CyberWire Daily N2K Networks

Signs point to a major cybersecurity event at cloud provider Snowflake. Hugging Face discloses "unauthorized access" to its Spaces platform. Australian legislation seeks jail time for deepfake porn. CISA adds two vulnerabilities to the KEV catalog. Spanish police investigate a potential breach of drivers license info. NSA shares mobile device best practices. Everbridge crisis management software company reports a data breach. N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard joins us to preview CSO Perspectives Season 14 which launches today! Google tries to explain those weird AI search results. 
Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest
N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard joins Dave to preview CSO Perspectives Season 14 which launches today! The first episode explores SolarWinds and the SEC. This episode of CSO Perspectives has a companion essay. You can find it here. Not an N2K Pro subscriber? You can catch the first half of the episode here. 

Selected Reading
The Ticketmaster Data Breach May Be Just the Beginning (WIRED)
Hugging Face says it detected 'unauthorized access' to its AI model hosting platform (TechCrunch)
Jail time for those caught distributing deepfake porn under new Australian laws (The Guardian)
CISA warns of actively exploited Linux privilege elevation flaw (Bleeping Computer)
Spanish police investigate whether hackers stole millions of drivers' data (Reuters)
The NSA advises you to turn your phone off and back on once a week - here's why (ZDNET)
Everbridge warns of corporate systems breach exposing business data (Bleeping Computer)
Google’s AI Overview is flawed by design, and a new company blog post hints at why (Ars Technica) 

Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. 

Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, presents the argument for why the SEC was misguided when it charged the SolarWinds CISO, Tim Brown, with fraud the after the Russian SVR compromised the SolarWinds flagship product, Orion. Our guests are, Steve Winterfeld, Akamai’s Advisory CISO, and Ted Wagner, SAP National Security Services CISO.
References:
Andrew Goldstein, Josef Ansorge, Matt Nguyen, Robert Deniston, 2024. Fatal Flaws in SEC’s Amended Complaint Against SolarWinds [Analysis]. Crime & Corruption.
Anna-Louise Jackson, 2023. Earnings Reports: What Do Quarterly Earnings Tell You? [Explainer]. Forbes.
Brian Koppelman, David Levien, Andrew Ross Sorkin, 2016 - 2023. Billions [TV Show]. IMDb.
Dan Goodin, 2024. Financial institutions have 30 days to disclose breaches under new rules [News]. Ars Technica.
David Katz, 021. Corporate Governance Update: “Materiality” in America and Abroad [Essay]. The Harvard Law School Forum on Corporate Governance.
Jessica Corso, 2024. SEC Zeroes In On SolarWinds Exec In Revised Complaint [Analysis]. Law360.
Johnathan Rudy, 2024. SEC files Amended complaint against SolarWinds and CISO [Civil Action]. LinkedIn.
Joseph Menn, 2023. Former Uber security chief Sullivan avoids prison in data breach case [WWW DocumentNews]. The Washington Post.
Kim Zetter, 2014. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon [Book]. Goodreads.
Kim Zetter, 2023. SEC Targets SolarWinds’ CISO for Rare Legal Action Over Russian Hack [WWW Document]. ZERO DAY.
Kim Zetter, 2023. SolarWinds: The Untold Story of the Boldest Supply-Chain Hack [Essay]. WIRED.
Rick Howard, 2022. Cyber sand table series: OPM [Podcast]. The CyberWire - CSO Perspectives Podcast.
Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads.
Pam Baker, 2021. The SolarWinds hack timeline: Who knew what, and when? [Timeline]. CSO Online.
Staff, 2009. Generally Accepted Accounting Principles (Topic 105) [Standard]. PWC.
Staff. 30 October 2023. SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures [Website]. The U.S. Securities and Exchange Commision.
Staff, 31 October 2023. Securities and Exchange Commission v. SolarWinds Corporation and Timothy G. Brown, No. 23-civ-9518 (SDNY) [Case]. The Securities and Exchange Commission.
Staff, 29 March 2024. Cooley, Cybersecurity Leaders File Brief Opposing SEC’s SolarWinds Cyberattack Case [Press Release]. Cooley.
Stephanie Pell, Jennifer Lee , Shoba Pillay, Jen Patja Howell, 2024. The SEC SolarWinds Enforcement Action [Podcast]. The Lawfare Podcast.

As part of our series on the 2024 NICE Conference, we turn our focus to the one of the keynote speakers of the conference. This year’s conference theme “Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap” highlights the collective effort to strengthen the cybersecurity landscape. By joining forces with key partners, we can foster a more robust cybersecurity ecosystem to bridge the workforce gap. 
In her keynote coming up on Tuesday, June 4th, Deneen DeFiore, Chief Information Security Officer of United Airlines, will discuss "A Journey with No Destination: A CISO’s Pathway to a Cybersecurity Career."
Prior to the conference, Simone Petrella, N2K President, caught up with Deneen DeFiore. They discussed Deneen's history with NICE, the importance of prioritizing cyber talent and workforce issues, what stakeholders need to more effectively tackle the cyber skills and experience gap across the profession, and more.
Find out more about the The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1). Listen to our podcast about the update. Stay tuned for our coverage of the 2024 NICE Conference.

As part of our series on the 2024 NICE Conference, we turn our focus to the Business Roundtable. This year’s conference theme “Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap” highlights the collective effort to strengthen the cybersecurity landscape. By joining forces with key partners, we can foster a more robust cybersecurity ecosystem to bridge the workforce gap. Business Roundtable is an association of chief executive officers of America’s leading companies working to promote a thriving U.S. economy and expanded opportunity for all Americans through sound public policy.
The Business Roundtable launched its Cybersecurity Workforce Corporate Initiative in December of 2022. In coordination with its members and inputs from experts at Department of Commerce’s National Initiative for Cybersecurity Education (NICE), it recently released a Cybersecurity Workforce Playbook to help employers create entry points to cybersecurity careers and strengthen cybersecurity talent pipelines across various industries and sectors.
Simone Petrella, N2K President, speaks with Erin White, Business Roundtable's Senior Director, Corporate Initiatives, about the Cybersecurity Workforce Corporate Initiative, the recently released Cybersecurity Workforce Playbook, key takeaways for the private sector, and how the Business Roundtable and NICE are working together to support these initiatives.
Find out more about the The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1). Stay tuned for our coverage of the 2024 NICE Conference.

Amit Malik, Director of Threat Research at Uptycs, is sharing their work on "New Threat Detected: Inside Our Discovery of the Log4j Campaign and Its XMRig Malware." The Uptycs Threat Research Team has discovered a large-scale Log4j campaign involving over 1700 IPs, aiming to deploy XMRig cryptominer malware.
This ongoing operation was initially detected through the team's honeypot collection, prompting an in-depth analysis of the campaign. The research says "The JNDI plugin is particularly useful to attackers because it allows them not only to fetch the values of environment variables in the target system but also to freely define the URL and protocol resource for the JNDI network connection."
The research can be found here:
New Threat Detected: Inside Our Discovery of the Log4j Campaign and Its XMRig Malware

Commandant for the National Security Agency's National Cryptologic School Diane M. Janosek shares the story of her career going global Diane explains how she's always been drawn to doing things that could help and raise the nation. From a position as a law clerk during law school, to the role of a judicial clerk, and joining the White House Counsel's office, Diane was exposed to many things and felt she experienced the full circle. Moving on to the Pentagon and finally, the NSA, Diane transitioned into her current role where she orchestrates the educational environment for military and civilian cyber and cryptologists worldwide for the nation. Diane encourages those who love to learn to join the multidisciplinary cybersecurity field. Our thanks to Diane for sharing her story with us.