Summary7 min read

CyberWire Daily – "The fable ends before it begins."

Date: June 15, 2026
Host: Dave Bittner (N2K Networks)
Guest: Bogdan Bodizatu, Senior Director of Threat Research and Reporting at Bitdefender

Episode Overview

This episode of CyberWire Daily covers notable developments across the cybersecurity landscape including government-imposed restrictions on advanced AI models, state-level probes into OpenAI and AI regulation, critical infrastructure attacks, major law enforcement actions against cybercrime, significant business transactions, and a revealing interview about the rise of global smishing schemes targeting transportation. The episode closes with reflections from a leading deepfake expert on the ever-blurring lines between reality and AI-generated fiction.

Main News and Analysis

1. Anthropic Disables Fable 5 and Mythos 5 AI Models ([01:42] - [03:03])

Key Points:
- Anthropic, shortly after launching its Fable 5 and Mythos 5 AI models with advanced cybersecurity features, suspended access for all users following a US government export control directive.
- The directive, citing unspecified national security concerns, required suspension for all foreign nationals—including Anthropic employees.
- The company criticized the lack of transparency and technical justification and is contesting its designation as a supply chain risk by the Department of Defense.
- Over 40 cybersecurity leaders have urged reversal of restrictions, arguing the move weakens defenders and US AI leadership as foreign competitors advance similar capabilities.
Memorable Moment:
- “Restricting access weakens cybersecurity efforts while competitors…continue advancing similar capabilities. Critics warn the move could undermine US AI leadership...” — Dave Bittner ([03:03])

2. OpenAI Faces Multistate Attorney General Probe ([03:10] - [04:15])

Key Points:
- A coalition of state attorneys general, led by New York and Colorado, has subpoenaed OpenAI for internal documents related to data practices, child safety, and advertising.
- The probe reflects heightened scrutiny over AI's impact amidst concerns about safety, scams, and job displacement.
- Over 100 state laws now regulate aspects of AI.
- Parallel actions are ongoing against other AI firms (e.g., Florida’s lawsuit/ investigation, California’s probe into xAI, Kentucky’s litigation with Character AI).

3. Cal Water Breach by Iran-linked Handala ([04:20] - [06:03])

Key Points:
- The group Handala claimed a breach of California Water Service (Cal Water), leaking 5GB of customer and network data.
- Breach details: Names, addresses, phone/account numbers, payment histories; initial compromise via internal GPS mapping system, followed by billing network access.
- No evidence operational technology was impacted.
- Handala known for exaggeration; experts stress need for better segmentation between business and operational networks.
- Recommendation: Immediate password resets and stronger network segmentation.

4. Maine’s Fraudulent Data Breach Reports ([06:09])

Key Points:
- Maine took its public data breach notification database offline after two fake breach reports (purportedly VRChat & Discord) were submitted.
- Officials reviewing procedures; database to stay offline until safeguards are upgraded.

5. US Senator Proposes Renewed Cybersecurity Funding ([06:30])

Key Points:
- Senator Mark Warner’s “Guaranteeing Universal Access to Cybersecurity Act” seeks stable, permanent funding for the Multi-State ISAC.
- Would support 19,000+ organizations with free services, threat intelligence, and expanded outreach, and authorize $50 million annually from FY2027.

6. Shiny Hunters Claims Infinite Campus Breach ([07:10])

Key Points:
- Shiny Hunters claimed a March breach of Infinite Campus, exposing staff data (contact info, job titles, support tickets) from over 3,200 US school districts.
- Attackers targeted Salesforce environment, not customer databases.

7. FBI & Google Take Down Outsider Enterprise Phishing Platform ([07:40])

Key Points:
- Joint effort dismantled a China-based SMS phishing-as-a-service (“Outsider Enterprise”), tied to $1.9 billion in credit card fraud since 2023.
- Seized domains, crypto assets, and infrastructure. Google also filed a civil lawsuit and is collaborating with US carriers to block malicious SMS.

8. Former IT Employee Jailed for Attacking Iowa School District ([08:40])

Key Points:
- Ezekiel Dean Potter sentenced to 21 months in prison for targeting his former employer with credential-based attacks, deleting accounts/records, and causing operational chaos.
- Ordered to pay nearly $60,000 in restitution.

9. Cybersecurity Business Brief ([09:30])

Key Points:
- Funding: Sayera ($600M Series G), A Security ($37M), Aeon Security ($29M), Opal Security ($23M), Archestra AI ($10M), Off Road ($7M), Willow ($7M), Op Plane ($5.2M)
- M&A: Notable deals include Snowflake acquiring Natoma for AI agent governance and Optiv selling its consulting division; focus is on expanding AI security and managed security services.

Interview Feature: Global Transportation Smishing Campaign ([16:34] - [25:33])

Guest: Bogdan Bodizatu, Senior Director of Threat Research and Reporting, Bitdefender

The Scale and Nature of Global Road Toll Smishing

Key Insights:
- Bitdefender’s research network detected around 80,000 unique road toll scam messages, but this “badly scratches the surface.”
- The scam is highly globalized—affecting at least 12 countries, but with threat actors operating independently and using unique local tactics.

“For the first time we have the full picture of what's happening in the scam landscape...these road toll scams seem to be highly coordinated and spread across a variety of geographies...The scam landscape is globalized and industrialized.”
— Bogdan Bodizatu ([16:46])

Techniques and Evolution

Threat actors leverage urgent, authoritative messaging to trigger impulsive payment, but also push for installation of malicious apps, exposing users to further compromise.
Newer attack chains harvest SMS two-factor codes, monitor screens for banking login pins, and can lead to full device compromise.

“If they're doing that, they're opening the way to a much more sophisticated type of scam that eventually ends up in their device getting fully compromised.”
— Bogdan Bodizatu ([19:26])

Custom vs. Off-the-Shelf Attacks

Most current road toll scams are custom-built rather than using generic phishing kits, aided by AI tools to quickly generate believable phishing sites.
Infrastructure is highly agile—malicious domains are quickly rotated to evade detection.

“Now building compelling phishing pages and mimicking the behavior and the identity of a website is much easier and much more inexpensive for cybercriminals. With the advent of AI agents, they are doing the coding for us.”
— Bogdan Bodizatu ([20:47])

The Scope of Financial Impact

It's hard to gauge total losses since many victims don’t realize the scam; global fraud losses reached $1 trillion last year in a $9 trillion cybercrime economy.

Recommendations for Users

Don’t act impulsively on urgent, official-looking messages threatening fines or loss of services.
Verify sources and use security tools (e.g., Bitdefender’s Cameo AI-based scam detection).
Ongoing education is key, as scam tactics evolve rapidly.

“If you're looking at a message...make sure that you're not threatened with 'otherwise we will revoke your license' or 'we will confiscate the car'...this is not how governments normally communicate with their subjects.”
— Bogdan Bodizatu ([22:57])

Is smishing here to stay?

Yes. Fraud has always existed; the only change is the globalized, rapid spread enabled by modern communication and translation technologies.

“Fraud has been with the humankind for as long as humankind existed...Now...it's much easier for cybercriminals to target people all over the world.”
— Bogdan Bodizatu ([24:32])

Featured Reflection: The Murky Future of Deepfake Detection ([26:56])

Notable Story:
- Haney Farid, renowned deepfake expert, now doubts his ability to distinguish real from fake in the wake of an analyzed viral missile strike video.
- Today, deepfakes can convincingly mimic high-profile individuals, including attempts to impersonate Fareed himself.
- Farid warns the cost of fakes is low, but verification is painfully slow—often too slow to prevent the shaping of public opinion.

“Creating convincing falsehoods is cheap and instant, while verification remains slow and labor intensive, often arriving after public opinion has already formed.”
— Maria Vermazes ([27:40])

Conclusion:
Fareed, now in rural Vermont to seek distance from Silicon Valley’s AI race, admits:

“We're probably a little screwed.” ([28:30])

Timestamps for Key Segments

[01:42] – Main news: Anthropic, OpenAI, Cal Water, Maine, legislation, Infinite Campus, Outsider Enterprise takedown, Iowa case, business news
[16:34] – Interview with Bogdan Bodizatu on smishing and scam evolution
[26:56] – Deepfake expert Haney Farid and reflections on reality in the AI era

Summary

This episode highlights the accelerating convergence of AI, cybercrime, and regulatory scrutiny, illustrated by government crackdowns on AI exports, the growing patchwork of US state laws targeting AI, and persistent threats to critical infrastructure from both state-sponsored and criminal actors. The business of cybersecurity remains hot, while smishing and social engineering threats rapidly globalize—fueled by AI tools and agile infrastructure. Finally, as the tools to create sophisticated digital forgeries become commonplace, even leading digital forensics experts are unsettled by how “reality” online can now only be identified with increasing difficulty.

Memorable Closing Quote:

“We're probably a little screwed.” — Haney Farid ([28:30])

Loading summary

Transcript29 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire Network, powered by N2K.
[00:13]
Maria Vermazes
Looking to understand the cybersecurity risks emerging beyond Earth's atmosphere? In the weekly Signals in Space newsletter, T Minus host Maria Vermazes and producer Ethan Cook connect the dots between terrestrial infrastructure and the growing attack surface in space. Each week you'll get the latest space cyber headlines, direct access to the week's T Minus podcast conversation, plus expert insights and resources to help security professionals better understand this rapidly evolving domain. Space systems are becoming critical. Infrastructure Signals in Space helps you stay ahead of the threats shaping the next frontier. Subscribe now to the Signals in Space newsletter.
[01:03]
Dave Bittner
You have one new message translating Disney and Pixar's Hoppers is now available on Disney.
[01:12]
Maria Vermazes
You could say that again.
[01:14]
Dave Bittner
Critics are calling it Pixar's funniest movie ever and a wildly entertaining ride. Blizzard Potato. It's certified fresh and verified hot.
[01:22]
Maria Vermazes
Now we party.
[01:24]
Dave Bittner
This is incredible.
[01:26]
Sponsor/Advertisement Voice
Wow.
[01:27]
Maria Vermazes
I am clearing the rest of the day.
[01:28]
Dave Bittner
Disney and Pixar now available on Disney plus. Rated pg.
[01:42]
Maria Vermazes
Anthropic pulls Fable 5 OpenAI faces a multistate probe. Pandala targets a California water utility. Shiny Hunters claims another victim. The FBI and Google take down a major phishing platform. We've got the latest cyber security business news. Our guest is Bogdan Badazatu, Senior Director of Threat Research and Reporting at bitdefender, discussing a rampant global transportation smishing campaign and a deep fake detective as his doubts. It's Monday, june 15, 2026. I'm dave buettner and this is your cyberwire intel brief. Thanks for joining us here today. It's great to have you with us. Anthropic has disabled access to its newly launched Fable 5 and Mythos 5 AI models after receiving a US government export control Directive citing unspecified national security concerns. The order required Anthropic to suspend access for all foreign nationals, including employees, prompting the company to temporarily disable the models for all customers to ensure compliance. Other Anthropic models remain available. The move comes just days after the release of Fable 5 and Mythos 5, which anthropic promoted as state of the art systems with advanced cybersecurity capabilities. Mythos class models had previously been limited to vetted participants in Project Glasswing, a cybersecurity initiative. Anthropic criticized the government's action as lacking transparency and technical justification. The decision also intensifies Anthropic's ongoing conflict with the US Government following a Department of Defense designation labeling the company a supply chain risk, a designation Anthropic is challenging in court. More than 40 cybersecurity leaders have signed a letter urging the administration to reverse the restrictions. They argue the models help defenders identify and mitigate vulnerabilities and that restricting access weakens cybersecurity efforts while competitors, including foreign AI developers, continue advancing similar capabilities. Critics warn the move could undermine US AI leadership and hinder efforts to counter emerging AI powered cyber threats. A coalition of state attorneys general has launched a broad investigation into OpenAI, requesting internal documents related to user data practices, child safety measures and advertising activities, according to OpenAI. The subpoenas were issued Friday and involve New York, Colorado and some other states. The company said it is cooperating and highlighted new ChatGPT safeguards, including parental controls. The probe reflects growing scrutiny of AI amid concerns about child safety, AI enabled scams, job displacement and other societal impacts. It also comes as federal and state governments increase oversight of the technology. More than 100 state laws now regulate aspects of AI, ranging from youth protections to security testing requirements. The investigation follows other recent legal actions against AI companies, including Florida's lawsuit and criminal investigation involving OpenAI, California's investigation into Xai, and Kentucky's lawsuit against character AI. State officials are signaling a willingness to use both regulatory and legal tools to address perceived AI related risks. The Iran linked hacking group Handala claims it breached California Water Service, also known as Cal Water, a utility serving roughly 2 million customers across 100 California communities. Researchers reported the group leaked about 5 gigabytes of data, including customer information from the Chico District and and network related data spanning multiple operational regions. Exposed records reportedly include names, addresses, phone numbers, account numbers and payment histories. According to reports, attackers first accessed the internal GPS mapping system used by field crews and then leverage stolen credentials to reach the customer billing network. While HANDELA claimed it could disrupt water services, security, researchers found no evidence that operational technology or industrial control systems were compromised. Experts cautioned that HANDELA has a history of exaggerating its capabilities, often combining legitimate breaches with inflated claims. The incident nevertheless highlights ongoing risks to critical infrastructure, particularly where operational and business networks are insufficiently segmented. Security specialists recommend immediate password resets and stronger separation between operational and corporate systems to reduce future attack pathways. The state of Maine has temporarily taken its public data breach notification database offline after discovering two fraudulent breach reports impersonating VRChat and Discord. The fake filings claimed incidents affecting 2.4 million and 10 million users, respectively, but the main Attorney general's office confirmed they were hoaxes submitted by an unknown party. The fabricated reports included realistic details about alleged stolen data and remediation efforts. While legitimate breach reports can still be submitted through the state's reporting system, officials are reviewing procedures to prevent future abuse. The database will remain unavailable until those safeguards are in place. Senator Mark Warner has introduced the Guaranteeing Universal Access to Cybersecurity act legislation aiming at restoring and permanently funding the Multi State Information Sharing and Analysis Center, a key cybersecurity resource used by roughly 19,000 state, local, tribal and territorial organizations. The proposal responds to concerns that reduced federal support has weakened cyber threat sharing and left critical infrastructure more vulnerable, particularly as AI lowers barriers for sophisticated attacks. The bill would direct the Cybersecurity and Infrastructure Security Agency to provide free cybersecurity services, threat intelligence and technical assistance through Ms. Isac, while expanding membership and outreach to underserved communities. It would also require reporting to congress and authorize $50 million annually beginning in fiscal year 2027. Warner argues that restoring federal support is essential to protecting critical infrastructure, improving cyber resilience and helping smaller jurisdictions defend against increasingly advanced cyber threats. The Shiny Hunters extortion group has claimed responsibility for a March breach of Infinite Campus, a student information system used by more than 3,200 U.S. school districts, according to breach analysis by have I Been Pwned? The incident exposed data from more than 137,000 school staff accounts, including names, email addresses, phone numbers, physical addresses, job titles and support tickets. Infinite Campus said the attackers targeted its salesforce environment rather than customer databases, and that most exposed information consisted of staff contact details commonly available on school websites. The threat group later leaked a 1.2 gigabyte archive allegedly containing stolen salesforce records and internal company data. The FBI and Google have dismantled Outsider Enterprise, a China based phishing, as a service platform linked to billions of dollars in fraud losses active since 2023. The operation provided phishing kits that enabled criminals to impersonate trusted brands through SMS campaigns. Authorities say the platform was used to steal roughly 3.8 million credit card records, resulting in an estimated $1.9 billion in losses across at least 55 countries as part of Operation Riptide. Investigators seized domains, cryptocurrency assets and infrastructure tied to the operation. Google also identified thousands of phishing websites and has filed a lawsuit while working with major US Carriers to block malicious text messages. A former Iowa School District IT employee, Ezekiel Dean Potter, has been sentenced to 21 months in prison for carrying out a cyber attack against his former employer, the Seidel Community School District. Prosecutors say Potter retained access credentials after leaving the district in 2023 and repeatedly disrupted operations by deleting accounts, resetting credentials and targeting critical systems. His actions included deleting the district's Facebook page, disrupting access to Apple, School Manager and Schoology, and removing Gmail accounts belonging to district staff, including senior administrators. The attacks impaired classroom operations, limited access to educational tools and generated significant recovery costs. Investigators linked the activity to Potter through account access records and evidence recovered from a USB drive containing district credentials. Potter pleaded guilty to computer fraud charges and was ordered to pay nearly $60,000 in restitution in addition to serving prison time and supervised release. Turning to our Monday business brief, cybersecurity funding remained strong last week led by Israeli data security company Sayera, which raised $600 million in a series G round that boosted its valuation from $9 billion to $12 billion just five months after a $400 million raise. Other notable funding rounds included Israeli offensive security startup A Security at 37 million cloud security firm Aeon Security $29 million identity management company Opal Security with 23 million AI security startup Archestra AI $10 million identity security provider Off Road at 7 million access platform Willow also 7 million and threat modeling startup Op Plane at $5.2 million M&A activity was also robust with seven deals announced across three countries. Highlights included Snowflake's planned acquisition of Natoma to strengthen AI agent governance, Optiv's sale of its consulting business to Vobos Ventures, and acquisitions by Strive Nordlo, Brightline Technologies, Valiant Solutions and Taito Athenae. Many of the transactions focused on expanding AI security, managed security services, compliance capabilities and cloud infrastructure expertise, underscoring continued investor and buyer interest in cybersecurity despite broader market uncertainty. Be sure to check out our weekly business briefing on our website that is part of Cyberwire Pro. Coming up after the break, my conversation with Bogdan Bodhisattu from bitdefender. We're discussing a rampant global transportation smishing campaign and a deepfake detective has his doubts. Stay with us. What's the one thing in business that's spreading as fast as AI? AI risk. Every new tool your team signs up for. Every vendor that turns on AI features, every new integration each one creates another opportunity for something to go wrong. And most security programs just weren't built for AI's pace of growth. Enter Vanta. Vanta is the number one agentic trust platform used by more than 16,000 fast moving companies like Ramp, Cursor and Harvey to help ensure they're always audit ready. And now Vanta is helping companies watch for the risks that show up between audits across vendors, AI tools and their entire environment. The Vanta Agent works like a 24.7grc engineer in the background, finding issues, drafting fixes and cutting vendor assessment time by up to 50%. Whether you're a fast growing startup or a global enterprise, Vanta is here to help you automate your security and compliance and earn and prove trust. Get started today@vanta.com cyber that's V A N T A dot com cyber.
[16:04]
Sponsor/Advertisement Voice
This episode is brought to you by Google Chrome. You think you know a browser, but Gemini and Chrome? That's new. It can help you with practically anything on the web, like restoring a vintage motorcycle from a 50 page restoration block. Or finally break down that long article you've had open for weeks. Gemini and Chrome is here for it, ready to make anything online make sense. There's no place like Chrome. Check responses, set up required compatibility and availability various 18.
[16:35]
Maria Vermazes
Bogdan Bodhisattu is Senior Director of Threat Research and reporting@bitdefender. We recently got together to discuss a rampant global transportation smishing campaign.
[16:46]
Bogdan Bodizatu
We started investigating scams quite a while ago. Throughout 2024 and 2025, we have built a huge network of sensors that report scams across several technologies, from short messages to instant messaging platforms to email and even voice. For the first time we have the full picture of what's happening in the scam landscape. And we're not just emotionally reporting about it. We can put numbers next to these scams. So what, what caught the attention of my researchers on this topic is the fact that these road toll scams seems to be highly coordinated and spread across a variety of geographies. We identified about 12 countries affected by this, but in an uncoordinated manner. So they're not central. These campaigns are not centrally run. They are executed by local threat actors independently. This shows how globalized and industrialized, if you will, is the scam landscape at this moment.
[17:53]
Maria Vermazes
Well, I have to say, you know, as I'm out and about talking to people and you know, they know that I work in the security world, this one comes up all the time, right? These, these fake tolls, these, these text messages telling people that they're getting some sort of traffic related trouble. I mean, this one is really broad and widespread.
[18:16]
Bogdan Bodizatu
Yes, because in my opinion this is a very low hanging fruit. Cybercriminals don't necessarily need to attract heat by inflicting huge losses to victims when they can pinch a little bit of money from here and there and then their success rate and the financial prowess of this campaign stays in volumes so probably that's why we have identified so many types of scams targeted at very specific regions. So if you will, we mentioned that there are 80,000 such scam messages identified, but this badly scratches the surface because this is as much as we could identify on the network of sensors that were operating. There's a lot more that we're not seeing. So the magnitude of this scam is much higher and the amount of money cybercriminals multiply accordingly. Another important thing in this research is the fact that each threat actor has its own way of monetizing on people who are giving in to these scams. Some of them are expert in building phishing pages that impersonate road authorities in specific countries. But some others take it a little bit further by involving malware in this distribution chain. And they are doing that by pointing people at a page that asks them to install a piece of software from a third party location on that Android device. If they're doing that, they're opening the way to a much more sophisticated type of scam that eventually ends up in their device getting fully compromised. The malware that these people are planting on the device looks for two factor authentication codes sent via sms. They monitor the mobile devices, screen for pins and passphrases that people use to enter E banking services, for instance, and the victims end up having the entire device compromised and their E banking accounts open to cybercriminals.
[20:33]
Maria Vermazes
Well, do you have any insights into the popularity of this? I mean, are people out there buying a kit or is it just that this one is so effective that lots of people have decided to jump onto this opportunity?
[20:48]
Bogdan Bodizatu
These look like custom made campaigns. They don't resemble phishing kits or cybercrime as a service tools that we have used before, that we have seen before. But in all honesty, now building compelling phishing pages and mimicking the behavior and the identity of a website is much easier and much more inexpensive for cybercriminals. With the advent of AI agents, they are doing the coding for us. They are able to just receive a screenshot for the resource and they will replicate it. Another thing that probably is equally important is the fact that from what we have seen, these cybercriminals are using a very fast and adaptive infrastructure. They are bringing in new domains, for instance, that they are using for a very limited amount of time, just to avoid anti malware services blacklisting these resources. Once a resource gets blocked for phishing or for fraudulent usage, cybercriminals will be unable to monetize on that Page. So they are moving fast, replacing domains and infrastructure and servers in order to avoid getting that campaigns intercepted.
[22:18]
Maria Vermazes
Do you have any sense for how successful these threat actors are?
[22:22]
Bogdan Bodizatu
Unfortunately not, because not all these losses are getting reported. Some people don't even realize they have been scammed, so they're not filing formal complaints with the police officers. But overall estimates place that last year alone fraud was responsible for $1 trillion in losses out of the $9 trillion global cybercrime economy.
[22:49]
Maria Vermazes
Do you have any recommendations for people to deal with this? I mean, like you said, these messages lately, they're relentless.
[22:57]
Bogdan Bodizatu
Yes, they are. And they are using the same tactics that global scams are using. Urgency, a little bit of authoritative voice threats and things that normally don't find that way in official communications. So if you, if you're looking at a message on your mobile phone that says that you have to pay a fine, make sure that you're not threatened with otherwise we will revoke your license or we will confiscate the car or block your accounts. This is not how governments normally communicate with their subjects. So don't make rushed decisions. If you believe that a message is a scam, you have plenty of resources to check against. Bitdefender has Cameo, which is an AI driven chatbot that you can send email communication or screenshots with pretty much everything. And the bot will tell you whether or not that's a scam and what red flags it has picked up to deem that communication fraudulent. So do not act on impulse use security solutions that will be able to sift phishing messages from real ones. And education is also important here. So try to stay up to date with the scam landscape because it's changing very, very fast.
[24:24]
Maria Vermazes
Do you suppose this is something that's here to stay, that for the immediate future we can expect to see these continuing nuisances?
[24:33]
Bogdan Bodizatu
Unfortunately, yes. Fraud has been with the humankind for as long as the humankind existed. The only thing that changed is the fact that before the advent of Internet and modern communication technologies, fraud was localized, was very, very localized. And what happened in the region did not have global replication. Now, with Internet becoming a commodity and a becoming a commodity itself, it's much easier for cybercriminals to target people all over the world. The language barrier has pretty much eroded in the past few years because machine learning algorithms and AI and large language models are making it easy to translate everything almost instantly in whatever language on earth. Plug large language models into a message sending API and of course it becomes
[25:34]
Maria Vermazes
cybercrime as a service that's Bogdan Bodizatu, senior director of threat research and reporting at Bitdefender.
[25:53]
Dave Bittner
So good, so good, so good. New markdowns, up to 70% off are at Nordstrom Rack stores now. Stock up and save big on shoes, tops, dresses, accessories and more must haves for summer. Join the NordicLub to unlock exclusive discounts. Shop new arrivals first and more. Plus, buy online and pick up at your favorite Rack store for free. Great brands, great prices. That's why you rack.
[26:20]
Sponsor/Advertisement Voice
When you finally find your thing, you want the whole world to know about that thing. So you use a thing called Canva to make it an even bigger and better thing. Whether you want to create flyers for that thing, make presentations for that thing, or design merch for that thing, you can do anything so people can see your thing, feel your thing, love your thing. The next thing you know, it's a thing. Canva, the thing that makes anything a thing.
[26:57]
Maria Vermazes
And finally, Haney Farid, one of the world's foremost deepfake experts, has spent decades proving what's real online. Now he's no longer sure he can trust his own eyes. Faced with a viral video allegedly showing a missile strike on an Iranian school, Fareed painstakingly analyzed shadows, sound delays, geolocation data, and missile dimensions before concluding there was no evidence of manipulation. Even then, he hesitated. As AI generated content floods the Internet, Farid's job has shifted from finding rare fakes to identifying increasingly elusive truths. Deepfakes now mimic politicians, executives, victims, and even Farid himself, whose voice was cloned in an impersonation attempt. He warns that creating convincing falsehoods is cheap and instant, while verification remains slow and labor intensive, often arriving after public opinion has already formed. The strain has pushed Farid and his wife, vision scientist Emily Cooper, to relocate from Berkeley to rural Vermont. There, between chopping firewood and seeking a little distance from Silicon Valley's AI arms race, Farid hopes to reconnect with reality. The Internet, however, had other plans. The requests kept arriving, each asking the same increasingly difficult question, what exactly is real? With characteristic understatement, Farid's assessment for the near future is simple. We're probably a little screwed. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire. 2N 2K's lead producer is Liz Stokes were mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our contributing host is Maria Vermazes. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.
[29:56]
Dave Bittner
Your next chapter in healthcare starts at Carrington College's School of Nursing in Portland. Join us for our open house on Tuesday, January 13th from 4 to 7pm you'll tour our campus, see live demos, meet instructors, and learn about our Associate Degree in Nursing program that prepares you to become a registered nurse. Take the first step toward your nursing career. Save your spot now at Carrington. Edu Events. For information on program outcomes, visit carrington. Edu Sci Fi.