Summary7 min read

CyberWire Daily – “Grounded by ransomware.”

Date: September 22, 2025 | Host: N2K Networks

Episode Overview

In this episode, CyberWire Daily delivers a rapid-fire roundup of critical cybersecurity news, with special attention to a massive ransomware attack that crippled major European airports. The show also highlights legislative uncertainty in U.S. cyber law, recent high-severity vulnerabilities, data breaches, child exploitation crackdowns, and the shifting landscape of industry security testing. The episode concludes with a deep-dive interview featuring Vision Space’s cybersecurity experts discussing real-world vulnerabilities in space mission software, capped with a cautionary tale about youthful cybercrime.

Key News Stories & Analysis

1. Ransomware Halts European Airports

[00:45] A major ransomware attack struck airport operations in Europe, disrupting check-in and boarding systems at airports including Heathrow, Berlin, and Brussels.
- Collins Aerospace’s Muse software was compromised, forcing airports into manual operations.
- “Heathrow warned staff that more than 1,000 computers may be corrupted, with recovery requiring in-person fixes.” (Dave Bittner, 01:01)
- Brussels Airport cancelled nearly 140 flights in one day.
- Collins has issued patches but admits threat actors may still be present—even after system rebuilds.
- The incident illustrates the explosive growth of ransomware in aviation: attacks up 600% year-over-year (source: Talas).
- Criminal groups are “reaping hundreds of millions annually.” (01:48)

2. U.S. Cyber Legislation in Jeopardy

[02:05] The 2015 Cybersecurity Information Sharing Act is set to expire, threatening key liability protections for firms sharing threat intelligence.
- Legislative gridlock centers around proposed changes that critics say would “gut protections and chill sharing.”
- The looming lapse could “have immediate consequences—hesitation to share critical threat data heightened exposure to attacks.” (02:40)
- Senator Rand Paul has specifically objected, advocating for changes at odds with industry consensus.

3. Critical Vulnerabilities and Data Breaches

Microsoft Entra ID Flaw ([03:04])
- Researcher Dirkjean Molema uncovered a design flaw permitting the forging of access tokens—potentially enabling global admin impersonation on victim tenants.
- Microsoft patched the vulnerability swiftly, but the case underscores dangers in legacy and deprecated APIs.
- “Legacy auth paths and deprecated APIs are high risk inventory—remove and monitor them urgently.” (04:01)
Stellantis Data Breach ([04:22])
- Breach through a third-party vendor exposed customer names and emails; no sensitive info reported.
- Stellantis is warning customers to watch for phishing attempts.
Fortra ‘GoAnywhere’ Flaw ([04:46])
- A major vulnerability fixed, related to command injection and remote code execution via deserialization.
- Past ransomware abuses of this software make the issue more urgent.

4. Europol Targets Online Child Sexual Exploitation

[05:05] International investigation identified 51 children and led to action against 60 suspects across 18 countries.
- Used a blend of classic police work and “AI-driven forensic tools.”
- “The cross border nature… underscored the need for real time intelligence sharing.” (05:47)

5. MITRE ATT&CK Evaluation Opt-Outs Signal Industry Shift

[06:15] Microsoft, SentinelOne, and Palo Alto Networks withdraw from MITRE’s 2025 attack evaluations.
- Officially, they cite “resource prioritization and innovation,” but concerns over the test’s relevance and complexity also loom.
- MITRE intends to “reboot its vendor forum” and refine the process for 2026.

6. Crypto Crime Hits Cancer Patient—Streaming Fundraiser Hijacked

[07:01] A Latvian streamer with stage four cancer had $32,000 in crypto donations stolen after downloading a seemingly safe Steam game.
- The game, “Blockblasters,” was updated with a crypto drainer targeting high-value users.
- Researchers traced the theft to larger campaigns totalling $150,000 and involving sophisticated dropper and payload techniques.
- Crypto influencer Alex Becker stepped in, “quickly replaced the stolen funds with a $32,500 donation.” (08:05)
- Underlines vulnerabilities even on trusted gaming platforms.

7. Monday Business Breakdown

[09:00] $390 million raised in recent investments, along with six notable acquisitions:
- Vega: $65 million for R&D and U.S. expansion.
- Irregular: $80 million to secure frontier AI models.
- CrowdStrike: Acquired Pangea to enhance Falcon’s AI capabilities.
- Accenture: Acquired IAM Concepts, enhancing identity offerings in Canada.
For further business details, Dave directs to N2K Pro and TheCyberWire.com.

Expert Interview: Hacking Satellites with Vision Space

Maria Varmazes (Host, T Minus Space Daily) talks to:

Milenko Starchyk — Head of Cybersecurity, Vision Space
Andrei Olchawa — Cybersecurity Engineer, Vision Space

Background & Research ([14:38]–[15:58]):

Vision Space undertook a systematic, multi-year review of mission control and onboard spacecraft software.
Major focus: Open source mission control systems (e.g., NASA’s Core Flight System, F Prime).

Major Insights:

“There’s a lot that could be found potentially… from a cybersecurity perspective, like low hanging fruits.” (Milenko Starchyk, 16:18)
Dominant issue: Space industry still relies heavily on security by obscurity.
- “If you say like, ‘Oh no, my software is so complex only I can use it,’ that’s definitely not the case. Attackers will download all your files… with large language models, even millions of pages of documents in hours and days.” (16:54)
In open source NASA frameworks, “we found quite a lot of vulnerabilities… more general security issues, partially due to the lack of embedded security in these frameworks.” (17:59)

Vulnerability Findings ([18:37]–[19:06]):

Nearly 40 CVEs and “almost 400 days” of analyst time invested.
Vulnerabilities ranged in severity, with several rated 9.8 or 9.9/10.
- Impacts included everything from “information disclosure to actually getting remote code execution on spacecraft platforms.” (Andrei Olchawa, 19:12)
Three impactful Black Hat demos: Compromising mission control via phishing and demonstrating potential for direct spacecraft takeover.

Disclosure & Solutions ([20:35]):

“We followed the response and disclosure process… worked with NASA… to fix those issues.” (Andrei Olchawa, 20:35)
All disclosed vulnerabilities have since been remediated.

Key Takeaways for the Sector ([21:32]):

Compliance ≠ Security:
- “There’s a big risk with going for strictly compliance… you can still get hacked, but it will not affect you on a legal basis, basically.” (Milenko Starchyk, 21:32)
Lack of actual software testing is widespread. “Your security controls are nice, but if you haven’t tested the software… you’re missing the point.”
- Many issues found could have been resolved early with even basic static analysis.
Commercial sector pitfalls:
- Proprietary software: “It often happens that security is at the very low end of the requirement list… left at the end or not considered at all.” (Andrei Olchawa, 23:35)
- Open source: “Software companies would easily assume… it must be secure because it’s from NASA. Actually, this is the software we find the most vulnerabilities in.” (24:03)

Closing Advice ([24:35]):

Build security in from the start—“it’s never too late,” but don’t let checklists lead to false confidence.
- “Not to go with… crazy requirements, but focus on threats that actually can impact your business severely.” (Milenko Starchyk, 24:51)

Notable Quotes & Memorable Moments

On airport ransomware:
“Law enforcement is investigating. The incident highlights the growing ransomware threat, with aviation cyber attacks up 600% in the last year.” — Dave Bittner, [01:38]
On space software obscurity:
“Security by obscurity… is still very popular in the space industry. That’s a very risky assumption.” — Milenko Starchyk, [16:54]
On high-impact vulnerabilities:
“The highest one we have is 9.9 or 9.8 [severity].” — Andrei Olchawa, [18:58]
On compliance-centric approaches:
“You can still get hacked, but it will not affect you on a legal basis, basically.” — Milenko Starchyk, [21:53]
On overlooked software testing:
“A lot of the issues we found could have been easily caught early on and not kept in the software for many years.” — Milenko Starchyk, [22:55]
On commercial space security attitudes:
“Companies would easily assume… it must be secure because it’s from NASA. Actually, this is the software we find the most vulnerabilities in.” — Andrei Olchawa, [24:03]

Final Story: Youthful Cybercrime and Consequences ([26:00])

Noah Urban’s story: From Minecraft SIM swapping as a teen to “Scattered Spider” gang member behind high-profile ransomware attacks.
- “Noah says he wasn’t a coder, just a smooth talking Floridian who discovered sim swapping through Minecraft… tricking Fortune 500 firms may look like a game to teens, but it’s still fraud.” (Dave Bittner, 26:27)
- Noah gets a 10-year sentence, surpassing the prosecutor’s recommendation, serving as a cautionary tale.

Timestamps: Major Segments

00:45 Ransomware grounds European airports
02:05 U.S. cyber legislation at risk
03:04–04:46 Critical vulnerabilities and data breaches
05:05 Europol operation (child exploitation)
06:15 MITRE ATT&CK evaluation opt-outs
07:01 Streamer’s crypto fundraising heist
09:00 Cybersecurity business funding & acquisitions
14:38–25:22 Vision Space on hacking satellites
26:00 The story of Noah Urban and Scattered Spider

Tone & Style

The episode maintains a brisk, pragmatic, and news-driven tone, blending expert commentary with real-world stakes and just enough narrative flair to make the host’s transitions memorable and approachable.

Summary Takeaway

This episode brings into sharp relief the expanding threat and complexity in today’s cybersecurity landscape—from airports and automotive giants to the cutting edge of space technology—while reinforcing that compliance isn’t a substitute for genuine, ongoing security scrutiny. The Vision Space interview particularly brings home the real risks lurking in inherited software and the ever-dangerous lure of “security by obscurity.”

Loading summary

Transcript24 lines

[00:02]
A
You're listening to the Cyberwire Network powered.
[00:05]
B
By N2K.AI Adoption is exploding and security teams are under pressure to keep up. That's why the industry is coming together at the Data SEC AI Conference, the premier event for cybersecurity, data and AI leaders. Hosted by data security leader Ciera. Built for the industry by the industry, this two day conference conference is where real world insights and bold solutions take center stage. Datasec AI25 is happening November 12th and 13th in Dallas. There's no cost to attend, just bring your perspective and join the conversation. Register now@datasecai2025.com CyberWire a major ransomware attack disrupts airport operations across Europe Congress is on the verge of letting major cyber legislation expire. A critical flaw nearly allowed total compromise of every entra ID tenant. Automaker Stellantis confirms the data breach. Fortra patches a critical flaw in its Go Anywhere MFT software. Europol leads a major operation against online child sexual exploitation. Three of the cybersecurity industry's biggest players opt out of MITRE's 202025 attack evaluations. A compromise steam game drains a cancer patient's donations. We've got our business breakdown. Andres Olchawa and Malenko Starchyk from Vision Space join Maria Vermazes, host of T Minus Space Daily on hacking satellites and how one kid got tangled in scattered spider's we Monday, September 22, 2025 I'm Dave Buettner and this is your CyberWire Intel Briefing. Thanks for joining us here today. Happy Monday. It's great to have you with us. A major ransomware attack has disrupted airport operations across Europe, targeting check in and boarding software supplied by Collins Aerospace. The European Union agency for cybersecurity confirmed that the malware scrambled automated systems, forcing manual workarounds at airports including Heathrow, Berlin and Brussels. Heathrow warned staff that more than 1,000 computers may be corrupted, with recovery requiring in person fixes. Although about half of Heathrow's airlines, including British Airways, restored partial service. Brussels airport canceled nearly 140 flights on Monday. Collins, whose Muse software was attacked, has issued patches but acknowledged hackers remain inside systems even after a rebuild. Law enforcement is investigating. The incident highlights the growing ransomware threat, with aviation cyber attacks up 600% in the last year, according to Talas, and criminal gangs reaping hundreds of millions annually. Congress is on the verge of letting the 2015 Cybersecurity Information Sharing act expire at the end of this month, and the stakes are high. The law gives companies liability protections when sharing cyber threat intelligence with each other and the government essential to timely detection and response. While industry, the Trump administration and many lawmakers favor a clean, multi year reauthorization, repeated attempts at both short and long term extensions have collapsed. Senator Rand Paul has objected to straightforward renewals, pushing instead for changes that industry and colleagues argue would gut protections and chill sharing. With no clear legislative path and the clock ticking, a lapse could have immediate consequences. Hesitation to share critical threat data heightened exposure to attacks and amplified political fallout if a major breach occurs during the gap. A critical design flaw in legacy Microsoft components nearly allowed total compromise of every entra ID tenant. Researcher Dirkjean Molema found undocumented unsigned actor tokens issued by the old access control service and used for internal service to service calls that can impersonate any user for 24 hours and aren't logged or revocable. Coupled with a defect in the deprecated Azure Ad Graph API, an attacker could craft an actor token, target a tenant, impersonate a global admin, and change users, reset passwords or alter configurations with almost no trace in the victim tenant. Microsoft was notified July 14. The company fixed the issue within nine days and issued a public patch on September 4. The takeaway here is legacy auth paths and deprecated APIs are high risk inventory remove and monitor them urgently Automaker Stellantis has confirmed a data breach stemming from a third party vendor supporting its North American customer service operations. The intrusion exposed customer names and email addresses, but no financial or sensitive information. The automaker launched an investigation, alerted law enforcement and began notifying affected customers, warning them to watch for phishing attempts. Stellantis has not disclosed the vendor or number of victims. Fortra has patched a critical flaw in its Go Anywhere MFT software that could enable remote code execution through command injection. The issue stems from deserialization of untrusted data in the licensed servlet, exploitable with a forged license signature. Recent versions include fixes and Fortra urges customers to block public access to the admin console, monitor audit logs and check for suspicious errors while no active exploitation is reported. Past clop ransomware abuses make this vulnerability a serious risk. An international task force coordinated by Europol has identified 51 children and launched proceedings against 60 suspects in a major operation against online child sexual exploitation. Bringing Together officers from 18 countries, investigators met in the Hague to analyze over 5,000 pieces of material using both traditional police work and AI driven forensic tools. The effort produced 276 intelligence packages leading to arrests across multiple jurisdictions. The cross border nature of the crimes, servers, platforms and victims spread across countries underscored the need for real time intelligence sharing. Europol says this collaborative model combining advanced forensics with multinational coordination will guide future efforts. Authorities stress that while police pursue offenders, parents must also take proactive steps, educating children about online risks, setting clear boundaries and encouraging safe reporting of suspicions. Suspicious contact Three of the cybersecurity industry's biggest players Microsoft, SentinelOne and Palo Alto Networks have opted out of MITRE's 2025 Attack Evaluations Enterprise test, raising questions about the program's future relevance. All three cited resource prioritization and innovation as reasons, though experts suggest concerns about the evaluations becoming more promotional than practical also played a MITRE admitted the test may have grown too complex, with tougher scenarios, including cloud environments and alert volume tracking. Despite the withdrawals, a dozen vendors remain in the 2025 round, and Mitre plans to reboot its vendor forum for 2026 to restore industry engagement and refine testing objectives. A latvian streamer fighting stage four cancer lost $32,000 in life saving treat after downloading what appeared to be a verified Steam game during a live fundraiser. Blockblasters, a retro style platformer with very positive reviews, silently drained his cryptocurrency wallet. Initially benign, the game was updated with a crypto drainer on August 30, targeting high value crypto users. Security researchers later tied it to broader thefts of up to $150,000 across hundreds of accounts using a Dropper script, backdoor and Steal C payload. The loss struck during a GoFundMe campaign, but crypto influencer Alex Becker quickly replaced the stolen funds with a $32,500 donation. The case highlights how trusted platforms like Steam can be weaponized, underscoring the need for caution with lesser known or lightly reviewed titles. It's Monday, so that means it's time for our Monday business breakdown. We tracked roughly $390 million flowing into 15 investments plus six acquisitions, so a lively week on the funding side. Vega popped out of stealth with a hefty $65 million across seed and Series A, aiming to beef up R and D and build out its US footprint right alongside them. Irregular focused on securing frontier AI models debuted with an even bigger $80 million raise led by Sequoia targeting model resilience and misuse Prevention. M and A stayed busy, too. CrowdStrike snapped up Pangea to deepen Falcon's AI detection and response story. Think broader coverage across the AI Lifecycle, and Accenture picked up Canada's IAM concepts to sharpen its identity chops across critical industries north of the border. That's this week's business breakdown. If you want the deeper dive on who's buying whom and why it matters for your roadmap, subscribe to N2K Pro and swing by TheCyberWire.com every Wednesday for the latest. Coming up after the break, Maria Varmazes, host of the T Minus Space Daily, speaks with Andres Olchawa and Malenko Starchyk from visionspace. They're talking about hacking satellites and how one kid got tangled in scattered spider's web. Stay with at Talas. They know cybersecurity can be tough and you can't protect everything, but with Thales, you can secure what matters most. With Thales industry leading platforms, you can protect critical applications, data and identities anywhere and at scale with the highest roi. That's why the most trusted brands and largest banks, retailers and healthcare companies in the world are rely on Thales to protect what matters most applications, data and identity. That's Thales T H A L E S learn more@thalesgroup.com cyber compliance regulations, third party risk and customer security demands are all growing and changing fast. Is your manual GRC program actually slowing you down? If you're thinking there has to be something more efficient than spreadsheets, screenshots and all those manual processes, you're right. GRC can be so much easier and it can strengthen your security posture while actually driving revenue for your business. You know, one of the things I really like about Vanta is how it takes the heavy lifting out of your GRC program. Their trust management platform automates those key areas compliance, internal and third party risk, and even customer trust so you're not buried under spreadsheets and endless manual tasks. Vanta really streamlines the way you gather and manage information across your entire business. And this isn't just theoretical. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. That's a pretty impressive number. So what does it mean for you? It means you get back more time and energy to focus on what actually matters, like strengthening your security posture and scaling your business. Vanta GRC Just imagine how much easier trust can be. Visit vanta.com cyber to sign up today for a free demo that's V A N T a dot com CYBER Maria Vermazes is host of the T Minus Space Daily podcast. She recently sat down with Andres Ochawa and Malenko Starchyk from visionspace to discuss hacking satellites.
[14:39]
C
So I'm Milenko Starchik I'm currently leading the CyberSecurity section at Visionspace Technologies. We're a company headquartered in Germany around for I think almost 15 years now. We also have branches now in Portugal and Spain, so currently serving the European space industry needs.
[15:00]
D
My name is Andre Olhara, I've been with the company a couple of years now, working as a cyber security engineer. And I mainly focus on offensive security activities for the space system. So things like penetration testing of some systems, vulnerability research, finding zero days, and we are writing a book for no TouchPress which is called the Spacecraft Hackers Handbook.
[15:30]
A
Milenko and Andrei, thank you both for joining me today. I'm thrilled to be speaking to both of you. And I saw an article on the Register which I read every day about some research that you all presented at Black Hat. And I really wanted to talk to you both about what you found. If you want to sort of recap some of that research, especially for my audience who is predominantly not cybersecurity focused, but they do, they are in the space industry and what you would like them to know about what you've been finding, what those key takeaways are.
[15:58]
C
So our research was a collection of vulnerabilities that we've gathered over the past years. I think 2023, we started doing systematic review of software systems used in a space. So what we were most familiar with are mission control systems. Just from the background we had from maintaining and deploying and configuring these systems, we knew that there's a lot that could be found potentially. So we did like a review of open source mission control systems and found quite a lot of vulnerabilities in them which were mostly from a cybersecurity perspective, like low hanging fruits. But from the space perspective, the software was doing what it was supposed to do. It didn't do anything unexpected. It was just that the hardening was not to the standard which you would expect from an application used for such a sensitive purpose. And that seems to be a very common problem in the space industry, is that the software is not built to withstand modern attacks and modern attackers who know how to take these systems apart. And that there is still like a thinking, yeah, people don't know how to use this application, so they will not be able to do anything without it, which is very, very dangerous. So if you say like, oh no, my software is so complex, only I can use it, that's definitely not the case. Attackers will download all your files. Files. They will read through thousands of pages. Now with large language models, even millions of pages of documents in hours and days and they will go through it and they will figure out how it works. So I think that's a very risky assumption. This security by obscurity, which is still very popular in the space industry. So that's why we did it on open source software, so that we could actually go out and show, okay, here's a systematic problem. In every single of these mission control systems we found issues. And after that we went for onboard software frameworks. So there's two very popular ones from NASA Core Flight System, which is actively used in flying missions, and F Prime, which was developed for the mass helicopter ingenuity. And also in those we found quite a lot of vulnerabilities, but also some more general security issues, partially due to the lack of embedded security in these frameworks.
[18:37]
D
At this point we have found a little bit less than 40 CVEs, almost 400 days in those systems. We just reported a few more on all of the systems we use and they range from different severity, between 5 or 6 to almost 10. Like I think the highest one we have is 9.9 or 9.8, something like that.
[19:07]
A
And that's out of a scale of 10. For my audience who may not know that, that's very severe. Yes, yeah.
[19:12]
D
And also the impact varies between small information disclosure to actually getting a remote code execution on a platform, either spacecraft platform, or a system that is controlling the spacecraft. The ones which we have demonstrated are black hat. So we try to approach the demonstration from different angles to demonstrate what is the impact on the actual spacecraft by getting access to the mission control system either directly or through a phishing campaign. And also, if you are an Asia state and you are actually able to communicate with spacecraft directly because you have capabilities and you are not limited by law, was how you could take over the control of spacecraft or effectively you could break it. So that's how we decided to approach the presentation and that's how we show those three demos. With that in mind.
[20:13]
A
It was super fascinating reading through the different potential capabilities if someone were to exploit these vulnerabilities. And I don't want to try and do fear, uncertainty and doubt here and go, oh, you know, sky's falling. It is just very interesting to see what the potentials were. And I know that these vulnerabilities, it sounds like they've already been remediated. You disclosed them and they've been remediated. So am I understanding that correctly?
[20:35]
D
Yes, yes. So we have. When we discovered those vulnerabilities, we followed the response and disclosure Process where we first notified vendor. In most of the cases it was NASA or the companies that work for NASA. And then we work with them to fix those issues. And we also made some effort to actually tested afterwards.
[20:58]
A
I'm wondering from you both what your thoughts are on takeaways, especially for the commercial space industry around the world, given how much it's growing. This is anecdotal, but often in conversations I've had with people, when I talk to them about cybersecurity for space systems, there's often an attitude of a lot of this is handled by government entities. I don't really need to worry about this as much. And Milenko, you mentioned security through obscurity. I just often wonder, I mean that model seems to be very much failing in the face of scale. I'm just curious your thoughts on that.
[21:33]
C
Yeah, I would say that there's a big risk with going for strictly compliance. I think what most people are referring to is okay, we have to comply with these things. So we have a checklist, we have some threat modeling, we have some mitigations checklists done. Security.
[21:50]
A
I'm good, right? Yeah, security done.
[21:53]
C
At least on a legal perspective. I mean, and that's what people are afraid of is like on a legal perspective, you're good. You can still get hacked, but it will not affect you on a legal basis. Basically. And this is usually where it gets, where people get more careful is when they are more personally impacted by this. So what we've seen is a lack of actual testing. So that's something that we're trying to push for, is that your security controls are nice, but if you still haven't tested the software that is running on your systems, like this custom software on systems which are configured and often maintained over sometimes decades until literally the server falls apart. And then you hope that you have a spare box somewhere in the corner of the room. These systems, they need to be maintained and they need to be tested on a regular basis. And this is something that we see is definitely missing, that you could maybe had the software that we had previously going through compliance cycles over and over again. No one was ever bothering to run like a simple code like static analysis on the code base to see if there are maybe some low hanging fruits in it, which they were. So a lot of the issues we found could have been easily caught early on and not kept in the software for many years.
[23:22]
A
That is interesting.
[23:23]
D
And on the commercial side of things, there are pretty much two ways companies go about it. One way is to develop their own software which is closed source and we don't really know what it is. So it's going to be up to the company to make sure that it's secure. And unfortunately from our experience, it often happens that security is at the very low end of the requirement list. So sometimes, especially for the new space companies, which are often startups, they leave security at the end or they don't consider it at all. And then the other approach is to use some of the already existing software which is open source from NASA, for instance, or other entities developing the open source software and making public. And this is the software which companies would easily assume that the software is secure because, well, it was developed by NASA, so it must be. And actually this is the software we find the most vulnerabilities in.
[24:26]
A
That is fascinating. That is a really interesting takeaway as well, but I want to make sure that I give you both an opportunity if there's anything that you want to mention as sort of a closing thought.
[24:35]
C
So I think it's for people in space industry, it's important to start early with security design and it's never too late. So even if the mission is flying, you can still do your risk assessment, threat modeling and everything. But the importance is to not stop with the compliance checklist, but to actually have verification of those requirements and not to go with like some crazy requirements that just are like, I don't know, someone grabs my spacecraft and deorbits it. Sure that's a risk, but maybe you should focus on a bit more realistic requirements for your case and threats that actually can impact your business severely.
[25:22]
B
Be sure to check out the T minus space daily wherever you get your favorite podcasts. This episode is brought to you by State Farm. Checking off the boxes on your to do list is a great feeling, and.
[25:46]
C
When it comes to checking off coverage.
[25:48]
B
A State Farm agent can help you choose an option that's right for you. Whether you prefer talking in person on the phone or using the award winning app, it's nice knowing you have help.
[25:58]
C
Finding coverage that best best fits your needs.
[26:00]
B
Like a good neighbor, State Farm is there. Investigating is hard enough. Your tools shouldn't make it harder. Maltego brings all your intelligence into one platform and gives you curated data along with a full suite of tools to handle any digital investigation. Plus with on demand courses and live training, your team won't just install the platform, they'll actually use it and connect the dots so fast cybercriminals won't realize they're already in cuffs. Maltego is trusted by global law enforcement, financial institutions and security teams worldwide. See it in action now@maltego.com and finally, at 18, most kids worry about finals or first dates. Noah Urban worried about ransom videos of bloodied teenagers begging him for $200,000. By then, he was a rising star in Scattered Spider, the teenage cyber gang that would paralyze MGM's slot machines and cost Marks and Spencer $400 million. In an interview with Bloomberg, Noah says he wasn't a coder, just a smooth talking Floridian who discovered sim swapping through Minecraft and found his calling as a caller duping telecom reps with a deep voice and good manners. From bricked houses to stolen, unreleased rap tracks, his mischief blurred into menace. The FBI eventually caught up, seizing millions in crypto and a collection of Rolexes. Last month, a Judge handed Noah 10 years more than prosecutors asked, reminding everyone that tricking Fortune 500 firms may look like a game to teens, but it's still fraud. Noah, ever polite, says he loved the life anyway. In the end, Noah's tale is less about a prodigy hacker than a teenager who mistook social engineering for a social life and learned too late that the house always wins. And that's the CyberWire. For links to all of today's stories, check out our daily briefing@thecyberwire.com don't forget to check out the Grumpy Old Geeks podcast, where I contribute to a regular segment on Jason and Brian's show. Every week. You can find Grumpy Old Geeks, where all the fine podcasts are listed. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ivan. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Cyber Innovation Day is the premier event for cyber startups, researchers and top VC firms building trust into tomorrow's digital world. Kick off the day with unfiltered insights and panels on securing tomorrow's technology. In the afternoon, the 8th annual DataTribe Challenge takes center stage as elite startups pitch for exposure acceleration and funding. The Innovation Expo runs all day, connecting founders, investors and researchers around breakthroughs in cybersecurity. It all happens November 4th in Washington, D.C. discover the startups building the future of cyber. Learn more@cid.datatribe.com.