episode-header-image

Feb 2025

31m 19s

Pay the ransom or risk data carnage.

About this episode

Qilin ransomware gang claims responsibility for attack against Lee Enterprises. Thai police arrest suspected hacker behind more than 90 data leaks. JavaGhost uses compromised AWS environments to launch phishing campaigns. LotusBlossum cyberespionage campaigns target Southeast Asia. Malware abuses Microsoft dev tunnels for C2 communication. Protecting the food supply. Today’s guest is Keith Mularski, Chief Global Ambassador at Qintel and former FBI Special Agent, discussing crypto being the target of the cyber underground. And an interview with Iron Man?

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we share Dave’s conversation with Keith Mularski, Chief Global Ambassador at Qintel and former FBI Special Agent, discussing crypto being the target of the cyber underground.

Selected Reading

Ransomware Group Takes Credit for Lee Enterprises Attack (SecurityWeek)

Hacker Behind Over 90 Data Leaks Arrested in Thailand (SecurityWeek)

JavaGhost’s Persistent Phishing Attacks From the Cloud (Unit 42)

Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools (Cisco Talos)

Njrat Campaign Using Microsoft Dev Tunnels (SANS Internet Storm Center)

New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins (Cyber Security News)

How pass the cookie attacks can bypass your MFA (Longwall Security)

Farm and Food Cybersecurity Act reintroduced to protect food supply chain from cyber threats (Industrial Cyber)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Cyber defenders pulled into deportation duty.

DHS reassigns cyberstaff to immigration duties. A massive DDoS attack disrupts several major gaming platforms. Discord refuses ransom after a third-party support system breach. Researchers examine Chaos ransomware and creative log-poisoning web intrusions. The FCC reconsiders its ... Show More

Chinese hackers serve up espionage.

Chinese hackers infiltrate a major U.S. law firm. The EU Commission President warns Russia is waging a hybrid war against Europe. Researchers say LoJax is the latest malware from Russia’s Fancy Bear. Salesforce refuses ransom demands. London Police arrest two teens over an allege ... Show More

Critical GoAnywhere bug fuels ransomware wave.

Microsoft tags a critical vulnerability in Fortra’s GoAnywhere software. A critical Redis vulnerability could allow remote code execution. Researchers tie BIETA to China’s MSS technology enablement. Competing narratives cloud the Oracle E-Business Suite breach. An Ohio-based visi ... Show More

Recommended Episodes

Cloudflare Fends Off A Record Breaking 11.5 Tbps DDoS Attack

In this episode of Cybersecurity Today, host Jim Love covers the latest and most critical stories in the world of cyber threats and digital defense: • Cloudflare fends off a record-breaking 11.5 Tbps DDoS attack, highlighting the relentless scale and sophistication of modern cybe ... Show More

Hackers Say Thanks For Lousy Security In Large Fast Food Chain

Cybersecurity Today: Ghost Action Campaign, SalesLoft Breach, AI Vulnerabilities, and Restaurant Security Flaws Host David Shipley discusses the latest in cybersecurity, including the Ghost Action Campaign which compromised over 3000 secrets from GitHub repositories, the SalesLof ... Show More

Cybercrime Magazine Update: Small Business Alert. Top 10 Most Common Social Engineering Attacks.

Tech Bullion has highlighted the top 10 most common social engineering attacks that small businesses should know, including phishing emails and spear phishing. In this episode, host Paul John Spaulding is joined by Steve Morgan, Founder of Cybersecurity Ventures and Editor-in-Chi ... Show More

Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear's New Malware, and Canada's Anti-Fraud Proposals

Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear's New Malware, and Canada's Anti-Fraud Proposals In this episode of Cybersecurity Today, hosted by David Shipley, we examine several major cybersecurity stories. A whistleblower accuses Elon M ... Show More

NPM Attack Leave Hackers Empty Handed: Cybersecurity Today with David Shipley

Cybersecurity Today: NPM Attack, Void Proxy Phishing, and Major Business Disruptions In this episode of Cybersecurity Today, host David Shipley discusses a recent massive NPM attack that, despite causing significant disruption, left hackers with minimal gains. We also cover a new ... Show More

Lockbit Is Back

Emerging Cybersecurity Threats: Lockbit 5.0, Salesforce AI Vulnerabilities, and China's Cyber Intelligence Advancements In this episode of 'Cybersecurity Today,' host Jim Love discusses the latest cybersecurity threats, including the emergence of Lockbit 5.0 ransomware which can ... Show More

SN 1014: FREEDOM Administration Login - Apple's UK Privacy Showdown, $1.5 Billion Crypto Heist

Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in ... Show More

Cybersecurity Today: Virtual Employees, AI Security Agents, and CVE Program Updates

In this episode of 'Cybersecurity Today,' host Jim Love discusses various pressing topics in the realm of cybersecurity. Highlights include Anthropic's prediction on AI-powered virtual employees and their potential security risks, Microsoft’s introduction of AI security agents to ... Show More

Cybersecurity Breaches: Salesforce, Workday, and Critical Infrastructure Hacked

In today's episode of 'Cybersecurity Today,' hosted by Jim Love, we cover several key issues in the cybersecurity landscape. Firstly, a breach involving Workday and social engineering attacks targeting Salesforce customers is discussed. Next, the risks posed by a recent Windows u ... Show More

Listen to millions of songs and podcasts on Anghami