CyberWire Daily

N2K Networks
  • 4,2 (5)
  • NOTICIAS TECNOLÓGICAS
  • DIARIO

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

  1. Michael Scott: A team of humble intellects. [Information security] [Career Notes]

    HACE 15 H · CONTENIDO EXTRA

    Michael Scott: A team of humble intellects. [Information security] [Career Notes]

    Please enjoy this encore of Career Notes. Chief Information Security Officer at Immuta, Michael Scott shares his story from working at a forgotten internet service provider to leading the security fight for major food chain restaurants. Michael explains how the different roles at various companies he has worked with paved his way to where he is now at Immuta. He works with a group of colleagues and he leads in a different style, describing that "It really is just a collection of a lot of, we call humble intellects" working with him. Michael attributes adversity to being a cornerstone of existence in the security community, and explains how that helps him keep up the fight. We thank Michael for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

    10 min
  2. Don’t trust that app!

    HACE 1 D · CONTENIDO EXTRA

    Don’t trust that app!

    While our team is out on winter break, please enjoy this episode of Research Saturday. Today we are joined by ⁠⁠Selena Larson⁠⁠, co-host of ⁠⁠Only Malware in the Building⁠⁠ and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at ⁠⁠Proofpoint⁠⁠, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens, and session cookies, targeting nearly 3,000 Microsoft 365 accounts across 900 environments in 2025. Microsoft’s upcoming security changes and strengthened email, cloud, and web defenses, along with user education, are recommended to reduce these risks. The research can be found here: ⁠⁠⁠⁠Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing Learn more about your ad choices. Visit megaphone.fm/adchoices

    21 min
  3. Cyber and its "Hive" Mind

    HACE 2 D

    Cyber and its "Hive" Mind

    While our team is out on winter break, please enjoy this episode of Cyber Things from our partners at Armis. Welcome to Episode 2 of Cyber Things, a special edition podcast produced in partnership by Armis and N2K CyberWire in an homage to Stranger Things. Host ⁠Rebecca Cradick⁠, VP of Global Communications at ⁠Armis⁠, is joined by ⁠Curtis Simpson⁠, CISO at Armis, to dive deep into the rise of the “Hive Mind”: the collective, connected threat ecosystem where attackers share tools, data, and tactics across the dark web, evolving faster than ever through AI-powered reconnaissance and automation. This is essential listening for anyone seeking to better understand how today’s adversaries no longer operate alone, but as a distributed learning network that observes, adapts, and strikes with speed and precision. Tune in now to learn how organizations can think upside down, harness AI, and build defenses that move at the speed of today’s threats - before the shadows reach your network. Learn more about your ad choices. Visit megaphone.fm/adchoices

    27 min

  4. HACE 3 D

    Confronting China’s Expanding Cyber Threats [Threat Vector]

    While our team is out on winter break, please enjoy this episode of Threat Vector from our partners at Palo Alto Networks. In this episode of Threat Vector, host David Moulton talks with Wendi Whitmore, Chief Security Intelligence Officer at Palo Alto Networks, about the increasing scale of China-linked cyber threats and the vulnerabilities in outdated OT environments.  Wendi shares critical insights on how nation-state threats have evolved, why AI must be part of modern defense strategies, and the importance of real-time intelligence sharing. They also dive into scenario planning as a key to resilience. If you want to know how cybersecurity leaders are preparing for the next wave of threats, this episode is a must-listen. From the show: ASEAN Entities in the Spotlight: Chinese APT Group Targeting Preparing for a Secure Paris 2024 Unit 42 Predicts the Year of Disruption and Other Top Threats in 2025 FBI talks about how China is testing AI in cyberattacks Hear more from Wendi Whitmore on Threat Vector: Episode 5: From Nation States to Cybercriminals Join the conversation on our social media channels: Website:⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠ Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠ Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠ LinkedIn:⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠ YouTube:⁠ ⁠⁠@paloaltonetworks⁠ Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠ ⁠http://paloaltonetworks.com⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

    23 min

  5. HACE 4 D

    Lorrie Cranor: Why Security Fails Real People [Afternoon Cyber Tea]

    While our team is out on winter break, please enjoy this episode of Afternoon Cyber Tea with Ann Johnson from our partners at Microsoft Security. Dr. Lorrie Cranor, Director of the CyLab Security and Privacy Institute at Carnegie Mellon University joins Ann Johnson, Corporate Vice President, Microsoft, on this week's episode of Afternoon Cyber Tea to discuss the critical gap between security design and real-world usability. They explore why security tools often fail users, the ongoing challenges with passwords and password less authentication, and how privacy expectations have evolved in an era of constant data collection. Dr. Cranor emphasizes the importance of user-centered design, practical research, behavioral insights, and simpler, more transparent systems to help CISOs build security programs that truly work for people.    Resources:   View Lorrie Cranor on LinkedIn             View Ann Johnson on LinkedIn       Related Microsoft Podcasts:   Microsoft Threat Intelligence Podcast   The BlueHat Podcast    Uncovering Hidden Risks   Discover and follow other Microsoft podcasts at microsoft.com/podcasts      Afternoon Cyber Tea with Ann Johnson is produced by Microsoft, Hangar Studios and distributed as part of N2K media network.  Learn more about your ad choices. Visit megaphone.fm/adchoices

    24 min

  6. HACE 5 D

    The New Frontlines of Cybersecurity: Lessons from the 2025 Digital Defense Report [Microsoft Threat Intelligence Podcast]

    While our team is out on winter break, please enjoy this episode of The Microsoft Threat Intelligence Podcast from our partners at Microsoft. In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Chloé Messdaghi and Crane Hassold to unpack the key findings of the 2025 Microsoft Digital Defense Report; a comprehensive look at how the cyber threat landscape is accelerating through AI, automation, and industrialized criminal networks.  They explore how nation-state operations and cybercrime have fused into a continuous cycle of attack and adaptation, with actors sharing tooling, infrastructure, and even business models. The conversation also examines AI’s growing impact, from deepfakes and influence operations to the defensive promise of AI-powered detection, and how identity compromise has become the front door to most intrusions, accounting for over 99% of observed attacks.  Listeners will gain perspective on:  How AI is shaping both attacker tradecraft and defensive response.  Why identity remains the cornerstone of global cyber risk.  What Microsoft’s telemetry—spanning 600 million daily attacks—reveals about emerging threats and evolving defender strategies.  Questions explored:  How are threat actors using AI to scale deception and influence operations?  What does industrialized cybercrime mean for organizations trying to defend at scale?  How can defenders harness AI responsibly without overreliance or exposure?    Resources:   Download the report and executive summary  Register for Microsoft Ignite  View Chloé Messdaghi on LinkedIn  View Crane Hassold on LinkedIn  View Sherrod DeGrippo on LinkedIn   Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  Learn more about your ad choices. Visit megaphone.fm/adchoices

    47 min
  7. Season finale: Leading security in a brave new world. [CISOP]

    HACE 5 D · CONTENIDO EXTRA

    Season finale: Leading security in a brave new world. [CISOP]

    In the season finale of CSO Perspectives, Ethan Cook and Kim Jones reflect on a season of conversations exploring what it means to lead security in a rapidly evolving “brave new world.” From the realities behind AI hype and the slow-burn impact of quantum computing to the business forces shaping cybersecurity innovation, they revisit key lessons and lingering challenges facing today’s CISOs. The episode closes with an optimistic—but candid—look at why fundamentals, critical thinking, and leadership still matter as the industry moves forward. Want more CISO Perspectives? Check out companion ⁠⁠blog post⁠⁠s by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements episodes throughout the season. Learn more about your ad choices. Visit megaphone.fm/adchoices

    44 min
  8. The Hidden Risk in Your Stack [Data Security Decoded]

    HACE 6 D

    The Hidden Risk in Your Stack [Data Security Decoded]

    While our team is out on winter break, please enjoy this episode of Data Security Decoded from our partners at Rubrik. In this episode of Data Security Decoded, host Caleb Tolin sits down with Hayden Smith, CEO of Hunted Labs, as he breaks down how software supply chain attacks really work, why open source dependencies create unseen exposure, and what modern threat actors are doing to exploit trust at scale. Caleb and Hayden dive deep into real-world attacks, emerging TTPs, AI-powered threat hunting, and what organizations must do today to keep pace. Listeners walk away with a clear picture of the problem—and a practical blueprint for reducing supply chain risk. What You’ll Learn  How modern attackers infiltrate open source ecosystems through fake accounts and counterfeit package contributions. Why dependency chains dramatically amplify both exposure and attacker leverage. How to use threat intelligence and threat hunting to proactively evaluate upstream packages before adoption. Where AI-powered code analysis is changing the ability to discover hidden vulnerabilities and suspicious patterns. Why dependency pinning, SBOM discipline, and continuous monitoring now define a strong supply chain posture. Episode Highlights 00:00 — Welcome + Why Software Supply Chain Risk Matters 02:00 — Hayden’s Non-Cyber Passion + Framing Today’s Topic 03:00 — Why Open Source Powers Everything—and Why That Creates Exposure 06:00 — The Real Attack Vector: Contribution as Initial Access 08:00 — Inside the Indonesian “Fake Package” Campaign 10:30 — How to Evaluate Code + Contributor Identity Together 12:00 — Threat Hunting and AI-Enabled Code Interrogation 15:00 — The Challenge of Undisclosed Vulnerabilities in Widely Used Components 16:30 — How Recovery Works When Malware Is Already in Your Stack 19:00 — Continuous Monitoring as the Foundation of Modern Supply Chain Security 22:00 — Pinning, Maintainer Analysis, and Code Interrogation Best Practices 24:00 — Where to Learn More About Hunted Labs Episode Resources Hunted Labs — https://huntedlabs.com Hunted Labs Entercept Hunted Labs “Hunting Ground” research blog Open Source Malware (Paul McCarty) Learn more about your ad choices. Visit megaphone.fm/adchoices

    27 min
Ver todo (2 mil)

Tráiler

Presentadores e invitados

Valoraciones y reseñas

4,2
de 5
5 valoraciones

Información

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

Ficha técnica

  • Creado por
    N2K Networks
  • Años en activo
    2016 - 2026
  • Episodios
    2 mil
  • Clasificación
    Apto
  • Derechos de autor
    © 2024 N2K Networks, Inc. 706761
  • Sitio web del podcast
    CyberWire Daily

Quizá también te guste