CyberWire Daily - "A long day without bars." (January 15, 2026)

Podcast: CyberWire Daily
Host: Dave Bittner (N2K Networks)
Special Guest: John Serafini (CEO, Hawkeye360)

Episode Overview

This episode covers:

• Major cybersecurity news including a nationwide Verizon outage, cyberattacks on Poland's grid, an exposed French database, and law enforcement actions against cybercrime and data privacy violators.
• A deep-dive interview with John Serafini, CEO of Hawkeye360, about the modern landscape of commercial signals intelligence and the company's recent strategic moves.
• The significance of recent vulnerabilities, digital policy reversals, and a cautionary tale in the world of shipping and cyber hygiene.

Key News Highlights

U.S. Wireless Outage

• Verizon experienced a widespread wireless outage across major U.S. cities (New York, Houston, Atlanta, Dallas, Miami) lasting most of the day on Wednesday.
  • No sign of a cyberattack according to the company.
  • FCC monitoring the situation, with a call for investigation from Commissioner Anna Gomez.
  • Outages attributed by experts to probable vendor or software deployment issues.
  • (00:51) Dave Bittner: “Verizon said it restored full service late Wednesday after a widespread wireless outage… The company apologized and said it would issue account credits but did not disclose the cause…there was no indication of a cyber attack.”

Poland Power Grid Attacks

• Poland thwarted a “most serious” cyberattack on its energy infrastructure, targeting comms between renewable sites and distributors.
• Officials blame Russia and warn that sabotage tactics are evolving as infrastructure threats rise post-Ukraine invasion.
• Nearly caused a nationwide blackout.
  • (02:09) Dave Bittner: “Officials said the incident nearly caused a blackout and showed signs of coordinated sabotage, which they blamed on Russia.”

Exposed French Citizen Database

• Huge trove of personal data (demographics, health, financial, voter, vehicle) on tens of millions of French citizens found open on an unsecured French cloud server.
• Believed to be a merged product from at least five separate breaches, likely for cybercriminal resale.
  • Privacy and fraud risks emphasized.
  • (02:45) Dave Bittner: “… included voter and demographic data, healthcare registry records, contact details, financial information and vehicle data.”

Microsoft vs. Red VDS Cybercrime Platform

• Microsoft and international law enforcement disrupted "Red VDS," a cybercrime-as-a-service operation responsible for over $40 million in U.S. financial losses.
• The platform sold cheap disposable virtual servers for phishing, BEC scams, with targets in ~190,000 organizations worldwide.
• Generative AI, deepfakes (video/voice cloning) were frequently used.
  • (03:26) Dave Bittner: “Microsoft said attackers used generative AI, deepfake video and voice cloning to create realistic scams.”

UK Digital ID Policy Reversal

• The UK government abandons plans for a mandatory digital ID for right-to-work checks after public backlash.
• Existing biometric/passport checks to be fully digitized by 2029; digital ID may evolve into a broader public services tool.
• Ongoing political controversy about the efficacy and privacy of digital checks.
  • (04:01) Dave Bittner: “The reversal is the latest in a series of recent policy U turns, drawing criticism from opposition parties and frustration within labor's own ranks.”

California Probes Grok Deepfakes

• CA Attorney General launches an investigation into XAI, following reports its Grok AI model created and distributed deepfake sexual images at scale, including of minors.
• “Spicy Mode” functionality is cited as a vector for abuse.
  • (04:38) Dave Bittner: “California's zero tolerance stance and reiterated his broader efforts to hold AI companies accountable for protecting children and preventing AI enabled abuse.”

FTC Settlement with GM/OnStar

• FTC finalizes a settlement with GM’s OnStar over sharing precise geolocation and behavioral data collected without driver consent.
• Ban on certain data sharing for five years, reinforced requirements for transparency and consumer control.
• (05:19) Dave Bittner: “The data was sold to third parties, including insurers. The order bans certain data sharing for five years and requires explicit consent, greater transparency and consumer controls.”

Palo Alto Networks Patches Major Firewall Flaw

• Critical patch issued for a high-severity firewall vulnerability affecting PAN-OS devices and cloud deployments.
• No evidence of exploitation yet; admins urged to upgrade.
• Part of an ongoing trend of attacks on firewall appliances.
  • (05:48) Dave Bittner: “For 20 years, Palo Alto Networks has patched a high severity vulnerability… no confirmation of active exploitation.”

FBI Seizes Devices from Washington Post Reporter

• FBI raided and seized devices from journalist Hannah Natanzin in a leak investigation connected to a government contractor.
• The search, though not targeting the reporter as a suspect, is rare and has sparked press freedom concerns.
• Reminder for digital security and encryption for both journalists and professionals.
  • (06:23) Dave Bittner: “…such raids on journalists are exceptionally rare, and critics say they send a chilling message to reporters and sources.”

Featured Interview: John Serafini, CEO of Hawkeye360

Conversation with Maria Varmazes (T Minus podcast)

Introduction to Hawkeye360 and Founder Background

• Hawkeye360: Commercial signals intelligence company operating a 30+ satellite constellation, clustering satellites to geolocate a wide variety of RF (radio frequency) signals.
• Focus: Turning RF data (>1 watt, ~30 MHz to 18 GHz) into actionable intelligence for government, defense, humanitarian, and sustainability purposes.
• Serafini background: Former Army officer, 20+ years in national security and venture capital.
  • (12:42) John Serafini: “We have a constellation of 30 plus satellites… and that satellite architecture allows us to geolocate signals… and convert that into actionable intelligence for our customers.”

Recent Company Milestones

Acquisition of Innovative Signal Analysis (ISA) & Series E Funding

• Two years in the making; seen as a remarkably perfect strategic fit.
  • ISA: 30-year leader in space-based RF data processing for US defense.
  • Hawkeye360 supplies the commercial RF data; ISA brings world-class processing for government sensor data.
  • Acquisition enables superior signal classification, waveform detection, and geolocation.
  • (14:37) John Serafini: “Very infrequently do you see an acquisition occur that’s so perfectly fit between two companies… when fused together it makes our own processing capabilities that much better for our customers.”
• Funding: Series E led by Center15 and NightDragon, supported by lenders SVB and Hercules; enables the acquisition and future growth.
  • (16:36) John Serafini: “…Center15 and NightDragon… provide the capital in part for us to acquire the company and off we go.”

The Strategic Value of Signal Processing

• RF signal activity is increasingly complex and noisy.
  • Hawkeye360 covers the full value chain: satellite collection, data processing, finished intelligence products.
  • Dominant position in commercial and government signals data processing.
  • The acquisition positions Hawkeye360 to deliver increased signal classification, automation, and actionable insight.
  • (17:33) John Serafini: “Matching those two together enables us to really unlock a lot of value for our customers.”

Looking Forward: Capabilities & Differentiators

• Integration of ISA’s technology is “shovel ready”; value for customers is immediate.
  • (19:12) John Serafini: “We can start generating incremental value for our customers… right off the bat.”
• Emphasis on processing sophistication rather than just expanding satellite capacity.
  • “RF data is not understandable by a typical human unless you analyze it… it’s not like an image from space where you see 15 cars in a parking lot…”
  • (21:58) John Serafini: “There’s what we can do with it… the holy grail here is when you compare an exquisite set of sensors to really great processing capabilities…”

Force Multipliers & The Future

• Key force multipliers:
  1. Decreasing revisit rate: More satellites in optimized orbits for higher tactical relevance.
  2. Rapid data delivery: Using denser ground stations, onboard processing, mesh networks.
  3. AI and machine learning-powered analytics: Rapid conversion from raw RF to actionable intelligence.
  4. People: 400+ experts across Hawkeye/ISA make the difference.
  • (24:52) John Serafini: “The ability to process that data and convert it into the actionable intelligence using artificial intelligence… and that comes to the third lever, which is the amazing people… 400 individuals working within Hawkeye and ISA together combined.”
• Vision: End-to-end dominance from geospace to ground in RF collection, fusion, and analysis.

Notable Quotes & Memorable Moments

• On cyber disruption roots:
  “Such disruptions are often linked to external factors, including third party vendors or software deployment issues.”
  – Dave Bittner, 01:16

• On signals intelligence fusion:
  “Do you see an acquisition occur that’s so perfectly fit between two companies? … When fused together it makes our own processing capabilities that much better for our customers.”
  – John Serafini, 15:10

• On the value of signal processing:
  “RF data is not understandable by a typical human unless you analyze it through the certain processing tools that we have available to us… It’s not until you actually do the processing and the analysis that you can start to extract intelligence about what might be occurring.”
  – John Serafini, 22:30

• On organizational force multipliers:
  “We’ve been able to pull together 400 of these exceptional, thoughtful individuals and we look forward to working with all of them into the future.”
  – John Serafini, 26:07

Cautionary Tale: Shipping Cyber Hygiene

• Blue Spark Global, a New York merchant shipping software firm, left admin passwords and decades of shipment data exposed via insecure APIs.
• Flaws discovered by researcher Eaton Zvere; difficult to report, ultimately publicized via the CEO’s password.
• BlueSpark claims bugs are fixed; emphasizes that exploit risk remains high with silence and slow response, not just with technical brilliance.
  • (28:35) Dave Bittner: “The episode neatly illustrates how cybercrime sometimes thrives less on brilliance and more on silence.”

Timestamps for Important Segments

• [00:51] U.S. wireless outage
• [02:09] Poland grid attack
• [02:45] French database exposure
• [03:26] Microsoft Red VDS takedown
• [04:01] UK digital ID reversal
• [04:38] CA Grok deepfake probe
• [05:19] FTC v GM/OnStar
• [05:48] Palo Alto firewall patch
• [06:23] FBI search of reporter
• [12:42] John Serafini (Hawkeye360) interview begins
• [14:37] ISA acquisition context
• [21:58] Signal processing as a differentiator
• [24:52] Force multipliers for Hawkeye360
• [28:35] Shipping industry cyber fail story

Tone & Takeaways

The episode maintains a brisk, pragmatic tone, mixing cybersecurity headlines with expert insights. Dave Bittner and Maria Varmazes provide approachable yet precise commentary. John Serafini’s interview is forthright, offering a transparent look at strategic M&A in the national security tech sector and underscoring the vital importance of analytics over mere data accumulation in modern signals intelligence.