app_store_button

google_play_button

is Device Banner Block 894x1036

Stígðu inn í heim af óteljandi sögum

Hlustaðu og lestu

N2K Networks

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

CyberWire Daily

The new Netflix movie A House of Dynamite, chronicles what happens when the unthinkable unfolds. How realistic is it? We ask the movie’s advisor and expert, Lieutenant General Daniel Karbler (Ret.).

Remember to leave us a 5-star rating and review in your favorite podcast app.

Be sure to follow T-Minus on LinkedIn and Instagram.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info.

Want to join us for an interview?

Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal.

T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

How realistic is A House of Dynamite? [T-Minus Deep Space]

Please enjoy this encore of Career Notes.

Co-founder and CTO of Virsec, Satya Gupta shares his story of how he has over 25 years of expertise in embedded systems, network security and systems architecture. He also talks about how a colleague of his told him something that resinated with him, he said " that was really a remarkable statement that I heard from that person. You rise to the point where you can actually contribute." He also discusses how he got into the startup atmosphere and how different scenarios in his life helped to lead him to the successful man he has become in the cyber community. We thank Satya for sharing his story.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Satya Gupta: Rising to your contribution. [CTO] [Career Notes]

On this Special Edition podcast, we share a panel from DataTribe's Cyber Innovation Day 2025, "Cyber: The Wake of Tech Innovation."

The podcast tech host panel included Dave Bittner, host of CyberWire Daily podcast, Maria Varmazis, host of T-Minus Space Daily podcast, and Daniel Whitenack, co-host of Practical AI podcast, sharing a wide-ranging discussion.

Together, Dave, Maria and Dan examine the intersection of frontier innovation and cyber innovation through the lens of cyber, space, and AI.
Learn more about your ad choices. Visit megaphone.fm/adchoices

DataTribe's Cyber Innovation Day: Cyber: The Wake of Tech Innovation. [Special Edition]

Alex Berninger, Senior Manager of Intelligence at Red Canary, and Mike Wylie, Director, Threat Hunting at Zscaler, join to discuss four phishing lures in campaigns dropping RMM tools. Red Canary and Zscaler uncovered phishing campaigns delivering legitimate remote monitoring and management (RMM) tools—like ITarian, PDQ, SimpleHelp, and Atera—to gain stealthy access to victim systems. Attackers used four main lures (fake browser updates, meeting invites, party invitations, and fake government forms) and often deployed multiple RMM tools in quick succession to establish persistent access and deliver additional malware. 

The report highlights detection opportunities, provides indicators of compromise, and stresses the importance of monitoring authorized RMM usage, scrutinizing trusted services like Cloudflare R2, and enforcing strict network and endpoint controls.

The research can be found here:

 You’re invited: Four phishing lures in campaigns dropping RMM tools

Learn more about your ad choices. Visit megaphone.fm/adchoices

Two RMMs walk into a phish… [Research Saturday]

Cyber Command names a new head of AI. The UK introduces its long-delayed Cyber Security and Resilience Bill. Researchers highlight a critical Oracle Identity Manager flaw. Salesforce warns customers of a third-party data breach. Italy’s state-owned railway operator leaks sensitive information. SonicWall patches firewalls and email security devices. The US charges four individuals with conspiring to illegally export restricted Nvidia AI chips to China. The SEC drops its lawsuit against SolarWinds. NSO group claims a permanent injunction could cause irreparable and potentially existential harm. Maria Varmazis of the T-Minus Space Daily show sits down with General Daniel Karbler (Ret.) to discuss his consulting work for A House of Dynamite, the newly released Netflix film. Roses are red, violets are blue, this poem just jailbroke your AI too.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Maria Varmazis of the T-Minus Space Daily show sits down with Lt. General Daniel Karbler (Ret.) to discuss his consulting work for A House of Dynamite, the newly released Netflix film. This is an excerpt of T-Minus Deep Space airing tomorrow in all of your favorite podcast app. 

Selected Reading

Cyber Command Taps Reid Novotny as New AI Chief (MeriTalk)

UK's New Cybersecurity Bill Takes Aim at Ransomware Gangs and State-Backed Hackers (Fortra)

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day (SecurityWeek)

Salesforce alerts customers of data breach traced to a supply chain partner (CXOtoday)

Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack (Security Affairs)

SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance (SecurityWeek)

Four charged with plotting to sneak Nvidia chips into China (The Register)

SEC voluntarily dismisses SolarWinds lawsuit (The Record)

NSO Group argues WhatsApp injunction threatens existence, future U.S. government work (CyberScoop)

Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models (Arxiv)

Freesound Music

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

AI meets the chain of command.

In this special episode of Threat Vector, host David Moulton, Senior Director of Thought Leadership for Unit 42, sits down with Stav Setty, Principal Researcher at Palo Alto Networks, to unpack Jingle Thief a cloud-only, identity-driven campaign that turned Microsoft 365 into a gift card printing press. Stav explains how the Morocco based group known as Atlas Lion lived off the land inside M365 for months at a time, using tailored phishing and smishing pages, URL tricks, and internal phishing to compromise one user and quietly pivot to dozens more.

Together, David and Stav walk through how the attackers abused legitimate identity features like device registration, MFA resets, inbox forwarding rules, and ServiceNow style access requests to blend into normal business workflows and monetize “digital cash” in the form of gift cards. They dig into why MFA alone is not safety, why identity is now the real perimeter, and how behavioral analytics, UEBA, and ITDR can piece together small signals into a clear story of compromise.

You’ll come away with practical steps to harden identity posture, spot early warning signs in cloud environments, and protect high value systems where trust can be turned directly into profit. To go deeper on this campaign and the Atlas Lion threat actor, read the Unit 42 article Jingle Thief Inside a Cloud-Based Gift Card Fraud Campaign at https://unit42.paloaltonetworks.com/cloud-based-gift-card-fraud-campaign/

Join the conversation on our social media channels:

 
Website:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠

 
Threat Research:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠

 
Facebook:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠

 
LinkedIn:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠

 
YouTube:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠

 
Twitter:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠
Learn more about your ad choices. Visit megaphone.fm/adchoices

Inside Jingle Thief Cloud Fraud Unwrapped [Threat Vector]

The US and allies sanction Russian bulletproof hosting providers. The White House looks to sue states over AI regulations. The US Border Patrol flags citizens’ “suspicious” travel patterns. Lawmakers seek to strengthen the SEC’s cybersecurity posture. A new Android banking trojan captures content from end-to-end encrypted apps. A hidden browser API raises security concerns. Fortinet patches a zero-day. A Philippine former mayor gets life in prison for scam center human trafficking. Our guest is Cliff Crosland, CEO and Co-founder at Scanner.dev, discussing why security data lakes are ideal for AI in the SOC. Green energy gets hijacked for a blockchain side-hustle. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, we are joined by Cliff Crosland, CEO and Co-founder at Scanner.dev, discussing why security data lakes are ideal for AI in the SOC. Listen to Cliff's full conversation here. 

Selected Reading

Russian bulletproof hosting provider sanctioned over ransomware ties (Bleeping Computer)

White House drafts order directing Justice Department to sue states that pass AI regulations (Washington Post)

Border Patrol is monitoring US drivers and detaining those with 'suspicious' travel patterns (Associated Press)

Lawmakers reintroduce bill to bolster cybersecurity at Securities and Exchange Commission (The Record)

Multi-threat Android malware Sturnus steals Signal, WhatsApp messages (Bleeping Computer)

Hidden API in Comet AI browser raises security red flags for enterprises (CSO Online)

Eternidade Stealer Trojan Fuels Aggressive Brazil Cybercrime (Infosecurity Magazine)

Fortinet Patches Actively Exploited FortiWeb Zero Day Flaw (HIPAA Journal)

Ex-Philippine mayor Alice Guo given life sentence for human trafficking (Reuters)

Wind farm worker sentenced after turning turbines into a secret crypto mine (Bitdefender)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Eviction notice for Media Land.

Cloudflare’s outage is rooted in an internal configuration error. The Trump administration is preparing a new national cyber strategy. CISA gives federal agencies a week to secure a new Fortinet flaw. MI5 warns that China is using LinkedIn headhunters and covert operatives to target lawmakers. Experts question the national security risks of TP-Link routers. The China-aligned PlushDaemon threat group hijacks software updates. Researchers discover WhatsApp’s entire global member directory accessible online without protection. LG Energy Solution confirms a ransomware attack. ShinySp1d3r makes its debut. Rotem Tsadok, Director of Security Operations and Forensics at Varonis, is sharing lessons learned from thousands of forensics investigations. A judge says Google’s claims to water use secrecy are all wet. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, we are joined by Rotem Tsadok, Director of Security Operations and Forensics at Varonis, sharing lessons learned from thousands of forensics investigations. Listen to Rotem's full conversation here. 

Selected Reading

Cloudflare blames this week's massive outage on database issues (Bleeping Computer)

National cyber strategy will include focus on ‘shaping adversary behavior,’ White House official says (The Record)

CISA gives govt agencies 7 days to patch new Fortinet flaw (Bleeping Computer)

Chinese Spies Are Using LinkedIn to Target U.K. Lawmakers, MI5 Warns (The New York Times)

No evidence that TP-Link routers are a Chinese security threat (CSO Online)

PlushDaemon compromises network devices for adversary-in-the-middle attacks (welivesecurity)

3.5 Billion Accounts: Complete WhatsApp Directory Retrieved and Evaluated (heise online)

LG Energy Solution reports ransomware attack, hackers claim theft of 1.7 terabytes of data (beyondmachines)

Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters (Bleeping Computer)

Google Strives To Keep Data Center Water Use Secret After Judge Orders Records Released (Roanoke Rambler)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The oversized file that stalled the internet.

Cloudflare suffers a major outage. Google issues an emergency Chrome update. Logitech discloses a data breach. CISA plans a major hiring push. The House renews the State and Local Cybersecurity Grant Program. The GAO warns military personnel are oversharing online. Tech groups urge governments worldwide to reject proposals that weaken or bypass encryption. Australian authorities blame outdated software for the death of a telecom customer. An alleged Void Blizzard hacker faces extradition to the US. Our guest is Kevin Kennedy from ManTech discussing the future battlefield and the importance of integrating non-kinetic effects. AI meets the IRS. What could possibly go wrong?

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, we are joined by ⁠Kevin Kennedy⁠ from ⁠ManTech⁠ discussing the future battlefield and the importance of integrating non-kinetic effects. You can hear Kevin's full conversation here. 

Selected Reading

Cloudflare outage causes error messages across the internet (The Guardian)

Google releases emergency Chrome update to patch actively exploited vulnerability (Beyond Machines)

Logitech discloses data breach after Clop claims (The Record)

CISA, eyeing China, plans hiring spree to rebuild its depleted ranks (Cybersecurity Dive)

Full renewal of state and local cyber grants program passes in House (The Record)

Pentagon and soldiers let too many secrets slip on socials (The Register)

Dozens of groups call for governments to protect encryption (CyberScoop)

Australia's TPG Telecom links customer's death to outdated Samsung phone (Reuters)

Alleged Void Blizzard hacker arrested in Thailand (SC Media)

Intuit signs $100M+ deal with OpenAI to bring its apps to ChatGPT (TechCrunch)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. 

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

A morning without Cloudflare.

Managing identity has been an evolving challenge as networks have only continued to grow and become more sophisticated. In this current landscape, these challenges have only become further exacerbated with new emerging technologies. 

In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Richard Bird from Singular AI to discuss this evolving paradigm. Throughout this conversation, Kim and Richard tackle how managing identity has evolved and how security leaders can get ahead of AI to better secure their systems and networks.

Want more CISO Perspectives?

Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Fraud and Identity [CISO Perspectives]

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by N2K Networks Dave Bittner and Rick Howard to uncover the stories behind notable cyberattacks. 
Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about "The curious case of the missing IcedID." 
IcedID is a malware originally classified as a banking trojan and was first observed in 2017. It also acts as a loader for other malware, including ransomware, and was a favored payload used by multiple cybercriminal threat actors until fall 2023. 
Then, it all but disappeared. In its place, a new threat crawled: Latrodectus. Named after a spider, this new malware, created by the same people as IcedID, is now poised to take over where IcedID melted off. 
Today we look back at what happened to the once prominent payload, and what its successor’s spinning web of activity means for the overall landscape. 

And be sure to check out the latest episode of Only Malware in the Building here. 
Learn more about your ad choices. Visit megaphone.fm/adchoices

Encore: The curious case of the missing IcedID. [Only Malware in the Building]

Hlustaðu og lestu

Other podcasts you might like ...