The DOJ indicts four Iranian nationals on hacking charges. Legislation to ban or force the sale of TikTok heads to the President’s desk. A Russian hack group claims a cyberattack on an Indiana water treatment plant. A roundup of dark web data l

Visa crackdown against spyware swindlers.

1 day ago 31m 9s

The State Department puts visa restrictions on spyware developers. UnitedHealth says its recent breach could affect tens of millions of Americans. LockBit leaks data allegedly stolen from the DC government. Microsoft says APT28 has hatched a Go

Renewed surveillance sparks controversy.

3 days ago 35m 37s

Section 702 gets another two years. MITRE suffers a breach through an Ivanti VPN. CrushFTP urges customers to patch an actively exploited flaw. SafeBreach researchers disclose vulnerabilities in Windows Defender that allow remote file deletion

Bonus

Encore: Kiersten Todt: problem solving and building solutions. [Policy] [Career Notes]

4 days ago 5m 50s

Managing director of the Cyber Readiness Institute Kiersten Todt shares how she came to be in the cybersecurity industry helping to provide free tools and resources for small businesses through a nonprofit. She describes how her work on the Hil

Cloud Architect vs Detection Engineer: Mutual benefit. [CyberWire-X]

4 days ago 17m 32s

In this episode of CyberWire-X, N2K CyberWire’s Podcast host Dave Bittner is joined by Brian Davis, Principal Software Engineer, and Thomas Gardner, Senior Detection Engineer, both from Red Canary. They engage in a cloud architect vs. detection

Bonus

The art of information gathering. [Research Saturday]

5 days ago 31m 48s

Greg Lesnewich, senior threat researcher at Proofpoint, sits down to discuss "From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering." Since 2023, TA427 has directly solicited foreign policy experts for their opinions on n

Swift responses to cyberattacks.

6 days ago 25m 3s

Two swift responses to recent cyberattacks. Frontier Communications discloses cyberattack. Texas town repels water system cyberattack by unplugging. List of undesirables falls into the wrong hands. CryptoChameleon phishing kit impersonates Last

Cyber Talent Insights: Charting your path in cybersecurity. (Part 2 of 3) [Special Edition]

6 days ago 51m 25s

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape. In this

From phishing to felony.

7 days ago 28m 6s

A major Phishing-as-a-service operation gets taken down by international law enforcement. US election officials are warned of nation-state influence operations. The house votes to limit the feds’ purchase of citizens personal data. A Michigan h

The rebirth of Russia's cyber warfare.

8 days ago 27m 52s

A Russian hacker group boldly targets critical infrastructure. The Change Healthcare ransomware attack is projected to cost over a billion dollars. Three hundred bucks is the going rate for a SIM swap. PuTTY potentially reveals private keys. Ci

Weathering the phishing front.

9 days ago 31m 46s

Cisco Dou warns of a third-party MFA-related breach. MGM Resorts sues to stop an FTC breach investigation. Meanwhile the FTC dings another mental telehealth service provider. Open Source foundations call for caution after social engineering att

Hunting vulnerabilities.

10 days ago 28m 7s

Palo Alto Networks releases hotfixes for an exploited zero-day. Delinea issues an urgent update for a critical flaw. Giant Tiger data is leaked online. A European semiconductor manufacturer deals with a data breach. Roku suffers its second brea

AWS in Orbit: Extending the resilient edge to space. [T-Minus AWS in Orbit]

10 days ago 23m 42s

You can learn more about AWS in Orbit at space.n2k.com/aws.N2K Space is working with AWS to bring the AWS in Orbit podcast series to the 39th Space Symposium in Colorado Springs from April 8-11. Our guests today are Clint Crosier, Director

Bonus

Encore: Stu Sjouwerman: Trying for a win, win, win game. [CEO] [Career Notes]

11 days ago 4m 20s

Founder and CEO Stu Sjouwerman takes us on a journey of how his career developed from starting a software service company to currently focusing on the infosec side of the business where his team essentially helps to create human firewalls. Stu

AWS in Orbit: Building a resilient outernet. [T-Minus AWS in Orbit]

11 days ago 21m 12s

Bonus

Breaking down a high-severity vulnerability in Kubernetes. [Research Saturday]

12 days ago 11m 25s

Tomer Peled, a Security & Vulnerability Researcher from Akamai is sharing their work on "What a Cluster: Local Volumes Vulnerability in Kubernetes." This research focuses on a high-severity vulnerability in Kubernetes, allowing for remote code

Privacy, power, and the path forward.

13 days ago 25m 10s

Section 702 edges closer to a vote. CISA provides guidance on Sisense and Microsoft breaches. A major conservative think tank reports a breach. Obsolete D-Link devices are under active exploitation, and Palo Alto warns of a zero-day. Raspberry

Cyber Talent Insights: Navigating the landscape for enterprise organizations. (Part 1 of 3) [Special Edition]

13 days ago 43m 22s

Apple's worldwide warning on mercenary attacks.

14 days ago 37m 12s

Apple warns targeted users of mercenary spyware attacks. CISA expands its Malware Next-Gen service to the private sector. US Cyber Command chronicles their “hunt forward” operations. Taxi fleets leak customer data. Trend Micro tracks DeuterBear

From deadlock to debate on a revised Section 702 bill.

15 days ago 30m 27s

The House moves forward on Section 702 reauthorization. Ukraine suspends a top cybersecurity official. A Wisconsin health coop suffers a data breach. Sophos uncovers a malicious backdoor. Fortinet issues patches for critical and high severity v

Unraveling a healthcare ransomware web.

16 days ago 25m 28s

Change Healthcare gets hit with another ransom demand. A French football team warns fans of a cyberattack. The Home Depot breach is chalked up to a misconfigured SaaS application. The FCC looks to sure up car connectivity security to protect su

A possible breakthrough in data privacy legislation.

17 days ago 26m 59s

Might there be motion from Congress on data privacy legislation? Maryland passes a pair of privacy bills. A database allegedly from the EPA shows up on Russian cybercrime forums. HHS issues an alert for the Healthcare and Public Health sectors.

Bonus

Encore: Selena Larson: The Green Goldfish and cyber threat intelligence. [Analyst] [Career Notes]

18 days ago 6m 4s

Cyber threat intelligence analyst Selena Larson takes us on her career journey from being a journalist to making the switch to industrial security. As a child who wrote a book about a green goldfish who dealt with bullying, Selena always liked

Bonus

Leaking your AWS API keys, on purpose? [Research Saturday]

19 days ago 23m 50s

Noah Pack, a SANS Internet Storm Center Intern, sits down to discuss research on "What happens when you accidentally leak your AWS API keys?" This research is a guest diary from Noah and shares a project he worked on after seeing an online vide

Deciphering the Acuity cybersecurity incident.

20 days ago 28m 1s

Acuity downplays its recent breach. IcedID gives way to a new malware strain. Russia arrests alleged credit card thieves. Wiz uncovers security flaws in Hugging Face AI models. NERC and the E-ISAC review lessons learned from simulated attacks o