CyberWire Daily

CyberWire Daily

Podcast af N2K Networks

Prøv gratis i 7 dage

99 kr. / måned efter prøveperiode.Ingen binding.

Prøv gratis
Phone screen with podimo app open surrounded by emojis

Mere end 1 million lyttere

Du vil elske Podimo, og du er ikke alene

Rated 4.7 in the App Store

Læs mere CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Alle episoder

3420 episoder
episode When malware plays pretend. [Research Saturday] artwork
When malware plays pretend. [Research Saturday]

Nicolás Chiaraviglio [https://www.linkedin.com/in/nicolaschiaraviglio/], Chief Scientist from Zimperium [https://www.linkedin.com/company/zimperium/]'s zLabs, joins to discuss their work on "Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed." Zimperium’s zLabs team has been tracking an evolving banker trojan dubbed DoubleTrouble, which has grown more sophisticated in both its distribution and capabilities. Initially spread via phishing sites impersonating European banks, it now uses malicious APKs hosted in Discord channels, and boasts features like screen recording, keylogging, UI overlays, and app blocking—all while heavily abusing Android’s Accessibility Services. Despite advanced obfuscation and dynamic evasion techniques, Zimperium’s on-device detection tools have successfully identified both known and previously unseen variants, helping protect users from credential theft, financial fraud, and device compromise. Complete our annual ⁠⁠audience survey⁠⁠ [https://www.surveymonkey.com/r/JDYLFZ5] before August 31. The research can be found here: * ⁠ [https://www.semperis.com/blog/noauth-abuse-alert-full-account-takeover/]Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed [https://zimperium.com/blog/behind-random-words-doubletrouble-mobile-banking-trojan-revealed] Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

09. aug. 2025 - 20 min
episode Reflections in a broken vault. artwork
Reflections in a broken vault.

Researchers uncover multiple vulnerabilities in a popular open-source secrets manager. Software bugs threaten satellite safety. Columbia University confirms a cyberattack. Researchers uncover malicious NPM packages posing as WhatsApp development tools.A new EDR killer tool is being used by multiple ransomware gangs. Home Improvement stores integrate AI license plate readers into their parking lots. The U.S. federal judiciary announces new cybersecurity measures after cyberattacks compromised its case management system. CISA officials reaffirm their commitment to the CVE Program. Our guest is David Wiseman, Vice President of Secure Communications at BlackBerry, discussing the challenges of secure communications. AI watermarking breaks under spectral pressure. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. CyberWire Guest Today we are joined by David Wiseman [https://www.linkedin.com/in/davidjwiseman/], Vice President of Secure Communications at BlackBerry [https://www.linkedin.com/company/blackberry/], who is discussing the challenges and misconceptions around secure communications. Selected Reading HashiCorp Vault 0-Day Flaws Enable Remote Code Execution Attacks [https://gbhackers.com/hashicorp-vault-0-day-flaws/] (GB Hackers) Yamcs v5.8.6 Vulnerability Assessment [https://visionspace.com/yamcs-v5-8-6-vulnerability-assessment/](VisionSpace) Columbia University says hacker stole SSNs and other data of nearly 900,000 [https://therecord.media/columbia-university-data-breach-cyberattack-notifications] (The Record) Fake WhatsApp developer libraries hide destructive data-wiping code [https://www.bleepingcomputer.com/news/security/fake-whatsapp-developer-libraries-hide-destructive-data-wiping-code/] (Bleeping Computer) New EDR killer tool used by eight different ransomware groups [https://www.bleepingcomputer.com/news/security/new-edr-killer-tool-used-by-eight-different-ransomware-groups/] (Bleeping Computer) Home Depot and Lowe's Share Data From Hundreds of AI Cameras With Cops [https://www.404media.co/home-depot-and-lowes-share-data-from-hundreds-of-ai-cameras-with-cops/] (404 Media) US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks [https://www.infosecurity-magazine.com/news/us-judiciary-security-cyber-attacks/] (Infosecurity Magazine) CISA pledges to continue backing CVE Program after April funding fiasco [https://therecord.media/cisa-pledges-support-cve-program-black-hat]  (The Record) CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits [https://gbhackers.com/cisa-issues-10-ics-advisories-2/] (GB Hackers) AI Watermark Remover Defeats Top Techniques [https://spectrum.ieee.org/ai-watermark-remover] (IEEE Spectrum) Audience Survey Complete our annual audience survey [https://www.surveymonkey.com/r/JDV3B73] before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit [https://docsend.com/view/5ncb2vvpz2ntg95q]. Contact us at cyberwire@n2k.com [cyberwire@n2k.com] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

I går - 29 min
episode Exchange hybrid flaw raises cloud alarm. artwork
Exchange hybrid flaw raises cloud alarm.

Microsoft warns of a high-severity vulnerability in Exchange Server hybrid deployments. A Dutch airline and a French telecom report data breaches. Researchers reveal new HTTP request smuggling variants. An Israeli spyware maker may have rebranded to evade U.S. sanctions. CyberArk patches critical vulnerabilities in its secrets management platform. The Akira gang use a legit Intel CPU tuning driver to disable Microsoft Defender. ChatGPT Connectors are shown vulnerable to indirect prompt injection. Researchers expose new details about the VexTrio cybercrime network. SonicWall says a recent SSLVPN-related cyber activity is not due to a zero-day. Ryan Whelan from Accenture is our man on the street at Black Hat. Do androids dream of concierge duty? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. CyberWire Guest We continue our coverage from the floor at Black Hat [https://www.blackhat.com/] USA 2025 with another edition of Man on the Street. This time, we’re catching up with Ryan Whelan [https://www.linkedin.com/in/t-ryan-whelan-1156ab5/], Managing Director and Global Head of Cyber Intelligence at Accenture [https://www.linkedin.com/company/accenture/], to hear what’s buzzing at the conference. Selected Reading Microsoft warns of high-severity flaw in hybrid Exchange deployments [https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-high-severity-flaw-in-hybrid-exchange-deployments/] (Bleeping Computer) KLM suffers cyber breach affecting six million passengers [https://ioplus.nl/en/posts/klm-suffers-cyber-breach-affecting-six-million-passengers] (IO+) Cyberattack hits France’s third-largest mobile operator, millions of customers affected [https://therecord.media/bouygues-telecom-france-cyberattack-data-breach] (The Record) New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites [https://www.securityweek.com/new-http-request-smuggling-attacks-impacted-cdns-major-orgs-millions-of-websites/] (SecurityWeek) Candiru Spyware Infrastructure Uncovered [https://www.bankinfosecurity.com/candiru-spyware-infrastructure-uncovered-a-29142] (BankInfoSecurity) Enterprise Secrets Exposed by CyberArk Conjur Vulnerabilities [https://www.securityweek.com/enterprise-secrets-exposed-by-cyberark-conjur-vulnerabilities/] (SecurityWeek) Akira ransomware abuses CPU tuning tool to disable Microsoft Defender [https://www.bleepingcomputer.com/news/security/akira-ransomware-abuses-cpu-tuning-tool-to-disable-microsoft-defender/] (Bleeping Computer) A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT [https://www.wired.com/story/poisoned-document-could-leak-secret-data-chatgpt/] (WIRED) Researchers Expose Infrastructure Behind Cybercrime Network VexTrio [https://www.infosecurity-magazine.com/news/bhusa-cybercrime-network-vextrio/](Infosecurity Magazine) Gen 7 and newer SonicWall Firewalls – SSLVPN Recent Threat Activity [https://www.sonicwall.com/support/notices/gen-7-and-newer-sonicwall-firewalls-sslvpn-recent-threat-activity/250804095336430] (SonicWall) Want a Different Kind of Work Trip? Try a Robot Hotel [https://www.wired.com/story/inside-japan-henn-na-robot-hotel/?_sp=06fa5238-cda3-4180-aace-f1d6213a76ee.1754502262140] (WIRED) Audience Survey Complete our annual audience survey [https://www.surveymonkey.com/r/JDV3B73] before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit [https://docsend.com/view/5ncb2vvpz2ntg95q]. Contact us at cyberwire@n2k.com [cyberwire@n2k.com] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

07. aug. 2025 - 24 min
episode Chasing Silicon shadows. artwork
Chasing Silicon shadows.

Two Chinese nationals are arrested for allegedly exporting sensitive Nvidia AI chips. A critical security flaw has been discovered in Microsoft’s new NLWeb protocol. Vulnerabilities in Dell laptop firmware could let attackers bypass Windows logins and install malware. Trend Micro warns of an actively exploited remote code execution flaw in its endpoint security platform. Google confirms a data breach involving one of its Salesforce databases. A lack of MFA leaves a Canadian city on the hook for ransomware recovery costs. Nvidia’s CSO denies the need for backdoors or kill switches in the company’s GPUs. CISA flags multiple critical vulnerabilities in Tigo Energy’s Cloud Connect Advanced (CCA) platform. DHS grants funding cuts off the MS-ISAC. Helicopter parenting officially hits the footwear aisle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. CyberWire Guest Today we are joined by Sarah Powazek [https://www.linkedin.com/in/s-powazek/] from UC Berkeley's Center for Long-Term Cybersecurity [https://www.linkedin.com/company/cltcberkeley/] (CLTC) discussing her proposed nationwide roadmap to scale cyber defense for community organizations. Black Hat Women on the street Live from Black Hat USA 2025, it’s a special “Women on the Street” segment with Halcyon [https://www.linkedin.com/company/halcyonai/]’s Cynthia Kaiser [https://www.linkedin.com/in/cynthia-kaiser-cyber/], SVP Ransomware Research Center, and CISO Stacey Cameron [https://www.linkedin.com/in/stacey-cameron-b82b459/]. Hear what’s happening on the ground and what’s top of mind in cybersecurity this year. Selected Reading Two Arrested in the US for Illegally Exporting Microchips Used in AI Applications to China [https://www.technadu.com/two-arrested-in-the-us-for-illegally-exporting-microchips-used-in-ai-applications-to-china/605373/] (TechNadu) Microsoft’s plan to fix the web with AI has already hit an embarrassing security flaw [https://www.theverge.com/news/719617/microsoft-nlweb-security-flaw-agentic-web] (The Verge) ReVault flaws let hackers bypass Windows login on Dell laptops [https://www.bleepingcomputer.com/news/security/revault-flaws-let-hackers-bypass-windows-login-on-dell-laptops/] (Bleeping Computer) Trend Micro warns of Apex One zero-day exploited in attacks [https://www.bleepingcomputer.com/news/security/trend-micro-warns-of-endpoint-protection-zero-day-exploited-in-attacks/] (Bleeping Computer) Google says hackers stole its customers' data in a breach of its Salesforce database [https://techcrunch.com/2025/08/06/google-says-hackers-stole-its-customers-data-in-a-breach-of-its-salesforce-database/] (TechCrunch) Hamilton taxpayers on the hook for full $18.3M cyberattack repair bill after insurance claim denied [https://www.cp24.com/local/hamilton/2025/07/31/hamilton-taxpayers-on-the-hook-for-full-183m-cyberattack-repair-bill-after-insurance-claim-denied/] (CP24) Nvidia rejects US demand for backdoors in AI chips [https://www.theverge.com/news/719697/nvidia-ai-gpu-chips-denies-backdoors-kill-switches-spyware] (The Verge) Critical vulnerabilities reported in Tigo Energy Cloud connect advanced solar management platform [https://beyondmachines.net/event_details/critical-vulnerabilities-reported-in-tigo-energy-cloud-connect-advanced-solar-management-platform-8-9-z-l-9/gD2P6Ple2L] (Beyond Machines) New state, local cyber grant rules prohibit spending on MS-ISAC [https://statescoop.com/state-local-cyber-grant-msisac-2025/] (StateScoop) Skechers skewered for adding secret Apple AirTag compartment to kids’ sneakers — have we reached peak obsessive parenting? [https://nypost.com/2025/08/05/lifestyle/skechers-skewered-for-adding-secret-apple-airtag-compartment-to-kids-sneakers/] (NY Post) Audience Survey Complete our annual audience survey [https://www.surveymonkey.com/r/JDV3B73] before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit [https://docsend.com/view/5ncb2vvpz2ntg95q]. Contact us at cyberwire@n2k.com [cyberwire@n2k.com] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

06. aug. 2025 - 37 min
episode Hello, hacker speaking. artwork
Hello, hacker speaking.

Cisco reveals a phishing related data breach. SonicWall warns users to disable SSLVPN services after reports of ransomware gangs exploiting a likely zero-day.  Researchers uncover a stealthy Linux backdoor and new vulnerabilities in Nvidia’s Triton Inference Server. A new malware campaign targets Microsoft 365 users with fake OneDrive emails. The U.S. Treasury warns of rising criminal activity involving cryptocurrency ATMs. Cloudflare accuses an AI startup of using stealthy methods to bypass restrictions on web scraping. A global infostealer campaign compromises over 4,000 victims across 62 countries. Marty Momdjian, General Manager of Ready1 by Semperis, tells us about Operation Blindspot, a tabletop exercise taking place this week at Black Hat. On this week’s Threat Vector segment, host David Moulton speaks with ⁠Nigel Hedges⁠ from ⁠Sigma Healthcare⁠ about how CISOs can shift cybersecurity from a technical problem to a business priority. One hospital’s data ends up in the snack aisle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. CyberWire Guest We are joined by Marty Momdjian [https://www.linkedin.com/in/martymomdjian/], General Manager of Ready1 by Semperis [https://www.linkedin.com/company/semperis/], who is talking about Operation Blindspot [https://www.semperis.com/operation-blindspot/], a tabletop exercise simulating a cyberattack against a rural water utility based in Nevada taking place this week at Black Hat USA 2025. Threat Vector Segment On this week’s Threat Vector [https://thecyberwire.com/podcasts/threat-vector] segment, host David Moulton [https://www.linkedin.com/in/davidrmoulton/] speaks with ⁠Nigel Hedges [https://www.linkedin.com/in/nigel-hedges/]⁠, Executive General Manager of Cyber & Risk at ⁠Chemist Warehouse⁠ [https://www.chemistwarehouse.com.au/] and ⁠Sigma Healthcare [https://sigmahealthcare.com.au/]⁠. Nigel shares how CISOs can shift cybersecurity from a technical problem to a business priority. You can listen to the full discussion on Threat Vector here [https://thecyberwire.com/podcasts/threat-vector/78/notes] and catch new episodes every Thursday on your favorite podcast app. Selected Reading Cisco discloses data breach impacting Cisco.com user accounts [https://www.bleepingcomputer.com/news/security/cisco-discloses-data-breach-impacting-ciscocom-user-accounts/] (Bleeping Computer) SonicWall urges admins to disable SSLVPN amid rising attacks [https://www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-disable-sslvpn-amid-rising-attacks/] (Bleeping Computer) Antivirus vendors fail to spot persistent, nasty, stealthy Linux backdoor [https://www.theregister.com/2025/08/05/plague_linux_backdoor/] (The Register) Nvidia Triton Vulnerabilities Pose Big Risk to AI Models [https://www.securityweek.com/nvidia-triton-vulnerabilities-pose-big-risk-to-ai-models/](SecurityWeek) Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File [https://hackread.com/discord-cdn-link-deliver-rat-disguised-onedrive-file/] (Hackread) Crypto ATMs fueling criminal activity, Treasury warns [https://therecord.media/crypto-atms-fueling-cybercrime] (The Record) AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges [https://cyberscoop.com/perplexity-blocks-on-crawlers-cloudflare/](CyberScoop) Python-powered malware grabs 200K passwords, credit cards [https://www.theregister.com/2025/08/04/pxa_stealer_4000_victims/](The Register) Thai hospital fined 1.2 million baht for data breach via snack bags [https://databreaches.net/2025/08/04/thai-hospital-fined-1-2-million-baht-for-data-breach-via-snack-bags/](DataBreaches.Net) Audience Survey Complete our annual audience survey [https://www.surveymonkey.com/r/JDV3B73] before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit [https://docsend.com/view/5ncb2vvpz2ntg95q]. Contact us at cyberwire@n2k.com [cyberwire@n2k.com] to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

05. aug. 2025 - 30 min
En fantastisk app med et enormt stort udvalg af spændende podcasts. Podimo formår virkelig at lave godt indhold, der takler de lidt mere svære emner. At der så også er lydbøger oveni til en billig pris, gør at det er blevet min favorit app.
En fantastisk app med et enormt stort udvalg af spændende podcasts. Podimo formår virkelig at lave godt indhold, der takler de lidt mere svære emner. At der så også er lydbøger oveni til en billig pris, gør at det er blevet min favorit app.
Rigtig god tjeneste med gode eksklusive podcasts og derudover et kæmpe udvalg af podcasts og lydbøger. Kan varmt anbefales, om ikke andet så udelukkende pga Dårligdommerne, Klovn podcast, Hakkedrengene og Han duo 😁 👍
Podimo er blevet uundværlig! Til lange bilture, hverdagen, rengøringen og i det hele taget, når man trænger til lidt adspredelse.
Phone screen with podimo app open surrounded by emojis

Rated 4.7 in the App Store

Prøv gratis i 7 dage

99 kr. / måned efter prøveperiode.Ingen binding.

Eksklusive podcasts

Uden reklamer

Gratis podcasts

Lydbøger

20 timer / måned

Prøv gratis

Kun på Podimo

Populære lydbøger