Winamp Logo
CyberWire Daily Cover
CyberWire Daily Profile

CyberWire Daily

English, Technology, 11 seasons, 2821 episodes, 2 days, 3 hours, 48 minutes
About
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
Episode Artwork

A CIA Psychologist on the Minds of World Leaders, Pt. 2 with Dr. Ursula Wilder [SpyCast]

In honor of Women's History Month, please enjoy this episode of the International Spy Museum's SpyCast podcast featuring part 2 of Andrew Hammond's discussion with Dr. Ursula Wilder of the Central Intelligence Agency. Summary Dr. Ursula Wilder (LinkedIn) joins Andrew (X; LinkedIn) to discuss the intersections between psychology and intelligence. Ursula is a clinical psychologist with over two decades of experience working at the Central Intelligence Agency.  What You’ll Learn Intelligence How psychology can be useful to national security Historical examples of leadership analysis  Leadership personality assessments & the Cuban Missile Crisis Psychoanalytic theory and espionage  Reflections Human nature throughout history History repeating itself  And much, much more … Quotes of the Week “Together, these documents are quite powerful. The psych assessments are very, very carefully, tightly held and are classified at a high level. Every intelligence officer has this fantasy about seeing the file that's kept on them by the opponents.” – Dr. Ursula Wilder. Resources  SURFACE SKIM *SpyCasts* Agent of Betrayal, FBI Spy Robert Hanssen with CBS’ Major Garrett and Friends (2023) The North Korean Defector with Former DPRK Agent Kim, Hyun Woo (2023) SPY@20 – “The Spy of the Century” with Curators Alexis and Andrew on Kim Philby (2022) “How Spies Think” – 10 Lessons in Intelligence with Sir David Omand (2020) *Beginner Resources* What is Psychoanalysis? Institute of Psychoanalysis, YouTube (2011) [3 min. video] Psychologists in the CIA, American Psychological Association (2002) [Short article] 7 Reasons to Study Psychology, University of Toronto (n.d.) [Short article] DEEPER DIVE Books Freud and Beyond, S. A. Mitchell (Basic Books, 2016) Narcissism and Politics: Dreams of Glory, J. M. Post (Cambridge University Press, 2014) The True Believer: Thoughts on the Nature of Mass Movements, E. Hoffer (Harper Perennial Modern Classics, 2010)  Team of Rivals: The Political Genius of Abraham Lincoln, D. K. Goodwin (Simon & Schuster, 2004) Leaders, Fools, and Impostors: Essays on the Psychology of Leadership, M. F. R. Kets de Vries (iUniverse, 2003)  Primary Sources  Charles de Gaulle to Pamela Digby Churchill (1942)  Blood, Toil, Tears and Sweat (1940) Memoirs of Ulysses S. Grant (1885) Gettysburg Address (1863)  House Divided Speech (1858) Excerpt on Cleopatra from Plutarch's Life of Julius Caesar (ca. 2nd century AD) Plutarch’s The Life of Alexander (ca. 2nd century AD)  Appian’s The Civil Wars (ca. 2nd century AD)  Virgil’s The Aeneid (19 B.C.E)  *Wildcard Resource* On Dreams by Sigmund Freud (1901) In this simplified version of the father of psychoanalysis’ seminal book The Interpretation of Dreams, you can get a small taste for Freudian philosophy. Freud believed that dreams were a reflection of the subconscious mind and that studying a person’s dreams can elucidate their inner wants and needs. What are your dreams telling you? 
3/22/20241 hour, 9 minutes, 34 seconds
Episode Artwork

A CIA Psychologist on the Minds of World Leaders, Pt. 1 with Dr. Ursula Wilder [SpyCast]

In honor of Women's History Month, please enjoy this episode of the International Spy Museum's SpyCast podcast featuring part 1 of Andrew Hammond's discussion with Dr. Ursula Wilder of the Central Intelligence Agency. Summary Dr. Ursula Wilder (LinkedIn) joins Andrew (X; LinkedIn) to discuss the intersections between psychology and intelligence. Ursula is a clinical psychologist with over two decades of experience working at the Central Intelligence Agency.  What You’ll Learn Intelligence How psychology can be useful to national security Historical examples of leadership analysis  Leadership personality assessments & the Cuban Missile Crisis Psychoanalytic theory and espionage  Reflections Human nature throughout history History repeating itself  And much, much more … Quotes of the Week “Together, these documents are quite powerful. The psych assessments are very, very carefully, tightly held and are classified at a high level. Every intelligence officer has this fantasy about seeing the file that's kept on them by the opponents.” Resources  SURFACE SKIM *SpyCasts* Agent of Betrayal, FBI Spy Robert Hanssen with CBS’ Major Garrett and Friends (2023) The North Korean Defector with Former DPRK Agent Kim, Hyun Woo (2023) SPY@20 – “The Spy of the Century” with Curators Alexis and Andrew on Kim Philby (2022) “How Spies Think” – 10 Lessons in Intelligence with Sir David Omand (2020) *Beginner Resources* What is Psychoanalysis? Institute of Psychoanalysis, YouTube (2011) [3 min. video] Psychologists in the CIA, American Psychological Association (2002) [Short article] 7 Reasons to Study Psychology, University of Toronto (n.d.) [Short article] DEEPER DIVE Books Freud and Beyond, S. A. Mitchell (Basic Books, 2016) Narcissism and Politics: Dreams of Glory, J. M. Post (Cambridge University Press, 2014) The True Believer: Thoughts on the Nature of Mass Movements, E. Hoffer (Harper Perennial Modern Classics, 2010)  Team of Rivals: The Political Genius of Abraham Lincoln, D. K. Goodwin (Simon & Schuster, 2004) Leaders, Fools, and Impostors: Essays on the Psychology of Leadership, M. F. R. Kets de Vries (iUniverse, 2003)  Primary Sources  Charles de Gaulle to Pamela Digby Churchill (1942)  Blood, Toil, Tears and Sweat (1940) Memoirs of Ulysses S. Grant (1885) Gettysburg Address (1863)  House Divided Speech (1858) Excerpt on Cleopatra from Plutarch's Life of Julius Caesar (ca. 2nd century AD) Plutarch’s The Life of Alexander (ca. 2nd century AD)  Appian’s The Civil Wars (ca. 2nd century AD)  Virgil’s The Aeneid (19 B.C.E)  *Wildcard Resource* On Dreams by Sigmund Freud (1901) In this simplified version of the father of psychoanalysis’ seminal book The Interpretation of Dreams, you can get a small taste for Freudian philosophy. Freud believed that dreams were a reflection of the subconscious mind and that studying a person’s dreams can elucidate their inner wants and needs. What are your dreams telling you? 
3/15/20241 hour, 13 minutes, 33 seconds
Episode Artwork

“Espionage and the Metaverse” – with Cathy Hackl [SpyCast]

Summary Cathy Hackl (Twitter, LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss the potential implications of the metaverse on intelligence. Cathy has been called the “Godmother of the Metaverse.” What You’ll Learn Intelligence What the metaverse is Security and counterintelligence in a virtual world Futurism within intelligence agencies  Potential risks and consequences of the metaverse Reflections How virtual spaces can affect our physical world The necessity to evolve alongside technology And much, much more … Episode Notes The web will continue to evolve and change with time, but what’s coming next? And how will this evolution affect the ways that intelligence organizations around the world conduct their operations? This week on SpyCast, Cathy Hackl joins Andrew to explain what the metaverse is, what we can expect from living in this new virtual world, and how intelligence agencies can begin planning for the Web 3 future. Cathy Hackl has been dubbed the “Godmother of the Metaverse”  Resources Featured Resource Into the Metaverse: The Essential Guide to the Business Opportunities of the Web3 Era, Cathy Hackl (Bloomsbury, 2023)  Metaverse Marketing [Cathy’s podcast] *Beginner Resources* What Is the Metaverse, Exactly?, Wired (2022) [Article] Web 3.0 Explained In 5 Minutes, YouTube (2022) [5 min. Video] 12 new tech terms you need to understand the future, R. Gray, BBC (2018) *SpyCasts* How Artificial Intelligence is Changing the Spy Game – with Mike Susong (2022) Trafficking Data: The Digital Struggle with China -- with Aynne Kokas (2022) The FBI & Cyber – with Cyber Division Chief Bryan Vorndran (Part 1 of 2) The FBI & Cyber – with Cyber Division Chief Bryan Vorndran (Part 2 of 2)  *Wildcard Resource* Watch the world’s first metaverse music video, Snoop Dogg’s “House I Built,” here!
12/26/20231 hour, 1 minute, 55 seconds
Episode Artwork

The CyberWire: The 12 Days of Malware. [Special Edition]

Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
12/23/20237 minutes, 28 seconds
Episode Artwork

CSO Perspectives Bonus: Veterans Day special.

Rick Howard (The Cyberwire’s Chief Analyst, CSO, and Senior Fellow), and the cast of the entire Cyberwire team, honor our U.S. veterans on this special day. Learn more about your ad choices. Visit megaphone.fm/adchoices
11/10/202317 minutes, 34 seconds
Episode Artwork

The Malware Mash! [Bonus]

Enjoy this CyberWire classic. They did the Mash...they did the Malware Mash... Learn more about your ad choices. Visit megaphone.fm/adchoices
10/30/20233 minutes, 5 seconds
Episode Artwork

Chinese threat actors reel in Barracuda appliances. Diicot: the gang formerly known as Mexals, with Romanian ties. Recent Russian cyberespionage against Ukraine and its sympathizers.

A Chinese threat actor exploits a Barracuda vulnerability. The upgraded version of the Android GravityRAT can exfiltrate WhatsApp messages. Cybercriminals pose as security researchers to propagate malware. Updates on the Vidar threat operation. A new Romanian hacking group has emerged. Shuckworm collects intelligence, and may support targeting. The Washington Post’s Tim Starks explains the section 702 debate. Our guest is Rotem Iram from At-Bay with insights on email security. And Russia's Cadet Blizzard. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/115 Selected reading. Android GravityRAT goes after WhatsApp backups (ESET) Quarterly Adversarial Threat Report (Facebook) Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China (Mandiant) GravityRAT - The Two-Year Evolution Of An APT Targeting India (Cisco Talos) Fake Security Researcher GitHub Repositories Deliver Malicious Implant (VulnCheck) Darth Vidar: The Aesir Strike Back (Team Cymru) Tracking Diicot: an emerging Romanian threat actor (Cado Security) Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine (Symantec) Cadet Blizzard emerges as a novel and distinct Russian threat actor (Microsoft) Destructive malware targeting Ukrainian organizations (Microsoft)
6/15/202328 minutes, 58 seconds
Episode Artwork

Interview Select: Nick Schneider of Arctic Wolf discusses why he believes 2023 will see a resurgence of ransomware and why the decline of crypto will not deter future ransomware actors.

SHOW NOTES This interview from October 28th, 2022 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner sits down with Nick Schneider of Arctic Wolf to discuss why he believes 2023 will see a resurgence of ransomware and why the decline of crypto will not deter future ransomware actors.
12/30/202210 minutes, 54 seconds
Episode Artwork

Interview Select: Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.

This interview from September 16th, 2022 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner sits down with Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.
12/28/20228 minutes, 25 seconds
Episode Artwork

Interview Select: MK Palmore from Google Cloud talks about why collective cybersecurity ultimately depends on having a diverse, skilled workforce.

This interview from September 30th, 2022 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner sits down with MK Palmore from Google Cloud to talk about why collective cybersecurity ultimately depends on having a diverse, skilled workforce.
12/27/202214 minutes, 30 seconds
Episode Artwork

The CyberWire: The 12 Days of Malware.[Special Editions]

Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
12/25/20227 minutes, 28 seconds
Episode Artwork

Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat..

Rackspace reacts to ransomware. Third-party incidents in New Zealand and the Netherlands. Russian intelligence goes phishing. Mustang Panda uses Russia's war as phishbait. A Malicious package is found in PyPi. Kevin Magee from Microsoft Canada shares thoughts on cybersecurity startups in an economic downturn. Our guest is IDology's Christina Luttrell to discuss how consumers feel about digital identity, fraud, security and data privacy. And a French-speaking investment scam. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/233 Selected reading. Rackspace Technology Hosted Exchange Environment Update (Rackspace Technology)  Multiple government departments in New Zealand affected by ransomware attack on IT provider (The Record by Recorded Future)  Antwerp's city services down after hackers attack digital partner (BleepingComputer)  Russian hacking group spoofed Microsoft login page of US military supplier: report (The Record by Recorded Future) Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets (BlackBerry)  Inside the Face-Off Between Russia and a Small Internet Access Firm (New York Times)  Apiiro’s AI engine detected a software supply chain attack in PyPI (Apiiro | Cloud-Native Application Security)  Anatomizing CryptosLabs: a scam syndicate targeting French-speaking Europe for years (Group-IB)
12/7/202228 minutes, 7 seconds
Episode Artwork

Interview Select: Perry Carpenter on his new book "The Security Culture Playbook." [CW Pro]

This interview is from June 3rd, 2022 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner sits down Perry Carpenter, host of 8th Layer Insights to discuss his new book "The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer."
11/25/202216 minutes, 26 seconds
Episode Artwork

CSO Perspectives Bonus: Veterans Day special.

Rick Howard (The Cyberwire’s Chief Analyst, CSO, and Senior Fellow), and the cast of the entire Cyberwire team, honor our U.S. veterans on this special day.
11/11/202217 minutes, 34 seconds
Episode Artwork

The Malware Mash! [Bonus]

Enjoy this CyberWire classic. They did the Mash...the did the Malware Mash...
10/28/20223 minutes, 5 seconds
Episode Artwork

Pentest reporting and the remediation cycle: Why aren’t we making progress? [CyberWire-X]

The age-old battle between offensive and defensive security practitioners is most often played out in the penetration testing cycle. Pentesters ask, “Is it our fault if they don’t fix things?” While defenders drown in a sea of unprioritized findings and legacy issues wondering where to even start. But the real battle shouldn’t be between the teams; it should be against the real adversaries. So why do pentesters routinely come back and find the same things they reported a year ago? Do the defenders just not care or does the onus fall on the report? Everyone really wants the same thing: better security. To get there, the primary communication tool between consultant and client, offensive and defensive teams — the pentest report — must be consumable and actionable and tailored to the audience who receives it. In the first half of this episode of Cyberwire-X, the CyberWire's CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined by Hash Table members Amanda Fennell, the CIO and CSO of Relativity, and William MacMillan, the SVP of Security Product and Program Management at Salesforce. In the second half of the episode, Dan DeCloss, the Founder and CEO of episode sponsor PlexTrac, joins Dave Bittner discuss the politics around pentest reporting and how better reports can support real progress.
10/9/202236 minutes, 24 seconds
Episode Artwork

Interview select: David Ring at RSAC discussing FBI cyber strategy/role in the cyber ecosystem and private sector engagement.

As we break to observe the Juneteenth holiday, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. In this extended interview, Dave Bittner speaks with FBI Cyber Section Chief David Ring at RSAC discussing FBI cyber strategy/role in the cyber ecosystem and private sector engagement. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
6/20/202216 minutes, 7 seconds
Episode Artwork

Interview select: Kenneth Geers of NATO's CCD COE on "Cyber War in Perspective: Russian Aggression Against Ukraine."

As we break to observe Washington's birthday, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. In this extended interview, Dave Bittner speaks with Kenneth Geers from NATO's CCD COE on "Cyber War in Perspective: Russian Aggression Against Ukraine." Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
2/21/202223 minutes, 52 seconds
Episode Artwork

Bonus: Afternoon Cyber Tea: IoT-Based Infrastructures

Afternoon Cyber Tea with Ann Johnson is a CyberWire Network podcast created by Microsoft Security. It's a bi-weekly show that comes out every other Tuesday. We thought you would enjoy this episode in particular and hope you consider subscribing in your favorite podcast app. Diana Kelly, the co-founder, and CTO of SecurityCurve, a cybersecurity consulting firm, joins Ann Johnson on this episode of Afternoon Cyber Tea. Diana is a globally known security expert who donates much of her time volunteering in the cybersecurity community while also serving on the Association for Computing Machinery Ethics and Plagiarism Committee. Diana talks with Ann about helping inexperienced organizations get up to speed on the cybersecurity landscape, some of the current significant security and privacy hurdles currently plaguing the field, and some of the best practices to assist network defenders and users trying to combat botnet threats.      In This Episode You Will Learn:      How companies can protect themselves from new unsecure devices   When security risks correspond with access management and IoT devices  Why we need security programs to grow to a new level     Some Questions We Ask:  How should network defenders and users combat botnet threats?  What types of universal IoT standards need to be created?   What privacy hurdles are currently plaguing the field of IoT-connected devices?     Resources:    View Diana Kelly on LinkedIn  View Ann Johnson on LinkedIn    Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Security Unlocked   Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.  
2/21/202229 minutes, 52 seconds
Episode Artwork

CyberWire Pro Interview Selects: Jaclyn Miller from NTT, Ltd.

During our winter break, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Jaclyn Miller from NTT, Ltd. on diversity, inclusion and remote access security. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
12/31/202113 minutes, 12 seconds
Episode Artwork

CyberWire Pro Interview Selects: Sir David Omand.

During our winter break, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Sir David Omand, former GCHQ Director, on his book, How Spies Think: Ten Lessons in Intelligence.. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
12/30/202121 minutes, 35 seconds
Episode Artwork

CyberWire Pro Interview Selects: Zan Vautrinot on boards.

During our winter break, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Rick Howard speaks with Zan Vautrinot about boards. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
12/29/202120 minutes, 17 seconds
Episode Artwork

CyberWire Pro Interview Selects: Bill Wright of Splunk.

During our winter break, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Bill Wright of Splunk on the ongoing geopolitical ransomware trend. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
12/28/20219 minutes, 47 seconds
Episode Artwork

The CyberWire: The 12 Days of Malware.

Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
12/25/20217 minutes, 28 seconds
Episode Artwork

CyberWire Pro Research Briefing from 12/21/2021.

Enjoy a peek into CyberWire Pro's Research Briefing as the team is off taking our long winter's nap. This is the spoken edition of our weekly Research Briefing, focused on threats, vulnerabilities, and consequences, as they’re played out in cyberspace. This week's headlines: US Commission on International Religious Freedom reportedly hacked. Sophistication of NSO exploit on par with nation-state tooling. Conti ransomware actors exploit Log4Shell. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
12/25/20219 minutes, 4 seconds
Episode Artwork

CyberWire Pro Interview Selects: Hatem Naguib of Barracuda Networks.

During our winter break, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Hatem Naguib, new CEO of Barracuda Networks, to discuss his views on how cybersecurity trends have drastically changed over the past year, including the rise of ransomware. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
12/24/202110 minutes, 59 seconds
Episode Artwork

CyberWire Pro Research Briefing from 11/23/2021

Enjoy a peek into CyberWire Pro's Research Briefing as the team is off recovering from our Thanksgiving feasts. This is the spoken edition of our weekly Research Briefing, focused on threats, vulnerabilities, and consequences, as they’re played out in cyberspace. This week's headlines: Iranian threat actors target the IT supply chain. North Korean cyberespionage. More information on Emotet's return. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
11/27/20218 minutes, 18 seconds
Episode Artwork

CyberWire Pro Interview Selects: Carolyn Crandall of Attivo Networks.

Our team decided to extend our Thanksgiving holiday and thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview October 27th, 2021 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Carolyn Crandall of Attivo Networks on what organizations should be focused on to protect AD. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
11/26/20219 minutes, 1 second
Episode Artwork

The Malware Mash!

10/29/20213 minutes, 5 seconds
Episode Artwork

Bonus Recorded Future Podcast: Correlating the COVID-19 Opportunist Money Trail

The CyberWire partners with Recorded Future's threat intelligence podcast and our Dave Bittner is the host. It's a weekly show that comes out each Monday afternoon. We thought you might want to check it out and are adding it to our feed today. We hope you like it and consider subscribing in your favorite podcast app. The COVID-19 global pandemic has, predictably, attracted bad actors intent on using fear and uncertainty as a framework for a variety of actions, from run-of-the-mill money scams to targeting phishing, business email compromise, and even espionage. Recorded Future’s Insikt Group has been following these money trails and correlating them with a spectrum of bad actors around the globe. They recently published their findings in a blog post titled, “Follow the Money: Qualifying Opportunism Behind Cyberattacks During the COVID-19 Pandemic.” On today’s episode we’ve got a pair of Insikt Group analysts joining us to share their expertise. Lindsay Kaye is Director of Operational Outcomes and Charity Wright is a Cyber Threat Intelligence Analyst.
3/24/202117 minutes, 27 seconds
Episode Artwork

Encore: You will pay for that one way or another. [Caveat]

Dave's got the story of a landlord who may run afoul of the Computer Fraud and Abuse Act, Ben wonders if the big tech CEOs could be held liable for contact tracking apps, and later in the show my conversation with Joseph Cox. He is a Senior Staff Writer at Motherboard and will be discussing his recent article How Big Companies Spy on Your Emails. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to stories: Apple and Google CEOs should be held responsible for protecting coronavirus tracking data, says GOP Sen. Hawley The twitter thread from Dave's story Got a question you'd like us to answer on our show? You can send your audio file to [email protected] or simply leave us a message at (410) 618-3720. Hope to hear from you.
1/18/202136 minutes, 9 seconds
Episode Artwork

Encore: Unpacking the Malvertising Ecosystem. [Research Saturday]

Researchers at Cisco's Talos Unit recently published research exploring the tactics, technics and procedures of the global malvertising ecosystem. Craig Williams is head of Talos Outreach at Cisco, and he guides us through the life cycle of malicious online ads, along with tips for protecting yourself and your organization. The research can be found here:  https://blog.talosintelligence.com/2019/07/malvertising-deepdive.html
1/2/202129 minutes, 57 seconds
Episode Artwork

Andy Greenberg on the Sandworm Indictments. [Interview Selects]

This interview from November 6th, 2020 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Rick Howard speaks with Andy Greenberg on the Sandworm Indictments.
1/1/202117 minutes, 10 seconds
Episode Artwork

Encore: Selena Larson: The Green Goldfish and cyber threat intelligence. [Analyst] (Career Notes]

Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked investigating and researching things. Specializing in cybersecurity journalism led to the realization of how closely aligned or similar skills are required from an investigative journalist and a cyber threat intelligence analyst. Our thanks to Selena for sharing her story with us. 
12/27/20207 minutes, 10 seconds
Episode Artwork

Encore: Seedworm digs Middle East intelligence. [Research Saturday]

Researchers at Symantec have been tracking Seedworm, a cyber espionage group targeting the Middle East as well as Europe and North America. The threat group targets government agencies, oil & gas facilities, NGOs, telecoms and IT firms. Al Cooley is director of product management at Symantec, and he joins us to share their findings. The original research can be found here: https://www.symantec.com/blogs/threat-intelligence/seedworm-espionage-group
12/26/202020 minutes, 27 seconds
Episode Artwork

Encore: Separating fools from money. [Hacking Humans]

Dave shares a story of airport penetration testing with high degree of yuck-factor. Joe explores research on protecting passwords from social engineering. The catch-of-the-day comes courtesy of Graham Cluley's email spam box. Dave interviews Wired's Security Staff Writer Lily Hay Newman on her article tracking Nigerian email scammers.  Have a Catch of the Day you'd like to share? Email it to us at [email protected] or hit us up on Twitter.
12/25/202030 minutes, 2 seconds
Episode Artwork

Encore: Technology that allows cops to track your phone. [Caveat]

Dave has an update on Baltimore’s spyplane, Ben describes concerns over violations by the FBI, CIA, NSA of FISA court rules, and later in the show our conversation with Kim Zetter on her recent article in The Intercept, titled “How Cops Can Secretly Track Your Phone.” It’s all about stingrays and dirtboxes, so stick around for that. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to stories: Elizabeth Goitein on Twitter In appeals court, Baltimore surveillance plane suit gets a mixed reaction Got a question you'd like us to answer on our show? You can send your audio file to [email protected] or simply leave us a message at (410) 618-3720. Hope to hear from you.  Thanks to our sponsor, KnowBe4.
12/24/202049 minutes, 8 seconds
Episode Artwork

Encore: Using global events as lures for malicious activity.

The goal of malicious activity is to compromise the system to install some unauthorized software. Increasingly that goal is tied to one thing: the user. Over the past several years, we as an industry improved exploit mitigation and the value of working exploits has increased accordingly. Together, these changes have had an impact on the threat landscape. We still see large amounts of active exploitation, but enterprises are getting better at defending against them. This has left adversaries with a couple of options, develop or buy a working exploit that will defeat today's protections, which can be costly, or pivot to enticing a user to help you. In today's threat landscape, adversaries are always trying to develop and implement the most effective lures to try and draw users into their infection path. They've tried a multitude of different tactics in this space, but one always stands out — current events. Joining us on this week's Research Saturday from Craig Williams from Cisco's Talos Outreach team to walk us through how current events are used as lures. The research and blog post can be found here:  Adversarial use of current events as lures
11/28/202022 minutes, 52 seconds
Episode Artwork

The Malware Mash!

10/30/20203 minutes, 5 seconds
Episode Artwork

Solving hard problems and pursuing your passions. [Career Notes]

CEO, Matt Devost, describes many firsts in his career including hacking into systems on an aircraft carrier at sea. He shares how he enjoys solving hard problems and the red teamer perspective, and how he was able to translate those into a career. For those interested in cybersecurity, Matt advises opportunities for self-directed learning including heading down to your basement and building your own lab. Our thanks to Matt for sharing his story with us. 
7/5/20207 minutes, 48 seconds
Episode Artwork

Extending security tools to the at home workforce during the pandemic. [Research Saturday]

In this episode of CyberWire-X, Rick Howard, the CyberWire’s Chief Analyst, interviews security thought leaders on the strategy and tactics to extend the security controls we’ve typically used to protect our handful of remote employees in the past to today, during the pandemic, that requires us to deploy flexible but equivalent controls at scale to everybody in the organization. Joining us is Bob Turner, CISO of the University of Wisconsin at Madison. Later in the program, we will hear from Mounir Hahad, the head of Threat Labs, and Mike Spanbauer, a security evangelist, at Juniper Networks, the sponsor of the show. Thanks to our sponsor, Juniper Networks. 
5/31/202029 minutes, 22 seconds
Episode Artwork

Complementary colors: teaming tactics in cybersecurity. [Research Saturday]

We often hear cybersecurity professionals talking about red teams, blue teams, and purple teams. In this episode of CyberWire-X, we investigate what those terms mean, how security teaming approaches have changed over time, and the value of teaming for organizations large and small. Join us for a lively conversation with our experts Austin Scott from Dragos, and Caleb Barlow, from Cynergistek in part one. In part 2, we’ll also hear from Dan DeCloss from Plextrac, the sponsor of today’s episode. 
4/19/202027 minutes, 27 seconds
Episode Artwork

Case studies in risk and regulation. [CyberWire-X]

In the final episode of our four-part series, called “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace,” we examine some of the game changing high profile breaches like Yahoo, Equifax and OPM, along with their impacts and lessons learned. Our guest is Dr. Christopher Pierson, CEO and founder of BlackCloak. Later in the program we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto. They're the sponsors of this show.
1/30/201932 minutes, 12 seconds
Episode Artwork

Risk and regulation in the financial sector. [CyberWire-X]

In the third episode of our four-part series, called “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace,” we take at risk and regulation in the financial sector, specifically how it intersects with cyber security. How do organizations operate in a heavily regulated global financial environment, while protecting their employees, their customers, and the integrity of a system largely built on trust? Joining us are Valerie Abend from Accenture and Josh Magri from the Bank Policy Institute. Later in the program we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto. They're the sponsors of this show.
12/21/201829 minutes, 8 seconds
Episode Artwork

Settling in with GDPR. [CyberWire-X]

In the second episode of our new, four-part series, called “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace,” we take a look at the impact GDPR has had since it's implementation in May 2018. Joining us are Emily Mossburg from Deloitte, Caleb Barlow from IBM and Steve Durbin from ISF. Later in the program we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto. They're the sponsors of this show.
12/3/201829 minutes, 54 seconds
Episode Artwork

Regulation in the U.S. [CyberWire-X}

In this premier episode of our new, four-part series, called “Ground Truth or Consequences: the challenges and opportunities of regulation in cyberspace,” we take a closer look at cyber security regulation in the U.S.  Joining us are Dr. Christopher Pierson from BlackCloak and Randy Sabett from Cooley LLC.  Later in the program we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto. They're the sponsors of this show.
11/13/201828 minutes, 17 seconds