CyberWire Daily

Rick Howard, N2K’s CSO and the CyberWire’s Chief Analyst, and Senior Fellow, interviews Andy Greenberg, Senior Writer at WIRED, regarding his new book, “Tracers in the Dark.”

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In the first episode of the series on cybersecurity workforce development, we dive into the complex world of cyber workforce management and planning, particularly as it pertains to the perspective of the enterprise. We explore the current state of the cybersecurity workforce, navigate various challenges in talent acquisition, and explore the nuances of job classifications, titles, compensation, and the dynamics of remote, onsite, and hybrid work environments.  Our experts further address talent development strategies like professional development, training, conferences, mentorship programs, communities of interest, and corporate cyber academies.  Finally, we touch upon the critical aspect of talent retention, an essential component in closing the cybersecurity talent gap. We hope you will join us on this journey. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Strategic Cyber Workforce Intelligence resources for your organization Cyber Talent Acquistion Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar

The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1) provides a set of building blocks for describing the Tasks, Knowledge, and Skills (TKS) that are needed to perform cybersecurity work by individuals or teams. Through these building blocks, the NICE Framework enables organizations to develop their workforces to perform cybersecurity work, and it helps learners to explore cybersecurity work and to engage in appropriate learning activities to develop their knowledge and skills. On this Special Edition podcast, N2K CyberWire's Dave Bittner is joined by the team at NIST and FIU's Jack D. Gordon Institute for Public Policy to delve into the history of the NICE Framework through its latest update and looking into the future. Brian Fonseca, Director at the Jack D. Gordon Institute for Public Policy, shares an introduction to the NICE Framework. Karen Wetzel, NICE Framework Manager, discusses the updates to the framework. Rodney Petersen, Director of NICE, talks about what these updates mean to cybersecurity education's future. Resources: NICE Framework Resource Center Getting Started with the NICE Framework 2024 NICE Conference and Expo: Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap Take advantage of the early bird pricing until March 19, 2024. Don’t miss out on this opportunity! Jack D. Gordon Institute for Public Policy at Florida International University (FIU) Veterans and First Responders Training Initiative Intelligence Fellowship And be sure to check out our live webinar: CISOs are the new Architects (of the Workforce) Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page.

In honor of Women's History Month, please enjoy this encore of Dr. Sasha Vanterpool's webinar. In this webinar, N2K Networks Cyber Workforce Consultant Dr. Sasha Vanterpool shares how to update job descriptions to better reflect cyber role expectations to improve hiring, training, and retention. To view the original webinar on demand, visit here.

Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, the cybersecurity workforce skills gap with N2K’s President, Simone Petrella regarding how security professionals might learn from the movie “Moneyball” about how to train their team in the aggregate about first principles.

Palo Alto Networks releases hotfixes for an exploited zero-day. Delinea issues an urgent update for a critical flaw. Giant Tiger data is leaked online. A European semiconductor manufacturer deals with a data breach. Roku suffers its second breach of the year. Operators of the Hive RAT face charges.  A former Amazon security engineer gets three years in prison for hacking cryptocurrency exchanges. Zambian officials arrest 77 in a scam call center crack down. Our guest Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division describes dual ransomware. And Rob Boyce, Managing Director at Accenture, shares his thoughts on security testing of generative AI. And selling Pokemon cheats leaves one man in Japan feeling like he had a run-in with a Scaldiburn. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we have two guests, Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division discussing dual ransomware. Followed by Rob Boyce, Managing Director at Accenture, sharing some thoughts on security testing of generative AI. Selected Reading Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge (SecurityWeek) A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (Help Net Security) Hacker claims Giant Tiger data breach, leaks 2.8M records online (Bleeping Computer) Press statement: Nexperia IT Breach (Nexperia) Roku issues warning over massive customer account breach (ITPro) Two People Arrested in Australia and US for Development and Sale of Hive RAT (SecurityWeek) Ex-Amazon engineer gets 3 years for hacking crypto exchanges (Bleeping Computer) Zambia arrests 77 people in swoop on "scam" call centre (Bitdefender) Japanese Police Arrest 36-Year-Old Man on Suspicion of Tampering With Pokémon Violet Save Data (IGN)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Tomer Peled, a Security & Vulnerability Researcher from Akamai is sharing their work on "What a Cluster: Local Volumes Vulnerability in Kubernetes." This research focuses on a high-severity vulnerability in Kubernetes, allowing for remote code execution with system privileges on all Windows endpoints within a Kubernetes cluster. The research states "The discovery of this vulnerability led to the discovery of two others that share the same root cause: insecure function call and lack of user input sanitization." The research can be found here: What a Cluster: Local Volumes Vulnerability in Kubernetes

Section 702 edges closer to a vote. CISA provides guidance on Sisense and Microsoft breaches. A major conservative think tank reports a breach. Obsolete D-Link devices are under active exploitation, and Palo Alto warns of a zero-day. Raspberry Robin grows more stealthy. A lastpass employee thwarts a deepfake phishing attempt. Are AI models growing more persuasive? Our guest Kevin Magee from Microsoft Canada joins us to talk about cross domain prompt injection and AI. Floppies keep the trains running on time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest and podcast partner Kevin Magee from Microsoft Canada joins us to talk about cross domain prompt injection and AI.  Selected Reading Compromise of Sisense Customer Data (CISA) ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System (CISA) US think tank Heritage Foundation hit by cyberattack (TechCrunch) Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars (SecurityWeek) Palo Alto Networks Warns About Critical Zero-Day in PAN-OS (Infosecurity Magazine) Hackers are using Windows script files to spread malware and swerve antivirus software ( ITPro) LastPass Employee Targeted With Deepfake Calls (SecurityWeek) Anthropic says its AI models are as persuasive as humans (Axios) 5.25-inch floppy disks expected to help run San Francisco trains until 2030 (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Apple warns targeted users of mercenary spyware attacks. CISA expands its Malware Next-Gen service to the private sector. US Cyber Command chronicles their “hunt forward” operations. Taxi fleets leak customer data. Trend Micro tracks DeuterBear malware. The BatBadBut vulnerability enables command injection on Windows. Cybercriminals manipulate GitHub's search functionality. Scully Spider may be utilizing AI generated Powershells scripts. A study from ISC2 shed’s light on salary disparities. On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights. And AI music sings the license.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. You can listen to the full conversation here.  Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights that is launching on Friday, April 12, 2024. You can read more about Cyber Talent Insights here. Selected Reading iPhone users in 92 countries received a spyware attack warning from Apple (Engadget) CISA to expand automated malware analysis system beyond government agencies (The Record) US Cyber Force Assisted Foreign Governments 22 Times in 2023 (SecurityWeek) Taxi software vendor exposes personal details of nearly 300K (The Register) Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear (Trend Micro) BatBadBut: You can't securely execute commands on Windows (Flatt) New Technique to Trick Developers Detected in an Open Source Supply Chain Attack (Checkmarx) Malicious PowerShell script pushing malware looks AI-written (Bleeping Computer) Women make less than men in US cyber jobs — but the gap is narrowing (CyberScoop) Permission is hereby granted (Suno)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

The House moves forward on Section 702 reauthorization. Ukraine suspends a top cybersecurity official. A Wisconsin health coop suffers a data breach. Sophos uncovers a malicious backdoor. Fortinet issues patches for critical and high severity vulnerabilities. A Microsoft server exposed employee passwords, keys, and credentials. LG releases patches to secure smart TVs. The IMF warns of cyberattacks potential to trigger bank runs. It was a busy patch Tuesday. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and how to avoid frustration when you get a practice question wrong. X marks the spot where Elon’s impulsiveness turns chaotic.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and discuss Domain 1, Security and Risk Management. They cover note-taking best practices and how to avoid getting frustrated when you get a practice question wrong. Selected Reading House sets up debate on Section 702 bill, along with votes on proposed changes (The Record) Ukrainian security service’s cyber chief suspended following media investigation (The Record) 530k Impacted by Data Breach at Wisconsin Healthcare Organization (SecurityWeek) Smoke and (screen) mirrors: A strange signed backdoor (Sophos News) Fortinet reports FortiClient critical flaw and issues in FortiOS and FortiProxy (Beyond Machines) Microsoft left internal passwords exposed in latest security blunder (The Verge) LG releases updates for vulnerabilities that could allow hackers to gain access to TVs (The Record) Extreme cyberattacks could cause bank runs, IMF warns (Silicon Republic) Johannes Ulrich's summary of MS patch Tuesday (SANS Internet Storm Center) X automatically changed 'Twitter' to 'X' in users' posts, breaking legit URLs (Mashable)  Example from X/Twitter story: https://wetdry.world/@seraph/112241754503585255 Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Change Healthcare gets hit with another ransom demand. A French football team warns fans of a cyberattack. The Home Depot breach is chalked up to a misconfigured SaaS application. The FCC looks to sure up car connectivity security to protect survivors of domestic violence. Targus reports a disruptive cyberattack. A massive doxxing event hits El Salvador. India's top audio and wearables brand investigates a customer data breach. The Israeli military jams GPS. Microsoft Security’s Ann Johnson, host of Afternoon Cyber Tea podcast, shares a segment of her latest episode featuring Jason Healey, founding scholar and director for cyber efforts at Columbia's School of International and Public Affairs. They discuss nurturing trust in cybersecurity. And, I’ll have a burger with a side of surveillance.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Microsoft Security’s Ann Johnson, host of Afternoon Cyber Tea podcast, shares a segment of her latest episode featuring Jason Healey, founding scholar and director for cyber efforts at Columbia's School of International and Public Affairs. They discuss nurturing trust in cybersecurity. You can listen to the full episode here. Selected Reading Change Healthcare breach data may be in hands of new ransomware group (SC Media) French football club PSG says ticketing system targeted by cyberattack (The Record) Misconfigured SaaS applications led to the Home Depot data breach, and experts say it’s no surprise (ITPro) FCC opens rulemaking to probe connected car stalking (The Record) Targus discloses cyberattack after hackers detected on file servers (Bleeping Computer) Hacker doxxes nearly every adult in El Salvador (Protos) Hit with massive data breach, boAt loses data of 7.5 million customers (Forbes) Israel’s Scrambled GPS Signals Turn Life Upside Down in Tel Aviv (Bloomberg) How fast food is becoming a new surveillance ground (Fast Company) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Might there be motion from Congress on data privacy legislation? Maryland passes a pair of privacy bills. A database allegedly from the EPA shows up on Russian cybercrime forums. HHS issues an alert for the Healthcare and Public Health sectors. CISA gears up for their Cyber Storm. A leading UK veterinary service provider suffers a cyber incident. A hardcoded backdoor is discovered in deprecated Network Attached Storage devices. NSA’s new cybersecurity director takes the reins. Guest Caleb Barlow, CEO of Cyberbit, shares his insights on the evolving role of the CISO. The bull market for Zero-days. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Caleb Barlow, CEO of Cyberbit, discussing how we need to think about the role and position of the CISO. Selected Reading A Breakthrough Online Privacy Proposal Hits Congress (WIRED) Maryland Passes 2 Major Privacy Bills, Despite Tech Industry Pushback (The New York Times) US Environmental Protection Agency Allegedly Hacked, 8.5M User Data Leaked (HACKREAD) U.S. Department of Health warns of attacks against IT help desks (Security Affairs) CISA’s ‘Cyber Storm’ will help it update National Cyber Incident Response Plan (Federal News Network) Veterinary Giant CVS Reveals Major Cyber-Attack (Infosecurity Magazine) Over 92,000 exposed D-Link NAS devices have a backdoor account (Bleeping Computer) NSA Appoints Dave Luber as Cybersecurity Director (SecurityWeek) Price of zero-day exploits rises as companies harden products against hackers (TechCrunch)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Noah Pack, a SANS Internet Storm Center Intern, sits down to discuss research on "What happens when you accidentally leak your AWS API keys?" This research is a guest diary from Noah and shares a project he worked on after seeing an online video of someone who created a python script that emailed colleges asking for free swag to be shipped to him. The research states "In this article, I will share some research, resources, and real-world data related to leaked AWS API keys." In this research, Noah shares what he learned while implementing his experiment. The research can be found here: What happens when you accidentally leak your AWS API keys? [Guest Diary]

Acuity downplays its recent breach. IcedID gives way to a new malware strain. Russia arrests alleged credit card thieves. Wiz uncovers security flaws in Hugging Face AI models. NERC and the E-ISAC review lessons learned from simulated attacks on the electrical grid. UK police track honey traps targeting MPs. Microsoft says China is actively trying to influence US elections. A major global lens maker suffers a cyber attack.  Guest Dick O'Brien from the Symantec Threat Hunter Team shares how ransomware operators adapt to disruption. And SEO under threat of legal action.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Dick O'Brien from Symantec Threat Hunter Team by Broadcom shares how ransomware operators adapt to disruption. Get more details in the blog: Ransomware: Attacks Continue to Rise as Operators Adapt to Disruption. Selected Reading Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info (SecurityWeek) New Latrodectus malware replaces IcedID in network breaches (bleepingcomputer) Magecart-style hackers charged by Russia in theft of 160,000 credit cards (The Record) Wiz Discovers Flaws in GenAI Models Enabling Customer Data Theft (Infosecurity Magazine) Lessons learned from electrical grid security exercise (nerc) British police investigating ‘honey trap’ WhatsApp messages sent to MPs (The Record) China is trying to influence US elections with AI, Microsoft claims (siliconrepublic) Lens Maker Hoya Scrambling to Restore Systems Following Cyberattack (SecurityWeek) A ‘Law Firm’ of AI Generated Lawyers Is Sending Fake Threats as an SEO Scam (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

The State Department investigates an alleged breach. The FCC looks at regulating connected vehicles. A big-tech consortium hopes to mitigate AI-related job losses. Google aims to thwart cookie-thieves. SurveyLama exposes sensitive info of over four millions users. Omni Hotels & Resorts is recovering from a cyberattack. A national cancer treatment center suffers a breach. How cyber is approached on both sides of the pond. In our Industry Voices segment , George Jones, CISO at Critical Start, discusses strategies for maximizing cybersecurity investments to achieve optimal risk reduction. Playing the identity theft long-game.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On Industry Voices, guest George Jones, CISO at Critical Start, joins us to share thoughts on the topic "Spend Smarter, Risk Less: Cybersecurity ROI Strategies for Security Leaders." George discusses strategies for maximizing cybersecurity investments to achieve optimal risk reduction.  Selected Reading Threat Actor Claims Classified Five Eyes Data Theft (Infosecurity Magazine) Automakers and FCC square off over potential regulations for connected cars (The Record) Big tech companies form new consortium to allay fears of AI job takeovers (TechCrunch) Amazon is cutting hundreds of jobs in its cloud computing unit AWS (NPR) Google Proposes Method for Stopping Multifactor Runaround (GovInfo Security) Google fixes two Pixel zero-day flaws exploited by forensics firms (Bleeping Computer) SurveyLama data breach exposes info of 4.4 million users (Bleeping Computer) Omni Hotels confirms cyberattack behind ongoing IT outage (Bleeping Computer) The US or the UK: Where Should You Get a Cybersecurity Job? (GovInfo Security) US Cancer Center Data Breach Impacting 800,000 (SecurityWeek) Iowa sysadmin pleads guilty to 33-year identity theft of former coworker (The Register)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

The Cyber Safety Review Board hands Microsoft a scathing report. Jackson County, Missouri declares a state of emergency following a ransomware attack. The concerning growth of Chinese brands in U.S. critical infrastructure. Malware campaigns make use of YouTube. OWASP issues a data breach warning. Trend Micro tracks LockBit’s faltering rebound. India’s government cloud service leaks personal data. ChatGPT jailbreaks spread on popular hacker forums. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and focus on the when and how of studying for Domain 1. And you can no longer just walk out of an Amazon grocery store.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and focus on the when and how of studying for Domain 1.  Resources for this session:  Effect of sunlight exposure on cognitive function among depressed and non-depressed participants: a REGARDS cross-sectional study Selected Reading Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack (AP News) Missouri county declares state of emergency amid suspected ransomware attack (Ars Technica) Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure (Industrial Cyber) YouTube channels found using pirated video games as bait for malware campaign (The Record) OWASP issues data breach alert after misconfigured server leaked member resumes (ITPro) Trend Micro: LockBit ransomware gang's comeback is failing (TechTarget) Indian government’s cloud spilled citizens’ personal data online for years (TechCrunch) ChatGPT jailbreak prompts proliferate on hacker forums (SC Media) Amazon Ditches 'Just Walk Out' Checkouts at Its Grocery Stores (Gizmodo)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Google agrees to delete billions of user records. NIST addresses the NVD backlog. India rescues hundreds of citizens from scam jobs in Cambodia. The UK and US agree to collaborate on AI safety. The FTC tracks an explosion in impersonation fraud. A PandaBuy breach exposes over 1.3 million customers. Prudential Financial informs over 36,000 customers of a data breach. A look at safeguarding sensitive data. Our guest is Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), with insights on identity security best practices. A dash of curiosity reveals a hotel chain vulnerability.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), sharing insights on identity security best practices, identity and access sprawl, and how Generative AI is helping and hurting identity management. The IDSA’s Identity Management Day 2024 is coming up on April 9, 2024. Selected Reading Google agreed to erase billions of browser records to settle a class action lawsuit (Security Affairs) Vulnerability database backlog due to increased volume, changes in 'support,' NIST says (The Record) India rescues 250 citizens enslaved by Cambodian cybercrime gang (Bleeping Computer) The US and UK are teaming up to test the safety of AI models (Engadget) Impersonation Scams Net Fraudsters $1.1bn in a Year ( Infosecurity Magazine) PandaBuy data breach allegedly impacted +1.3M customers (Security Affairs) Prudential Financial Data Breach Impacts 36,000 (SecurityWeek) How to bridge the gap between the IT and legal staffs to better combat insider risk (SC Media) IBIS hotel check-in terminal keypad-code leakage (Pentagrid AG) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

The xz backdoor sets the open source community back on its heels. AT&T resets passwords on millions of customer accounts. Researchers track a macOS infostealer. Poland investigates past internal use of Pegasus spyware. The latest Vultur banking trojan grows trickier than ever. We note the passing of a security legend. On our Solution Spotlight, N2K President Simone Petrella talks about “Bits, Bytes, and Loyalty: How to Improve Team Retention” with Yameen Huq of the Aspen Institute. A ghost ship trips Africa’s internet.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella talks about “Bits, Bytes, and Loyalty: How to Improve Team Retention” with Yameen Huq of the Aspen Institute. Selected Reading What we know about the xz Utils backdoor that almost infected the world (Ars Technica) AT&T resets account passcodes after millions of customer records leak online (TechCrunch) Info stealer attacks target macOS users (Security Affairs) Poland launches inquiry into previous government’s spyware use (The Guardian) Vultur banking malware for Android poses as McAfee Security app (Bleeping Computer) Ross Anderson, professor and famed author of ‘Security Engineering,’ passes away (The Record) A Ghost Ship’s Doomed Journey Through the Gate of Tears (WIRED)  Swapping scripts nightmare. (N2K) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Elad, a Senior Security Researcher from Cycode is sharing their research on "Cycode Discovers a Supply Chain Vulnerability in Bazel." This security flaw could let hackers inject harmful code, potentially affecting millions of projects and users, including Kubernetes, Angular, Uber, LinkedIn, Databricks, DropBox, Nvidia, Google, and many more. The research states "We reported the vulnerability to Google via its Vulnerability Reward Program, where they acknowledged our discovery and proceeded to address and fix the vulnerable components." Please take a moment to fill out an audience survey! Let us know how we are doing! The research can be found here: Cycode Discovers a Supply Chain Vulnerability in Bazel

The Pentagon unveils its cybersecurity roadmap. A major Massachusetts health insurer reveals a massive data breach. Hot Topic reports credential stuffing. Cisco warns of password spraying targeting VPNs. The FS-ISAC highlights the risk of generative AI to financial institutions. The FEC considers efforts to combat deceptive artificial intelligence. A look at Thread Hijacking attacks. Guests Linda Gray Martin and Britta Glade from RSA Conference join us to discuss what's new and what to look forward to at this year’s big show. Plus my conversation with Eric Goldstein, Executive Assistant Director for Cybersecurity at  CISA, with insights on their recent Notice of Proposed Rulemaking. And Baltimore’s tragic bridge collapse lays bare the degeneration of X-Twitter.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guests Linda Gray Martin, Senior Vice President for Operations, and Britta Glade, Vice President for Content and Curation, join us to discuss what's new and what to look forward to at RSA Conference 2024. This year’s theme is the Art of Possible.  Also joining us is Eric Goldstein, Executive Assistant Director for Cybersecurity at  CISA, sharing their CIRCIA Notice of Proposed Rulemaking. Selected Reading Pentagon lays out strategy to improve defense industrial base cybersecurity (The Record) Massachusetts Health Insurer Data Breach Impacts 2.8 Million (SecurityWeek) American fast-fashion firm Hot Topic hit by credential stuffing attacks (Security Affairs) Cisco Warns of Password Spraying Attacks Exploiting VPN Services (Cybersecurity News) AI abuse and misinformation campaigns threaten financial institutions (Help Net Security) Federal Elections Commission Considers Regulating AI (BankInfo Security) Thread Hijacking: Phishes That Prey on Your Curiosity (Krebs on Security) The slow death of X-Twitter is measured in disasters like the Baltimore bridge collapse (Vox) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.