Podcasts about cisa

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive for federal agencies to update their F5 products following a significant breach where hackers accessed source code and undisclosed vulnerabilities. This incident, discovered in August, poses a serious risk to federal networks, as the threat actor could exploit these vulnerabilities to gain unauthorized access and exfiltrate sensitive data. Agencies are required to apply the latest updates by October 22nd and report their F5 deployments by October 29th, highlighting the urgency of addressing these security concerns.In a related development, the National Institute of Standards and Technology (NIST) is encouraging federal agencies to take calculated risks with artificial intelligence (AI) under new federal guidance. Martin Stanley, an AI and cybersecurity researcher, emphasized the importance of risk management in AI deployment, particularly in comparison to more established sectors like financial services. As agencies adapt to this guidance, they must identify high-impact AI applications that require thorough risk management to ensure both innovation and safety.A report from Cork Protection underscores the need for small and medium-sized businesses (SMBs) to adopt a security-first approach in light of evolving cyber threats. Many SMBs remain complacent, mistakenly believing they are not targets for cybercriminals. The report warns that this mindset, combined with the rising financial risks associated with breaches, necessitates a shift towards a security-centric operational model. The cybersecurity services market is projected to grow significantly, presenting opportunities for IT service providers that prioritize security.Apple has announced a substantial increase in its bug bounty program, now offering up to $5 million for critical vulnerabilities. This move reflects the growing importance of addressing security challenges within its ecosystem, which includes over 2.35 billion active devices. The company has previously awarded millions to security researchers, emphasizing its commitment to user privacy and security. As the landscape of cybersecurity evolves, managed service providers (MSPs) are urged to tighten vendor monitoring, incorporate AI risk assessments, and focus on continuous assurance to meet the increasing demands for security. Three things to know today00:00 Cybersecurity Crossroads: F5 Breach, AI Risk, and Apple's $5M Bug Bounty Signal Security Accountability06:44 Nearly a Third of MSPs Admit to Preventable Microsoft 365 Data Loss, Syncro Survey Finds09:22 AI Reality Check: Workers' Overconfidence, Cheaper Models, and Microsoft's Scientific Breakthrough Signal Maturity in the Market This is the Business of Tech.     Supported by:  https://mailprotector.com/mspradio/ 

  Implementing Zero Trust in a complex federal environment includes protecting data. To reach this goal, CISA has updated its recommendations for Continuous Diagnostics and Mitigation program called the Data Model Document (DMD). It provides the audience with a mechanism to focus on the most recent relevant changes without having to review the document in its entirety.   Today, we sat down with three experts to unpack some of the expanded concepts.   The first challenge is understanding the variety of systems. For example,  Daniel Ane from the TSA shared that they had to report data from eighty different systems. The only time efficient way to collect this varying data is with specific tools.   There is also a matter of control. Mark Hadley from the PNL shares that much critical infrastructure is  owned by the private sector, which can limit what kind of data can be collected.   Finally, Brian Meyer from Axonius makes a practical observation. Let us say you have a set of tools that accomplish the job of accurate data collection. If one gets updated, it can throw the entire compliance process out the window.   It seems obvious that adhering to the strictures of the Data Model Management recommendations will assist in a move to Zero Trust, but administering DMD needs guidance and a data strategy that is practical.    

Starting next year, the Army will be able to domestically mass-produce upwards of 10,000 small unmanned aerial systems each month, according to the service. Army Materiel Command is leading a new pilot program dubbed “SkyFoundry” that will allow the service to rapidly develop, test and produce small drones using innovative manufacturing methods. Officials are currently identifying multiple facilities where the platforms will be designed and produced. The department expects it can manufacture at least 10,000 UAS per month once the first site is up and running, Army Vice Chief of Staff Gen. James Mingus said Tuesday. He said during a fireside chat at the annual AUSA conference: “We'll be at 10,000 a month by this time next year, if not more.” The effort comes as the Pentagon looks to ramp up production of small drones across the services following Secretary of Defense Pete Hegseth's “Unleashing U.S. Military Drone Dominance” directive, issued in July. The memo requires low-cost, attritable drones to be fielded to every Army squad by the end of 2026 and calls on the military to partner closely with domestic industry to scale up manufacturing. Rep. Eric Swalwell, D-Calif., sent a letter Tuesday to acting CISA Director Madhu Gottumukkala raising concerns about staffing levels and the direction of the nation's primary cybersecurity agency, writing that the “Trump Administration has undertaken multiple efforts to decimate CISA's workforce, undermining our nation's cybersecurity.” Swalwell, the ranking member on the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, called out the agency for its reported shift of cybersecurity personnel to the Department of Homeland Security's deportation efforts, on top of the approximately 760 people that have been let go from the agency since January. Swallwell wrote: “Amid reports that the Department of Homeland Security is now forcibly transferring CISA's cybersecurity employees to other DHS components, it has become apparent that the Department's exclusive focus on its mass deportation campaign is coming at the expense of our national security,” calling it “further evidence of the Administration's failure to prioritize cybersecurity” how CISA is engaging in Reductions in Force that could threaten its capacity to prevent and respond to cybersecurity threats. In the letter, he demanded that DHS cease all efforts to cut CISA's workforce, reinstate employees who were transferred or dismissed, and provide details on the impacts of the agency's workforce reductions. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

Fortra confirms an exploitation of the maximum-severity GoAnywhere flaw. Harvard investigates a claim of a breach. Banking Trojan targets Brazilian WhatsApp users. Reduction-in-force hits CISA. SimonMed says 1.2 million hit by Medusa ransomware. Netherlands invokes the Goods Availability Act against a Chinese company. We have our Business Breakdown. On today's Industry Voices, we are joined by Mickey Bresman sharing insights on hybrid identity security. And, beware of the shuffler. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices, we are joined by Mickey Bresman, Semperis CEO, sharing insights on hybrid identity security and their HIP Conference. Mickey joined us as their 2025 Hybrid Identity Protection (HIP) Conference wrapped up.  If you want to hear the full conversation, you can tune in here. Selected Reading Fortra cops to exploitation of GoAnywhere file-transfer service defect (CyberScoop) Harvard Investigating Security Breach After Cybercrime Group Threatens To Release Stolen Data (The Crimson) WhatsApp Worm Targets Brazilian Banking Customers (Sophos News)  Government Shutdown Fallout: RIF Notices Hit CISA as Cyber Threats Rise (ClearanceJobs) SimonMed says 1.2 million patients impacted in January data breach (Bleeping Computer)  Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia (The Record) UK fines 4chan over noncompliance with Online Safety Act (The Record)   Synechron acquires RapDev, Calitii, and Waivgen. (N2K Pro Business Briefing)   Hackers Rig Casino Card-Shuffling Machines for ‘Full Control' Cheating (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Federal agencies' latest status updates on how they're using artificial intelligence reveal persistent barriers and variability on where agencies stand with ”high-impact” use cases. The release of the 2025 AI compliance plans offers one of the first in-depth glimpses at how federal agencies are addressing issues of AI risk management, technical capacity and workforce readiness under the second Trump administration. Those documents, which were required under the Trump administration's AI governance memo to agencies, were supposed to be released publicly by Sept. 30. As of publication time, FedScoop located roughly 20 plans and 14 strategies across 22 agencies. For nine of the roughly two dozen Chief Financial Officers Act agencies, FedScoop was unable to find either a plan or a strategy. The U.S. Department of Agriculture and the Nuclear Regulatory Commission, meanwhile, produced only strategies. FedScoop and DefenseScoop attempted to contact the CFO Act agencies that didn't produce both documents, but the agencies either didn't respond or didn't provide the documents. Two of those agencies, NASA and the Justice Department, noted the government shutdown in their responses, and both the DOJ and Department of Defense indicated they were working to post at a later date. Agencies were also required to submit AI strategies for the first time this year. Those documents contain some of the same information as the compliance documents, including plans to train the workforce, examples of use cases, and systems for governance. The compliance plans, meanwhile, which are in their second year, have changed only slightly from their previous iterations, with some agencies showing progress on their implementation of the technology and risk management practices. A top Senate Democrat introduced legislation Thursday to extend and rename an expired information-sharing law, and make it retroactive to cover the lapse that began Oct. 1. Michigan Sen. Gary Peters, the ranking member of the Homeland Security and Governmental Affairs Committee, introduced the Protecting America from Cyber Threats (PACT) Act, to replace the expired Cybersecurity and Information Sharing Act of 2015 (CISA 2015) that has provided liability protections for organizations that share cyber threat data with each other and the federal government. Industry groups and cyber professionals have called those protections vital, sometimes describing the 2015 law as the most successful cyber legislation ever passed. The 2015 law shares an acronym with the Cybersecurity and Infrastructure Security Agency, which some Republicans — including the chairman of Peters' panel, Rand Paul of Kentucky — have accused of engaging in social media censorship. As CISA 2015 has lapsed and Peters has tried to renew it, “some people think that's a reauthorization of the agency,” Peters told reporters Thursday in explaining the new bill name. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

Will Daugherty, US Head of Norton Rose Fulbright's Cybersecurity practice, discussing the upcoming expiration of CISA 2015. Ben discusses Apple's decision to remove the ICEBlock app after pressure from the White House. Dave's got the story of the Secretary of Defense dialing back cyber training fro troops. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to today's stories: ⁠⁠⁠⁠Apple removes ICE tracking apps after Trump administration says they threaten officers US Department of War reduces cybersecurity training, tells soldiers to focus on their mission ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ covers ⁠⁠⁠⁠⁠⁠⁠China's covert influence campaign in the Philippines, where a Beijing-funded marketing firm used fake social media accounts to amplify pro-China narratives, attack U.S. alliances, and spread disinformation. The operation aimed to sway public opinion, undermine democratic discourse, and shape the country's political landscape ahead of future elections. Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Senate Commerce Committee investigates the Cybersecurity and Infrastructure Security Agency for allegedly pressuring tech companies like Facebook to take down posts that were flagged as misinformation. Learn more about your ad choices. Visit podcastchoices.com/adchoices

¿Problemas de adicción al #alcohol, #drogas…? ☎️ 915 630 447 ¡LLAMANOS 24H! 🌐 https://bienestar.neurosalus.com/ Solicita ahora mismo información sobre tratamientos de desintoxicación, precios, disponibilidad de plazas… HA SIDO POSIBLE CREAR EL PROGRAMA “LA REUNIÓN SECRETA” GRACIAS A TU AYUDA COMO GUARDIÁN MECENAS. ***** HAZTE MECENAS EN https://www.patreon.com/lareunionsecreta Esta noche vive un nuevo directo de #LaReuniónSecreta​ desde la 22:00​ hora española. Te decimos lo que nadie dice: sin anestesia y sin edulcorantes. ¡La Reunión Secreta somos todos! No se lo digas a nadie… ¡PÁSALO! 🔁💪🤫 🎸 CARLITOS TÍNEZ https://www.youtube.com/channel/UC0eeuxpQ70z-Pe0rHhOq9Fg Conexiones en directo con: - Padre Custodio Ballester (Vicario en Badalona) - Gabriel Araújo (Secretario general de la Asociación Nacional de Tasadores y Peritos Judiciales Informáticos - ANTPJI. Perito en informática forense. Auditor de sistemas CISA. Hacker ético CEHv7) - 🎖️ Dr. Guillermo Rocafort (Doctor en Ciencias Económicas por la Universidad San Pablo. Profesor de Economía Pública y Economía de la Empresa en la Universidad Carlos III de Madrid. Profesor del Departamento de Derecho Económico y Social de la Universidad Pontificia Comillas. Abogado) - 🎖️ Profesor Dr. Ismael Santiago (Economista. Profesor doctor en Finanzas en la Universidad de Sevilla. Es fundador del proyecto AgoBlockchain y OlivaCoin. Es asesor internacional en procesos de Ofertas Iniciales de Moneda - ICO y en finanzas descentralizadas - DeFi. Experto en macroeconomía, ciclos económicos y criptoactivos) - Jorge Gómez (Exagente del CNI. Analista de inteligencia. Oficial de la armada especialista en submarinos) Con el equipo habitual de La Reunión Secreta: Dr. José Miguel Gaona, Joan Miquel MJ, Carlos Martínez, Lourdes Martínez, Marta Vim, Olga Ralló, Luna de María, Tatiana y Piluca. _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ SÍGUENOS EN REDES Twitter: https://twitter.com/lrsecreta Instagram: https://www.instagram.com/lareunionsecreta/ Facebook: https://www.facebook.com/LRsecreta REDES SOCIALES DEL EQUIPO | DR. JOSÉ MIGUEL GAONA | - https://twitter.com/doctorgaona | DIRECTOR | - Joan Miquel MJ - https://www.instagram.com/official_joan_miquel_mj/ | PRODUCTORA | - Lourdes Martínez - https://twitter.com/chicadelaradio | AYUDANTE DE DIRECCIÓN | - Olga Ralló - https://twitter.com/olgarallo | AYUDANTE DE PRODUCCIÓN | - Carlos Martínez - https://twitter.com/Carlitos_Tinez _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

On this week's episode of the Security Sprint, Andy is joined by the Cybersecurity Evangelist herself, Jennifer Walker as well as Sadie Anne Jones! Together they covered the following topics:Warm Open:• Tribal-ISAC Unveils Cybersecurity Report & Tribal-ISAC cybersecurity report delivers data, insights into risks• (TLP:CLEAR) WaterISAC Physical Security Advisory Committee: Insider Threat Management – Fact Sheet.• Colin Wood on Bluesky: “October isn't only cyber awareness month. It's also National Popcorn Poppin' Month, National Adopt a Shelter Dog Month and Eczema Awareness Month. There's something for everyone, really” It's also National Pizza Month!Main Topics:CISA: Cybersecurity Awareness Month - Building a Cyber Strong America. October is Cybersecurity Awareness Month! This year's theme is Building a Cyber Strong America, highlighting the need to strengthen the country's infrastructure against cyber threats, ensuring resilience and security. • Cybersecurity Awareness Month Toolkit• DHS and CISA Announce Cybersecurity Awareness Month 2025• Article: DHS, CISA kick off Cybersecurity Awareness Month 2025 to protect critical services, boost national resilienceCybersecurity Information Sharing Act of 2015 (CISA 2015): • CISA 2015 sunsets: Cyber Threat sharing without a net? • CISA Liability Protections Terminate - What Legal & InfoSec Need to Know Before Sharing Cyber Threat Information• Cyber Threat Information Sharing at Risk: What Companies Should Consider if the Cybersecurity Information Sharing Act of 2015 Is Not Renewed• Cyber defenders on edge amid shutdown furloughs, expired authorities• Information sharing under CISA 2015 in limbo after government shuts downQuick Hits:• Judge temporarily blocks use of National Guard in Portland• USNORTHCOM statement regarding protection of federal property and personnel in the Portland Area• Trump says US is in ‘armed conflict' with drug cartels after ordering strikes in the Caribbean• Venezuela says it detected 5 US ‘combat planes' flying 75km from its coast, calls it a ‘provocation'• Clop extortion emails claim theft of Oracle E-Business Suite data• Active exploitation of vulnerability affecting Oracle E-Business Suite• Oracle Security Alert Advisory - CVE-2025-61882• CISA and UK NCSC Release Joint Guidance for Securing OT Systems• Shutdown guts U.S. cybersecurity agency at perilous time• CISA to furlough 65% of staff if government shuts down this week• UK NPSA - Manchester Incident • Security boost for Irish Jews after Manchester synagogue attack• Global Exposure of 180,000 ICS/OT Devices Raises Safety Concerns

The Monday Microsegment for the week of October 6th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.Hackers hit Oracle customers with extortion emails.CISA's lights are still on, but most of its defenders are home on furlough.And Palo Alto login portals face a flood of suspicious scans.And Christer Swartz joins us for a "Boos and Bravos" segment. Head to The Zero Trust Hub: hub.illumio.comDownload The 2025 Global Cloud Detection and Response Report: https://www.illumio.com/resource-center/global-cloud-detection-and-response-report-2025 

A fast-spreading malware campaign is abusing WhatsApp as both lure and launchpad. Carmaker Renault suffers a data breach. DrayTek patches a critical router flaw. CISA alerts cover a range of vulnerabilities. A new phishing kit lowers the bar for convincing lures. A Catholic hospital network pays $7.6 million to settle data breach litigation. A major breach at FEMA exposes employee data. Google expands Gmail's end-to-end encryption (E2EE) capabilities. On our Industry Voices segment, we are joined by Brian Vecci, Field CTO at Varonis, discussing move fast but don't break things: Innovating at light speed without putting data at risk. The UK's digital ID is a solution in search of a mandate. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Brian Vecci, Field CTO at Varonis, discussing move fast but don't break things: Innovating at light speed without putting data at risk. You can listen to Brian's full conversation here. Selected Reading Threat Actors Leveraging WhatsApp Messages to Attack Windows Systems With SORVEPOTEL Malware (Cybersecurity News) Major car maker confirms customer data stolen in cyber attack (The Independent) Unauthenticated RCE Flaw Patched in DrayTek Routers  (SecurityWeek) Organizations Warned of Exploited Meteobridge Vulnerability (SecurityWeek) CISA Releases Two Industrial Control Systems Advisories (CISA.gov) New ‘point-and-click' phishing kit simplifies malicious attachment creation (SC Media) Hospital Chain to Pay $7.6M to Settle Breach Litigation (Bank Inforsecurity) FEMA cyber breach exposes employee data (SC Media) Gmail business users can now send encrypted emails to anyone (Bleeping Computer) UK government says digital ID won't be compulsory – honest (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Three Buddy Problem - Episode 66: We discuss drone sightings that shut down airports across Europe and what they reveal about hybrid warfare and the changing nature of conflict; Oracle ransomware/extortion campaign tied to unpatched E-Business Suite vulnerabilities and the company's muted response. Plus, the TikTok–Oracle deal and the strange role Oracle now plays in U.S. national security; OpenAI's Sora 2 launch and its implications for social media and human expression; Palo Alto's “Phantom Taurus” APT report, a follow-up on Cisco's ArcaneDoor disclosures, and the impact of the U.S. government shutdown on CISA. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Cybersecurity Today: Red Hat Breach, CLOP Targets Oracle, and CISA Cuts Critical Support In this episode of Cybersecurity Today, host Jim Love covers a recent breach of Red Hat's consulting GitLab server, highlighting concerns over exposed network maps and tokens. The CLOP extortion gang targets Oracle E-Business Suite clients, demanding ransom for sensitive data. Surveys show Canadian businesses are overconfident in their cyber defenses despite frequent attacks. Finally, CISA has ended a crucial cybersecurity support agreement, impacting state and local governments amidst a federal shutdown. Tune in for detailed analysis and urgent action items. 00:00 Red Hat GitLab Server Breach 02:21 CLOP Gang Targets Oracle E-Business Suite 04:29 Canadian Firms' Overconfidence in Cybersecurity 06:31 CISA Ends Critical Support Amid Shutdown 08:38 Conclusion and Upcoming Month in Review

Government shutdown furloughs most CISA staff Microsoft Defender bug triggers erroneous BIOS update alerts Motility RV software company suffers cyberattack Huge thanks to our sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adoption is accelerating this trend. What if you could continuously discover when people start using new apps or sharing data, then prompt them with security guidance right when and where they are working? At Nudge Security, we call that securing the Workforce Edge. Instead of trying to control everything (which, let's face it, is impossible), we give IT and security teams the visibility they need and automation to guide employees toward secure behaviors. The result? Your workforce stays productive, your data stays secure, and you can finally get some sleep at night. Learn more at nudgesecurity.com/workforceedge Find the stories behind the headlines at CISOseries.com.  

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Nick Espinosa, nationally syndicated host of The Deep Dive Radio Show, with guest Steve Zalewski, co-host, Defense in Depth Thanks to our show sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adoption is accelerating this trend. What if you could continuously discover when people start using new apps or sharing data, then prompt them with security guidance right when and where they are working? At Nudge Security, we call that securing the Workforce Edge. Instead of trying to control everything (which, let's face it, is impossible), we give IT and security teams the visibility they need and automation to guide employees toward secure behaviors. The result? Your workforce stays productive, your data stays secure, and you can finally get some sleep at night. Learn more at nudgesecurity.com/workforceedge All links and the video of this episode can be found on CISO Series.com  

CISA furloughs most of its workforce due to the government shutdown. The U.S. Air Force confirms it is investigating a SharePoint related breach. Google warns of a large-scale extortion campaign targeting executives. Researchers uncover Android spyware campaigns disguised as popular messaging apps. An extortion group claims to have breached Red Hat's private GitHub repositories. A software provider for recreational vehicle and power sport dealers suffers a ransomware breach. Patchwork APT deploys a new Powershell loader using scheduled tasks for persistence. A Tennessee Senator urges aggressive U.S. action to prepare for a post-quantum future. Cynthia Kaiser,  SVP of Halcyon's Ransomware Research Center and former Deputy Assistant Director at the FBI's Cyber Division, joins us with insights on the government shutdown. A Malaysian man pleads guilty to supporting a massive crypto fraud. Protected health info is not a marketing tool.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Cynthia Kaiser,  SVP of Halcyon's Ransomware Research Center and former Deputy Assistant Director at the FBI's Cyber Division, joins us with insights on the government shutdown. Selected Reading Shutdown guts U.S. cybersecurity agency at perilous time (CISA) Air Force admits SharePoint privacy issue; reports of breach (The Register) Google warns executives are being targeted for extortion with leaked Oracle data (IT Pro) Researchers uncover spyware targeting messaging app users in the UAE (The Record) Red Hat confirms security incident after hackers claim GitHub breach (Bleeping Computer) 766,000 Impacted by Data Breach at Dealership Software Provider Motility (Security Week) Patchwork APT: Leveraging PowerShell to Create Scheduled Tasks and Deploy Final Payload (GB Hackers) GOP senator confirms pending White House quantum push, touts legislative alternatives (CyberScoop) Bitcoin Fixer Convicted for Role in Money Laundering Scheme (Bank Infosecurity) Nursing Home Fined $182K for Posting Patient Photos Online  (Bank Infosecurity) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Chris and Hector kick off Cybersecurity Awareness Month with big news—Hector announces the launch of his new company, SafeHill. The guys dig into continuous threat exposure management, the dangers of malicious Chrome extensions, why ransomware claims are dropping, and how free tools from CISA can strengthen defenses. Join our new Patreon! ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

On this week's show Patrick Gray is on holiday so Amberleigh Jack and Adam Boileau hijack the studio to discuss the week's cybersecurity news, including: Hackers learn that trying to coerce a journalist just makes for … a great story? A man in his 40s gets arrested over the European airport chaos. Yep, we're surprised, too. Adam fanboys over Watchtowr Labs while bemoaning Fortra. Academics pick apart Tile trackers and find them lacking CISA tells agencies to patch their damn Cisco gear This episode is also available on YouTube. Show notes 'You'll never need to work again': Criminals offer reporter money to hack BBC Government to guarantee £1.5bn Jaguar Land Rover loan after cyber shutdown Feds Tie ‘Scattered Spider' Duo to $115M in Ransoms – Krebs on Security UK authorities arrest man in connection with cyberattack against aviation vendor | Cybersecurity Dive Chinese scammer pleads guilty after UK seizes nearly $7 billion in bitcoin Cyberattack on Japanese beer giant Asahi limits shipping, call center operations | The Record from Recorded Future News Afghanistan plunged into nationwide internet blackout, disrupting air travel, medical care | The Record from Recorded Future News Tile trackers are a stalker's dream, say Georgia Tech researchers Intel and AMD trusted enclaves, the backbone of network security, fall to physical attacks - Ars Technica Supermicro server motherboards can be infected with unremovable malware - Ars Technica China-linked hackers use ‘BRICKSTORM' backdoor to steal IP | The Record from Recorded Future News Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors Federal agencies given one day to patch exploited Cisco firewall bugs | The Record from Recorded Future News Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability Is This Bad? This Feels Bad. (Fortra GoAnywhere CVE-2025-10035) It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2

A Cybercrime group abuses routers to send SMS spam, CISA announces a new collaboration model for state governments, South Korea raises its cyber threat level after a data center fire, and Tile tracking devices expose their location. Show notes Risky Bulletin: Router APIs abused to send SMS spam waves

CISA issues an urgent warning about active exploitation of a critical vulnerability in the sudo utility. Broadcom patches two high-severity vulnerabilities in VMware NSX. South Korea raises its national cyber threat level after a datacenter fire. Formbricks patches a critical token validation flaw. Microsoft blocks a credential phishing campaign that made use of malicious SVG files. Landlords are accused of scraping sensitive payroll data. Cybercriminals lay the groundwork for large-scale FIFA fraud. Burnout takes a heavy toll on cybersecurity professionals. On our Threat Vector segment, host David Moulton⁠ is joined by⁠ Kyle Wilhoit⁠ talking about the evolution of hacker culture and cybersecurity. London police bag the biggest bitcoin bust. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On this Threat Vector segment, host David Moulton⁠ is joined by⁠ Kyle Wilhoit⁠ of Unit 42 talking about the evolution of hacker culture and cybersecurity. You can listen to the full conversation⁠ here⁠, and catch new episodes of Threat Vector each Thursday in your podcast app of choice. Selected Reading CISA Issues Alert on Active Exploitation of Linux and Unix Sudo Flaw (GB Hackers) Broadcom fixes high-severity VMware NSX bugs reported by NSA (Bleeping Computer) South Korea raises cyber threat level after huge data centre fire sparks hacking fears (The Guardian) JWT signature verification bypass enables account takeover in Formbricks (Beyond Machines) Microsoft Flags AI Phishing Attack Hiding in SVG Files (Hackread) Landlords Demand Tenants' Workplace Logins to Scrape Their Paystubs (404 Media) Playing Offside: How Threat Actors Are Warming Up for FIFA 2026 (Check Point Blog) Why burnout is a growing problem in cybersecurity (BBC) Chinese woman convicted after 'world's biggest' bitcoin seizure (BBC) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• TribalNet 2025: Cybersecurity Is Central to IT Modernization for Tribes • Cyberattacks remain big threat for tribes: survey • CISA to furlough 65% of staff if government shuts down this week• Cyber shutdown showdownMain Topics:Domestic Hostile Events:• Deadly attack on Michigan church leaves investigators searching for motive• Michigan church shooter was Marine veteran who White House official says "hated people of the Mormon faith"• Update from FBI Detroit on Shooting and Fire at a Michigan Church• Michigan church shooting suspect went on anti-LDS tirade, political candidate said• Armed man busted after plowing car through police barricade outside Michigan church day after deadly shooting, blaze• Iraq War veteran Thomas Sanford ID'd as gunman who attacked Grand Blanc LDS church, killing 4 and setting it ablaze• What we know about Michigan church shooter Thomas Sanford. Authorities have provided no motive for the attack.• Who is Michigan church attacker Thomas Jacob Sanford: Iraq war vet 'suffered from PTSD' and wore 'Make Liberals Cry Again' shirt• A List of Notable Shooting Attacks on Houses of Worship in the US in the Past 20 Years• Marine veteran in custody after 3 killed, at least 8 injured in shooting at a waterfront bar in North Carolina, officials say & Southport mass shooting: Suspect identified in gunfire from boat that killed 3, injured 8, officials say• Eagle Pass casino shooting: 2 killed, 5 hurt; suspect in custody, authorities say & Two dead, six hurt in shooting at Texas tribal casino; suspect in custodyRansomware• 'You'll never need to work again': Criminals offer reporter money to hack BBC• Co-op says cyber-attack cost it £206m in lost sales Quick Hits:• CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices• Threat Insights: Active Exploitation of Cisco ASA Zero Days • CISA - SonicWall Releases Advisory for Customers after Security Incident• Widespread Supply Chain Compromise Impacting npm Ecosystem• Russia dares NATO to shoot • New Kremlin-Linked Influence Campaign Targeting Moldovan Elections Draws 17 Million Views on X and Infects AI Models• Bot Networks Are Helping Drag Consumer Brands Into the Culture Wars• Outrage Cycle: Cracker Barrel and its CEO Targeted Amidst Logo Controversy• CISA Releases Advisory on Lessons Learned from an Incident Response Engagement• Helping OT Organizations to Establish Defensible Architecture and More Resilient Operations• Designating Antifa as a Domestic Terrorist Organization• Fact Sheet: President Donald J. Trump Designates Antifa as a Domestic Terrorist Organization• Ranking Member Thompson Statement on Trump Incorrectly Designating ‘Antifa' as a Domestic Terrorism Organization• DHS Issues Statement on Targeted Attack on Dallas ICE Facility3 people shot at Dallas ICE field office: ICE official • Trump Says He Is Ordering Troops to Portland, Escalating Domestic Use of Military• Trump Says He's Sending Troops To ‘War Ravaged' America City — Authorizes ‘Full Force'• Pentagon calls up 200 National Guard troops after Trump Portland announcement• Oregon leaders object to Trump's deployment of 200 National Guard troops in the state• Feds march into downtown Chicago; top border agent says people are arrested based on ‘how they look'• ICE tactics inflame tensions in New York, Chicago and other cities• Shane Tamura, gunman in shooting at NFL headquarters, had CTE: Medical examiner

In this episode of the podcast, Ryan Williams Sr. and Shannon Tynes discuss the latest cybersecurity news, including CISA's emergency directive regarding Cisco vulnerabilities, the rise of SIM farms threatening US infrastructure, and the alarming trend of cybercriminals targeting children's data for ransom. They emphasize the importance of cybersecurity awareness and the evolving landscape of cyber threats while also sharing personal updates and reflections on their experiences in the field. Article: CISA orders feds to patch Cisco flaws used in multiple agency hacks https://www.cybersecuritydive.com/news/cisa-emergency-directive-cisco-vulnerabilities-arcanedoor/761150/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExd2lleHdWb1RWbEFZTDBJeQEenjZcbYPfTEpDqYpskC1y_ATnQjy8Xs0O_lBm9CqOYVx3jY2IWAuVe19i1Rk_aem_QN5KLONSnHGtBgaVUXEsXw ‘SIM Farms' Are a Spam Plague. A Giant One in New York Threatened US Infrastructure, Feds Say https://www.wired.com/story/sim-farm-new-york-threatened-us-infrastructure-feds-say/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExd2lleHdWb1RWbEFZTDBJeQEenLyO6lHFipbOSiGb3VydzS5_tY3hL7Z4kXKi86wzH_Qcfc3tyl4x1uELPgk_aem_KHOxgSVa-qn4XeXt7xdiKQ Nursery hackers threaten to publish more children's profiles online https://www.bbc.com/news/articles/c07vxv8v89lo.amp?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExd2lleHdWb1RWbEFZTDBJeQEetWzL8TMJE9U0bVS7Uy0EJFnJXxX0Xf7BQRXxJw-U4fatP_ilEnBIKdE6tQc_aem_OaAnjTw17cUrAzhvv9ShRw Buy the guide: www.theothersideofthefirewall.com Please LISTEN

Converting Timestamps in .bash_history Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format. https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324 Cisco ASA/FRD Compromises Exploitation of the vulnerabilities Cisco patched last week may have bone back about a year. Cisco and CISA have released advisories with help identifying affected devices. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices Github Notification Phishing Github notifications are used to impersonate YCombinator and trick victims into installing a crypto drainer. https://www.bleepingcomputer.com/news/security/github-notifications-abused-to-impersonate-y-combinator-for-crypto-theft/

There’s an abundance of vulnerabilities in this week’s Network Break. We start with a red alert on a cluster of Cisco vulnerabilities in its firewall and threat defense products. On the news front, the vulnerability spotlight stays on Cisco as the US Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive to all federal... Read more »

There’s an abundance of vulnerabilities in this week’s Network Break. We start with a red alert on a cluster of Cisco vulnerabilities in its firewall and threat defense products. On the news front, the vulnerability spotlight stays on Cisco as the US Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive to all federal... Read more »

There’s an abundance of vulnerabilities in this week’s Network Break. We start with a red alert on a cluster of Cisco vulnerabilities in its firewall and threat defense products. On the news front, the vulnerability spotlight stays on Cisco as the US Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive to all federal... Read more »

The Monday Microsegment for the week of September 29th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.CISA orders an emergency patch after attackers weaponize Cisco firewall flaws.AI and malware are working hand-in-hand, but it's not actually romanticAnd a string of new breaches could ruin the friendship between customers and major brands.And Michael Adjei joins us for an "Ask the Expert" segment. Head to The Zero Trust Hub: hub.illumio.comRegister to attend The Illumio World Tour: https://www.illumio.com/illumio-world-tour 

The Cybersecurity and Infrastructure Security Agency is ordering federal civilian agencies to take immediate action against a widespread hacking campaign targeting Cisco firewalls. The emergency directive was issued last Thursday in response to zero day vulnerabilities that hackers have been exploiting for quite some time. Federal News Network's Anastasia. Obis is here with more details. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Three Buddy Problem - Episode 65: We zero in on one of the biggest security stories of the year: the discovery of a persistent multi-stage bootkit implanting malware on Cisco ASA firewalls. Details on a new campaign, tied to the same threat actors behind ArcaneDoor, exploiting zero-days in Cisco's 5500-X series appliances, devices that sit at the heart of government and enterprise networks worldwide. Plus, Cisco's controversial handling of these disclosures, CISA's emergency deadlines for patching, the absence of IOCs and samples, and China's long-term positioning. Plus, thoughts on the Secret Service SIM farm discovery in New York and evidence of Russians APTs Turla and Gamaredon collaborating to hit Ukraine targets. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

CISA gives federal agencies 24 hours to patch a critical Cisco firewall bug. Researchers uncover the first known malicious MCP server used in a supply chain attack. The New York SIM card threat may have been overblown. Microsoft tags a new variant of the XCSSET macOS malware. An exposed auto insurance claims database puts PII at risk. Amazon will pay $2.5 billion to settle dark pattern allegations. Researchers uncover North Korea's hybrid playbook of cybercrime and insider threats. An old Hikvision security camera vulnerability rears its ugly head. Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate joins Maria Varmazis, host of T-Minus Space Daily to discuss how his team is securing satellites and space systems from cyber threats. DOGE delivers dysfunction, disarray, and disappointment. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire Guest Dan Trujillo from the Air Force Research Laboratory's Space Vehicles Directorate joins Maria Varmazis, host of T-Minus Space Daily to discuss how his team is securing satellites and space systems from cyber threats and also shares advice for breaking into the fast-growing field of space cybersecurity Selected Reading Federal agencies given one day to patch exploited Cisco firewall bugs (The Record) First malicious MCP Server discovered, stealing data from AI-Powered email systems (Beyond Machines) Secret Service faces backlash over SIM farm bust as experts challenge threat claims (Metacurity) Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs (Bleeping Computer) Microsoft cuts off cloud services to Israeli military unit after report of storing Palestinians' phone calls (CNBC) Auto Insurance Platform Exposed Over 5 Million Records Including Documents Containing PII (Website Planet) Amazon pays $2.5 billion to settle Prime memberships lawsuit (Bleeping Computer) DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception (We Live Security) Critical 8 years old Hikvision Camera flaw actively exploited again (Beyond Machines) The Story of DOGE, as Told by Federal Workers (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Episode 233 discusses the newest tensions between AI and schools: teenagers using AI companions and alarming incidents tied to platforms like Character.ai that have drawn federal attention. Josh talks about his student MFA pilot using Clever, how onboarding works (and how MFA can be network-aware to reduce classroom friction), and using student-led help desks to test the rollout. The guys discuss a post from Jay on K12TechPro asking about IT leadership background (educators and non‑educators in K12 tech dept roles). The episode's guest is Peter Kaplan from Fortinet, an E‑Rate expert. He breaks down why E‑Rate matters, outlines the FCC's cybersecurity pilot (challenges with procurement, reporting, and evaluating success), and discusses gaps left by potential MS‑ISAC funding changes. He also highlights CISA's K12 resources and Fortinet's no‑cost cybersecurity awareness materials for schools. Our new Swag Store is OPEN - Buy some swag (tech dept gift boxes, shirts, hoodies...)!!! -------------------- NTP Managed Methods Arista VIZOR Fortinet -------------------- Join the K12TechPro Community (exclusively for K12 Tech professionals) Buy some swag (tech dept gift boxes, shirts, hoodies...)!!! Email us at k12techtalk@gmail.com OR our "professional" email addy is info@k12techtalkpodcast.com Call us at 314-329-0363 X @k12techtalkpod Facebook Visit our LinkedIn Music by Colt Ball Disclaimer: The views and work done by Josh, Chris, and Mark are solely their own and do not reflect the opinions or positions of sponsors or any respective employers or organizations associated with the guys. K12 Tech Talk itself does not endorse or validate the ideas, views, or statements expressed by Josh, Chris, and Mark's individual views and opinions are not representative of K12 Tech Talk. Furthermore, any references or mention of products, services, organizations, or individuals on K12 Tech Talk should not be considered as endorsements related to any employer or organization associated with the guys.

British authorities arrest a man in connection with the Collins Aerospace ransomware attack. CISA says attackers breached a U.S. federal civilian executive branch agency last year. Researchers uncover two high-severity vulnerabilities in Supermicro server motherboards. A Las Vegas casino operator confirms a cyber attack. Analysts track multiple large-scale, automated email phishing campaigns. Libraesva issues an emergency patch for its Email Security Gateway. Our guest is Jason Clark, Chief Strategy Officer (CSO) at Cyera, tackling the security threat of Agentic AI. Robocars get misdirected by mirrors.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Jason Clark, Chief Strategy Officer (CSO) at Cyera, discussing tackling the security industry's biggest threat: Agent AI. If you want to hear the full conversation from Jason, you can check it out here. Selected Reading UK police arrest man over hack that affected European airports (Reuters) AI tool helped recover £500m lost to fraud, government says (BBC) CISA says hackers breached federal agency using GeoServer exploit (Bleeping Computer) Supermicro server motherboards can be infected with unremovable malware (Ars Technica) Boyd Gaming Suffers Cyberattack, Data Breach (Casino.org) Email Threat Radar – September 2025 (Barracuda) Revamped Phishing Techniques: How Telegram and Front-End Hosting Platforms Scale Campaigns (Forescout) GitHub notifications abused to impersonate Y Combinator for crypto theft (Bleeping Computer) Libraesva ESG issues emergency fix for bug exploited by state hackers (Bleeping Computer) Fooling a self-driving car with mirrors on traffic cones (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

European airports restoring services after system breach CISA deals with GeoServer exploit App for outing Charlie Kirk's critics leaks personal data Huge thanks to our sponsor, Conveyor  Have you been personally victimized by a questionnaire this week? The queue never ends. But Conveyor can change that story. With AI that answers questionnaires of any format, and a trust center that handles document sharing, security reviews get done without the stress. Feel calm in the chaos with Conveyor. Learn more at www.conveyor.com.

CISA Reports Ivanti EPMM Exploit Sightings Two different organizations submitted backdoors to CISA, which are believed to have been installed using Ivanti vulnerabilities patched in May. https://www.cisa.gov/news-events/analysis-reports/ar25-261a Lastpass Observes Impersonation on GitHub Lastpass noted a number of companies being impersonated via fake GitHub repositories in order to trick victims to download Mac malware. https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages Oracle Scheduler Ransomware Ransomware has been discovered that gained access to systems via an exposed Oracle Database Scheduler service. https://labs.yarix.com/2025/09/elons-proxima-black-shadow-related-ransomware-attack-via-oracle-dbs-external-jobs/

???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Enter Dark John03:15 - Kerberoasting Goes to Washington – BHIS - Talkin' Bout [infosec] News 2025-09-1503:49 - Story # 1: Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”12:46 - Story # 2: How an Attacker's Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations32:42 - Story # 3: Some JLR suppliers ‘face bankruptcy' due to hack crisis41:30 - Story # 4: AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns46:07 - Story # 5: All your vulns are belong to us! CISA wants to maintain gov control of CVE program49:55 - Story # 6: Qantas penalizes executives for July cyberattack51:15 - Story # 7: America's second largest egg producer breached, claim hackers54:55 - Story # 8: Undocumented Radios Found in Solar-Powered Devices

OpenAI patches a ChatGPT flaw that could have exposed Gmail data. CISA documents malware exploiting two Ivanti Endpoint Manager Mobile (EPMM) flaws. WatchGuard patches a critical flaw in its Firebox firewalls. MI6 launches a dark web snitch site. The DoD looks to cut its cybersecurity job hiring time just 25 days. Researchers trick ChatGPT agents into solving CAPTCHAs. A UK teen faces accusations of being part of the Scattered Spider gang. The Senate confirms a new assistant secretary of defense for cyber policy. A former CIA officer is accused of selling classified information to private clients. Karin Ophir Zimet, Torq's Chief People Officer, is speaking with N2K Senior Workforce Analyst Will Markow about their internship program for upleveling AI skills. Russia's AI propaganda goes prime time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Karin Ophir Zimet, Torq's Chief People Officer, is speaking with N2K Senior Workforce Analyst Will Markow about their internship program for upleveling AI skills. Selected Reading OpenAI Fixed ChatGPT Security Flaw That Put Gmail Data at Risk (Bloomberg) CISA Analyzes Malware From Ivanti EPMM Intrusions (SecurityWeek) WatchGuard Issues Fix for 9.3-Rated Firebox Firewall Vulnerability (HackRead) MI6 upgrades dark web portal to recruit new spies (The Register) DOD official: We need to drop the cybersecurity talent hiring window to 25 days (CyberScoop) ChatGPT Tricked Into Solving CAPTCHAs (SecurityWeek) Scattered Spider teen cuffed after crypto splurge on games (The Register) Senate confirms Sutton as Pentagon cyber policy chief (The Record) Contractor Used Classified CIA Systems as ‘His Own Personal Google' (404 Media) Russian State TV Launches AI-Generated News Satire Show (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl, CISO, Michigan Medicine, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. All links and the video of this episode can be found on CISO Series.com

Chris and Hector call out Microsoft for “gross cybersecurity negligence,” explain Kerberoasting in plain English, and discuss CISA's CVE overhaul. Plus, hackers on the battlefield, and how U.S. tech helped build China's surveillance state. Join our new Patreon! ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

The Cybersecurity Information Sharing Act (CISA) of 2015 is set to expire at the end of this month on September 30, 2025. The Act removes barriers to companies sharing information about cyber threats, addressing privacy concerns and requires the federal government to share threat information. Many consider CISA one of the foundations of U.S. cybersecurity efforts.   As Congress considers whether or not to reauthorize CISA, former Deputy Assistant Director of the FBI cyber division, Cynthia Kaiser, joins David Aaron to discuss the importance of the legislation and highlight the risks of failing to reauthorize it. Show Note: “The Next Cyber Breach Will Not Wait: Why Congress Must Reauthorize CISA 2015” by Simin Kargar for Just Security  Just Security's CISA coverage Just Security's Cybersecurity coverage

Android moving to “risk-based” security updates CISA accused of Cyber Incentive mismanagement  How security practitioners use LLMs Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io.

FBI botnet disruption leaves cybercriminals scrambling to pick up the pieces. Notorious ransomware gangs announce their retirement, but don't hold your breath. Hacktivists leak data tied to China's Great Firewall. A new report says DHS mishandled a key program designed to retain cyber talent at CISA. GPUGate malware cleverly evades analysis. WhiteCobra targets developers with malicious extensions. North Korea's Kimsuky group uses AI to generate fake South Korean military IDs. My guest is Tim Starks from CyberScoop, discussing offensive cyber operations. A cyberattack leaves students hung out to dry. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined once again by Tim Starks from CyberScoop discussing offensive cyber operations. You can read Tim's article Google previews cyber ‘disruption unit' as U.S. government, industry weigh going heavier on offense for more background. Selected Reading The FBI Destroyed an Internet Weapon, but Criminals Picked Up the Pieces (Wall Street Journal) 15 ransomware gangs ‘go dark' to enjoy 'golden parachutes' (The Register) 600 GB of Alleged Great Firewall of China Data Published in Largest Leak Yet (HackRead) China Enforces 1-Hour Cybersecurity Incident Reporting (The Cyber Express) ​​DHS watchdog finds mismanagement in critical cyber talent program (FedScoop) GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe (Arctic Wolf) 'WhiteCobra' floods VSCode market with crypto-stealing extensions (Bleeping Computer) AI-Forged Military IDs Used in North Korean Phishing Attack (Infosecurity Magazine) Mitsubishi to acquire Nozomi Networks for nearly $1 billion. (N2K CyberWire Business Briefing)  Dutch students denied access to jailbroken laundry machines (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Department of Homeland Security failed to effectively implement a critical retention incentive program for cyber talent, according to a new report from the agency's inspector general, which found that federal funds meant for the Cybersecurity and Infrastructure Security Agency were used incorrectly. In 2015, the agency implemented the Cyber Incentive program. The goal, the inspector general said, was to provide extra incentives to employees that might otherwise leave the federal government. More than $100 million has been spent on the program in recent years. The program “was designed to help CISA retain mission-critical cybersecurity talent needed to execute its mission,” the report noted, and was meant to consider a series of qualifications to guide who received the retention benefit. The government hoped to keep in-demand technology experts in government. The watchdog wrote that “CISA's implementation of the program wasted taxpayer funds and invites the risk of attrition of cyber talent, thereby leaving CISA unable to adequately protect the Nation from cyber threats.” Instead of being targeted toward valuable talent likely to transition to the private sector, the payments were disbursed generally, with many ineligible employees receiving tens of thousands of dollars in payment. The Pentagon's chief information officer is undertaking yet another reform of the Defense Department's IT enterprise — this time focusing on streamlining its classified networks to enhance data sharing and interoperability. Katie Arrington, who is performing the duties of CIO, plans to introduce a new program dubbed “Mission Network-as-a-Service” that aims to reduce the number of disparate data fabrics used by combatant commands into a single, unified network. Speaking last week during the Billington Cybersecurity Summit, Arrington said the program will be key to realizing the department's vision for Combined Joint All-Domain Command and Control, or CJADC2. Broadly speaking, CJADC2 seeks to connect the U.S. military's sensors and weapons under a single network, enabling rapid data transfer between warfighting systems and domains. The Pentagon also wants to be able to quickly share relevant information with international partners and allies during conflicts, adding another layer of difficulty to realizing the construct. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

ShinyHunters hits Vietnam National Credit Information Center HybridPetya is a Petya/NotPetya copycat with UEFI Secure Boot bypass CISA seeks control over CVE Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. Find the stories behind the headlines at CISOseries.com.

Samsung patches a critical Android zero-day vulnerability. Microsoft resolves a global Exchange Online outage. CISA reaffirms its commitment to the CVE program. California passes a bill requiring web browsers to let users automatically send opt-out signals. Apple issues spyware attack warnings. The FTC opens an investigation into AI chatbots on how they protect children and teens. A hacker convicted of attempting to extort more than 20,000 psychotherapy patients is free on appeal. Our guest is Dave Lewis, Global Advisory CISO at 1Password, discussing how security leaders can protect M&A deal value and integrity. Schools face insider threats from students. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest is Dave Lewis, Global Advisory CISO at 1Password, discussing how security leaders can protect deal value and integrity.Selected Reading Samsung patches actively exploited zero-day reported by WhatsApp (Bleeping Computer) Microsoft fixes Exchange Online outage affecting users worldwide (Bleeping Computer) CISA looks to partners to shore up the future of the CVE Program (Help Net Security) California legislature passes bill forcing web browsers to let consumers automatically opt out of data sharing (The Record) Apple warns customers targeted in recent spyware attacks (Bleeping Computer) FTC to AI Companies: Tell Us How You Protect Teens and Kids Who Use AI Companions (CNET) Defence, Space and Cybersecurity. Why the General Assembly in Frascati matters (Decode39) DSEI Takeaways: Space and Cyber and the Invisible Front Line (Via Satellite)  Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal (The Record) Children hacking their own schools for 'fun', watchdog warns (BBC) - kicker Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — If I Were French04:35 - Anthropic 1.5 Billion © Settlement - BHIS - Talkin' Bout [infosec] News 2025-09-0805:48 - Hackers Threaten to Submit Artists' Data to AI Models If Art Site Doesn't Pay Up08:40 - Anthropic Agrees to Pay Authors at Least $1.5 Billion in AI Copyright Settlement23:58 - This Company Turns Dashcams into ‘Virtual CCTV Cameras.' Then Hackers Got In33:38 - Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps40:07 - Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack44:27 - npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack46:38 - Update on Mandiant Drift and Salesloft Application Investigations51:04 - M&S hackers claim to be behind Jaguar Land Rover cyber attack51:55 - New TP-Link zero-day surfaces as CISA warns other flaws are exploited54:52 - ChickenSec: US turns to Russia for chicken eggs for the first time in 32 years, despite sanctions to cripple its economy57:58 - Cybercriminals Exploit X's Grok AI to Bypass Ad Protections and Spread Malware to Millions

The open source community heads off a major npm supply chain attack. The Treasury Department sanctions cyber scam centers in Myanmar and Cambodia. Scammers abuse iCloud Calendar invites to send callback phishing emails. Researchers discover a new malware variant exploiting exposed Docker APIs. Phishing attacks abuse the Axios user agent and Microsoft's Direct Send feature. Plex warns users of a data breach.  Researchers flag a surge in scans targeting Cisco ASA devices. CISA delays finalizing its incident reporting rule. The GAO says federal cyber workforce figures are incomplete and unreliable. Our guest is Kevin Magee, Global Director of Cybersecurity Startups at Microsoft Security, discussing cybersecurity education going back to school. AI earns its own Darwin awards.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kevin Magee, Global Director of Cybersecurity Startups at Microsoft Security discussing cybersecurity education going back to school. Selected Reading Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack (Bleeping Computer) Open Source Community Thwarts Massive npm Supply Chain Attack (Infosecurity Magazine) US sanctions companies behind cyber scam centers in Cambodia, Myanmar (The Record) New Apple Warning, This iCloud Calendar Invite Is Actually An Attack (Forbes) New Docker Malware Strain Spotted Blocking Rivals on Exposed APIs (HackRead) Axios User Agent Helps Automate Phishing on “Unprecedented Scale” (Infosecurity Magazine) Plex Urges Password Resets Following Data Breach (SecurityWeek) Surge in networks scans targeting Cisco ASA devices raise concerns (Bleeping Computer) CISA pushes final cyber incident reporting rule to May 2026 (CyberScoop) US government lacks clarity into its infosec workforce (The Register) AI Darwin Awards launch to celebrate spectacularly bad deployments (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A cyberattack disrupts Bridgestone's manufacturing operations. CISA warns of critical vulnerabilities in products used across multiple sectors. Additional cybersecurity firms confirm data exposure in the recent Salesforce–Salesloft Drift attack. A configuration vulnerability in Sitecore products leads to remote code execution. HHS promises stricter enforcement of healthcare information access rules. Texas sues an education software provider over a December 2024 data breach. A federal jury orders Google to pay $425 million over improperly collected user data. Nations unite for global guidance on SBOMs. On our Industry Voices segment, we are joined by Aron Anderson, Enterprise Security Manager of Adobe, on embracing the journey to zero trust. Chess.com gets caught in a tricky gambit. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Industry Voices On our Industry Voices segment we are joined by  Aron Anderson, Enterprise Security Manager of Adobe, as he is talking about embracing the journey to zero trust. If you want to hear the full conversation from Aron, you can check it out here. Selected Reading Tire giant Bridgestone confirms cyberattack impacts manufacturing (Bleeping Computer) CISA issues ICS advisories on hardware flaws in Honeywell, Mitsubishi Electric, Delta Electronics, rail communication protocols (Industrial Cyber) More Cybersecurity Firms Hit by Salesforce-Salesloft Drift Breach (SecurityWeek) Unknown miscreants snooping around Sitecore via sample keys (The Register) HHS Says It's 'Cracking Down' on Health Information Blocking (BankInfo Security) Texas sues PowerSchool over breach exposing 62M students, 880k Texans (Bleeping Computer) Google hit with $425 million verdict in privacy class action suit (The Record) US and 14 Allies Release Joint Guidance on Software Bill of Materials (Infosecurity Magazine) Chess.com says 4,500 people had data stolen during June breach  (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Salt Typhoon marks China's most ambitious campaign yet. A major Google outage hit Southeastern Europe.  A critical zero-day flaw in FreePBX gets patched. Scattered Lapsus$ Hunters claim the Jaguar Land Rover hack. Researchers uncover a major evolution in the XWorm backdoor campaign. GhostRedirector is a new China-aligned threat actor. CISA adds a pair of TP-Link router flaws to its Known Exploited Vulnerabilities (KEV) catalog. The feds put a $10 million bounty on three Russian FSB officers. Experts warn sweeping cuts to ODNI could cripple U.S. cyber defense. Our guest is Rick Kaun, Global Director of Cybersecurity Services at Rockwell Automation, discussing IT/OT convergence in securing critical water and wastewater systems. Google says rumors of Gmail's breach are greatly exaggerated. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire Guest Today our guest is Rick Kaun, Global Director of Cybersecurity Services at Rockwell Automation, who is talking about "IT/OT Convergence for Critical Water & Wastewater Security." Selected Reading ‘Unrestrained' Chinese Cyberattackers May Have Stolen Data From Almost Every American (The New York Times) Google Down in Eastern Europe (UPDATED) (Novinite Sofia News Agency) Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers (SecurityWeek) M&S hackers claim to be behind Jaguar Land Rover cyber attack (BBC) XWorm's Evolving Infection Chain: From Predictable to Deceptive (Trellix) GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes (welivesecurity by ESET) CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited (The Cyber Security News)  US offers $10 million bounty for info on Russian FSB hackers (Bleeping Computer) Cutting Cyber Intelligence Undermines National Security (FDD) No, Google did not warn 2.5 billion Gmail users to reset passwords (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jaguar Land Rover suffers a major cyberattack. ICE gains access to a powerful spyware tool. Researchers find Fancy Bear snuffling around a new Outlook backdoor. Cloudflare and Palo Alto Networks confirm compromised Salesforce data. A researcher discovers an unsecured Navy Federal Credit Union (NFCU) server. A new ClickFix scam spreads MetaStealer malware. Specialty healthcare providers struggle to protect sensitive patient data.  CISA appoints a new Executive Assistant Director for Cybersecurity. On Afternoon Cyber Tea, Ann Johnson and Harvard's Amy Edmondson discuss how psychological safety helps cybersecurity teams speak up, spot risks, and learn from failure. Our guest today is Tim Starks from CyberScoop discussing China's reliance on domestic firms for hacking. Hackers threaten to feed stolen art to the machines. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Afternoon Cyber Tea On our Afternoon Cyber Tea segment, host Ann Johnson is joined by Amy Edmondson⁠, Harvard Business School professor and psychological safety pioneer. Together they discuss how creating psychologically safe environments allows teams, especially in high-pressure fields like cybersecurity, to speak up about early warnings, embrace the red, and learn from failure. You can listen to Ann and Amy's full conversation here and don't miss new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. CyberWire Guest Our guest today is Tim Starks from CyberScoop discussing Top FBI official says Chinese reliance on domestic firms for hacking is a weakness. Selected Reading Jaguar Land Rover Operations ‘Severely Disrupted' by Cyberattack (Security Week) Ice obtains access to Israeli-made spyware that can hack phones and encrypted apps (The Guardian) Russian APT28 Expands Arsenal with 'NotDoor' Outlook Backdoor (Infosecurity Magazine) Cloudflare and Palo Alto Networks Victimized in Salesloft Drift Breach (Infosecurity Magazine) Misconfigured Server Leaks 378GB of Navy Federal Credit Union Files (Hack Read) Fake AnyDesk Installer Spreads MetaStealer Through ClickFix Scam (Hack Read) Hacks on Specialty Health Entities Affect Nearly 900,000 (Bank Infosecurity) Python-based infostealer ‘Inf0s3c' combines stealth with broad data theft (SC Media) CISA Names Nicholas Andersen as Executive Assistant Director for Cybersecurity (The Cyber Express) Hackers Threaten to Submit Artists' Data to AI Models If Art Site Doesn't Pay Up (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices