CyberWire Daily
Recent Episodes
RSAC 2025 comes to an end. Canadian power company hit by cyberattack. Ascension Health discloses another breach. UK luxury department store Harrods discloses attempted cyberattack. Microsoft fixes bug flagging Gmail as spam. An unofficial version of the Signal app shared in photo. EU fines TikTok for violating GDPR with China data transfer. US Treasury to cut off Southeast Asian cybercrime key player. Passwordless by default coming your way. Our guest is Kevin Magee, from Microsoft, sharing a medley of interviews he gathered on the show floor of RSAC 2025.
TranscriptUpdates from RSAC 2025. Former NSA cyber chief Rob Joyce warns that AI is rapidly approaching the ability to develop high-level software exploits. An FBI official warns that China is the top threat to U.S. critical infrastructure. Mandiant and Google raise alarms over widespread infiltration of global companies by North Korean IT workers. France accuses Russia’s Fancy Bear of targeting at least a dozen French government and institutional entities. SonicWall has issued an urgent alert about active exploitation of a high-severity vulnerability in its Secure Mobile Access appliances. A China-linked APT group known as “TheWizards” is abusing an IPv6 networking feature. Gremlin Stealer emerges as a serious threat. A 23-year-old Scottish man linked to the Scattered Spider hacking group has been extradited from Spain to the U.S. Senators urge FTC action on consumer neural data. New WordPress malware masquerades as an anti-malware plugin. Our guest is Andy Cao from ProjectDiscovery, the Winner of the 20th Annual RSAC™ Innovation Sandbox Contest. Our intern Kevin returns with some Kevin on the Street interviews from the RSAC floor. Research reveals the risk of juice jacking isn’t entirely imaginary.
TranscriptLess CISA, more private sector power?
DHS Secretary Kristi Noem justifies budget cuts in her RSAC keynote. The EFF pens an open letter to Trump backing Chris Krebs. Scattered Spider is credited with the Marks & Spencer cyberattack. Researchers discover a critical flaw in Apple’s AirPlay protocol. The latest CISA advisories. On our Industry Voices segment, we are joined by Neil Gad, Chief Product and Technology Officer at RealVNC, who is discussing a security-first approach in remote access software development. What do you call an AI chatbot that finished at the bottom of its class in med school?
TranscriptTrends shaping the future at RSAC.
RSAC 2025 is well under way, and Kevin the Intern files his first report. Authorities say Spain and Portugal’s massive power outage was not a cyberattack. Concerns are raised over DOGE access to classified nuclear networks. The FS-ISAC launches the Cyberfraud Prevention Framework. Real-time deepfake fraud is here to stay. On today’s Threat Vector, host David Moulton speaks with Daniel B. Rosenzweig, a leading data privacy and AI attorney, about the growing complexity of privacy compliance in the era of big data and artificial intelligence. Protecting your company…with a fat joke.
TranscriptA massive power outage strikes the Iberian Peninsula. Iran says it repelled a “widespread and complex” cyberattack targeting national infrastructure. Researchers find hundreds of SAP NetWeaver systems vulnerable to a critical zero-day. A British retailer tells warehouse workers to stay home following a cyberattack. VeriSource Services discloses a breach exposing personal data of four million individuals. Global automated scanning surged 16.7% in 2024. CISA discloses several critical vulnerabilities affecting Planet Technology’s industrial switches and network management products. A Greek court upholds a VPN provider’s no-logs policies. Law enforcement dismantles the JokerOTP phishing tool. Our guest is Tim Starks from CyberScoop with developments in the NSO Group trial. How Bad Scans and AI Spread a Scientific Urban Legend.
Transcript
