CyberWire Daily

• Pentagon hits fast-forward on software certs.

  The Defense Department is launching a new fast-track software approval process. A popular employee monitoring tool exposes over 21 million real-time screenshots. The U.S. opens a criminal antitrust investigation into router maker TP-Link. A pair of health data breaches affect over six million people. South Korea’s SK Telecom confirms a cyberattack. A critical zero-day puts thousands of SAP applications at potential risk. Researchers raise concerns over AI agents performing unauthorized actions. “Policy Puppetry” can break the safety guardrails of all major generative AI models. New research tallies the high costs of data breaches. A preview of the RSAC Innovation Sandbox with Cecilia Marinier, Vice President at RSAC, and David Chen, Head of Global Technology Investment Banking at Morgan Stanley. Stocking hard drives full of human knowledge, just in case. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn CyberWire Guest Cecilia Marinier, Vice President at RSAC, and David Chen, Head of Global Technology Investment Banking at Morgan Stanley, sit down with Dave to discuss the Innovation Sandbox Contest 2025. Selected Reading Acting Pentagon CIO Signing Off on New, Faster Cyber Rules for Contractors (airandspaceforces) Top employee monitoring app leaks 21 million screenshots on thousands of users (TechRadar)  Router Maker TP-Link Faces US Criminal Antitrust Investigation (bloomberg) Yale New Haven Health Notifying 5.5 Million of March Hack (bankinfosecurity) Frederick Health data breach impacts nearly 1 million patients (BleepingComputer) Hackers access sensitive SIM card data at South Korea's largest telecoms company (bitdefender) SAP Zero-Day Possibly Exploited by Initial Access Broker (SecurityWeek) Chrome Extension Uses AI Engine to Act Without User Input (Infosecurity Magazine) All Major Gen-AI Models Vulnerable to 'Policy Puppetry' Prompt Injection Attack (SecurityWeek) US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures (Infosecurity Magazine) Sales of Hard Drives for the End of the World Boom Under Trump (404media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  32:44
• Lessons from the latest breach reports.

  Verizon and Mandiant call for layered defenses against evolving threats. Cisco Talos describes ToyMaker and Cactus threat actors. Researchers discover a major Linux security flaw which allows rootkits to bypass traditional detection methods. Ransomware groups are experimenting with new business models. Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division shares the latest on Salt Typhoon. Global censorship takes a coffee break. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Dave sits down with Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division who shares  a PSA on Salt Typhoon. Selected Reading 2025 Data Breach Investigations Report (Verizon) Mandiant M-Trends 2025 Report (Mandiant) Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs (Ciso Talos) Linux 'io_uring' security blindspot allows stealthy rootkit attacks (bleepingcomputer) Ransomware groups test new business models to hit more victims, increase profits (the record) Cloudflare: Government-backed internet shutdowns plummet to zero in first quarter (the record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  28:57
• Are we a trade or a profession? [CISO Perspectives]

  We're sharing a episode from another N2K show we thought you might like. It's the first episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy! Show Notes: Cybersecurity has an identity problem where the industry as a whole is struggling to determine whether it is a trade or a profession. In this episode of CISO Perspectives, host Kim Jones sits down with Larry Whiteside Jr., the Chief Advisory Officer for The CISO Society, to discuss this identity crisis and how the industry as a whole connects to both of these labels. Throughout the conversation, Larry and Kim will discuss the merits and drawbacks of both labels and how cybersecurity does not solely fall into one category or the other. Want more CISO Perspectives?: Check out a companion blog post by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. It’s the perfect follow-up if you’re curious about the cyber talent crunch and how we can reshape the ecosystem for future professionals. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  47:03
• States struggle with cyber shift.

  The White House’s shift of cybersecurity responsibilities to the states is met with skepticism. Baltimore City Public Schools suffer a ransomware attack. Russian state-backed hackers target Dutch critical infrastructure. Microsoft resolves multiple Remote Desktop issues. A new malware campaign is targeting Docker environments for cryptojacking. A new phishing campaign uses weaponized Word documents to steal Windows login credentials. Zyxel Networks issues critical patches for two high-severity vulnerabilities. CISA issues five advisories highlighting critical vulnerabilities in ICS systems. Our guest is Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, sharing the findings of their latest IC3 report. So long, Privacy Sandbox.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, as she is sharing the findings of their latest IC3 report. Selected Reading Trump is shifting cybersecurity to the states, but many aren’t prepared (Stateline) Baltimore City Public Schools report data breach (beyondmachines) Russia attempting cyber sabotage attacks against Dutch critical infrastructure (record) Microsoft fixes Remote Desktop freezes caused by Windows updates (bleepingcomputer) New Malware Hijacking Docker Images with Unique Obfuscation Technique (cybersecuritynews) Hackers Exploit Weaponized Word Docs to Steal Windows Login Credentials (gbhackers) Kelly Benefits Data Breach Impacts 260,000 People (SecurityWeek) Data Breach at Onsite Mammography Impacts 350,000 (SecurityWeek) Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls (cybersecuritynews) CISA Releases Five Advisories Covering ICS Vulnerabilities & Exploits (cybersecuritynews) RIP to the Google Privacy Sandbox (The Register) 2024 IC3 ANNUAL REPORT  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  34:49
• Proton66’s malware highway.

  The Russian Proton66 is tied to cybercriminal bulletproof hosting services. A new Rust-based botnet hijacks vulnerable routers. CISA budget cuts limit the use of popular analysis tools. A pair of healthcare providers confirm ransomware attacks. Researchers uncover the Scallywag  ad fraud network. The UN warns of cyber-enabled fraud in Southeast Asia expanding at an industrial scale. Fog ransomware resurfaces and points a finger at DOGE. The cybercrime marketplace Cracked relaunches under a new domain. On our Industry Voices segment, Bob Maley, CSO of Black Kite, shares insights on the growing risk of third-party cyber incidents. Taking the scenic route through Europe's digital landscape. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kim Jones, the new Host of CISO Perspectives podcast, previewing the latest episode where Kim is joined by Larry Whiteside Jr. discussing “Are we a trade or a profession?” Industry Voices On our Industry Voices segment, Bob Maley, CSO of Black Kite, sharing insights on the growing risk of third-party cyber incidents. Selected Reading Many Malware Campaigns Linked to Proton66 Network (SecurityWeek) New Rust Botnet Hijacking Routers to Inject Commands Remotely (Cyber Security News) CISA Issues Warning Against Using Censys, VirusTotal in Threat Hunting Ops (GB Hackers) Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000 (SecurityWeek) Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily (Infosecurity Magazine) $40bn Southeast Asian Scam Sector Growing “Like a Cancer” (Infosecurity Magazine) Fog ransomware notes troll with DOGE references, bait insider attacks (SC World) Reborn: Cybercrime Marketplace Cracked Appears to Be Back (BankInfo Security) Nemesis darknet market founder indicted for years-long “borderless powerhouse of criminal activity” (Cybernews) Digital Weaning Guide from the United States (Dagbladet Information) Two top cyber officials resign from CISA (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at [email protected] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  42:36

More News podcasts

Trending News podcasts

About CyberWire Daily

CyberWire Daily: Podcasts in Family