Episodes

  • LIVE! From Philly [Threat Vector]

    LIVE! From Philly [Threat Vector]
    Feb 17 2025
    While we are taking a publishing break to observe Washington's Birthday here in the United States, enjoy this primer on how to create a podcast from our partners at Palo Alto Networks direct from the CyberMarketingCon 2024. Podcasts have become vital tools for sharing knowledge and insights, particularly in technical fields like cybersecurity. "Threat Vector," led by David Moulton, serves as an essential guide through the complex landscape of cyber threats, offering expert interviews and in-depth analysis. In this session, David will discuss the process behind creating "Threat Vector," highlighting the challenges and rewards of developing a podcast that resonates with industry experts. Attendees will learn about the foundational elements of podcasting, from initial concept development to content creation and audience engagement. David's approach integrates his extensive background in storytelling, design, and strategic marketing, enabling him to tackle intricate cybersecurity topics and make them accessible to a broad audience. This session will dive into how to present intricate cybersecurity topics in an accessible and engaging manner and explore various techniques for producing compelling content and effective strategies for promoting a podcast to a wider audience. Join David and guest host David J. Ebner of Content Workshop for an informative discussion on using podcasts as a medium for education and influence in the cybersecurity field. This session is ideal for anyone interested in starting a podcast or enhancing their approach to cybersecurity communication. Join the conversation on our social media channels: Website: http://www.paloaltonetworks.com Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/ YouTube: ⁠⁠⁠⁠@paloaltonetworks Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat Vector Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    25 mins
  • Maria Thompson-Saeb: Be flexible and make it happen. [Program Management] [Career Notes]

    Maria Thompson-Saeb: Be flexible and make it happen. [Program Management] [Career Notes]
    Feb 16 2025
    Please enjoy this encore of Career Notes. Senior Program Manager for Governance, Risk and Compliance at Illumio, Maria Thompson-Saeb shares experiences that led to her career in cybersecurity. Interested in computers and not a fan of math, Maria opted for information systems management rather than computer science. She started her career as a government contractor. Once in the private sector, Maria moved into the Unix and Linux environments where she says "something that would totally change everything." She gained an interest in security and took it upon herself to train up and move into that realm. Maria notes it was not without roadblocks, but that being flexible helped her address those challenges and make her career in security happen. We thank Maria for sharing her story. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    9 mins
  • Bot or not? The fake CAPTCHA trick spreading Lumma malware. [Research Saturday}

    Bot or not? The fake CAPTCHA trick spreading Lumma malware. [Research Saturday}
    Feb 15 2025
    Nati Tal, Head of Guardio Labs, discusses their work on "“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising." Guardio has uncovered a large-scale malvertising campaign dubbed “DeceptionAds,” which tricks users into running a malicious PowerShell command under the guise of proving they’re human. This fake CAPTCHA scheme delivers Lumma info-stealer malware while bypassing security measures like Google’s Safe Browsing. Even after disclosure and takedown efforts, the campaign resurfaced—raising concerns about the effectiveness of existing defenses against ad-driven cyber threats. The research can be found here: “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    35 mins
  • AI’s blind spots need human eyes.

    AI’s blind spots need human eyes.
    Feb 14 2025
    Nakasone addresses AI at the Munich Cyber Security Conference. Court documents reveal the degree to which DOGE actually has access. Dutch police dismantle a bulletproof hosting operation. German officials investigate Apple’s App Tracking. Hackers exploited security flaws in BeyondTrust. CISA issues 20 new ICS advisories. The new Astoroth phishing kit bypasses 2FA. Hackers waste no time exploiting a SonicWall proof-of-concept vulnerability. Our guest today is Lawrence Pingree, VP of Technical Marketing at Dispersive, joining us to discuss why preemptive defense is essential in the AI arms race. Have I Been Pwned ponders whether resellers are worth the trouble. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Lawrence Pingree, VP of Technical Marketing at Dispersive, joining us to discuss why preemptive defense is essential in the AI arms race. You can read more in "How Cybercriminals Are Using AI: Exploring the New Threat Landscape." Selected Reading Putting the human back into AI is key, former NSA Director Nakasone says (The Record) Court Documents Shed New Light on DOGE Access and Activity at Treasury Department (Zero Day) Musk's DOGE team: Judges to consider barring it from US government systems (Reuters) Anyone Can Push Updates to the DOGE.gov Website (404 Media) Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster (Bleeping Computer) Apple app tracking rules more strict for others – watchdog (The Register) PostgreSQL flaw exploited as zero-day in BeyondTrust breach (Bleeping Computer) CISA Releases 20 ICS Advisories Detailing Vulnerabilities & Exploits (Cyber Security News) Astaroth 2FA Phishing Kit Targets Gmail, Yahoo, Office 365, and Third-Party Logins (GB Hackers) SonicWall Firewall Vulnerability Exploited After PoC Publication (SecurityWeek) Have I Been Pwned likely to ban resellers (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    34 mins
  • Salt in the wound.

    Salt in the wound.
    Feb 13 2025
    Salt Typhoon is still at it. Russian cyber-actor Seashell Blizzard expands its reach. The EFF sues DOGE to protect federal workers’ data. House Republicans pursue a comprehensive data privacy bill. Fortinet patches a critical vulnerability. Google views cybercrime as a national security threat. Palo Alto Networks issues 10 new security advisories. Symantec suspects a Chinese APT sidehustle. Guest Jason Baker, Principal Security Consultant at GuidePoint Security, joins us to share an update on the state of ransomware. A massive IoT data breach exposes 2.7 billion records. Here come the AI agents. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today’s guest, Jason Baker, Principal Security Consultant at GuidePoint Security, joins us to share an update on the state of ransomware. Selected Reading China’s Salt Typhoon Spies Are Still Hacking Telecoms—Now by Exploiting Cisco Routers (WIRED) Russian Seashell Blizzard Enlists Specialist Initial Access Subgroup to Expand Ops (Infosecurity Magazine) EFF Leads Fight Against DOGE and Musk's Access to US Federal Workers' Data (Infosecurity Magazine) Elon Musk and the Right Are Recasting Reporting as ‘Doxxing’ (New York Times) FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now! (Hackread) Cybercrime evolving into national security threat: Google (The Record) House Republicans launch group for comprehensive data privacy legislation (The Record) Palo Alto Networks Patches Potentially Serious Firewall Vulnerability (SecurityWeek) Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job (SecurityWeek) Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords (Cyber Security News) Are You Ready to Let an AI Agent Use Your Computer? (IEEE Spectrum) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    35 mins
  • DOGEgeddon: The cyber crisis hiding in plain sight.

    DOGEgeddon: The cyber crisis hiding in plain sight.
    Feb 12 2025
    Is DOGE a cyberattack against America? The White House plans to nominate a new national cyber director. Patch Tuesday updates. Ivanti discloses a critical stack-based buffer overflow vulnerability. The GAO identifies cybersecurity gaps in the U.S. Coast Guard’s efforts to secure the Maritime Transportation System. An Arizona woman pleads guilty to running a laptop farm for North Korea. A notorious swatter gets a prison sentence. Our guests are Gianna Whitver and Maria Velasquez, co-hosts of the Breaking Through in Cybersecurity Marketing podcast. Plague-themed phishing tests take it too far. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we welcome Gianna Whitver and Maria Velasquez, co-hosts of the Breaking Through in Cybersecurity Marketing podcast, sharing their plans for 2025. You can listen to new episodes of Breaking Through in Cybersecurity Marketing every Wednesday airing on the N2K CyberWire network and wherever you get your podcasts. Selected Reading DOGE's Cyberattack Against America (Foreign Policy) Trump plans to nominate GOP insider Sean Cairncross as national cyber director (The Record) Microsoft Fixes Another Two Actively Exploited Zero-Days (Infosecurity Magazine) Chipmaker Patch Tuesday: Intel, AMD, Nvidia Fix High-Severity Vulnerabilities (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Addressed by Schneider Electric, Siemens (SecurityWeek) Ivanti Connect Secure Vulnerabilities Let Attackers Execute Code Remotely (Cyber Security News) GAO Tells Coast Guard to Improve Cybersecurity of Maritime Transportation System (SecurityWeek) Arizona woman pleads guilty to running laptop farm for N. Korean IT workers, faces 9-year sentence (The Record) California Teenager Sentenced to 48 Months in Prison for Nationwide Swatting Spree (US Department of Justice) Phishing Tests, the Bane of Work Life, Are Getting Meaner (Wall Street Journal) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    35 mins
  • Apple’s race to secure your iPhone.

    Apple’s race to secure your iPhone.
    Feb 11 2025
    Apple releases emergency security updates to patch a zero-day vulnerability. CISA places election security workers on leave. Elon Musk leads a group of investors making an unsolicited bid to acquire OpenAI. The man accused of hacking the SEC’s XTwitter account pleads guilty. Law enforcement seizes the leak site of the 8Base ransomware gang. Researchers track a massive increase in brute-force attacks targeting edge devices. Experts question the U.K. government’s demand for an encryption backdoor in Apple devices. Today’s guest is John Fokker, Head of Threat Intelligence at Trellix, joining us to discuss their work on "Blurring the Lines: How Nation-States and Organized Cybercriminals Are Becoming Alike." And it’s international day for women and girls in science. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today’s guest is John Fokker, Head of Threat Intelligence at Trellix, joining us to discuss their work on "Blurring the Lines: How Nation-States and Organized Cybercriminals Are Becoming Alike." Selected Reading Apple fixes zero-day exploited in 'extremely sophisticated' attacks (BleepingComputer) US cyber agency puts election security staffers who worked with the states on leave (AP News) Elon Musk-led group makes $97.4 billion bid for OpenAI, CEO refuses and offers to "buy Twitter for $9.74 billion" (TechSpot) OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20 Million Credentials (SecurityWeek) Hacker who hijacked SEC’s X account pleads guilty, faces maximum five-year sentence (The Record) 8Base ransomware site taken down as Thai authorities arrest 4 connected to operation (The Record) Edge Devices Face Surge in Mass Brute-Force Password Attacks (Data Breach Today) U.K. Kicks Apple’s Door Open for China (Wall Street Journal) International Day of Women and Girls in Science- United Nations (United Nations) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    35 mins
  • Read all about it—or maybe not.

    Read all about it—or maybe not.
    Feb 10 2025
    A cyberattack disrupts newspaper publishing. A major AI summit takes place in Paris this week. A federal judge restricts DOGE from accessing Treasury Department systems. Cybersecurity cooperation between Canada and the U.S. remains strong. The Kraken ransomware group leaks credentials allegedly linked to Cisco. Europol urges banks to start preparing for quantum-safe cryptography. Microsoft expands its Copilot bug bounty program. The PlayStation Network (PSN) experienced a major outage over the weekend. Indiana man sentenced to 20 years for $37m cryptocurrency fraud. Our guest is Mike Woodard, VP of Product Management for App Security at Digital.ai, sharing strategies to minimize risk when implementing AI. Hunting for length and complexity in WiFi passwords. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Mike Woodard, VP of Product Management for App Security at Digital.ai, sharing strategies to minimize risk when implementing AI to enhance security. Selected Reading Cyberattack Disrupts Publication of Lee Newspapers Across the U.S. (New York Times) Trump’s AI Ambition and China’s DeepSeek Overshadow an AI Summit in Paris (SecurityWeek) Musk Team’s Treasury Access Raises Security Fears, Despite Judge’s Ordered Halt (New York Times) In Breaking USAID, the Trump Administration May Have Broken the Law (ProPublica) Judge: DOGE made US Treasury ‘more vulnerable to hacking’ (The Register) Cisco Data Breach – Ransomware Group Allegedly Breached Internal Network (GB Hackers) Europol Warns Financial Sector of “Imminent” Quantum Threat (Infosecurity Magazine) Trade war or not, Canada will keep working with the U.S. on cybersecurity (The Logic) Microsoft Expands Copilot Bug Bounty Program, Increases Payouts (SecurityWeek) PlayStation Network Down; Outage Leaves Gamers Frustrated (Updated) (HackRead) Indiana Man Sentenced to 20 Years in Federal Prison for Conspiracies Involving Cyber Intrusion and a Massive $37 Million Cryptocurrency Theft (DataBreaches.Net) The World's Longest and Strongest WiFi Passwords (InfoSec Write-ups) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Show more Show less
    31 mins