The DOJ indicts four Iranian nationals on hacking charges. Legislation to ban or force the sale of TikTok heads to the President’s desk. A Russian hack group claims a cyberattack on an Indiana water treatment plant. A roundup of dark web data leaks. Mandiant monitors dropping dwell times. Bcrypt bogs down brute-forcing. North Korean hackers target defense secrets. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey. On our Industry Voices segment, Tony Velleca, CEO of CyberProof, joins us to explore some of the pain points that CISOs & CIOs are experiencing today, and how they can improve their cyber readiness. Ransomware may leave the shelves in Sweden’s liquor stores bare.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe discuss content and study strategies for CISSP Domain 3 Security Architecture and Engineering, and discuss encryption and non-repudiation. Specifically they cover sub-domain 3.6, "Select and determine cryptographic solutions," which includes: Cryptographic life cycle Cryptographic method Public key infrastructure (PKI). Industry Voices On our Industry Voices segment, Tony Velleca, CEO of CyberProof, joins us to explore some of the pain points that CISOs & CIOs are experiencing today, and how they can improve their cyber readiness.  Selected Reading Rewards Up to $10 Million for Information on Iranian Hackers (GB Hackers) Congress passes bill that could ban TikTok after years of false starts (Washington Post) Russian hackers claim cyberattack on Indiana water plant (The Record) Major Data Leaks from Honda Vietnam, US Airports, and Chinese Huawei/iPhone Users (SOCRadar® Cyber Intelligence Inc.) Global attacker median dwell time continues to fall (Help Net Security) New Password Cracking Analysis Targets Bcrypt (SecurityWeek) North Korean Hackers Target Dozens of Defense Companies (Infosecurity Magazine) ​​Hackers hijack antivirus updates to drop GuptiMiner malware (Bleeping Computer) Sweden's liquor shelves to run empty this week due to ransomware attack (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

The State Department puts visa restrictions on spyware developers. UnitedHealth says its recent breach could affect tens of millions of Americans. LockBit leaks data allegedly stolen from the DC government. Microsoft says APT28 has hatched a GooseEgg. The White House and HHS update HIPAA rules to protect private medical data. Keyboard apps prove vulnerable. A New Hampshire hospital suffers a data breach. Microsoft’s DRM may be vulnerable to compromise. On our Industry Voices segment, Ian Leatherman, Security Strategist at Microsoft, discusses raising the bar for security in the software supply chain. GoogleTeller just can’t keep quiet.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Ian Leatherman, Security Strategist at Microsoft, discusses raising the bar for security in the software supply chain. Selected Reading U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity (Security Affairs) UnitedHealth Group Previews Massive Change Healthcare Breach (GovInfo Security) Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor (SecurityWeek) Russian APT28 Group in New “GooseEgg” Hacking Campaign (Infosecurity Magazine) HHS strengthens privacy protections for reproductive health patients and providers (The Record) The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers (The Citizen Lab) Records of almost 2,800 CMC patients vulnerable in 'data security incident': hospital | Crime (Union Leader)  Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (SecurityWeek) The creepy sound of online trackers (Axbom)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Section 702 gets another two years.  MITRE suffers a breach through an Ivanti VPN. CrushFTP urges customers to patch an actively exploited flaw. SafeBreach researchers disclose vulnerabilities in Windows Defender that allow remote file deletion. Ukrainian soldiers see increased attention from data-stealing apps. GitHub’s comments are being exploited to distribute malware. VW confirms legacy Chinese espionage and data breaches. CISA crowns winners of the President’s Cup Cybersecurity Competition. Cecilia Marinier, Director, Innovation and Programs at RSA Conference, and Niloo Razi Howe, Senior Operating Partner at Energy Impact Partners & judge, review the top Innovation Sandbox contest finalists in anticipation of RSAC 2024. Targeting kids online puts perpetrators in the malware crosshairs.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We have two guests today. Cecilia Marinier, Director, Innovation and Programs at RSA Conference, and Niloo Razi Howe, Senior Operating Partner at Energy Impact Partners & judge, review the top Innovation Sandbox contest finalists and what to look for on the innovation front at RSAC 2024. For 18 years, cybersecurity's boldest new innovators have competed in the RSAC Innovation Sandbox contest to put the spotlight on their potentially game-changing ideas. This year, 10 finalists will once again have three minutes to make their pitch to a panel of judges. Since the start of the contest, the Top 10 Finalists have collectively seen over 80 acquisitions and $13.5 billion in investments. Innovation Sandbox will take place on Monday, May 6th at 10:50am PT. Selected Reading Warrantless spying powers extended to 2026 with Biden’s signature (The Record) MITRE breached by nation-state threat actor via Ivanti zero-days (Help Net Security) CrushFTP File Transfer Vulnerability Lets Attackers Download System Files (Infosecurity Magazine) Researchers Claim that Windows Defender Can Be Bypassed (GB Hackers) Ukrainian soldiers’ apps increasingly targeted for spying, cyber agency warns  (The Record) GitHub comments abused to push malware via Microsoft repo URLs (Bleeping Computer) Presumably Chinese industrial spies stole VW data on e-drive technology (Bleeping Computer) CISA declares winners of President’s Cup cybersecurity competition, with Artificially Intelligent team leading (Industrial Cyber) Malware dev lures child exploiters into honeytrap to extort them (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Managing director of the Cyber Readiness Institute Kiersten Todt shares how she came to be in the cybersecurity industry helping to provide free tools and resources for small businesses through a nonprofit. She describes how her work on the Hill prior to and just after 9/11 changed. Kiersten talks about the diversity of skills that benefit work in cybersecurity and offers her advice on going after what you want to do. Our thanks to Kiersten for sharing her story with us.

In this episode of CyberWire-X, N2K CyberWire’s Podcast host Dave Bittner is joined by Brian Davis, Principal Software Engineer, and Thomas Gardner, Senior Detection Engineer, both from Red Canary. They engage in a cloud architect vs. detection engineer discussion. Through the conversation, they illustrate how one person benefits the other's work and how they work together. Red Canary is our CyberWire-X episode sponsor.

Greg Lesnewich, senior threat researcher at Proofpoint, sits down to discuss "From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering." Since 2023, TA427 has directly solicited foreign policy experts for their opinions on nuclear disarmament, US-ROK policies, and sanction topics via benign conversation starting emails.  The research states "While our researchers have consistently observed TA427 rely on social engineering tactics and regularly rotating its email infrastructure, in December 2023 the threat actor began to abuse lax Domain-based Message Authentication, Reporting and Conformance (DMARC) policies to spoof various personas and, in February 2024, began incorporating web beacons for target profiling." The research can be found here: From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering

Two swift responses to recent cyberattacks. Frontier Communications discloses cyberattack. Texas town repels water system cyberattack by unplugging. List of undesirables falls into the wrong hands. CryptoChameleon phishing kit impersonates LastPass. Ransomware payments trending down in Q1 2024 and a warning for small to medium-sized businesses. US auto manufacturers targeted by FIN7. Akira ransomware has made $42 million since March 2023. No more WhatsApp or Threads in China. Concerning drop in US cybersecurity job listings. Our guest is Zscaler’s Chief Security Officer Deepen Desai exploring encrypted attacks amidst the AI revolution. Meghan Markle hacked by Kate supporters.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Deepen Desai, Chief Security Officer and SVP Security Engineering & Research at Zscaler, joins us to talk about exploring encrypted attacks amidst the AI revolution. Selected Reading Frontier Communications Shuts Down Systems Following Cyberattack (SecurityWeek) Tiny Texas City Repels Russia-Tied Hackers Eyeing Water System (Bloomberg)  Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals (The Register)  Advanced Phishing Kit Adds LastPass Branding for Use in Phishing Campaigns (LastPass) Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware! (Help Net Security) FIN7 cybercriminals targeted large U.S. automotive manufacturer last year (The Record)  Akira Ransomware Made Over $42 Million in One Year: Agencies (SecurityWeek)  Apple pulls WhatsApp, Threads from China App Store following state order (TechCrunch) Alarming Decline in Cybersecurity Job Postings in the US (Infosecurity Magazine) Meghan Markle's new lifestyle website hijacked by anonymous user whose ‘thoughts are with Kate’ (GB News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In this episode, we shift our point of view to provide guidance for an individual's first career or perhaps considering a career change transitioning into the field. We discuss a market-driven approach to career development. We also explore how to discover one’s niche in cybersecurity, including how to stand out in this competitive market and align personal interests with career goals. Lastly, we examine the role certifications play when navigating your path throughout the talent acquisition, development, and retention of the cybersecurity workforce management lifecycle.   Explore Cyber Talent Insights N2K’s Cyber Talent Insights provides security leaders measurable and actionable insights on your organization’s current cyber roles and capabilities to maximize your talent investments and build a business case for better hiring, developing, maintaining, and retaining your technical talent pools. Learn how at n2k.com/talent-insights. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Cyber Talent Acquisition Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar

A major Phishing-as-a-service operation gets taken down by international law enforcement. US election officials are warned of nation-state influence operations. The house votes to limit the feds’ purchase of citizens personal data. A Michigan healthcare provider suffered a ransomware attack. Critical infrastructure providers struggle to trust cybersecurity tools. Cloudflare reports on DDoS. Kaspersky uncovers new Android banking malware. Kubernetes cryptominers leverage previously patched flaws. The Massachusetts Attorney General emphasizes the responsible use of AI. Our guest Caleb Barlow, CEO of Cyberbit, joins us to talk about badge swipe fraud as more are returning to the office. Colorado passes a law to keep big tech out of our heads.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest and podcast partner Caleb Barlow, CEO of Cyberbit, joins us to talk about badge swipe fraud as more are returning to the office. Are your employees faking their badge swipes? Selected Reading LabHost phishing service with 40,000 domains disrupted, 37 arrested (Bleeping Computer) US Election Officials Told to Prepare for Nation-State Influence Campa (Infosecurity Magazine) House votes in favor of curtailing government transactions with data brokers (The Record) 180k Impacted by Data Breach at Michigan Healthcare Organization (SecurityWeek) Trust in Cyber Takes a Knock as CNI Budgets Flatline (Infosecurity Magazine) DDoS threat report for 2024 Q1 (Cloudflare)  SoumniBot malware exploits Android bugs to evade detection (Bleeping Computer) Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks (Bleeping Computer) Massachusetts official warns AI systems subject to consumer protection, anti-bias laws (AP News) Your Brain Waves Are Up for Sale. A New Law Wants to Change That (NY Times) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

A Russian hacker group boldly targets critical infrastructure. The Change Healthcare ransomware attack is projected to cost over a billion dollars. Three hundred bucks is the going rate for a SIM swap. PuTTY potentially reveals private keys. Cisco Talos reports a surge in brute-force attacks. Ivanti updates its MDM product. Omni Hotels & Resorts confirm a data breach. Financially motivated hackers target Businesses in Latin America with steganography. A prolific cryptojacker faces decades in prison. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey. The ransomware equivalent of a Saturday night special.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe discuss content and study strategies for Domain 2, Asset Security.  Resources: Domain 2, Asset Security Identify and securely provision information assets, establish handling requirements, manage the data lifecycle, and apply data security controls to comply with applicable laws. 2.1 Identify and classify information and assets 2.2 Establish information and asset handling requirements 2.3 Provision resources securely 2.4 Manage data lifecycle 2.5 Ensure appropriate asset retention (e.g., End-of-Life (EOL), End-of-Support (EOS)) 2.6 Determine data security controls and compliance requirements Are you studying for the CISSP exam, considering taking the test soon, or did you have an unsuccessful exam experience? Here are some CISSP exam pitfalls to avoid so that you’re confident and successful on exam day. Selected Reading Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities (WIRED) T-Mobile, Verizon workers get texts offering $300 for SIM swaps (Bleeping Computer) PuTTY SSH client flaw allows recovery of cryptographic private keys (Bleeping Computer)  Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials (Talos Intelligence) Ivanti Patches Two Critical Avalanche Flaws in Major Update (Infosecurity Magazine) Omni Hotels confirms data compromise in apparent ransomware attack (SC Media) Steganography Campaign Targets Global Enterprises (GovInfo Security) Nebraska man allegedly defrauded cloud providers of millions via cryptojacking (The Record) Ransomware attack has cost UnitedHealth $872 million; total expected to surpass $1 billion (The Record) ‘Junk gun’ ransomware: Peashooters can still pack a punch (Sophos News)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Cisco Dou warns of a third-party MFA-related breach. MGM Resorts sues to stop an FTC breach investigation. Meanwhile the FTC dings another mental telehealth service provider. Open Source foundations call for caution after social engineering attempts. The NSA shares guidance for securing AI systems. IntelBroker claims to have hit a US geospatial intelligence firm. The UK clamps down on deepfakes. Hard-coded passwords provide the key to smart-lock vulnerabilities. On our Industry Voices segment, Ryan Lougheed, Director of Product Management at Onspring, discusses the benefits of artificial intelligence in governance, risk and compliance (GRC). A Law Firm’s Misclick Ends 21 Years of Matrimony.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, Ryan Lougheed, Director of Product Management at Onspring, discusses the benefits of artificial intelligence in governance, risk and compliance (GRC). Selected Reading Cisco Duo MFA logs exposed in third-party data breach (ITPro) Casino operator MGM sues FTC to block probe into 2023 hack (Reuters) Open Source Leaders Warn of XZ Utils-Like Takeover Attempts (Infosecurity Magazine) FTC Bans Online Mental Health Firm From Sharing Certain Data (GovInfo Security) New NSA guidance identifies need to update AI systems to address changing risks, bolster security (Industrial Cyber) IntelBroker Claims Space-Eyes Breach, Targeting US National Security Data (HackRead)  Creating sexually explicit deepfakes to become a criminal offence (BBC) CISA warns of critical vulnerability in Chirp smart locks (The Register) Wrong couple divorced after computer error by law firm Vardag's (BBC) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Palo Alto Networks releases hotfixes for an exploited zero-day. Delinea issues an urgent update for a critical flaw. Giant Tiger data is leaked online. A European semiconductor manufacturer deals with a data breach. Roku suffers its second breach of the year. Operators of the Hive RAT face charges.  A former Amazon security engineer gets three years in prison for hacking cryptocurrency exchanges. Zambian officials arrest 77 in a scam call center crack down. Our guest Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division describes dual ransomware. And Rob Boyce, Managing Director at Accenture, shares his thoughts on security testing of generative AI. And selling Pokemon cheats leaves one man in Japan feeling like he had a run-in with a Scaldiburn. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we have two guests, Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division discussing dual ransomware. Followed by Rob Boyce, Managing Director at Accenture, sharing some thoughts on security testing of generative AI. Selected Reading Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge (SecurityWeek) A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (Help Net Security) Hacker claims Giant Tiger data breach, leaks 2.8M records online (Bleeping Computer) Press statement: Nexperia IT Breach (Nexperia) Roku issues warning over massive customer account breach (ITPro) Two People Arrested in Australia and US for Development and Sale of Hive RAT (SecurityWeek) Ex-Amazon engineer gets 3 years for hacking crypto exchanges (Bleeping Computer) Zambia arrests 77 people in swoop on "scam" call centre (Bitdefender) Japanese Police Arrest 36-Year-Old Man on Suspicion of Tampering With Pokémon Violet Save Data (IGN)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

You can learn more about AWS in Orbit at space.n2k.com/aws. N2K Space is working with AWS to bring the AWS in Orbit podcast series to the 39th Space Symposium in Colorado Springs from April 8-11.  Our guests today are ​​Clint Crosier, Director at AWS Aerospace and Satellite, and Jim Tran, Vice President of Government Solutions at Iridium. AWS in Orbit is a podcast collaboration between N2K Networks and AWS to offer listeners an in-depth look at the transformative intersection of cloud computing, space technologies, and generative AI. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. Selected Reading AWS Aerospace and Satellite Audience Survey We want to hear from you! Please complete our short survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Founder and CEO Stu Sjouwerman takes us on a journey of how his career developed from starting a software service company to currently focusing on the infosec side of the business where his team essentially helps to create human firewalls. Stu talks about learning all aspects of the business while creating startups and suggests you learn to speak the language of the area you are looking to get into. He even touches on predicting the future and taking over the world. Our thanks to Stu for sharing his story with us.

You can learn more about AWS in Orbit at space.n2k.com/aws. N2K Space is working with AWS to bring the AWS in Orbit podcast series to the 39th Space Symposium in Colorado Springs from April 8-11.  Our guests today are ​​Salem El Nimri, Chief of Space Technology at AWS Aerospace and Satellite, and Declan Ganley, Chairman and CEO at Rivada Space Networks. AWS in Orbit is a podcast collaboration between N2K Networks and AWS to offer listeners an in-depth look at the transformative intersection of cloud computing, space technologies, and generative AI. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you’ll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. Selected Reading AWS Aerospace and Satellite Audience Survey We want to hear from you! Please complete our short survey. It’ll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Tomer Peled, a Security & Vulnerability Researcher from Akamai is sharing their work on "What a Cluster: Local Volumes Vulnerability in Kubernetes." This research focuses on a high-severity vulnerability in Kubernetes, allowing for remote code execution with system privileges on all Windows endpoints within a Kubernetes cluster. The research states "The discovery of this vulnerability led to the discovery of two others that share the same root cause: insecure function call and lack of user input sanitization." The research can be found here: What a Cluster: Local Volumes Vulnerability in Kubernetes

Section 702 edges closer to a vote. CISA provides guidance on Sisense and Microsoft breaches. A major conservative think tank reports a breach. Obsolete D-Link devices are under active exploitation, and Palo Alto warns of a zero-day. Raspberry Robin grows more stealthy. A lastpass employee thwarts a deepfake phishing attempt. Are AI models growing more persuasive? Our guest Kevin Magee from Microsoft Canada joins us to talk about cross domain prompt injection and AI. Floppies keep the trains running on time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest and podcast partner Kevin Magee from Microsoft Canada joins us to talk about cross domain prompt injection and AI.  Selected Reading Compromise of Sisense Customer Data (CISA) ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System (CISA) US think tank Heritage Foundation hit by cyberattack (TechCrunch) Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars (SecurityWeek) Palo Alto Networks Warns About Critical Zero-Day in PAN-OS (Infosecurity Magazine) Hackers are using Windows script files to spread malware and swerve antivirus software ( ITPro) LastPass Employee Targeted With Deepfake Calls (SecurityWeek) Anthropic says its AI models are as persuasive as humans (Axios) 5.25-inch floppy disks expected to help run San Francisco trains until 2030 (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In the first episode of the series on cybersecurity workforce development, we dive into the complex world of cyber workforce management and planning, particularly as it pertains to the perspective of the enterprise. We explore the current state of the cybersecurity workforce, navigate various challenges in talent acquisition, and explore the nuances of job classifications, titles, compensation, and the dynamics of remote, onsite, and hybrid work environments.  Our experts further address talent development strategies like professional development, training, conferences, mentorship programs, communities of interest, and corporate cyber academies.  Finally, we touch upon the critical aspect of talent retention, an essential component in closing the cybersecurity talent gap. We hope you will join us on this journey. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Strategic Cyber Workforce Intelligence resources for your organization Cyber Talent Acquistion Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar

Apple warns targeted users of mercenary spyware attacks. CISA expands its Malware Next-Gen service to the private sector. US Cyber Command chronicles their “hunt forward” operations. Taxi fleets leak customer data. Trend Micro tracks DeuterBear malware. The BatBadBut vulnerability enables command injection on Windows. Cybercriminals manipulate GitHub's search functionality. Scully Spider may be utilizing AI generated Powershells scripts. A study from ISC2 shed’s light on salary disparities. On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights. And AI music sings the license.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. You can listen to the full conversation here.  Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights that is launching on Friday, April 12, 2024. You can read more about Cyber Talent Insights here. Selected Reading iPhone users in 92 countries received a spyware attack warning from Apple (Engadget) CISA to expand automated malware analysis system beyond government agencies (The Record) US Cyber Force Assisted Foreign Governments 22 Times in 2023 (SecurityWeek) Taxi software vendor exposes personal details of nearly 300K (The Register) Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear (Trend Micro) BatBadBut: You can't securely execute commands on Windows (Flatt) New Technique to Trick Developers Detected in an Open Source Supply Chain Attack (Checkmarx) Malicious PowerShell script pushing malware looks AI-written (Bleeping Computer) Women make less than men in US cyber jobs — but the gap is narrowing (CyberScoop) Permission is hereby granted (Suno)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

The House moves forward on Section 702 reauthorization. Ukraine suspends a top cybersecurity official. A Wisconsin health coop suffers a data breach. Sophos uncovers a malicious backdoor. Fortinet issues patches for critical and high severity vulnerabilities. A Microsoft server exposed employee passwords, keys, and credentials. LG releases patches to secure smart TVs. The IMF warns of cyberattacks potential to trigger bank runs. It was a busy patch Tuesday. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and how to avoid frustration when you get a practice question wrong. X marks the spot where Elon’s impulsiveness turns chaotic.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and discuss Domain 1, Security and Risk Management. They cover note-taking best practices and how to avoid getting frustrated when you get a practice question wrong. Selected Reading House sets up debate on Section 702 bill, along with votes on proposed changes (The Record) Ukrainian security service’s cyber chief suspended following media investigation (The Record) 530k Impacted by Data Breach at Wisconsin Healthcare Organization (SecurityWeek) Smoke and (screen) mirrors: A strange signed backdoor (Sophos News) Fortinet reports FortiClient critical flaw and issues in FortiOS and FortiProxy (Beyond Machines) Microsoft left internal passwords exposed in latest security blunder (The Verge) LG releases updates for vulnerabilities that could allow hackers to gain access to TVs (The Record) Extreme cyberattacks could cause bank runs, IMF warns (Silicon Republic) Johannes Ulrich's summary of MS patch Tuesday (SANS Internet Storm Center) X automatically changed 'Twitter' to 'X' in users' posts, breaking legit URLs (Mashable)  Example from X/Twitter story: https://wetdry.world/@seraph/112241754503585255 Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.