episode-header-image

Apr 24

28m 57s

Lessons from the latest breach reports.

About this episode

Verizon and Mandiant call for layered defenses against evolving threats. Cisco Talos describes ToyMaker and Cactus threat actors. Researchers discover a major Linux security flaw which allows rootkits to bypass traditional detection methods. Ransomware groups are experimenting with new business models. Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division shares the latest on Salt Typhoon. Global censorship takes a coffee break.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Dave sits down with Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division who shares a PSA on Salt Typhoon.

Selected Reading

2025 Data Breach Investigations Report (Verizon)

Mandiant M-Trends 2025 Report (Mandiant)

Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs (Ciso Talos)

Linux 'io_uring' security blindspot allows stealthy rootkit attacks (bleepingcomputer)

Ransomware groups test new business models to hit more victims, increase profits (the record)

Cloudflare: Government-backed internet shutdowns plummet to zero in first quarter (the record)

Share your feedback.

We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.

Want to hear your company in the show?

You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next

Plug-ins gone rogue.

Patch Tuesday. An Iranian ransomware group puts a premium on U.S. and Israeli targets. Batavia spyware targets Russia’s industrial sector. HHS fines a Texas Behavioral Health firm for failed risk analysis. The Anatsa banking trojan targets financial institutions in the U.S. and C ... Show More

Memory leaks and login sneaks.

Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. ... Show More

SafePay, unsafe day.

Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking syst ... Show More

Recommended Episodes

FBI Saves Millions and Lives in Cyber Hacking Take Down: Cyber Security Today for February 15, 2025

Cybersecurity Today: North Korean Hacks, AI Memory Breach, and School Data Comprimise In this episode of Cybersecurity Today, host Jim Love covers a range of crucial topics in the cybersecurity landscape. North Korean hackers are using new social engineering tactics to infiltrate ... Show More

The X Attack - More Information Surfaces: Cyber Security Today for Wednesday, March 12, 2024

Cybersecurity Today: From DDoS Attacks to Developer Sabotage In today's episode, host Jim Love discusses several major cybersecurity incidents: the pro-Palestinian group Dark Storm's claimed DDoS attack on X Twitter and its implications; the impact of budget cuts from the Departm ... Show More

Cyber Espionage and Financial Crime: North Korea’s Double Threat

In this episode of Threat Vector, host David Moulton speaks with Assaf Dehan, Director of Threat Research at Palo Alto Networks’ Cortex team, about the rising cyber threat from North Korea. Dehan, a cybersecurity expert with over 18 years of experience, discusses the nation's str ... Show More

Hackers Move From Data Theft To Complete Destruction: Cyber Security Today For Wednesday, December 4, 2024

Cybersecurity Today: From Data Theft to Total Destruction In today's episode, we cover the latest shifts in cybercrime as hackers move from data theft to complete system destruction, impacting businesses on a massive scale. We discuss Palo Alto Networks' insights on these damagin ... Show More

Decoding XDR: Allie Mellen on What’s Next

Announcement: We are pleased to share an exciting announcement about Cortex XDR at the top of our show. You can learn more here. Check out our episode on "Cyber Espionage and Financial Crime: North Korea’s Double Threat" with Assaf Dahan, Director of Threat Research at Palo Alto ... Show More

Google’s New Free Cybersecurity Certificate: Cyber Security Today for Monday, November 25, 2024

Cybersecurity Today: Palo Alto Firewalls Breached, APT28's Wi-Fi Hack, Meta Fights Scams In today's episode, over 2,000 Palo Alto firewalls were hacked via patched zero-day vulnerabilities; a Russian group, APT28, exploited Wi-Fi networks in a novel 'Nearest Neighbor Attack' to b ... Show More

Lessons from 2024's Biggest Cyber Incidents and Building Stronger Defenses for 2025

In this episode, Shrav Mehta, Founder, and CEO at Secureframe, joins me to discuss major cybersecurity incidents in 2024, highlighting five significant breaches: National Public Data (2.7 billion records), AT&T (50 billion), Ticketmaster (500 million), Change Healthcare (145 mill ... Show More

Listen to millions of songs and podcasts on Anghami