CyberWire Daily

Google says AI-powered cybercrime has gone industrial scale. Two new Windows zero-days emerge. Signal threatens to leave Canada over lawful access legislation. Pentagon-linked influence operations shift to paid ads. Linux admins scramble to patch a new root-level flaw. FamousSparrow targets Azerbaijan’s energy sector. Cisco announces layoffs despite record revenue. An alleged Dream Market administrator faces cryptocurrency money laundering charges. Our guest is Cynthia Kaiser, SVP of Ransomware Research Center at Halcyon, discussing "Akira Ransomware Attacks in Under an Hour." The surveillance will continue until employee sentiment improves.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Cynthia Kaiser, SVP of Ransomware Research Center at Halcyon, is discussing "Akira Ransomware Attacks in Under an Hour."

Selected Reading

Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access (Google Cloud Blog)

Mystery Microsoft bug leaker keeps the zero-days coming (The Register) 

Signal warns it would pull out of Canada if made to comply with lawful access bill (The Globe and Mail)

Fewer Bots, More Ads: The Pentagon’s Evolving Online Influence Campaigns (Lawfare)

New Fragnesia Linux flaw lets attackers gain root privileges (Bleeping Computer) 

FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit (Hackread) 

KongTuke hackers now use Microsoft Teams for corporate breaches (Bleeping Computer)

Our Path Forward (Cisco Blogs)

German citizen charged with laundering funds linked to prominent darknet marketplace “Dream Market” (United States Department of Justice)

The Rise of Emotional Surveillance (The Atlantic)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Patch Tuesday. Global agencies update SBOM guidance. Iran-linked espionage group Seedworm breached a major South Korean electronics manufacturer. A telehealth platform breach affects 716,000. Foxconn confirms a cyberattack. Maria Varmazis has an update on orbital data centers. A lawmaker questions surveillance pricing. Brandon Karpf, friend of the show, is talking with Dave about "Japan’s space systems face growing cybersecurity threats." Robotic lawnmowers on the cutting edge.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today Brandon Karpf, friend of the show, is talking with Dave about "Japan’s space systems face growing cybersecurity threats."

Selected Reading

Microsoft Fixes 17 Critical Flaws in May Patch Tuesday (Infosecurity Magazine)

Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises (SecurityWeek)

Adobe Patches 52 Vulnerabilities in 10 Products (SecurityWeek)

Fortinet, Ivanti Patch Critical Vulnerabilities (SecurityWeek)

Chipmaker Patch Tuesday: Intel and AMD   70 Vulnerabilities (SecurityWeek)

ICS Patch Tuesday: New Security Advisories From Siemens, Schneider, CISA (SecurityWeek)

Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks (Infosecurity Magazine)

Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign (SECURITY.COM)

716,000 Impacted by OpenLoop Health Data Breach (SecurityWeek)

Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files (The Register)

Congressman launches inquiry into how food retailers use surveillance pricing (The Record)

Orbital Inference Data Center Bets On Space GPUs (IEEE Spectrum)

Cowboy Space raises $275 million to launch AI data centers on brand-new rocket (Space.com)

Yarbo responds to robot flaws that could mow down their owners (Malwarebytes)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Former NSA chief says the U.S. can beat China in cyberspace. Canvas cuts a deal with hackers. The FCC proposes KYC rules for phone users. SAP patches critical flaws. A poisoned TanStack npm supply chain attack spreads malware. Humanitarian aid lures deliver spyware. Japan launches an AI-driven cyber review. Texas sues Netflix over data practices. And Harvard experts debate the future of agentic AI security. On our Threat Vector segment David Moulton welcomes, Assaf Keren, CSO at Qualtrics and author of Lessons from the Frontlines. Our guest is Tim Starks from CyberScoop discussing changes to the CyberCorps Scholarship program. The Gentleman’s guide to awful OPSEC. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector

AI is the most powerful tool defenders have ever had. It's also the most dangerous weapon attackers have ever had. Assaf Keren, CSO at Qualtrics and author of Lessons from the Frontlines, has seen AI reshape both sides of the threat equation. In this conversation, he gets specific about what happens when powerful tools fall into the wrong hands, and what leaders need to do before they get caught off-guard. You can listen to the full conversation here, and catch new episodes of Threat Vector with host David Moulton every Thursday on your favorite podcast app.

CyberWire Guest

Today we are joined by Tim Starks from CyberScoop discussing changes to the CyberCorps Scholarship program. You can read more in Tim’s article “Trump officials are steering a cybersecurity scholarship program toward AI.”

Selected Reading

I Ran the N.S.A. This Is How to Defeat China’s Hacker Army. (The New York Times)

Canvas hack: company pays criminals to delete students' stolen data (BBC News)

FCC Attempts to Solve Robocall Problem by Potentially Creating Even Bigger Privacy Problem (Gizmodo)

SAP Patches Critical S/4HANA, Commerce Vulnerabilities (SecurityWeek)

Cache-poisoning caper turns TanStack npm packages toxic (The Register)

Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware (Hackread)

Japan’s PM orders cybersecurity review to stop Mythos going full CyberZilla (The Register)

Texas sues Netflix over alleged data practices that create ‘surveillance machinery’ without user consent (The Record)

Time for government, business leaders to figure out AI cybersecurity regulation (Harvard Gazette)

Tables Turned: Gentlemen Ransomware Group Suffers Data Leak (BankInfo Security)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The FCC eases restrictions on foreign-made routers. Shiny Hunters hit Canvas and Zara. SailPoint discloses unauthorized access to its GitHub repositories. TrickMo Android banking malware has more tricks up its sleeve. Polish officials warn of increased targeting of ICS and public infrastructure. A federal judge orders $10 million in restitution for stolen zero days. German authorities takedown the Crimenetwork marketplace, again. Monday business breakdown. Dan Lorenc, Chainguard CEO and co-founder, is talking about a recent wave of supply chain attacks. Malware gets signed, sealed and delivered. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Dan Lorenc, Chainguard CEO and co-founder, is talking about how the recent wave of supply chain attacks is fundamentally different – and more dangerous –than previous incidents, as well as immediate steps organizations should take as this continues to unfold.

Selected Reading

US: FCC Relaxes Foreign-Made Router Ban to Allow for Security Updates (Infosecurity Magazine)

ShinyHunters Escalates Canvas Extortion (Infosecurity Magazine)

Zara Data Breach Impacts Nearly 200,000 Customers (Infosecurity Magazine)

SailPoint Discloses GitHub Repository Hack (SecurityWeek)

TrickMo Android banker adopts TON blockchain for covert comms (Bleeping Computer)

Polish ABW warns cyberattacks shifting from espionage and data theft toward physical disruption of critical infrastructure (Industrial Cyber)

Trenchant Exec Who Sold Zero Days to Russian Buyer Ordered to Pay $10 Million in Restitution to Former Employers (Zero Day)

Resurrected 'Crimenetwork' Marketplace Taken Down, Administrator Arrested (SecurityWeek)

XBOW secures an additional $35 million in Series C funding. (N2K Pro Business Briefing)

Hackers Trick DigiCert Into Issuing Certificates Used to Sign Malware (Hackread)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Career Notes.

Payal Chakravarty, Head of Product for Security and Risk from Coalition, sits down to share her story of working at several different organizations, including interning for IBM and Microsoft. After obtaining her master's degree, she worked with IBM a bit more closely and fell in love with one of the projects she was working on. Payal had a very interesting career path going from physical to virtual, virtual to cloud now, cloud to containers. She says that there is still some bias she has dealt with as a woman in her field, she says, "I think the way you handle it is you negotiate or you kind of calmly handle the situation, there's no ego involved." Payal shares that in working in this field you need to be in love with it, giving the advice that don't just choose a job because of the money or because it's cool, but because you feel connected to it as a profession. We thank Payal for sharing her story.
Learn more about your ad choices. Visit megaphone.fm/adchoices