Épisodes

  • TikTok lives to scroll another day.

    TikTok lives to scroll another day.
    Jan 23 2026
    At long last, a TikTok deal. Officials urge lawmakers to keep an eye on the quantum ball. Fortinet confirms active exploitation of a critical authentication bypass flaw. Ireland plans to authorize spyware for law enforcement. Okta warns customers of sophisticated vishing kits. Under Armour investigates data breach claims. CISA adds a Zimbra Collaboration Suite flaw to the known exploited vulnerabilities list. Poor OpSec enables recovery of data stolen by the INC ransomware gang. The DOJ deports a pair of Venezuelans convicted of ATM jackpotting. Our guest is Chris Nyhuis [nye-heis], Founder and CEO of Vigilant, sharing practical steps to protect money, identity, and devices. Curl pulls the plug on bug bounties after drowning in AI slop. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Chris Nyhuis, Founder and CEO of Vigilant, sharing "practical steps consumers can take in 2026 to protect their money, identity, and devices." Selected Reading TikTok Strikes Deal to Create New U.S. Entity and Loosen App’s Ties to China (New York Times) US Officials Urge Congress to Reauthorize Key Quantum Law (BankInfo Security) Fortinet confirms critical FortiCloud auth bypass not fully patched (Bleeping Computer) Ireland plans law allowing law enforcement to use spyware (The Record) Okta SSO accounts targeted in vishing-based data theft attacks (Bleeping Computer) Under Armour Investigates Data Breach (Infosecurity Magazine) Organizations Warned of Exploited Zimbra Collaboration Vulnerability (SecurityWeek) INC ransomware opsec fail allowed data recovery for 12 US orgs (Bleeping Computer) 2 Venezuelans Convicted in US for Using Malware to Hack ATMs (SecurityWeek) Curl ending bug bounty program after flood of AI slop reports (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Afficher plus Afficher moins
    30 min
  • Stabilized but smaller.

    Stabilized but smaller.
    Jan 22 2026
    CISA’s acting director assures Congress the agency has “stabilized”. Google and Cisco patch critical vulnerabilities. Fortinet firewalls are being hit by automated attacks that create rogue accounts. A global spam campaign leverages unsecured Zendesk support systems. LastPass warns of attempted account takeovers. Greek authorities make arrests in a sophisticated fake cell tower scam. Executives at Davos express concerns over AI. Pwn2Own Automotive proves profitable. Our guest is Kaushik Devireddy, AI data scientist at Fable Security, with insights on a fake ChatGPT installer. New password, same as the old password. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kaushik Devireddy, AI data scientist at Fable Security, discussing their work on "How a fake ChatGPT installer tried to steal my password". Selected Reading CISA Is 'Trying to Get Back on Its Mission' After Trump Cuts (CISA) Google Patches High-Severity V8 Race Condition in Chrome 144 published: today (Beyond Machines) Cisco Patches Actively Exploited Flaw in Unified Communications Products (Beyond Machines) Hackers breach Fortinet FortiGate devices, steal firewall configs (Bleeping Computer) Zendesk ticket systems hijacked in massive global spam wave (Bleeping Computer) LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords (Infosecurity Magazine) Greek Police Arrest Scammers in Athens Using Fake Cell Tower for SMS Phishing Operation (TechNadu) Execs at Davos say AI's biggest problem isn't hype — it's security (Business Insider) Hackers exploit 29 zero-days on second day of Pwn2Own Automotive (Bleeping Computer) Analysis of 6 Billion Passwords Shows Stagnant User Behavior (SecurityWeek) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Afficher plus Afficher moins
    25 min
  • DOGE and the data trail.

    DOGE and the data trail.
    Jan 21 2026
    DOGE staff face scrutiny over possible Hatch Act violations. GitLab fixes a serious 2FA bypass. North Korean hackers target macOS developers through Visual Studio Code. Researchers say the VoidLink malware may be largely AI-built. MITRE rolls out a new embedded systems threat matrix. Oracle drops a massive patch update. Minnesota DHS reports a breach affecting 300,000 people. Germany looks to Israel for cyber defense lessons. A major illicit marketplace goes dark. Our guest is Ashley Jess, Senior Intelligence Analyst from Intel 471, with a “crash course” on underground cyber markets. And auditors emerge as an unlikely line of cyber defense. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we have Ashley Jess, Senior Intelligence Analyst from Intel 471, sharing a “crash course” on how underground cyber markets and emerging trends. Selected Reading Trump administration concedes DOGE team may have misused Social Security data (POLITICO) GitLab warns of high-severity 2FA bypass, denial-of-service flaws (Bleeping Computer) North Korean Hackers Target macOS Developers via Malicious VS Code Projects (SecurityWeek) Voidlink Linux Malware Was Built Using an AI Agent, Researchers Reveal (Infosecurity Magazine) MITRE Launches New Security Framework for Embedded Systems (SecurityWeek) Oracle's First 2026 CPU Delivers 337 New Security Patches (SecurityWeek) Minnesota Agency Notifies 304,000 of Vendor Breach (GovInfo Security) Germany and Israel Pledge Cybersecurity Alliance (BankInfo Security) $12B Scam Market Tudou Guarantee Shuts Down (GovInfo Security) Research reveals a surprising line of defence against cyber attacks: accountants (The Conversation) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Afficher plus Afficher moins
    27 min
  • Million-dollar hacks and a manhunt.

    Million-dollar hacks and a manhunt.
    Jan 20 2026
    Authorities pursue Black Basta. British authorities launch a new national service to fight fraud and cybercrime. LinkedIn private messages get infected with RATs. Researchers uncover a new malicious extension that intentionally crashes the browser. Ingram Micro discloses a ransomware-related data breach. A Jordanian man pleads guilty to selling stolen access to corporate networks. Business Breakdown. Tim Starks from CyberScoop discusses Sean Plankey's renomination to lead CISA. Grave oversight in the funeral biz. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Tim Starks from CyberScoop as he is discussing Sean Plankey's renomination to lead CISA. You can use Tim’s take on it here. Selected Reading Police raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader (The Record) UK launches landmark 'Report Fraud' service to tackle cybercrime and fraud (The Record) Linkedin Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs (Infosecurity Magazine) Fake ad blocker extension crashes the browser for ClickFix attacks (Bleeping Computer) Ingram Micro reveals ransomware attack hit 42,000 people - here's how to find out more (TechRadar) Jordanian Man Pleads Fake ad blocker extension crashes the browser for ClickFix attacksGuilty to Selling Stolen Logins for 50 Companies (Hackread) CrowdStrike agrees to acquire SGNL for $740 million and Seraphic for $420 million. (N2K Pro) Exclusive: Funeral Industry Faces Security Gaps as Top Firms Lack Key Certifications (The Chosun Daily) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Afficher plus Afficher moins
    23 min
  • Are we a trade or a profession? [CISO Perspectives]

    Are we a trade or a profession? [CISO Perspectives]
    Jan 20 2026
    Please enjoy this encore of CISO Perspectives. We're sharing a episode from another N2K show we thought you might like. It's the second episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy! Show Notes: Cybersecurity has an identity problem where the industry as a whole is struggling to determine whether it is a trade or a profession. In this episode of CISO Perspectives, host Kim Jones sits down with Larry Whiteside Jr., the Chief Advisory Officer for The CISO Society, to discuss this identity crisis and how the industry as a whole connects to both of these labels. Throughout the conversation, Larry and Kim will discuss the merits and drawbacks of both labels and how cybersecurity does not solely fall into one category or the other. Want more CISO Perspectives?: Check out a companion blog post by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. It’s the perfect follow-up if you’re curious about the cyber talent crunch and how we can reshape the ecosystem for future professionals. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Afficher plus Afficher moins
    45 min
  • Investing in the security tech market with NightDragon. [T-Minus Space Daily Special Edition]

    Investing in the security tech market with NightDragon. [T-Minus Space Daily Special Edition]
    Jan 19 2026
    While our team is away from the mic observing the Martin Luther King, Jr. holiday in the United States, we share this thoughtful discussion from our T-Minus Space Daily team. Signals Intelligence (SIGINT) is the practice of intercepting and analyzing electronic signals, like phone calls, emails, radar, and telemetry, to gather actionable intelligence for national security, defense, and military operations. It’s primarily conducted by agencies like NSA, but over the last decade many companies in the commercial sector have grown in this vital area of national defense, especially in space. Our guest is Dave DeWalt, CEO of NightDragon, who shared why his firm is investing in tech and space. Dave joins T-Minus Space Daily host Maria Varmazis for this special edition podcast. You can connect with Dave on LinkedIn, and learn more about NightDragon on their website. Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow T-Minus on LinkedIn and Instagram. Share your feedback. What do you think about T-Minus Space Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Afficher plus Afficher moins
    20 min
  • Pentesting at the speed of thought. [CyberWire-X]

    Pentesting at the speed of thought. [CyberWire-X]
    Jan 19 2026
    While our team is observing the Martin Luther King, Jr. holiday in the United States, please enjoy this CyberWire-X episode featuring the team from Horizon3.ai. In this CyberWire-X episode, Dave Bittner speaks with Horizon3.ai co-founder and CEO Snehal Antani about how continuous autonomous penetration testing is reshaping security resilience. Antani reflects on his journey from CIO to DoD operator, where he learned that the hardest part of security isn’t patching — it’s prioritizing what matters and proving defenses work before attackers do. He explains why vulnerability scans fall short, how “AI hackers” simulate adversary behavior at machine speed, and why organizations must shift from compliance thinking to attacker-centric validation. Antani shares real-world findings, warns of 77-second domain compromise, and predicts a future of AI fighting AI, with humans by exception. Resources: Whitepaper: NodeZero® for Pentesters and Red Teams Whitepaper: Traditional vs. Autonomous: Why NodeZero® is the Future of Cyber Risk Assessments Learn more about your ad choices. Visit megaphone.fm/adchoices
    Afficher plus Afficher moins
    24 min
  • Deepen Desai: A doctor in computer viruses. [CISO] [Career Notes]

    Deepen Desai: A doctor in computer viruses. [CISO] [Career Notes]
    Jan 18 2026
    Please enjoy this encore of Career Notes. Deepen Desai, Global Chief Information Security Officer at Zscaler, shares his story as a doctor that treats computer viruses. He describes how he got into the security field and his work with Zscaler. He says what it's like learning and growing in this field and shares great advice for people who are up and coming in the field. Deepen describes working with an incredible team and how much joy it brings him to see his team learning and growing beyond their roles working with him. He says he want's to be remembered as a mentor among his colleagues. He says "I still remember my first team that I built, 15 years ago. Most of those guys are leading key technologies at many of the major security vendors, and some of them are still with me." We thank Deepen for sharing his story. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Afficher plus Afficher moins
    10 min