Search the site
Industry Insights
Podcasts
Briefings
Stories
Events
Glossary
N2K Pro
CSO Perspectives
Podcasts
Briefings
Pro Academy
New
Hash Table
1
st
Principles Course
About
Our Story
Press
Team
Testimonials
Sponsor
Partners
Dev
API
Account
Profile
Logout
Home
Search the site
Industry Insights
Podcasts
Briefings
Stories
Events
Glossary
N2K Pro
CSO Perspectives
Podcasts
Briefings
Pro Academy
New
Hash Table
1
st
Principles Course
Dev
API
About
Our Story
Press
Team
Testimonials
Sponsor
Partners
January 22, 2025
Join Pro
LOGIN
Cybersecurity News
CyberWire Daily
Just Now
The uncertain future of cyber safety oversight.
The latest cyber moves from the Trump White House. Pompompurin faces resentencing. An attack on a government IT contractor impacts Medicaid, child support, and food assistance programs. Helldown ransomware targets unpatched Zyxel firewalls. Murdoc is a new Mirai botnet variant. Cloudflare maps the DDoS landscape. North Korea’s Lazarus group uses fake job interviews to deploy malware. Hackers are abusing Google ads to spread AmosStealer malware. Pwn2Own Automotive awards over $382,000 on its first day. In our CertByte segment, Chris Hare and Steven Burnley take on a question from N2K’s Agile Certified Practitioner (PMI-ACP)® Practice Test. NYC Restaurant week tries to keep bots off the menu.
Business
Just Now
Mitiga secures $30 million in Series B funding. Doti AI and Spikerz each raise $7 million.
HUB Cyber Security to acquire fraud data intelligence platform BlackSwan Technologies
Daily Briefing
4 hours ago
President Trump fires DHS advisory committee members and pardons Silk Road founder.
BreachForums founder to be resentenced. Conduent confirms outage was caused by a cyberattack.
Story
6 hours ago
CertByte: ISC2® Certified in Cybersecurity
On this edition of CertByte, we discuss a question from N2K’s ISC2® Certified in Cybersecurity (CC) practice test. As your news-to-knowledge partner, N2K will advance your career while bringing you the industry news and trends that help you stay a step ahead. Through our bi-weekly episodes of CertByte on the CyberWire Daily podcast, and these companion articles, we aim to support your certification journey and fast-track your career growth in IT, cybersecurity, and project management. As your host, I or my guest will share a practice question from N2K’s suite of industry-leading content and a study tip (or study “bit” as I like to call it) to increase your confidence and readiness on exam day.
Microsoft
13 hours ago
Refactoring the Windows Kernel with Joe Bialek
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by BlueHat 2024 presenter Joe Bialek, a security engineer at Microsoft with over 13 years of experience. Joe shares his fascinating journey from intern to red team pioneer, recounting how he helped establish the Office 365 Red Team and pushed the boundaries of ethical hacking within Microsoft. He discusses his formative years building sneaky hacking tools, navigating the controversial beginnings of red teaming, and transitioning to the Windows Security Team to focus on low-level security and mitigations. Joe reflects on the challenges of internal hacking, the human reactions to being "hacked," and the value of strengthening defenses before external threats arise.
Microsoft Threat Intelligence
13 hours ago
Seashell Blizzard Ramping Up Operations and OSINT Trends of DPRK Threat Actors
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by security researchers Elise Eldridge and Anna Seitz to discuss the most recent notable developments across the threat landscape. The conversation centers around Seashell Blizzard, a threat actor also known as Sandworm or APT-44, which has been active since at least 2013. Recently, Seashell Blizzard has resumed using spear-phishing campaigns targeting the European energy sector and Ukrainian entities, deploying destructive malware like Walnut Wipe and Prickly Pear. The team highlights the geopolitical implications of these attacks, particularly in the context of Russia's influence on energy and global events. Sherrod also touches on the history of wipers in cyber operations and transitions to a discussion with Elise about trends in North Korean cyber activity, emphasizing Microsoft's ongoing efforts to analyze and mitigate these threats.
Marketing
15 hours ago
Can a $30 Mic Change Your Life? David Spark Thinks So
What does it take to launch a successful cybersecurity podcast? This week, we’re excited to chat with David Spark, the creative mind behind the CISO Series Podcast and Spark Media. David, who began his career as a stand-up comedian, has significantly impacted the cybersecurity world! He will share his journey, the valuable lessons he has learned along the way, and some excellent tips for marketing teams looking to maximize their podcasts. Podcast production goes beyond simply talking into a microphone; it's also about engaging your audience with high-quality audio and achieving the right balance between content and production value. In this episode, David shares insider tips for working with sponsors and creating quality episodes and reveals his insights on Cyber Marketing Con. Tune in for an inspiring conversation!
CyberWire Daily
Jan 21, 2025
Trump’s opening moves.
President Trump rolls back AI regulations and throws TikTok a lifeline. Attackers pose as Ukraine’s CERT-UA tech support. A critical vulnerability is found in the Brave browser. Sophos observes hacking groups abusing Microsoft 365 services and exploiting default Microsoft Teams settings. Researchers uncover critical flaws in tunneling protocols. A breach exposes personal information of thousands of students and educators. Oracle patches 320 security vulnerabilities. Kaspersky reveals over a dozen vulnerabilities in a Mercedes-Benz infotainment system. Tim Starks from CyberScoop discusses executive orders on cybersecurity and the future of CISA. We preview coming episodes of Threat Vector. Honesty isn’t always the best policy.
Daily Briefing
Jan 21, 2025
President Trump rescinds AI regulations and suspends TikTok ban.
Ransomware actors launch social engineering attacks over Microsoft Teams. Education technology company discloses breach.
Research Saturday
Jan 18, 2025
A cute cover for a dangerous vulnerability.
Nati Tal, Head of Guardio Labs, sits down to share their work on “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack. Guardio Labs has uncovered a critical vulnerability in the Opera browser, enabling malicious extensions to exploit Private APIs for actions like screen capturing, browser setting changes, and account hijacking. Highlighting the ease of bypassing extension store security, researchers demonstrated how a puppy-themed extension exploiting this flaw could infiltrate both Chrome and Opera's extension stores, potentially reaching millions of users. This case underscores the delicate balance between enhancing browser productivity and ensuring robust security measures, revealing the alarming tactics modern threat actors employ to exploit trusted platforms.
Week that Was
Jan 18, 2025
Supreme Court upholds TikTok ban, but the Biden Administration doesn't plan to enforce it.
Fortinet confirms actively exploited zero-day. President Biden signs cybersecurity-focused executive order.
CyberWire Daily
Jan 17, 2025
Hacking the bureau.
The FBI warns agents of hacked call and text logs. The US Treasury sanctions entities tied to North Korea’s fake IT worker operations. Russian hacking group Star Blizzard attempted to infiltrate WhatsApp accounts of nonprofits supporting Ukraine. Yubico discloses a critical vulnerability in its Pluggable Authentication Module)software. Google releases an open-source library for software composition analysis. CISA hopes to close the software understanding gap. Pumakit targets critical infrastructure. Simplehelp patches multiple flaws in their remote access software. The FTC bans GM from selling driver data. HHS outlines their efforts to protect hospitals and healthcare. Our guest Maria Tranquilli, Executive Director at Common Mission Project, speaks with N2K’s Executive Editor Brandon Karpf about the origins and impact of Hacking for Defense. Even the best of red teamers are humbled by AI.
Load More
Gain instant access to our exclusive podcast and briefing content, the Pro Academy, live events and more by subscribing to N2K Pro.
Subscribe Now