthought but rather must be something actively addressed through proactive security efforts, shifting security culture mindsets, and staying ahead of rapidly changing technologies.

This episode of N2K Pro's CISO Perspectives podcast is brought to you by our sponsor, Meter. Meter provides a full-stack, enterprise-grade networking solution—wired, wireless, and cellular—designed, deployed, and managed end-to-end. From hardware to software, ISP to security, Meter delivers seamless, secure, and scalable connectivity for modern business environments. Learn more about ⁠Meter⁠.

Want more CISO Perspectives?

Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The impact of data privacy on cyber. [CISO Perspectives]

The UN launches the world’s first global treaty to combat cybercrime. A House Democrats’ job portal left security clearance data exposed online. A new data leak exposes 183 million email addresses and passwords. Threat actors target Discord users with an open-source red-team toolkit. A new campaign targets unpatched WordPress plugins. The City of Gloversville, New York, suffers a ransomware attack. Jen Easterly hopes AI could eliminate the buggy software that fuels cybercrime. A Connecticut health system agrees to an $18 million settlement following a ransomware attack. Monday business brief. Tim Starks from CyberScoop is discussing concerns over budget cuts and visibility. Meta’s privacy safeguard goes dark.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Tim Starks from CyberScoop who is discussing concerns over budget cuts and visibility. You can read the articles Tim references here: 

 
US ‘slipping’ on cybersecurity, annual Cyberspace Solarium Commission report concludes (CyberScoop)

 
F5 vulnerability highlights weak points in DHS’s CDM program (CyberScoop)

Selected Reading⁠

UN Cybercrime Treaty wins dozens of signatories (The Register)

Hundreds of People With ‘Top Secret’ Clearance Exposed by House Democrats’ Website (WIRED)

Gmail passwords confirmed in 183 million account data breach (Tribune Online)

Hackers steal Discord accounts with RedTiger-based infostealer (Bleeping Computer)

Year-Old WordPress Plugin Flaws Exploited to Hack Websites (SecurityWeek)

Gloversville hit by ransomware attack (WNYT.com NewsChannel 13)

Ex-CISA chief says AI could mean the end of cybersecurity (The Register)

Yale New Haven Health Will Pay $18M to Settle Hack Lawsuit (GovInfo Security)

Veeam to acquire Securiti AI for $1.7 billion. (N2K Pro)

A $60 Mod to Meta’s Ray-Bans Disables Its Privacy-Protecting Recording Light (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The UN’s big push for global cybercrime rules.

Please enjoy this encore of Career Notes.

Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs, Derek Manky, shares his story from programmer to cybersecurity and how it all came together. Derek started his career teaching programming because he had such a passion for it. When he joined Fortinet, Derek said putting where it "really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real-world applications." Derek advises that it doesn't need to be complicated getting into the cybersecurity field and that there are many avenues to enter the field. He hopes to have made a real dent, or "hopefully a crater" in cyber crime when he ends his career. We thank Derek for sharing his story with us. 
Learn more about your ad choices. Visit megaphone.fm/adchoices

Derek Manky: Putting the rubber to the road. [Threat Intelligence] [Career Notes]

Noam Moshe, Claroty’s Vulnerability Research Team Lead, joins Dave to discuss Team 82's work on "Turning Camera Surveillance on its Axis." Team82 disclosed four vulnerabilities in Axis.Remoting—deserialization, a MiTM “pass-the-challenge” NTLMSSP flaw, and an unauthenticated fallback HTTP endpoint—that enable pre-auth remote code execution against Axis Device Manager and Axis Camera Station.
They found more than 6,500 Axis.Remoting services exposed online (over half in the U.S.), letting attackers enumerate targets, install malicious Axis packages, and hijack, view, or shut down managed camera fleets.Axis published an urgent advisory, issued patches for ADM 5.32, Camera Station 5.58 and Camera Station Pro 6.9, accepted Team82’s disclosure, and organizations are urged to update.

The research can be found here:

 Turning Camera Surveillance on its Axis

Learn more about your ad choices. Visit megaphone.fm/adchoices

A look behind the lens. [Research Saturday]

A former defense contractor is charged with attempting to sell trade secrets to Russia. Researchers uncover critical vulnerabilities in TP-Link routers. Microsoft patches a critical Windows Server Update Service flaw. CISA issues eight new ICS advisories. “Shadow Escape” targets LLMs database connections. Halloween-themed scams spike. Our guest is Chris Inglis, first National Cyber Director, speaking on cybercrime and the upcoming documentary on cyber war, "Midnight in the War Room". WhatsApp’s missing million-dollar exploit. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Chris Inglis, first National Cyber Director, speaking on cybercrime and the upcoming documentary on cyber war, "Midnight in the War Room" presented by Semperis. Learn more and check out the trailer.

Selected Reading

Hacking Lab Boss Charged with Seeking to Sell Secrets (Bloomberg)

Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals (Recorded Future)

New TP-Link Router Vulnerabilities: A Primer on Rooting Routers (Forescout)

Windows Server emergency patches fix WSUS bug with PoC exploit (Bleeping Computer)

CISA Releases Eight Industrial Control Systems Advisories (CISA)

Cyberattack on Russia’s food safety agency reportedly disrupts product shipments (The Record)

Shadow Escape 0-Click Attack in AI Assistants Puts Trillions of Records at Risk (Hackread)

Trick or Treat: Bitdefender Labs Uncovers Halloween Scams Flooding Inboxes and Feeds (Bitdefender)

Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta (SecurityWeek)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The spy who sold out.

CISA Layoffs threaten U.S. cyber coordination with states, businesses, and foreign partners. Google issues its second emergency Chrome update in a week, and puts Privacy Sandbox out of its misery. OpenAI’s new browser proves vulnerable to indirect prompt injection. SpaceX disables Starlink devices used by scam compounds. Reddit sues alleged data scrapers. Blue Cross Blue Shield of Montana suffers a data breach. A new Android infostealer abuses termux to exfiltrate data. Iran’s MuddyWater deploys a wide-ranging middle east espionage campaign. We’re joined by Lauren Zabierek and Camille Stewart Gloster discussing the next evolution of #ShareTheMicInCyber. When customer service fails, try human resources.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Lauren Zabierek and Camille Stewart Gloster, as they are discussing the next evolution of #ShareTheMicInCyber. 

Selected Reading

CISA’s international, industry and academic partnerships slashed (Cybersecurity Dive)

Google releases emergency security update for Chrome V8 Engine flaw (Beyond Machines)

Google officially shuts down Privacy Sandbox (Search Engine Land)

OpenAI defends Atlas as prompt injection attacks surface (The Register)

SpaceX disables more than 2,000 Starlink devices used in Myanmar scam compounds (The Record)

Reddit Accuses ‘Data Scraper’ Companies of Theft (The New York Times)

Blue Cross Blue Shield of Montana under investigation for data breach (NBC Montana)

Infostealer Targeting Android Devices (SANS ISC)

Iranian hackers targeted over 100 govt orgs with Phoenix backdoor (Bleeping Computer)

This Guy Noticed A Data Breach With A Company But Couldn’t Get Them To Respond, So He Infiltrated His Way Into An Interview To Drop The News (TwistedSifter) 

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber solidarity on the chopping block.

A foreign threat actor breached a key U.S. nuclear weapons manufacturing site. The cyberattack on Jaguar Land Rover is the most financially damaging cyber incident in UK history. A new report from Microsoft’ warns that AI is reshaping cybersecurity at an unprecedented pace. The ToolShell vulnerability fuels Chinese cyber operations across four continents. Fake browser updates are spreading RansomHub, LockBit, and data-stealing malware. Hackers deface LA Metro bus stop displays. A Spyware developer is warned by Apple of a mercenary spyware attack. Pwn2Own payouts proceed. Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on a Federal Whistle Blower from the SSA. When the cloud goes down, beds heat up. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on a Federal Whistle Blower from the SSA. If you enjoyed Ben’s conversation, be sure to check out more from him over on the Caveat Podcast. 

2025 Microsoft Digital Defense Report

To learn more about the 2025 Microsoft Digital Defense Report, join our partners on The Microsoft Threat Intelligence Podcast. On today’s episode, host Sherrod DeGrippo is joined by Chloé Messdaghi and Crane Hassold to unpack the key findings of the 2025 Microsoft Digital Defense Report; a comprehensive look at how the cyber threat landscape is accelerating through AI, automation, and industrialized criminal networks. You can listen to new episodes of The Microsoft Threat Intelligence Podcast every other Wednesday on your favorite podcast app. 

Selected Reading

Foreign hackers breached a US nuclear weapons plant via SharePoint flaws (CSO Online)

JLR hack is costliest cyber attack in UK history, say analysts (BBC)

Microsoft 2025 digital defense report flags rising AI-driven threats, forces rethink of traditional defenses (Industrial Cyber)

The New Frontlines of Cybersecurity: Lessons from the 2025 Digital Defense Report (The Microsoft Threat Intelligence Podcast) 

Sharepoint ToolShell attacks targeted orgs across four continents (Bleeping Computer)

SocGholish Malware Using Compromised Sites to gDeliver Ransomware (Hackread)

LA Metro digital signs taken over by hackers (KTLA)

Apple alerts exploit developer that his iPhone was targeted with government spyware (TechCrunch)

Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025 (SecurityWeek)

AWS crash causes $2,000 Smart Beds to overheat and get stuck upright (Dexerto)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Hackers peek behind the nuclear curtain.

CISA warns a Windows SMB privilege escalation flaw is under Active exploitation. Microsoft issues an out of band fix for a WinRE USB input failure. Nation state hackers had long term access to F5. Envoy Air confirms it was hit by the zero-day in Oracle’s E-Business Suite. A nonprofit hospital system in Massachusetts suffers a cyberattack. Russian’s COLDRiver group rapidly retools its malware arsenal. GlassWorm malware hides malicious logic with invisible Unicode characters. European authorities dismantle a large-scale Latvian SIM farm operation. Myanmar’s military raids a notorious cybercrime hub. Josh Kamdjou, from Sublime Security discusses how teams should get ahead of Scattered Spider's next move. Eagle Scouts are soaring into cyberspace.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Josh Kamdjou, CEO and co-founder of Sublime Security and former DOD white hat hacker, is discussing how teams should get ahead of Scattered Spider's next move.

Selected Reading

CISA warns of active exploitation of Windows SMB privilege escalation flaw (Beyond Machines)

Windows 11 KB5070773 emergency update fixes Windows Recovery issues (Bleeping Computer)

Hackers Had Been Lurking in Cyber Firm F5 Systems Since 2023 (Bloomberg)

Envoy Air (American Airlines) Confirms Oracle EBS 0-Day Breach Linked to Cl0p (Hackread)

Cyberattack Disrupts Services at 2 Massachusetts Hospitals (BankInfo Security)

Russian Coldriver Hackers Deploy New ‘NoRobot’ Malware (Infosecurity Magazine)

Self-spreading GlassWorm malware hits OpenVSX, VS Code registries (Bleeping Computer)

Police Shutter SIM Farm Provider in Latvia, Bust 7 Suspects (Data Breach Today)

Myanmar Military Shuts Down Major Cybercrime Center and Detains Over 2,000 People (SecurityWeek)

Scouts will now be able to earn badges in AI and cybersecurity (CNN Business)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

A look behind the lens. [Research Saturday]

Hlustaðu og lestu

Other podcasts you might like ...