CyberWire Daily

• The rise of AI-driven cyber offense.

  The Pentagon is spending millions on AI hacking. The New York Times investigates illicit crypto funds. Researchers uncover widespread remote code execution flaws in AI inference engines. Police in India arrest CCTV hackers. Payroll Pirates use Google Ads to steal credentials and redirect salaries. A  large-scale brand impersonation campaign delivers Gh0st RAT to Chinese-speaking users.A bitcoin mining company CEO gets scammed. Monday biz brief. On our Industry Voices segment with our Knowledge Partner SpecterOps, Chief Technology Officer Jared Atkinson is discussing Attack Path Management: Identities in Transit. Bitcoin big wigs learn to bite through plastic. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment with our Knowledge Partner SpecterOps, Chief Technology Officer Jared Atkinson is discussing Attack Path Management: Identities in Transit. Hear more from Jared here. Cyber Things podcast Something strange has landed in all the cool podcast apps… Cyber Things is a new three-part series from Armis that decodes real-world cyber threats through the lens of a certain Hawkins-based sci-fi phenomenon. Just in time for the show’s final season, Rebecca Cradick leads us through a world where fiction meets cybersecurity. Because sometimes the scariest villains aren’t in the Upside Down — they’re online. You can check out Cyber Things on your favorite podcast app and on our website. On the site, you will find the trailer and Episode 1: The Unseen World available today! Selected Reading The Pentagon Is Spending Millions On AI Hacking From Startup Twenty (Forbes) The Crypto Industry’s $28 Billion in ‘Dirty Money’ (The New York Times) The Coin Laundry, a global cryptocurrency investigation (International Consortium of Investigative Journalism) "ShadowMQ" exploit pattern reported in major AI frameworks, enables remote code execution (Beyond Machines) Gujarat: Hackers steal maternity ward CCTV videos in India cybercrime racket (BBC News) Payroll Pirates: One Network, Hundreds of Targets (Check Point) Digital Doppelgangers: Anatomy of Evolving Impersonation Campaigns Distributing Gh0st RAT (Unit 42, Palo Alto Networks) Inside a Wild Bitcoin Heist: Five-Star Hotels, Cash-Stuffed Envelopes, and Vanishing Funds (WIRED) UK prosecutors seize £4.11M in crypto from Twitter mega-hack culprit (The Register) Tenzai emerges from stealth with $75 million in seed funding led by Greylock Partners.  (N2K Pro) How to Not Get Kidnapped for Your Bitcoin (The New York Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  35:23

  --------

  35:23
• Chenxi Wang: Overcoming the obstacle of fear. [Venture Capital] [Career Notes]

  Please enjoy this encore of Career Notes. Founder and general partner of Rain Capital, Chenxi shares her story and how she conquered and got over the obstacle of fear to reach her goals in life. " I realized a lot of times my obstacle is my own fear rather than a real obstacle" Wang states, she also shares her story of breaking glass ceilings as a female founder and working in the field of cybersecurity. She hopes to be remembered for being a kind person and developing her own venture fund, as she shares her story to the top, she states what she does and how she got to be where she is today. We thank Chenxi for sharing her story. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  9:52

  --------

  9:52
• When clicks turn criminal. [Research Saturday]

  Dr. Renée Burton, Vice President of Threat Intelligence from Infoblox, is sharing the team's work on "Deniability by Design: DNS-Driven Insights into a Malicious Ad Network." Infoblox returns with new threat actor research uncovering Vane Viper, a Cyprus-based holding company behind PropellerAds—one of the world’s largest advertising networks. The report reveals that Vane Viper isn’t just being exploited by criminals but operates as a criminal infrastructure itself, built to profit from fraud, malware, and disinformation through offshore entities and complex ownership structures. The findings highlight the growing convergence between adtech, cybercrime, and state-linked influence operations, suggesting that elements of the global digital advertising ecosystem are now functioning as infrastructure for large-scale cyber and disinformation campaigns. The research can be found here: Deniability by Design: DNS-Driven Insights intoa Malicious Ad Network Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  24:25

  --------

  24:25
• Operation spyGPT.

  Anthropic reports China-linked hackers used Claude AI in an automated espionage campaign. Google reconsiders its upcoming “Developer Verification” policy for Android. AT&T customers affected by two data breaches in 2024 can now file claims. Nearly 10,000 Washington Post employees were affected by a data breach. ASUS and Imunify360 patch critical flaws. DoorDash discloses a data breach. Checkout.com donates the ransom to researchers. Kraken ransomware benchmarks systems before encryption. Mike Arrowsmith, Chief Trust Officer of NinjaOne, shares his thoughts on how cyber may be heading for its California fire insurance moment. AI ChatBot toys behave badly.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Mike Arrowsmith, Chief Trust Officer of NinjaOne, is sharing his thoughts on how cyber insurance is heading for its California fire insurance moment. Selected Reading Anthropic Says Chinese Hackers Used Its A.I. in Online Attack (The New York Times) Researchers question Anthropic claim that AI-assisted attack was 90% autonomous (Ars Technica) Google backpedals on new Android developer registration rules (Bleeping Computer) AT&T data breach settlement to pay thousands to claimants. Who is eligible, how to apply (El Paso Times) Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack (SecurityWeek) ASUS warns of critical auth bypass flaw in DSL series routers (Bleeping Computer) Imunify360 Vulnerability Could Expose Millions of Sites to Hacking (SecurityWeek) DoorDash hit by new data breach in October exposing user information (Bleeping Computer) Protecting our Merchants: Standing up to Extortion (Checkout.com) Kraken ransomware benchmarks systems for optimal encryption choice (Bleeping Computer) AI-Powered Toys Caught Telling 5-Year-Olds How to Find Knives and Start Fires With Matches (Futurism) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  30:01

  --------

  30:01
• 404: Cybercrime not found.

  Operation Endgame expands global takedowns. The U.S. is creating a Scam Center Strike Force. Microsoft rolls out its delayed “Prevent screen capture” feature for Teams. Proton Pass patches a clickjacking flaw. Researchers uncover previously undisclosed zero-day flaws in both Citrix and Cisco Identity Services Engine. Android-based digital picture frames contain multiple critical vulnerabilities. Lumma Stealer rebounds after last month’s doxxing campaign. Our guest is Garrett Hoffman, Senior Manager of Cloud Security Engineering from Adobe, talking about achieving cloud security at scale. X marks the spot… where your passkey stops working.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Garrett Hoffman, Senior Manager of Cloud Security Engineering from Adobe, talking about achieving cloud security at scale. You can hear the full conversation with Garrett here. Selected Reading End of the game for cybercrime infrastructure: 1025 servers taken down - Operation Endgame’s latest phase targeted the infostealer Rhadamanthys, Remote Access Trojan VenomRAT, and the botnet Elysium (Europol) US announces ‘strike force’ to counter Southeast Asian cyber scams, sanctions Myanmar armed group (The Record) Microsoft rolls out screen capture prevention for Teams users (Bleeping Computer) Proton Pass patches DOM-based clickjacking zero-day vulnerability (Cyberinsider) Amazon discovers APT exploiting Cisco and Citrix zero-days (AWS Security Blog) CISA warns feds to fully patch actively exploited Cisco flaws (Bleeping Computer) Popular Android-based photo frames download malware on boot (Bleeping Computer) Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics (Trend Micro) Elon Musk's X botched its security key switchover, locking users out (TechCrunch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

  --------  

  29:15

  --------

  29:15

Weitere Nachrichten Podcasts

Trending Nachrichten Podcasts

Über CyberWire Daily

CyberWire Daily: Zugehörige Podcasts