Summary6 min read

CyberWire Daily – March 9, 2026

Episode Title: From Tehran to the Apple II

Episode Overview

This episode of CyberWire Daily dives into a wide spectrum of cybersecurity news and developments, from ongoing global cyber conflict (including Israel's strike on Iran’s cyber warfare HQ) and significant U.S. policy updates, to the practical deployment of new malware strains, and headline-grabbing cases in cybercrime. It features an interview with John France, CISO at ISC2, presenting key findings from their 2025 Cybersecurity Workforce Study, which spotlights the shifting landscape of in-demand cybersecurity skills—especially the rising importance of AI. The episode concludes with a nostalgic look at how AI is now capable of auditing and analyzing decades-old low-level code, illustrated by an audit of an Apple II program.

Key News Highlights

1. Israel Strikes Iran’s Cyber Warfare HQ

[00:12 – 04:00]

News: Israel claims responsibility for striking an alleged cyber warfare compound in Tehran, also housing the Intelligence Directorate and elements of the Islamic Revolutionary Guard Corps.
Impact: Actual effect on Tehran's cyber capabilities is unclear.
Expert Insight:
- Distributed Threats: Physical facilities aren’t always central—operations can continue thanks to distributed infrastructure and remote operators.
- Resilience: “These pre-positioned capabilities... could allow operations to continue even while domestic connectivity is degraded.”

2. Trump Administration’s New National Cyber Strategy

[04:00 – 06:30]

Pillars: Emphasizes offensive capabilities, federal network protection, zero trust, advanced encryption, workforce development, regulatory streamlining, and use of AI/post-quantum cryptography.
Industry & Political Reaction:
- Industry groups welcome focus on deterrence and innovation.
- Some lawmakers say it is “vague and lacking a detailed implementation plan.”
- More guidance promised.

3. Department of Homeland Security Leadership Shake-Up

[06:30 – 08:00]

Details:
- CISO Hemant Baiduan, Deputy CISO Amanda Day exit.
- Part of a broad realignment, consolidating IT leadership across DHS agencies.
- Concerns about a “brain drain” amid global tension.

4. Malware & Threat Activity

[08:00 – 11:40]

Velvet Tempest – ClickFix Intrusions:
- Uses social engineering (“fake captcha”) and Windows tools to deploy Donut Loader and Castle Rat backdoor.
- Attack chain: Malvertising → Command execution → Downloaders → PowerShell scripts (recon, credentials, loaders).
- No ransomware found in this case, though group is known for major strains (Revil, Conti, Lockbit).
Linux Malware – Clipx Daemon:
- Novel clipboard hijacker targeting X11 Linux environments.
- Monitors clipboard, rewrites crypto addresses to attacker-owned.
- No C2; operates autonomously using stealth techniques.
- “Reflects a shift toward autonomous, user-focused financial malware on Linux systems.”

5. Cybercrime Prosecution: Ghanaian Romance Scammer

[11:40 – 13:00]

Derek Von Yebo: Pleads guilty to global romance/Fraud/BEC scams — losses >$100 million.
Sentence: Faces up to 20 years, restitution over $10 million.

6. Government Surveillance via Online Advertising

[13:00 – 15:00]

New reporting: US Customs & Border Protection used location data from advertising real-time bidding (RTB), bypassing warrants.
Privacy Impact: Demonstrates risks in ad tech ecosystems—activists call for law reform and user vigilance.

Industry & Business Developments

Cybersecurity Startups and Market Moves

[15:00 – 15:30]

Major investment rounds in AI-driven security and resilience platforms (Upguard, Jetstream Security, Threat Aware, etc.).
M&A activity: Zurich Insurance acquiring UK’s Beazley; other tech acquisitions detailed.

FEATURE INTERVIEW:

John France, CISO at ISC2 – Insights from the 2025 Cybersecurity Workforce Study

[15:34 – 26:30]

Background and Scale

ISC2’s workforce study draws input from over 16,000 professionals, tracking key trends year on year.
Emphasizes trend analysis over absolute numbers.

Key Findings & Discussion Points

AI as a Critical Skill
- “AI is an in-demand skill—no surprise there. What’s surprising is...it was barely on the survey two years ago, now it’s the #1 desired technical skill by professionals and #2 by hiring managers.” (John France – 16:10)
- Reflects an industry shift: “It’s a focus on skills and skill sets rather than just the sheer number of people.” (16:47)
Evolving Skills Shortages
- Change in priorities from filling seats to ensuring candidates have current, relevant technical and non-technical skills:
  - “Cybersecurity profession requires skilled professionals that are market-current.” (17:24)
  - Non-technical skills—problem-solving, teamwork, communication—are more in demand.
Disconnect Between Job Seekers & Employers
- Hiring managers and professionals disagree on top non-technical skills:
  - “Number one non-technical skill demanded [by hiring managers] was problem solving at 29%...professionals put problem solving at 55% but communication skills on top.” (19:01)
- “If you have limited hiring opportunities, you’re going to want to hire people most compatible with what you’re looking for. That piece of rarity comes through, maybe that’s what’s stressing the market.” (19:27)
Entry-Level Positions & AI Displacement Fears
- “I don’t think that’s true.... Technology has always been moving at a pace ... What you do in that entry-level position has definitely changed.” (21:06)
- “Entry level people are probably AI natives...they’re well equipped and well placed to adopt it rapidly.” (21:41)
Pathways to Senior Roles in Cybersecurity
- “It’s about getting experiences in the arts of business, not just of security...I wholeheartedly embrace [the new landscape].” (23:12)
- Technical and business acumen must now both be developed.
Rapid Change and Adaptability
- “Getting comfortable with using modern tools...being comfortable in change and adopting new ways of working is probably where you have to really show your mettle.” (24:36–25:17)

Practical Advice for Practitioners and Employers

“Look for a good balance between technical skilling and empirical knowledge...but also [develop] non-technical skills: problem-solving, teamwork, collaboration, communication, critical logical thinking...” (25:26)
“It's not all about technology...it's about the intersection of those two.” (25:54)
“Security pros are obviously about risk management ultimately...We are the purveyors of taking appropriate risk within appetite and in the business get what it needs to be done.” (26:13)

Memorable Quotes & Moments

On AI Skills Leap-Frogging the Field:
“If you looked sort of two years ago, it was either not on the survey or very, very low down and now it's ... the number one desired technical skill.” —John France [16:10]
On Entry-Level Job Fears:
“Do we see the wholesale elimination of entry-level jobs by technology? Very, very rarely, if at all.” —John France [21:16]
On the Profession’s Evolution:
“Our business skills and acumen have to complement it at the senior level. So... balance that against being able to communicate, talk and operate at a business level.” —John France [23:12]

Final Segment: AI Audits an Apple II Program

[28:22 – 29:30]

Microsoft Azure CTO Mark Russinovich uses Claude Opus 4.6 AI to analyze his 1986 Apple II utility (“Enhancer”).
AI decompiled the ancient 6502 machine code and instantly spotted subtle bugs (e.g., failure to throw errors when a line wasn’t found).
Significance: Illustrates that modern AI can scrutinize low-level legacy code—a boon for defenders patching old systems, but also a “powerful new way” for attackers to hunt vulnerabilities in forgotten firmware and legacy code.

Notable Timestamps

| Segment | Timestamp |
|--------------------------------------------------------|----------------|
| Israel-Iran cyber strike | 00:12 – 04:00 |
| Trump admin cyber strategy | 04:00 – 06:30 |
| DHS leadership shakeup | 06:30 – 08:00 |
| Velvet Tempest, Clipx Daemon malware | 08:00 – 11:40 |
| Romance/BEC scammer prosecution | 11:40 – 13:00 |
| Gov’t tracking via online ads | 13:00 – 15:00 |
| Cybersecurity business & funding update | 15:00 – 15:30 |
| Interview: John France, ISC2 (cybersecurity workforce) | 15:34 – 26:30 |
| AI audits Apple II utility | 28:22 – 29:30 |

Tone & Style

The episode maintains an informative, brisk, and professional tone, interspersed with conversational directness—especially in the interview segment. Dave Bittner, the host, balances technical depth with accessibility, and the interview with John France is data-driven yet approachable.

For Further Reading

Links to all stories and the ISC2 Cybersecurity Workforce Study can be found in the CyberWire daily briefing (see show notes).

Summary prepared for listeners who need a comprehensive understanding of this episode’s most important topics and insights.

Loading summary

Transcript23 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire Network powered by N2K.
[00:13]
Interviewer/Host
When cyber threats strike, minutes matter. Booz Allen brings the same battle tested expertise trusted to protect national security to defend today's leading global organizations. They safeguard their data, strengthen enterprise resilience and mobilize in minutes across energy, healthcare, financial services and medicine manufacturing. Their teams don't just respond, they anticipate, outthink and stay ahead of evolving threats. This is powerful protection for commercial leaders only. From Booz Allen. See how your organization can prepare today@booz allen.com Commercial. Israel claims a strike on Iran's cyber warfare headquarters the Trump administration releases a new national cyber strategy. DHS shakes up its IT and cybersecurity leadership. Velvet Tempest uses click fix to drop loaders and rats. Researchers uncover a Linux cryptocurrency clipboard hijacker. The DOJ brings a Ghanaian romance scammer to justice. Online advertising enables government tracking we got our Monday business breakdown. Our guest is John France, CISO from ISC2, sharing some insights and findings from their 2025 ISE2 Cybersecurity Workforce Study and an Apple II app gets audited by AI. It's Monday, march 9, 2026. I'm dave buettner and this is your cyberwire intel briefing. Thanks for joining us here today. It's great as always to have you with us. Happy Monday. Israel says it struck a Tehran compound that allegedly housed Iran's cyber warfare headquarters, the Intelligence Directorate and other key military units, including elements of the Islamic Revolutionary Guard Corps. The Israel Defense Forces announced the operation but provided few operational details beyond a digital illustration of the site. While the strike targeted facilities linked to Iran's cyber operations, its actual impact on Tehran's cyber capabilities remain unclear. Threat intelligence monitoring suggests cyber activity tied to Iran has continued despite the attack. Analysts note that cyber operations often rely on distributed infrastructure and remote operators, meaning physical facilities are not always critical to ongoing campaigns. Additionally, a nationwide Internet blackout in Iran following February 28 US Israeli strikes appears to have disrupted connectivity more than the destruction of the compound itself. Security researchers warn that Iranian state sponsored groups have already established access within regional networks before hostilities escalated. These pre positioned capabilities, along with externally operated infrastructure, could allow operations to continue even while domestic connectivity is degraded. The Trump administration released a new national cyber strategy Friday that emphasizes stronger offensive cyber operations, protection of federal networks and critical infrastructure, streamlined regulations and expanded use of emerging technologies like AI and post quantum cryptography. The document outlines six pillars, including shaping adversary behavior through both government and private sector cyber capabilities, modernizing federal systems with zero trust and advanced encryption, securing infrastructure and supply chains and building a stronger cybersecurity workforce. The strategy also promotes reducing regulatory burdens while encouraging coordination between government and industry. Separately, President Trump signed an executive order directing agencies to prioritize prosecution of cybercrime and fraud, including efforts against foreign backed criminal networks. Industry groups broadly welcome the strategy's focus on deterrence, innovation and regulatory reform. Though some lawmakers criticized it as vague and lacking a detailed implementation plan. The White House said more detailed guidance will follow in future policy documents. The Department of Homeland Security is undergoing a shakeup in its IT and cybersecurity leadership, with multiple senior officials departing amid a broader reorganization. Chief Information Security Officer Hemant Baiduan is expected to leave later this month following the February exit of Deputy CISO Amanda Day, who has joined Workday as vice president of cybersecurity and trust. Sources say the changes are part of a wider realignment led by DHS Chief information officer Antoine McCord, aimed at consolidating IT leadership across the department's component agencies under the central DHS CIO office. The effort reportedly includes placing headquarters personnel into key technology roles across agencies such as FEMA and cisa. The leadership churn coincides with other high level changes, including the departure of Homeland Security Secretary Kristi Noemi. Some officials warn the upheaval could risk a brain drain at DHS during a period of heightened geopolitical tensions and cyber threats. The ransomware group Velvet Tempest is using the ClickFix social engineering technique and built in Windows tools to deploy donut loader malware and the Castle Rat backdoor, according to researchers at Malbeacon. The activity was observed over 12 days in an emulated US nonprofit network with more than 3,000 endpoints. Attackers gained access through a malvertising campaign that presented a fake captcha and instructed victims to paste an obfuscated command into the Windows run dialog. The command launched nested command line processes that downloaded malware loaders, followed by PowerShell scripts used for reconnaissance code credential harvesting from Chrome and staging additional payloads, the intrusion ultimately deployed Donut Loader and retrieved Castle Rat, enabling persistent remote access. Although Velvet Tempest is known for deploying major ransomware strains such as rioc, Revil, Conti and Lockbit, researchers did not observe ransomware being executed in this case. Researchers at Sibyl Research and Intelligence Labs identified a new Linux malware strain called Clipx Daemon, an autonomous cryptocurrency clipboard hijacker targeting x11 based environments delivered through a loader structure previously linked to shadow HS activity. The malware appears unrelated to that campaign, with both likely using the same open source bincryptor encryption framework independently. Clipx daemon operates without command and control infrastructure or external communication. Instead, it monetizes victims by monitoring the system clipboard and replacing copied cryptocurrency wallet addresses with attacker controlled ones. The malware targets multiple currencies including Bitcoin and Ethereum. The attack chain uses a three stage an encrypted loader, a memory resident dropper and and a persistent on disk ELF payload. It employs stealth techniques such as process masquerading, demonization and avoidance of Wayland sessions operating only in X11 environments. Researchers say the campaign reflects a shift toward autonomous user focused financial malware on Linux systems. A Ghanaian national, Derek Von Yebo, pleaded guilty to participating in a global fraud scheme involving romance scams, scams and business email compromise. According to the US Justice Department. The Ghana based operation caused more than $100 million in losses, with about $10 million attributed to Van Yebal. Prosecutors say he posed as romantic partners to gain victims trust and convince them to send money, and also impersonated business executives or suppliers in BEC scams to redirect corporate payments. He additionally helped launder proceeds from the fraud. Van Yebo pleaded guilty to conspiracy to commit wire fraud, which carries a maximum 20 year prison sentence, and agreed to pay more than $10 million in restitution and forfeiture. New reporting shows U.S. customs and Border Protection has used location data drawn from the online advertising ecosystem to track people's phones without warrants. Documents obtained by 404 Media confirm the agency relied partly on data generated through real time bidding, the advertising process that auctions ad space on websites and apps. RTB broadcasts user information such as device identifiers and location data to thousands of companies during ad auctions, allowing data brokers to collect and sell that information. Law enforcement agencies have purchased this data to track individuals movements, often bypassing traditional warrant requirements. Privacy advocates warn the practice exposes how surveillance based advertising systems can enable government monitoring. Experts urge stronger privacy laws, limits on precise location data in ad systems and restrictions on the sale of sensitive data to authorities. Individuals can reduce exposure by disabling advertising IDs and limiting apps location permissions. Turning to our Monday business breakdown, several cybersecurity startups announced major funding rounds as investors continue backing AI driven security platforms and resilience technologies. Upguard raised $75 million in a series C round to expand its AI powered cyber risk posture management platform and pursue acquisitions. Israeli firms Gambit Security and Fig Security emerged from stealth with $61 million and $38 million, respectively, to develop cyber resilience and SecOps platforms. Jetstream Security launched with $34 million for AI governance and security tools, while Threat Aware secured $25 million to expand its cyber asset management platform. Armor code raised $16 million to advance its AI exposure management platform, and SecFix obtained $12 million to grow its compliance automation services. In mergers and acquisitions, Zurich Insurance Group plans to acquire UK cyber insurer Beasley for about $11 billion to expand cyber risk coverage. Other deals include Echo acquiring ot security firm Datalogix, Myriad 360 buying technology provider Advisex and Bastion Security Group acquiring Australian security engineering firm Astralis. Be sure to check out our weekly business briefing that's on our website and is part of Cyberwire Pro. Coming up after the break, my conversation with jon France from ISC2 with some of the insights and findings from their cybersecurity workforce study and An Apple II app gets audited by AI Stick around. AI is changing how enterprises operate and how they stay protected. It's time to eliminate risk and protect innovation. From March 23rd through the 26th, join Trend AI for actionable AI security insights. Catch impactful sessions at RSAC, then unwind and grab a bite at their lounge in Troposweno. Experience industry leading AI security in person. Engage with the experts and get your chance to win $500,000. San Francisco lets AI fearlessly. Learn more at trend micro.com RSA. If you're defending a network today, there's a simple question worth asking. What does the attacker see when they look at your organization? Nord Stellar helps answer that. Nord Stellar is a threat exposure management platform that gives security teams visibility into external risks, including leaked credentials, active session tokens, impersonation attempts and exposed assets across the surface web and the dark web. It's built to help organizations detect the consequences of breaches early, before attackers turn access into action. From monitoring for infostealer malware logs to identifying cybersquatting and brand abuse, Nord Stellar helps teams focus on the threats that actually matter. Executives get clear, actionable insights tied to business risk. Security teams get real time alerts and one of the largest deep and dark web intelligence pools in the industry. Cybercriminals may already be looking for your weak spots. Don't make it easy for them. Be the one that's prepared. Defend your business with Nordstellar. Use the code CYBERWIRE10 to unlock your exclusive discount. Go to nordstellar.com cyberwire daily and learn more. John France is chief Information security officer at ISC2. I recently caught up with him for insights and findings from their 2025 ISC2 Cybersecurity Workforce Study.
[15:34]
Dave Bittner
We've actually been running this for a good, good number of years now. So it's kind of one of our year to year reports. So it's got referential integrity, I. E. You can look at the trend. Even if you disagree with the absolute figures, the trend is what's important and some of the insights that come from it. So it drills into a number of areas, technical skills and covers around 16 this year. 16,000 cybersecurity professionals have input into the report. So pretty big survey.
[16:03]
Interviewer/Host
Yeah, pretty big sample size there. Let's dig into some of the results here. What were some of the findings that caught your eye?
[16:10]
Dave Bittner
Yeah, there's a few you cannot mention. Cannot talk about technology if you're not going to talk about AI. So AI is an in demand skill. No surprise there. I think probably what's surprising is if you looked sort of two years ago, it was either not on the survey or very, very low down and now it's leased by the professionals. The number one desired technical sk. I think it's number two by hiring managers. So that's really leapt up to the fore. That's one of the sort of the key findings and really a shift from that. Do we have enough people in the seats to actually do the people have the right skill sets that we need to protect society? So, and it's the latter. It's a focus on skills and skill sets rather than just the sheer number of people. Really came through loud and clear and we started to see that trend come through the 2024 survey as well, which is reinforcing that direction of travel.
[17:10]
Interviewer/Host
Can we dig into that notion of the skills shortages? Because I think as you mentioned, that's been trending for a few years now. Unpack that for me. What does that really mean for both the folks out there looking for jobs and the folks looking to hire?
[17:25]
Dave Bittner
So I think there's sort of two components to it. One is cybersecurity profession requires and desires, not just requires skilled professionals within it that are market current. I think that's what's really come to the fore again, that that leapfrog of AI shows that an in demand skill set or an in demand technology in the business sense translates to an in demand skill set in the cyber security sense. Not only using AI for good security outcomes, but obviously securing AI as well. So the business can go and execute on that opportunity in a risk managed way. So it and some of those skills are fast moving, AI being one of them. And we've actually seen really some of the non technical skills. So things like strong problem solving, teamwork and collaboration skills come to the fore. Strong communication skills is now one of the most expressed desired non technical skills. And I think that shows an adaptability of what a cyber pro needs to be so technically proficient absolutely in the relevant technologies and the relevant security stuff, but also now a true member of business able to communicate logically, think and problem solve.
[18:38]
Interviewer/Host
I hear so many people out there saying that they're finding frustration when they're out there looking for these jobs. And yet on the other side you'll hear hiring people who I, I guess the, the old chestnut has been that they're out, they're looking for unicorns and so it's hard for the, the people who are just starting out to find their place. Is that reflected in the survey at all?
[19:02]
Dave Bittner
Well, we didn't look sort of at the absolute numbers game but I think there is a little bit of difference between hiring managers are looking for and what so the number one non technical skill demanded there was problem solving 29% versus the professional view which is problem solving is 55% but actually top there was the communication skills. So yeah, there's a little difference between the desire line and actuality. But I think if you sort of really unpack it, we've got some interesting macroeconomic conditions. So there's continuing pressure on resources and budgets and therefore that means if you have a limited hiring opportunities, you're going to want to hire the people that are most compatible with what you're looking for. So I think that piece of rarity comes through and that's maybe what's stressing the market a little bit, you know. And if we concentrate on the non technical skills, those are things you can use to differentiate hard technical skills are learnable and teachable and trainable. The quid pro quo is we should do that as a profession anyway and a good employer does. But balance that against some of the non technical and develop those as equally. So there are jobs out there, but they may be looking for something slightly different. And you mentioned entry level. I think what we've seen in this year's survey and in previous is really a focus on some, some of the experiences that you bring, not just the qualifications that you bring and there's a number of good ways of going to get them. So we're not precluding entry level at all. In fact, I know personally in my team we've got to build the next generation. So looking for entry level skills is one of those key things a profession has to do.
[20:54]
Interviewer/Host
You mentioned AI. What sort of pressure is that putting on the folks in that entry level position there? Are we finding folks, people displaced by the AI tools already?
[21:06]
Dave Bittner
I think what we're starting to see is potentially a change in shape of the job. So AI. I know there was a posit and many comments have said it's going to disintermediate entry level positions. I don't think that's true. I think what the entry level position will do is slightly different. Technology has always been moving along at a pace and we've seen jobs change and react to technology. And do we see the wholesale elimination of entry level jobs by technology? Very, very rarely, if at all. But what you do in that entry level position has definitely changed. So we're seeing AI as a desired skill for entry level positions as well, which is actually how to use it effectively, so using it for good security outcomes. And we sort of talk a little bit about AI being used to get to a decision point quicker. So it's going to speed up and make you efficient in what you do. Again, embrace it. And I think entry level people are probably AI natives more than, you know, like me and potentially you, so they're well equipped and well placed to adopt it rapidly. And I think that that's the other thing. AI is probably one of those skills that has been rapidly adopted so from very little two years ago to pretty much the top in demand two years henceforth. So that rate of change is probably the. Not a shocker, predictable sort of a little bit, but still noteworthy. You know, rate of change is going up, it's not going down.
[22:45]
Interviewer/Host
Yeah. John, I'm curious for your opinion on this. I mean I was talking to someone not long ago, a senior level person who was concerned that it was going to be harder for people to accumulate the skills to become a senior level person because there are fewer opportunities on the way up and perhaps AI displacing some of those folks. Do you share that view?
[23:12]
Dave Bittner
No, not, not wholesale. I think actually what's. If you're going to make it to the senior echelons in cyber security, historically it's been looked at as a very technical discipline and technical career path. I that notion is somewhat softening quite rightly as we become closer to partnering for business. Our business skills and acumen have to complement it at the senior level. So yes, understand technology, risk controls and all that good stuff, but balance that against being able to communicate, talk and operate at a business level. So I think actually as cyber professionals, especially at the senior level, it's about getting some of those opportunities and experiences in the sort of the arts of business, not just the arts of security. So I think, I think it's a different landscape to what we traditionally seen maybe a decade ago and one actually I wholeheartedly embrace. Yes, I'm a techie but, but I love business as well. Technology is usually in service to a business outcome.
[24:19]
Interviewer/Host
Yeah, when we talk about AI and the attractive skills that people are bringing to the table here, did their surveys dig into that at all? Are there specific, specific things that are going to have someone's resume put to the top of the pile?
[24:36]
Dave Bittner
No, we, I mean I don't think we've got a hard data on, you know, is it large language model, is it prompt injection, is it whatever, it didn't go, it didn't go to that level. So we don't have that kind of empirical data to reflect back. Yeah, but again I come back to that rapidity of change. So you know, this week it might be AI per incident response and next week it might be for something different. I think getting comfortable with using a modern tooling and tool sets and technologies being one of them is probably where you've got to really show your metal, as it were, which is comfortable in change and comfortable in adopting new ways of working.
[25:18]
Interviewer/Host
Well, based on the information that you all have gathered here, what's your advice? What sort of words of wisdom do you have for the folks who are out there?
[25:27]
Dave Bittner
I think it's actually employers and not just getting employed, but whilst you're in job. We're looking for a good balance between technical skilling, empirical knowledge that's teachable, trainable, so certification is part of that, but also some of those non technical skills, in fact that's they tend to be good differentiators. So strong problem solving skills, teamwork, collaboration, communication, critical logical thinking, those kind of things are a really, really good way to show adaptability and really sort of go in with a balanced approach. It's not all about technology, it's not all about business, it's about the intersection of those two. And security pros is obviously about risk management ultimately. What's the old phrase, you can't accumulate without speculation and speculation you need to take some risk as well. So we are the purveyors of taking appropriate risk within appetite and in the business get what it needs to be done and actually being part of that change.
[26:31]
Interviewer/Host
And we'll have a link to ISC2's 2025 ISC2 Cybersecurity Workforce Study in the show notes our thanks to John France for joining. No, it's not your imagination. Risk and regulation really are ramping up and customers expect proof of security before they'll sign that deal. That's where Vanta comes in. Vanta automates your compliance process and brings compliance, risk and customer trust together on one AI powered platform. Whether you're preparing for SOC 2 or managing an enterprise governance risk and compliance program, Banta helps keep you secure and keeps your deals moving. Companies like Ramp and RYTR spend 82% less time on audits with Vanta. That's not just faster compliance, that's more time for growth. Take it from me, if you're thinking about compliance, take the time to check out Vanta. Get started@vanta.com cyber.
[27:47]
Dave Bittner
So good so good so good.
[27:49]
Nordstrom Rack Advertiser
New markdowns up to 70% off are at Nordstrom Rack stores now. And that means so many new reasons
[27:56]
Dave Bittner
to rack cause I always find something amazing. Just so many good brands cause there's always something new.
[28:02]
Nordstrom Rack Advertiser
Join the NordicLub to unlock exclusive discounts. Shop new arrivals first and more. Plus buy online and pick up at your favorite Rack store for free. Great brands, great prices. That's why you rack.
[28:23]
Interviewer/Host
And finally, Microsoft Azure CTO Mark Russinovich recently decided to revisit a piece of his own programming history. A small Apple II utility he wrote in 1986. He gave it a modern audit courtesy of AI. The program, called Enhancer, was written in 6502 machine code to extend Applesoft Basic with more flexible goto and gosub commands. Russinovich fired up Claude Opus 4.6, which promptly decompiled the four decade old code and spotted several flaws, including a subtle bug where the program quietly misbehaved. Instead of throwing an error when a destination line wasn't found, the fix, in hindsight, was check the carry flag. The discovery is mostly nostalgic trivia for Apple II enthusiasts, but it highlights a broader shift. Modern AI systems can now analyze low level code and uncover vulnerabilities in software that humans may not have examined for decades. That capability could help defenders patch old systems, though it also gives attackers a powerful new way to hunt for bugs lurking in the world's vast supply of aging firmware and legacy code. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing@thecyberwire.com don't forget to check out the Grumpy Old Geeks podcast, where I contribute to a regular segment on Jason and Brian's show. Every week. You can find Grumpy Old Geeks, where all the fine podcasts are listed. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's lead producers, Liz Stokes, were mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our contributing host is Maria Vermazes. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. If you only attend one cybersecurity conference this year, make it RSAC. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26 I'll see you in San Francisco.