CyberWire Daily

DarkSword targets iPhones for indiscriminate exploitation. Cybercrime and the Iran war. The FBI confirms purchasing commercially available location data. The DHS secretary nominee gets grilled on CISA funding. A Zimbra Collaboration Suite vulnerability is being used in targeted espionage. A new Android malware targets sensitive data stored in user notes. AWS warns of ongoing Interlock ransomware activity. Tracking pixels grab more than they should. Perry Carpenter and Mason Amadeus from The FAIK Files podcast speak with Hany Farid about the real-world harms of synthetic media. Do Boomers balance breaches better? 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Perry Carpenter and Mason Amadeus, hosts of The FAIK Files podcast, speaking with Hany Farid about the real-world harms of synthetic media.

Last week, the FAIK Files team sat down with Hany Farid -- digital forensics expert, professor at UC Berkeley, and co-founder of Get Real Security ( getrealsecurity.com ) -- to discuss deepfakes, authenticity metadata (C2PA), and forensic deepfake detection approaches.

And here's a link to the youtube video:  https://www.youtube.com/watch?v=RSpmRb2O7Xc

Selected Reading

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild (WIRED)

Cybercrime has skyrocketed 245% since the start of the Iran war (The Register)

CISA official says agency has not seen uptick in cyber threats amid Iran war (The Record)

FBI is buying data that can be used to track people, Patel says (POLITICO)

DHS nominee Mullin pressed on restoring CISA staffing (The Record)

CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning List (GB Hackers)

Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency (The Record)

New ‘Perseus’ Android malware checks user notes for secrets (Bleeping Computer)

AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January (Infosecurity Magazine)

The Collection of Commercial Intelligence: TikTok & Meta Ad Pixels (Jscrambler)

Forget Millennials: why those over 65 are the real cyber security pros (The Senior)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Iran’s cyber ops stay resilient. U.S. lawmakers press Big Tech on EU rules. Researchers expose a Fancy Bear server. Japan moves toward offensive cyber. CISA calls for cross-agency teamwork. New malware targets network infrastructure. AI fooled by font-based attacks. Schneider Electric warns of critical flaws. Quantum cryptography earns top honors. Guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. Smart glasses on the witness stand.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. You can dig into the details of what Bradon discussed in Gartner’s “Cybersecurity Must Block AI Browsers for Now.” You can hear the full interview here.

Selected Reading

U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued (Forbes)

US committee demands Big Tech share private comms with EU officials (POLITICO)

FancyBear Exposed: Major OPSEC Blunder Inside Russian Espionage Ops (Ctrl-Alt-Intel)

Japan to allow ‘proactive cyber-defense’ from October 1st (The Register)

CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors (CyberScoop)

New Malware Highlights Increased Systematic Targeting of Network Infrastructure (Eclypsium)

Poisoned Typeface: How Simple Font Rendering Poisons Every AI Assistant, And Only Microsoft Cares (LayerX)

Schneider Electric Patches Critical RCE Vulnerability in SCADAPack RTUs (Beyond Machines)

Turing Award Goes to Inventors of Quantum Cryptography (The New York Times)

Witness Caught Using Smartglasses in Court Blames it all on ChatGPT (404 Media)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The EU imposes sanctions after cyberattacks. DHS boosts surveillance spending. AI firms recruit weapons-risk experts. Stryker disruption, no patient impact. LeakNet leans on ClickFix. Sears chatbot data spills. A Chinese security firm leaks a private key. Tech giants team up on scams. Teens sue xAI over alleged AI-generated abuse. On today’s Threat Vector segment, David Moulton and guest Erica L. Shoemate, founder of The EN Strategy Group, explore how AI is fundamentally reshaping the security landscape. Cyber crooks cause a complimentary curbside convenience. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

Threat Vector

What if the choices we make about AI security today determine who holds power tomorrow? On this Threat Vector segment, David Moulton and guest Erica L. Shoemate, founder of The EN Strategy Group, explore how AI is fundamentally reshaping the security landscape, from compressed decision-making timelines and asymmetric threat capabilities to the erosion of trust that creates strategic vulnerabilities. You can listen to David and Erica's full conversation here and catch new episodes of Threat Vector from Palo Alto Networks each Thursday on your favorite podcast app.

Selected Reading

EU Sanctions Iranian and Chinese Firms for Cyberattacks Against European Networks (TechNadu)

DHS-built surveillance apparatus to surge in year ahead, documents show (FedScoop)

AI firm Anthropic seeks weapons expert to stop users from 'misuse' (BBC)

Stryker attack wiped tens of thousands of devices, no malware needed (Bleeping Computer)

LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks (Bleeping Computer)

Sears Exposed AI Chatbot Phone Calls and Text Chats to Anyone on the Web (WIRED)

China's biggest cybersecurity firm accidentally leaked an SSL key in a public installer (Neowin)

Google has signed the Industry Accord Against Online Scams and Fraud. (Google)

Teenage girls sue Musk’s xAI, accusing Grok tool of creating child sexual abuse material (The Guardian)

Free parking in Russia after Distributed Denial-of-Service attack knocks city's parking system offline (Bitdefender)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices

In this mid-season episode, Kim takes a step back to reflect on the journey so far—revisiting key conversations, standout moments, and recurring themes that have shaped the season. During the episode, Kim sits down with N2K's own Ethan Cook to connect the dots across episodes, uncovering deeper patterns and takeaways. Whether you're catching up or tuning in weekly, this episode offers a thoughtful recap and fresh perspective on where we've been—and what's still to come.
Learn more about your ad choices. Visit megaphone.fm/adchoices

Drone strikes hit a key chip supply chain. China-linked hackers target Southeast Asian militaries. Attackers race ahead with AI. ShinyHunters claim a massive Telus breach. Microsoft issues a hotpatch. Malware turns up on Steam. Fileless attacks grow. Airline miles become cybercrime currency. Monday business breakdown. Tim Starks from CyberScoop unpacks the Stryker attack and the nebulous nature of Iranian cyber activity. AI playmates puzzle preschoolers. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Our guest is Tim Starks from CyberScoop discussing how the Stryker attack highlights the nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict. You can read more in Tim’s article here. 

Selected Reading

Drone strikes halt a third of the world's helium supply, threatening chip production (TechSpot)

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation (SecurityWeek)

Attackers are exploiting AI faster than defenders can keep up, new report warns (CyberScoop)

Telus Digital confirms breach after hacker claims 1 petabyte data theft (Bleeping Computer)

Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw (Bleeping Computer)

The FBI is investigating malware hidden inside games hosted on Steam (TechCrunch)

New XWorm 7.1 and Remcos RAT Attacks Abuse Windows Tools to Evade Detection (Hackread)

Airline miles become underground currency in loyalty fraud schemes | brief (SC Media)

Kevin Mandia-founded Armadin launches with $190 million. (N2K Pro Business Briefing)

AI toys for young children need tighter rules, researchers warn (BBC News)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices