Search the site
Industry Insights
Podcasts
Briefings
Stories
Events
Glossary
N2K Pro
CSO Perspectives
Podcasts
Briefings
Pro Academy
New
Hash Table
1
st
Principles Course
About
Our Story
Press
Team
Testimonials
Sponsor
Partners
Dev
API
Account
Profile
Logout
Home
Search the site
Industry Insights
Podcasts
Briefings
Stories
Events
Glossary
N2K Pro
CSO Perspectives
Podcasts
Briefings
Pro Academy
New
Hash Table
1
st
Principles Course
Dev
API
About
Our Story
Press
Team
Testimonials
Sponsor
Partners
December 11, 2024
Join Pro
LOGIN
Cybersecurity News
Daily Briefing
Just Now
Microsoft patches an actively exploited vulnerability. Chinese APT abuses Visual Studio Code Tunnels for C2 purposes.
Europol operation seizes DDoS booters.
Microsoft
8 hours ago
Johann Rehberger on Researching AI & LLM Attacks
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Johann Rehberger, security expert and Red Team director at Electronic Arts. Johann shares his career journey through roles at Microsoft, Uber, and EA, highlighting his expertise in red teaming and cybersecurity. Johann shares the inspiration behind his book on Red Team strategies and discusses his BlueHat 2024 talk on prompt injection vulnerabilities, a critical and evolving AI security challenge. Johann breaks down the distinction between prompt injection and jailbreaking, offering insights into the potential risks, including data exfiltration and system unavailability, and emphasizes the importance of securing Red Teams themselves.
SpyCast
19 hours ago
“An Imperial History of the CIA” – with Hugh Wilford
Hugh Wilford joins Andrew Hammond to discuss his new book. Hugh is a professor, author, and leading CIA historian.
CyberWire Daily
19 hours ago
Buckets of trouble.
Researchers uncover a large-scale hacking operation tied to the infamous ShinyHunters. A Dell Power Manager vulnerability lets attackers execute malicious code. TikTok requests a federal court injunction to delay a U.S. ban. Radiant Capital attributed a $50 million cryptocurrency heist to North Korea. Japanese firms report ransomware attacks affecting their U.S. subsidiaries. WhatsApp’s “ViewOnce” feature faces continued scrutiny. SpyLoan malware targets Android users through deceptive loan apps. A major Romanian electricity distributor is investigating an ongoing ransomware attack. A critical flaw in OpenWrt Sysupgrade has been fixed. Contenders for top cyber roles in the next Trump administration visit Mar-a-Lago. On our Industry Voices segment, Jason Lamar, Cobalt’s Senior Vice President of Product, joins us to share insights on offensive security: staying ahead of cyber threats. Google’s new quantum chip promises scaling without failing.
story
20 hours ago
Why cybersecurity leaders trust the MITRE ATT&CK Evaluations.
In today’s dynamic threat landscape, security leaders are under constant pressure to make informed choices about which solutions and strategies they employ to protect their organizations. The “MITRE Engenuity ATT&CK Evaluations: Enterprise” stand out as an essential resource for cybersecurity decision makers to navigate this challenge.
Daily Briefing
Dec 10, 2024
Nemesis and ShinyHunters target misconfigured websites in widespread hacking campaign.
Radiant Capital attributes $50 million cryptocurrency theft to DPRK hackers. Romanian energy company hit by ransomware.
CyberWire Daily
Dec 9, 2024
Router security in jeopardy.
A critical zero-day is confirmed by a Japanese router maker. Romania annuls the first round of its 2024 presidential election over concerns of Russian interference. A sophisticated malware campaign targets macOS users. Mandiant uncovers a method to bypass browser isolation using QR codes. Belgian and Dutch authorities arrest eight individuals linked to online fraud schemes. A medical device company discloses a ransomware attack. A community hospital in Massachusetts confirms a ransomware attack affecting over three hundred thousand. The Termite ransomware gang claims responsibility for the attack on Blue Yonder. Synology patches multiple vulnerabilities in its Router Manager (SRM) software. The head of U.S. Cyber Command outlines the challenges of keeping decision makers up to date. Our guest is Anna Pobletts, Head of Passwordless at 1Password, discussing the state of passkeys and what she sees on the road to a truly passwordless future. Robot rats join the mischief.
Daily Briefing
Dec 9, 2024
I-O Data is still working on patches for two router zero-days. Medical device manufacturer hit by ransomware.
Europol operation shuts down phone phishing gang.
Special Editions
Dec 8, 2024
Digital Mindhunters: a novel look at cybersecurity and artificial intelligence.
In this special edition podcast, N2K CyberWire's Executive Editor Brandon Karpf talks with author, CEO and cybersecurity advisor Dr. Bilyana Lilly about her new novel "Digital Mindhunters."
Research Saturday
Dec 7, 2024
The JPHP loader breaking away from the pack.
Shawn Kanady, Global Director of Trustwave SpiderLabs, to discuss their work on "Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader." Trustwave SpiderLabs has uncovered Pronsis Loader, a new malware variant using the rare programming language JPHP and stealthy installation tactics to evade detection. The malware is capable of delivering high-risk payloads like Lumma Stealer and Latrodectus, posing a significant threat. Researchers highlight its unique capabilities and infrastructure, offering insights for bolstering cybersecurity defenses.
Week that Was
Dec 7, 2024
Salt Typhoon breached at least eight US telecoms. Russia's Secret Blizzard exploits Pakistani APT's infrastructure.
Earth Minotaur targets Tibetan and Uyghur communities with mobile phishing attacks.
CyberWire Daily
Dec 6, 2024
The NTLM bug that sees and steals.
Researchers uncover a critical Windows zero-day. An alleged Ukrainian cyberattack targets one of Russia’s largest banks. Russian group BlueAlpha exploits CloudFlare services. Microsoft flags Chinese hacking group Storm-0227 for targeting critical infrastructure and U.S. government agencies. SonicWall patches high-severity vulnerabilities in its secure access gateway. Atrium Health reports a data breach affecting over half a million individuals. Rockwell Automation discloses four critical vulnerabilities in its Arena software. U.S. authorities arrest an alleged member of the Scattered Spider gang. Our guest is Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox Contest and its new investment component. C3PO gets caught in the crypto mines.
Load More
Gain instant access to our exclusive podcast and briefing content, the Pro Academy, live events and more by subscribing to N2K Pro.
Subscribe Now