Rick Howard, N2K’s CSO and the CyberWire’s Chief Analyst, and Senior Fellow, interviews Andy Greenberg, Senior Writer at WIRED, regarding his new book, “Tracers in the Dark.”

Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, the cybersecurity workforce skills gap with N2K’s President, Simone Petrella regarding how security professionals might learn from the movie “Moneyball” about how to train their team in the aggregate about first principles.

In the dynamic field of cybersecurity, it’s well established that creating more opportunities for diversity and inclusion is essential for developing a highly skilled workforce. As an industry, we are starting to see the fruits of that labor, but there is a growing need for diverse leadership to nurture continuous innovation and resilience in cybersecurity. As part of N2K’s 2023 Women in Cyber content series, we’re excited to host an engaging virtual panel discussion moderated by N2K's President Simone Petrella featuring insights, experiences, and strategies for advancing more women into leadership roles within the field. This virtual discussion explores different areas including: Navigating the Cybersecurity Landscape: Gain insights into our guests' career journeys, including mentors, challenges, and success, and how the evolving landscape may present different challenges and opportunities for women. Building a Supportive Ecosystem: Explore the importance of mentorship, allyship, and a strong network in propelling women into leadership, and how to create an environment where everyone can thrive. Closing the Gender Gap: Delve into actionable strategies and best practices for organizations to promote gender diversity in their cybersecurity leadership teams. The Future of Cybersecurity Leadership: Gain a forward-looking perspective on the evolving role of women in shaping the future of cybersecurity. This panel discussion is a must-listen event for professionals, leaders, and aspiring cybersecurity experts who are committed to promoting diversity and empowering women to excel in cybersecurity leadership. Don't miss the opportunity to be part of this inspiring conversation and drive positive change in the industry. Panelists: Abisoye Ajayi, Cyber & Analytics Manager at Tulsa Innovation Labs Koma Gandy, VP, Leadership & Business at Skillsoft Lauren Zabierek, Sr. Advisor at CISA

As we progress in this technological age, both cybersecurity and critical infrastructure continue to be at the forefront of prevention, protection, mitigation, and recovery conversation topics. From a frontline worker to the top of the C-Suite, security is something we all should be aware of and concerned about. The CyberCon event began in 2018 and provides an opportunity to learn more about cybersecurity and critical infrastructure as well as collaborate with fellow security professionals.  Dave Bittner recently spoke at CyberCon 2023 at Bismarck State College in North Dakota. While there, he had the opportunity to interview 4 members of the conference planning committee (all past or current chairs of the event) for a better understanding of the event, its focus on a mix of critical infrastructure and cybersecurity, and how the event has evolved over the years. Dave speaks with: Troy Walker, Director of Sales and Marketing at Dakota Carrier Network & 2023 conference chair, sharing the history of CyberCon its unique focus on critical infrastructure and cybersecurity. Tony Aukland, Technology Outreach Manager for the State of North Dakota IT & previous conference chair, giving us the truth about CyberCon and its origin story. Bill Heinzen, Information Security Team Lead at National Information Solutions Cooperative and previous event chair, talking about developing the cybersecurity candidate pool in North Dakota. John Nagel, CEO and Founder of CYBERNET SECURITY and past event chair, discussing sustainability of the CyberCon and its critical infrastructure focus.

In this extended interview, Simone Petrella sits down with Chris Krebs of the Krebs Stamos Group at the mWise 2023 Cybersecurity Conference to discuss threat intelligence .

In this extended interview, Dave Bittner sits down with Natasha Eastman from the Cybersecurity and Infrastructure Security Agency (CISA), Bill Newhouse from the National Institute of Standards and Technology (NIST), and Troy Lange from the National Security Agency (NSA) to discuss their their recent joint advisory on post-quantum readiness and how to prepare for post-quantum cryptography. You can find the joint advisory here: Quantum-Readiness: Migration to Post-Quantum Cryptography Quantum computing: A threat to asymmetric encryption.

Earlier this month, the White House released the National Cybersecurity Strategy, the first issued since 2018. The strategy refocuses roles, responsibilities, and resource allocations in the digital ecosystem, with a five pillar approach. Those pillars are: defending critical infrastructure, disrupting threat actors, shaping market forces to drive security and resilience, investing in a resilient future, and forging international partnerships. We wanted to delve into the strategy and its intended effects further, so Dave Bittner spoke with representatives from industry and inside government. Dave first speaks with Adam Isles, Principal and Head of Cybersecurity Practice at The Chertoff Group, sharing industry's take on the strategy. Following that conversation, Dave had a discussion with Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology at the National Security Council, for a look at the strategy from inside the White House. Links to resources: Point of View: 2023 National Cybersecurity Strategy The Chertoff Group's blog National Cybersecurity Strategy 2023 US GAO Snapshot: Cybersecurity: Launching and Implementing the National Cybersecurity Strategy

Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, sits down with Director of the National Cryptologic Museum, Dr. Vince Houghton. The National Cryptologic Museum is the NSA's affiliated museum sharing the nation's best cryptologic secrets with the public. In this special episode, Rick interviews Dr. Houghton from within the walls of the National Cryptologic Museum, discussing the new and improved museum along with the new exhibits they uncovered during the pandemic.

Earlier this month, the White House released the National Cybersecurity Strategy, the first issued since 2018. The strategy refocuses roles, responsibilities, and resource allocations in the digital ecosystem, with a five pillar approach. Those pillars are: defending critical infrastructure, disrupting threat actors, shaping market forces to drive security and resilience, investing in a resilient future, and forging international partnerships. We wanted to delve into the strategy and its intended effects further, so Dave Bittner spoke with representatives from industry and inside government. Dave first speaks with Adam Isles, Principal and Head of Cybersecurity Practice at The Chertoff Group, sharing industry's take on the strategy. Following that conversation, Dave had a discussion with Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology at the National Security Council, for a look at the strategy from inside the White House. Links to resources: Point of View: 2023 National Cybersecurity Strategy The Chertoff Group's blog National Cybersecurity Strategy 2023

CyberWire Daily podcast host Dave Bittner is joined by CyberWire editor John Petrik for an extended discussion about the Russian invasion of Ukraine and its effect on cybersecurity at the one year anniversary. John and his team have covered the Ukrainian conflict with daily news stories since the invasion began, and in fact, had quite a lot of coverage prior to the invasion. They take stock of where things stand, what has happened, and what we expected versus reality.

Dave Bittner had a conversation with Commander Brandon Campbell of US Navy Cyber Defense Operations Command and Captain Steve Correia, Commanding Officer of Naval Network Warfare Command. They discussed the Navy’s cybersecurity advances and how they have implemented them. Commander Brandon Campbell is the former Operations Director at Navy Cyber Defense Operations Command and Task Force 1020 where they protect, detect, and respond to global cyber threats against Navy networks. Captain J. Steve Correia is the Commanding Officer of Naval Network Warfare Command and the Commander of Task Force 1010 under the U.S. Navy’s Fleet Cyber Command where they execute tactical-level command and control to direct, operate, maintain and secure Navy communication and network systems.

Cybersecurity interview with ChatGPT. In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community. ChatGPT is a chatbot launched by OpenAI and built on top of OpenAI’s GPT-3 family of large language models. Cyber questions answered by ChatGPT in part one of the interview. What were the most significant cybersecurity incidents up through 2021? What leads you to characterize these specific events as significant? What were the specific technical vulnerabilities associated with these incidents? Who were the cyber actors involved in each of these attacks? Do you think it's valuable to attribute cyber attacks to specific actors?

At the 2022 Cyber Marketing Con, the CyberWire presented a CISO Q&A panel session on how to help cyber marketers reach CISOs and other security executives in the industry. The panel included Rick Howard, CSO of N2K Networks, Jaclyn Miller, Head of InfoSec and IT at DispatchHealth, Ted Wagner, CISO of SAP NS2, and was moderated by board director & and operating partner, Michelle Perry. Listen in as the panel discusses: What works and doesn’t work in getting a security executive’s attention. Message trust, message fatigue, and what you can do about it. Trusted information sources and how security executives use them. Positioning and messaging that is actually meaningful to decision makers. The security executive’s purchasing behavior and why skepticism is the driving force. Stay tuned until the end to hear us answer some additional bonus questions submitted by attendees.

Dana Behling, researcher from Carbon Black, sharing their work on "Hunting Vulnerable Kernel Drivers." The Carbon Black Threat Analysis Unit (TAU) discovered 34 unique vulnerable drivers, six of which allow kernel memory access, accepting firmware access. TAU reported the issues to the vendors whose drivers had valid signatures at the time of discovery, but only two vendors fixed the vulnerabilities. TAU is calling for more comprehensive approaches in the future than the current banned-list method used by Microsoft. The research states "By exploiting the vulnerable drivers, an attacker without the system privilege may erase/alter firmware, and/or elevate privileges." The research can be found here: Hunting Vulnerable Kernel Drivers

Legal action against Star Blizzard's FSB operators. A critical Bluetooth vulnerability has been discovered. How the GRU faked celebrity videos in its Doppelgänger campaign. The persistence of Log4j vulnerabilities. Lack of encryption as a contributor to data loss. Supply chain breaches plague the energy sector. Our guest is Allan Liska, creator of a new comic book featuring the adventures of Johnny Dollar, a hard-nosed cyber insurance investigator. And Russian activists make clever use of QR codes. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Allan Liska, creator of Green Archer Comics, shares the first installment in a new comic book series: "Yours Truly, Johnny Dollar #1." The series follows the adventures of Johnny Dollar, a hard-nosed cyber insurance investigator, as he takes on ransomware attacks, insider threats and more. The series is based on a popular radio serial of the same name that ran from 1949 through 1962, now reimagined for the digital age. Selected Reading Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns (CISA) The cyberattacks also allegedly took aim at U.S. energy networks and American spies. (Wall Street Journal) Russian Star Blizzard hackers linked to efforts to hamper war crimes investigation (The Guardian) U.S. Takes Action to Further Disrupt Russian Cyber Activities (US Department of State) Rewards for Justice (Rewards for Justice) Two Russian Nationals Working with Russia’s Federal Security Service Charged with Global Computer Intrusion Campaign (US Department of Justice) United States and the United Kingdom Sanction Members of Russian State Intelligence-Sponsored Advanced Persistent Threat Group (US Department of Treasury) Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover (DarkReading) Obfuscation and AI Content in the Russian Influence Network “Doppelgänger” Signals Evolving Tactics (Recorded Future) Russian influence and cyber operations adapt for long haul and exploit war fatigue (Microsoft) State of Log4j Vulnerabilities: How Much Did Log4Shell Change? (Veracode) ESG Report Operationalizing Encryption and Key Management (Fortanix) Russian opposition activists use QR codes to spread anti-Putin messages (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our 5 question survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Unpacking LogoFAIL's threat to Windows and Linux. The US DHS's new healthcare cybersecurity strategy, and dual Russian influence campaigns. A look at supply chain risks, increased bot activity in retail, Meta's end-to-end encryption in Messenger and Android's Autospill vulnerability. On today’s Industry Voices segment, we welcome Todd Thorsen, CISO from CrashPlan, with insights on data resiliency. And the discovery of an alleged software 'kill switch' in Polish trains. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today’s Industry Voices segment, we welcome Todd Thorsen, CISO from CrashPlan. Todd discusses data resiliency.  In an era where ransomware and malicious attacks are relentless, even the most secure organizations are not immune. These attacks can cripple organizations financially, operationally, and damage their reputation and compliance standing. My guest today is Todd Thorsen, CISO from CrashPlan. In this sponsored Industry Voices segment, we delve into crucial strategies for bolstering data resiliency. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/232 Selected Reading Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack (Ars Technica)  CISA, NSA, FBI and International Cybersecurity Authorities Publish Guide on The Case for Memory Safe Roadmaps (CISA)  The Case for Memory Safe Roadmaps (Joint release) HEALTHCARE  SECTOR CYBERSECURITY (US Department of Health and Human Services) HHS releases cybersecurity strategy for health care sector (American Hospital Association) Fake Taylor Swift Quotes Are Being Used to Spread Anti-Ukraine Propaganda (WIRED) Obfuscation and AI Content in the Russian Influence Network “Doppelgänger” Signals Evolving Tactics (Recorded Future) Britain summons Russian ambassador over years-long FSB cyberespionage campaign (Reuters) NCSC exposes Russian cyber attacks on UK political processes (ComputerWeekly) Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns (NCSC) Defending Democracy (NCSC) The State of Supply Chain Defense: Annual Global Insights Report (BlueVoyant) 2023 Holiday Bad Bot Report (Kasada) Facebook and Messenger to automatically encrypt messages (BBC) Your mobile password manager might be exposing your credentials (TechCrunch) Dieselgate, but for trains – some heavyweight hardware hacking (BadCyber) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Governments target push notification metadata. Dissecting the latest GRU cyber activities. A look at  Russia's AI-powered Doppelgänger influence campaigns, and how cyber warfare is evolving beyond the battlefield. We've got updates on the Adobe ColdFusion vulnerability, the expanding 23andMe data breach, and insights into the financial impacts of ransomware. Our guest is Camille Stewart Gloster, Deputy National Cyber Director for Technology & Ecosystem Security from the Office of the National Cyber Director at the White House. Plus, discover how the TSA is embracing AI for future security.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Camille Stewart Gloster, Deputy National Cyber Director, Technology & Ecosystem Security from the Office of the National Cyber Director at the White House. Camille shares her views on women in cybersecurity, their efforts in diversity, equity and inclusion and what she sees for the future. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/231 Selected Reading Governments spying on Apple, Google users through push notifications - US senator (Reuters)  Obfuscation and AI Content in the Russian Influence Network “Doppelgänger” Signals Evolving Tactics (Recorded Future) Russian AI-generated propaganda struggles to find an audience (CyberScoop) How cybersecurity teams should prepare for geopolitical crisis spillover (CSO) Russia’s Fancy Bear launches mass credential collection campaigns (CSO) The Dragos Community Defense Program Helps Secure Industrial Infrastructure for Small Utilities (Dragos) Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers (CISA) CVE-2023-26360 Detail (NIST) SEC on 23andMe breach (SEC)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

The UK Government's denial of a cyber incident at Sellafield. There’s been a surge in Iranian cyberattacks on US infrastructure. Misuse of Apple's lockdown mode, the mysterious AeroBlade's activities in aerospace, and a clever "Disney+" scam. Plus The latest application security trends, and a new cybersecurity futures study. In our Industry Voices segment, On today’s Industry Voices segment, we welcome Matt Radolec, Vice President of Incident Response and Cloud Operations at Varonis explaining the intersection of AI, cloud and insider threats. And insights on resilience from the UK's Deputy PM. CyberWire Guest On today’s Industry Voices segment, we welcome Matt Radolec. Matt is Vice President of Incident Response and Cloud Operations at Varonis. He talks about the  intersection of AI, cloud and insider threats. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/230 Selected Reading Sellafield nuclear site hacked by groups linked to Russia and China (The Guardian) Response to a news report on cyber security at Sellafield (GOV.UK) Guardian news article (Office of Nuclear Regulation) Ministers pressed by Labour over cyber-attack at Sellafield by foreign groups (The Guardian) US warns Iranian terrorist crew broke into 'multiple' US water facilities (The Register) Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks (The Record) AeroBlade on the Hunt Targeting the U.S. Aerospace Industry (Blackberry) Fake Lockdown Mode: A post-exploitation tampering technique (Jamf) Disney+ Impersonated in Elaborate Multi-Stage Email Attack with Personalized Attachments (Abnormal Security) Building Security in Maturity Model (BSIMM) report (Synopsis) Deputy Prime Minister annual Resilience Statement (GOV.UK)

The US and Israel attribute attacks on PLCs to Iran. Agent Raccoon backdoors organizations on three continents. XDSpy is reported to be phishing the Russian defense sector. Trends in digital banking fraud. Repojacking Go module repositories. Ann Johnson from Afternoon Cyber Tea speaks with Lynn Dohm, executive director of WiCyS, about the power of diverse perspectives. And when it comes to security, don't look to the stars. CyberWire Guest Guest is Ann Johnson from Afternoon Cyber Tea talking with Lynn Dohm, executive director of WiCyS, about the power of diverse perspectives. Tune in to Microsoft Security’s Afternoon Cyber Tea podcast every other Tuesday on the N2K Network. You can hear Ann’s full interview with Lynn here.  For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/229 Selected Reading IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities (CISA) Water and Wastewater Cybersecurity (CISA) P2Pinfect - New Variant Targets MIPS Devices (Cado) New Tool Set Found Used Against Organizations in the Middle East, Africa and the US (Palo Alto Networks Unit 42) XDSpy hackers attack military-industrial companies in Russia (The Record) Mobile Emulators Eclipse Bots in 2023 as Preferred Fraud Vector in North America (PR Newswire) Hijackable Go Module Repositories (VulnCheck)

Ryan from Bishop Fox joins to describe their work on "Building an Exploit for FortiGate Vulnerability CVE-2023-27997." After Lexfo published details of a pre-authentication remote code injection vulnerability in the Fortinet SSL VPN, Bishop Fox worked up a proof of concept demo. This research share how they were able to create that proof-of-concept exploit, step by step. The researchers state "Our debugging environment consisted of a FortiGate 7.2.4 virtual machine which we modified to disable some self-verification functionality. After bypassing these integrity checks, we were able to install an SSH server, BusyBox, and debugging tools such as GDB." The research can be found here: Building an Exploit for FortiGate Vulnerability CVE-2023-27997