CyberWire Daily

Quantum [CISOP]

In this episode, host Kim Jones tacks a topic that is rapidly moving from theoretical to operational reality: quantum computing. While classical computing will remain the backbone of our systems for years to come, quantum technologies are advancing fast enough that CISOs must begin preparing today. Kim explores what quantum computing really means, why it matters for cybersecurity, and how leaders should begin planning for its inevitable impact. To help demystify the subject, Kim is joined by longtime colleague and cybersecurity practitioner Michael Sottile [https://www.linkedin.com/in/michaelsottile/]—now the CSO of a quantum computing firm—who brings decades of hands-on experience across industries and a front-row seat to quantum's evolution. Want more CISO Perspectives? Check out a companion ⁠⁠blog post⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

Another day, another emergency patch.

Apple and Google issue emergency updates to patch zero-days.  Google links five additional Chinese state-backed hacking groups to “React2Shell.” France’s Ministry of the Interior was hit by a cyberattack. Atlassian patches roughly 30 third-party vulnerabilities. Microsoft says its December 2025 Patch Tuesday updates are breaking Message Queuing. Researchers uncovered a massive exposed database with nearly 4.3 billion professional records openly accessible online. Britain’s new MI6 chief warns of an “aggressive, expansionist, and revisionist” Russia. Monday Business Brief. On today’s Threat Vector, ⁠Michael Heller⁠ from Unit 42 chats with security leaders ⁠Greg Conti⁠ and ⁠Tom Cross⁠ to unpack the hacker mindset and the idea of “dark capabilities”. A cyber holiday gift guide for the rest of us.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. Threat Vector Segment In this segment of Threat Vector, host ⁠Michael Heller⁠ [https://www.linkedin.com/in/mtheller], Managing Editor for Cortex and Unit 42 and Executive Producer of the podcast, sits down with long-time security leaders ⁠Greg Conti⁠ [https://www.linkedin.com/in/greg-conti-7a8521?utm_source=chatgpt.com] and ⁠Tom Cross⁠ [https://www.linkedin.com/in/tom-cross-71455?utm_source=chatgpt.com] to unpack the hacker mindset and the idea of “dark capabilities” inside modern technology companies. You can listen to their full discussion here [https://www.thecyberwire.com/podcasts/threat-vector/97/notes]. Be sure to catch new episodes of Threat Vector by Palo Alto Networks every Thursday on your favorite podcast app. Selected Reading Apple, Google forced to issue emergency 0-day patches [https://www.theregister.com/2025/12/15/apple_follows_google_by_emergency/] (The Register) Google links more Chinese hacking groups to React2Shell attacks [https://www.bleepingcomputer.com/news/security/google-links-more-chinese-hacking-groups-to-react2shell-attacks/] (Bleeping Computer) French Interior Ministry confirms cyberattack on email servers [https://www.bleepingcomputer.com/news/security/france-interior-ministry-confirms-cyberattack-on-email-servers/] (Bleeping Computer) Atlassian Patches Critical Apache Tika Flaw [https://www.securityweek.com/atlassian-patches-critical-apache-tika-flaw/] (SecurityWeek) Microsoft: December security updates cause Message Queuing failures [https://www.bleepingcomputer.com/news/microsoft/microsoft-december-security-updates-cause-message-queuing-failures/] (Bleeping Computer) 16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records [https://hackread.com/mongodb-database-expose-lead-gen-records/] (Hackread) MI6 chief warns 'front line is everywhere' and signals intent to pressure Putin [https://therecord.media/mi6-chief-speech-russia-threats-warning] (The Record) Saviynt raises $700 million in Series B growth equity financing. [https://thecyberwire.com/newsletters/business-briefing/7/49] (The CyberWire Business Brief) Last-minute cybersecurity and privacy gifts your friends and family won't hate [https://this.weekinsecurity.com/last-minute-cybersecurity-and-privacy-gifts-that-your-friends-and-family-will-not-hate/] (This Week In Security) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey [https://www.surveymonkey.com/r/NCFFCZJ]. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com [http://sponsor.thecyberwire.com/]. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

Amanda Fennell: There's a cyber warrior in all of us [Information] [Career Notes]

Please enjoy this encore of Career Notes. Chief security officer and chief information officer at Relativity, Amanda Fennell shares her story from archeology to cybersecurity. She shares the path that lead her towards becoming an archeologist and how it turned out not being exactly what she expected. She then shares how she got into the cyber business and how her past has impacted what she's doing now. She describes how she would like to be remembered in the cyber world, she says "I do hope that I left things better than I found them, not just the security of a product or a company, but I believe strongly that every person has a little cyber warrior inside of them." We thank Amanda for sharing her story. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

Root access to the great firewall. [Research Saturday]

Daniel Schwalbe [https://www.linkedin.com/in/schwalbe/], DomainTools [https://www.linkedin.com/company/domaintools/] Head of Investigations and CISO, is sharing their work on "Inside the Great Firewall." This two-part research project analyzes an extraordinary 500–600GB leak that exposes the internal architecture, tooling, and human ecosystem behind China’s Great Firewall. Across both parts, you break down thousands of leaked documents, source code repositories, diagrams, packet captures, and telemetry that reveal how systems like the Traffic Secure Gateway, MAAT, Redis-based analytics, and modular DPI engines work together to censor, surveil, and fingerprint users at scale. Taken together, the research shows how the Great Firewall functions not just as a technical system, but as a living censorship-industrial complex that adapts, learns, and coordinates across government, telecoms, and security vendors. The research can be found here: * Inside the Great Firewall Part 1: The Dump [https://dti.domaintools.com/inside-the-great-firewall-part-1-the-dump/] * Inside the Great Firewall Part 2: Technical Infrastructure [https://dti.domaintools.com/inside-the-great-firewall-part-2-technical-infrastructure/] Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]

One rule to rule them all.

A new executive order targets states’ AI regulations, while the White House shifts course on an NSA deputy director pick. The UK fines LastPass over inadequate security measures. Researchers warn of active attacks against Gladinet CentreStack instances. OpenAI outlines future cybersecurity plans. MITRE ranks the top 25 vulnerabilities of 2025. CISA orders U.S. federal agencies to urgently patch a critical GeoServer vulnerability. An anti-piracy coalition shuts down one of India’s most popular illegal streaming services. Our guest Mark Lance, Vice President, DFIR & Threat Intelligence, GuidePoint Security, unpacks purple team table top exercises to prepare for AI-generated attacks. Hackers set their sights on DNA. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing [https://thecyberwire.com/newsletters/daily-briefing], and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn [https://www.linkedin.com/company/10454826/admin/feed/posts/]. CyberWire Guest Mark Lance [https://www.linkedin.com/in/mark-lance-9594234/], Vice President, DFIR & Threat Intelligence, GuidePoint Security [https://www.linkedin.com/company/guidepointsec/], is discussing purple team table top exercises to prepare for AI-generated attacks. Selected Reading Trump Signs Executive Order to Block State AI Regulations [https://www.securityweek.com/trump-signs-executive-order-to-block-state-ai-regulations/] (SecurityWeek) Announced pick for No. 2 at NSA won’t get the job as another candidate surfaces [https://therecord.media/announced-nsa-deputy-director-pick-joe-francescon-not-taking-job] (The Record) LastPass Data Breach — Insufficient Security Exposed 1.6 Million Users [https://www.forbes.com/sites/daveywinder/2025/12/12/lastpass-data-breach---insufficient-security-exposed-16-million-users/] (Forbes) Gladinet CentreStack Flaw Exploited to Hack Organizations [https://www.securityweek.com/gladinet-centrestack-flaw-exploited-to-hack-organizations/] (SecurityWeek) OpenAI lays out its plan for major advances in AI cybersecurity features [https://www.scworld.com/news/openai-outlines-plans-to-prepare-for-future-ai-cybersecurity-capabilities] (SC Media) MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities [https://www.securityweek.com/mitre-releases-2025-list-of-top-25-most-dangerous-software-vulnerabilities/] (SecurityWeek) CISA orders feds to patch actively exploited Geoserver flaw [https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-geoserver-flaw/] (Bleeping Computer) MKVCinemas streaming piracy service with 142M visits shuts down [https://www.bleepingcomputer.com/news/security/mkvcinemas-streaming-piracy-service-with-142m-visits-shuts-down/] (Bleeping Computer) The Unseen Threat: DNA as Malware [https://www.bankinfosecurity.com/blogs/unseen-threat-dna-as-malware-p-3993] (BankInfoSecurity) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey [https://www.surveymonkey.com/r/NCFFCZJ]. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com [http://sponsor.thecyberwire.com/]. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices [https://megaphone.fm/adchoices]