CyberWire Daily: "Persistent Threats in a Shifting Battlefield"

Date: March 18, 2026
Host: Dave Bittner (A), N2K Networks
Featured Guest: Braden Rogers (B), Chief Customer Officer, Island

Episode Overview

This episode explores the resilience and evolution of persistent cyber threats globally—touching on recent state-level cyber operations, exposed espionage campaigns, national cyber policy changes, and emerging attack techniques. The centerpiece interview features Braden Rogers, who examines the security needs of AI-powered browsers for enterprises and how agentic (AI-empowered) workflows can be securely integrated into business environments. The episode also spotlights new malware trends, major security flaws, the rise of quantum cryptography, and a unique courtroom tech moment.

Key Topics & Discussion Points

1. Global Cyber Operations and Threat Landscape

Iranian Cyber Resilience Despite Setbacks
- Despite recent kinetic strikes killing two key Iranian cyber ops figures, related hacking activity persists:
  - HANDELA group claims significant attacks (e.g., Stryker, Verifone, Albania’s Parliament).
  - Iranian cyber operations are decentralized, resilient, leveraging tools like Starlink and possibly AI.
  - Quote: "Iran's cyber operations appear resilient and decentralized. Groups continue operating despite leadership losses..." (00:02)
Major Tensions: US, EU, and Tech Giants
- US lawmakers demand that Big Tech (e.g., Alphabet, Meta, TikTok, X) supply communications with EU officials about the Digital Services Act.
- Concerns over encrypted, disappearing messages (Signal) and tension around data retention and censorship.
Russian Espionage Exposure
- Researchers uncover open Fancy Bear server (2,800+ emails, 240 credentials, new XSS payload):
  - Victims across Eastern Europe and Balkans.
  - Illustrates both operational reach and the vulnerabilities of sophisticated groups.
Japan’s Shift to Offensive Cyber
- Self Defense Forces are authorized to conduct proactive cyber attacks starting October 1.
- Responds to a "worsening threat environment" while pledging privacy safeguards.
CISA’s Call for Cross-Agency Flexibility
- Acting Director Nick Anderson advocates for agencies to "defer to whichever organization has the strongest relationship with affected operators" for swift, coordinated response, moving beyond rigid sector designations.

2. Technical Threats & Vulnerabilities

Malware Targeting Infrastructure
- New Eclipsium report:
  - Mirai-derived condibot converts Linux devices to DDoS nodes.
  - Monaco brute-forces SSH credentials for crypto mining, affecting diverse network devices.
  - Supported by data indicating sharp rise in exploitation post-vulnerability disclosures.
AI Font-Based Attacks
- LayerX shows AI assistants can be tricked by custom fonts into missing malicious instructions (no JS/exploit required—pure CSS/HTML manipulation).
Critical Schneider Electric SCADA Flaw
- Vulnerabilities in SCADA Pack and Remote Connect:
  - CVSS 9.8 (improper input validation in Modbus TCP).
  - Enables code execution or denial-of-service; urgent patching and network segmentation advised.
Quantum Cryptography’s Turing Award
- Charles Bennett & Gilles Brassard win for BB84 protocol.
- Highlight: Quantum key management "offers a model where security is rooted in physics, not computational difficulty."

Featured Interview: Braden Rogers, Island

Topic: Making AI Browsers Safe for Enterprises (Starts 14:37)

AI in the Browser — The New Corporate Battlefront

Browsers as Primary Workplace Tools
- "The most common pervasive interface... is a browser. You don't have to train your end users..." (14:37, B)
- AI integrates into workflow via browsers—making browser security enterprise-critical.
- Consumer browsers not designed for corporate policy/data protection.
Enterprise Browser vs. Consumer Browser
- Most browsers only offer basic settings for company use; not true enterprise-grade control.
- Quote: "They've wedged in... basic enterprise settings. But... to transform the browser into something where we manage true actual policy... that's a managed browser at best." (18:08, B)
Risks of Consumer-Grade AI Browsers
- Industry consensus (e.g., Gartner) cautions: "CyberSecurity must block AI browsers for now."
- "The general focus around... AI has been a very consumer-centric approach... We need to make it enterprise grade." (19:43, B)

How to Securely Harness AI in the Enterprise Browser

Contextual Understanding & Tenancy Recognition
- The browser must detect if a user is accessing personal vs. corporate AI resources and apply different controls.
- "Recognizing tenancy, letting users freely have access to personal stuff... without company data spilling beyond the boundary..." (20:56, B)
- Emphasizes enabling sanctioned workflows without blanket blocking, enabling a "say yes" philosophy.
Enterprise Functionality and Policy Enforcement
- Features:
  - Built-in redaction, policy enforcement, identity/contextual awareness.
  - Restrict AI access but allow flexible, policy-driven engagement.
- "We can take any AI provider and make them enterprise ready by building their mechanics into the browser..." (20:56, B)
- Integration includes simple mechanics (buttons, panels) for easy access to sanctioned AIs.
Agentic/AUTONOMOUS AI — Benefits and Guardrails
- The promise and peril: automated agents acting on behalf of users (agentic workflows).
- Key risk: prompt injection attacks and agents exceeding policy boundaries.
- "Letting agentic workflows work in the confines of a very tightly governed and sanctioned policy so that they don't run amok..." (24:45, B)
- Monitoring metrics: how automation is used, time saved, value delivered.

Humans + AI Agents — Not a Zero-Sum Game

Empowering (Not Replacing) the Workforce
- "The best employees in your future... are the ones who know how to use AI most effectively in their job..." (26:19, B)
- Importance of human oversight: AI helps, but critical decisions require human review/intervention.
- Healthcare example: AI assists, but doctors approve prescriptions.
- "So both can work hand in hand very effectively." (28:31, B)

Notable Quotes & Memorable Moments

On Browser Evolution:
"The evolution of the browser and the rush toward more and more browser centric stuff is being accelerated by AI." (16:55, B)
Policy Philosophy:
"You can say yes to anything, but company data just won't spill over to these personal areas." (20:56, B)
On AI Agent Risks:
"The concern Gartner brought up is... the agent running amok and doing things outside... your existing policies..." (24:20, B)
On the Workforce of the Future:
"When you're making a hire... you care about somebody that knows how to use AI... maybe a little bit less about somebody who knows where the comma goes in a sentence." (26:38, B)

Other News & Closing Stories

Quantum Cryptography Recognized

Turing Award awarded for quantum protocols foundational for future security.

Tech in the Courtroom — A Smart Glasses Incident

UK insolvency case affected by a witness allegedly receiving live AI-driven coaching via smart glasses.
Judge and interpreter observed suspicious behavior—blurring lines between memory recall and tech-assisted testimony.

Important Timestamps

00:02 — Global threat landscape updates (Iran, Russia, Japan, CISA, malware, vulnerabilities)
14:37 — Start of Braden Rogers interview: AI and enterprise browsers
19:25 — Gartner’s recommendation against AI browsers for enterprises
24:45 — Agentic AI risks and enterprise guardrails
26:19 — AI’s impact on workforce and productivity
28:31 — Conclusion of Rogers interview
29:18 — Smart glasses incident in UK court

Summary Takeaways

Cyber threat actors remain adaptive and persistent globally, even when facing direct attacks and leadership loss.
Attackers accelerate exploitation of network devices and continue to innovate (AI, quantum, font-based attacks).
Regulatory pressure is rising on tech firms, and new rules challenge longstanding data/privacy approaches.
Enterprise AI security demands dedicated, purpose-built browsers—consumer models are insufficient.
Agentic AI browsers must blend automation and robust human oversight—productivity gains require strong policies and context-aware controls.

For further reading, the episode links to Gartner’s "CyberSecurity must block AI browsers for now" report.

This summary captures the core discussions, key technical themes, and expert perspectives, providing a comprehensive overview for anyone who missed the episode.

CyberWire Daily: "Persistent Threats in a Shifting Battlefield"

Date: March 18, 2026
Host: Dave Bittner (A), N2K Networks
Featured Guest: Braden Rogers (B), Chief Customer Officer, Island

Episode Overview

Key Topics & Discussion Points

1. Global Cyber Operations and Threat Landscape

Iranian Cyber Resilience Despite Setbacks
- Despite recent kinetic strikes killing two key Iranian cyber ops figures, related hacking activity persists:
  - HANDELA group claims significant attacks (e.g., Stryker, Verifone, Albania’s Parliament).
  - Iranian cyber operations are decentralized, resilient, leveraging tools like Starlink and possibly AI.
  - Quote: "Iran's cyber operations appear resilient and decentralized. Groups continue operating despite leadership losses..." (00:02)
Major Tensions: US, EU, and Tech Giants
- US lawmakers demand that Big Tech (e.g., Alphabet, Meta, TikTok, X) supply communications with EU officials about the Digital Services Act.
- Concerns over encrypted, disappearing messages (Signal) and tension around data retention and censorship.
Russian Espionage Exposure
- Researchers uncover open Fancy Bear server (2,800+ emails, 240 credentials, new XSS payload):
  - Victims across Eastern Europe and Balkans.
  - Illustrates both operational reach and the vulnerabilities of sophisticated groups.
Japan’s Shift to Offensive Cyber
- Self Defense Forces are authorized to conduct proactive cyber attacks starting October 1.
- Responds to a "worsening threat environment" while pledging privacy safeguards.
CISA’s Call for Cross-Agency Flexibility
- Acting Director Nick Anderson advocates for agencies to "defer to whichever organization has the strongest relationship with affected operators" for swift, coordinated response, moving beyond rigid sector designations.

2. Technical Threats & Vulnerabilities

Malware Targeting Infrastructure
- New Eclipsium report:
  - Mirai-derived condibot converts Linux devices to DDoS nodes.
  - Monaco brute-forces SSH credentials for crypto mining, affecting diverse network devices.
  - Supported by data indicating sharp rise in exploitation post-vulnerability disclosures.
AI Font-Based Attacks
- LayerX shows AI assistants can be tricked by custom fonts into missing malicious instructions (no JS/exploit required—pure CSS/HTML manipulation).
Critical Schneider Electric SCADA Flaw
- Vulnerabilities in SCADA Pack and Remote Connect:
  - CVSS 9.8 (improper input validation in Modbus TCP).
  - Enables code execution or denial-of-service; urgent patching and network segmentation advised.
Quantum Cryptography’s Turing Award
- Charles Bennett & Gilles Brassard win for BB84 protocol.
- Highlight: Quantum key management "offers a model where security is rooted in physics, not computational difficulty."

Featured Interview: Braden Rogers, Island

Topic: Making AI Browsers Safe for Enterprises (Starts 14:37)

AI in the Browser — The New Corporate Battlefront

Browsers as Primary Workplace Tools
- "The most common pervasive interface... is a browser. You don't have to train your end users..." (14:37, B)
- AI integrates into workflow via browsers—making browser security enterprise-critical.
- Consumer browsers not designed for corporate policy/data protection.
Enterprise Browser vs. Consumer Browser
- Most browsers only offer basic settings for company use; not true enterprise-grade control.
- Quote: "They've wedged in... basic enterprise settings. But... to transform the browser into something where we manage true actual policy... that's a managed browser at best." (18:08, B)
Risks of Consumer-Grade AI Browsers
- Industry consensus (e.g., Gartner) cautions: "CyberSecurity must block AI browsers for now."
- "The general focus around... AI has been a very consumer-centric approach... We need to make it enterprise grade." (19:43, B)

How to Securely Harness AI in the Enterprise Browser

Contextual Understanding & Tenancy Recognition
- The browser must detect if a user is accessing personal vs. corporate AI resources and apply different controls.
- "Recognizing tenancy, letting users freely have access to personal stuff... without company data spilling beyond the boundary..." (20:56, B)
- Emphasizes enabling sanctioned workflows without blanket blocking, enabling a "say yes" philosophy.
Enterprise Functionality and Policy Enforcement
- Features:
  - Built-in redaction, policy enforcement, identity/contextual awareness.
  - Restrict AI access but allow flexible, policy-driven engagement.
- "We can take any AI provider and make them enterprise ready by building their mechanics into the browser..." (20:56, B)
- Integration includes simple mechanics (buttons, panels) for easy access to sanctioned AIs.
Agentic/AUTONOMOUS AI — Benefits and Guardrails
- The promise and peril: automated agents acting on behalf of users (agentic workflows).
- Key risk: prompt injection attacks and agents exceeding policy boundaries.
- "Letting agentic workflows work in the confines of a very tightly governed and sanctioned policy so that they don't run amok..." (24:45, B)
- Monitoring metrics: how automation is used, time saved, value delivered.

Humans + AI Agents — Not a Zero-Sum Game

Empowering (Not Replacing) the Workforce
- "The best employees in your future... are the ones who know how to use AI most effectively in their job..." (26:19, B)
- Importance of human oversight: AI helps, but critical decisions require human review/intervention.
- Healthcare example: AI assists, but doctors approve prescriptions.
- "So both can work hand in hand very effectively." (28:31, B)

Notable Quotes & Memorable Moments

On Browser Evolution:
"The evolution of the browser and the rush toward more and more browser centric stuff is being accelerated by AI." (16:55, B)
Policy Philosophy:
"You can say yes to anything, but company data just won't spill over to these personal areas." (20:56, B)
On AI Agent Risks:
"The concern Gartner brought up is... the agent running amok and doing things outside... your existing policies..." (24:20, B)
On the Workforce of the Future:
"When you're making a hire... you care about somebody that knows how to use AI... maybe a little bit less about somebody who knows where the comma goes in a sentence." (26:38, B)

Other News & Closing Stories

Quantum Cryptography Recognized

Turing Award awarded for quantum protocols foundational for future security.

Tech in the Courtroom — A Smart Glasses Incident

UK insolvency case affected by a witness allegedly receiving live AI-driven coaching via smart glasses.
Judge and interpreter observed suspicious behavior—blurring lines between memory recall and tech-assisted testimony.

Important Timestamps

00:02 — Global threat landscape updates (Iran, Russia, Japan, CISA, malware, vulnerabilities)
14:37 — Start of Braden Rogers interview: AI and enterprise browsers
19:25 — Gartner’s recommendation against AI browsers for enterprises
24:45 — Agentic AI risks and enterprise guardrails
26:19 — AI’s impact on workforce and productivity
28:31 — Conclusion of Rogers interview
29:18 — Smart glasses incident in UK court

Summary Takeaways

Cyber threat actors remain adaptive and persistent globally, even when facing direct attacks and leadership loss.
Attackers accelerate exploitation of network devices and continue to innovate (AI, quantum, font-based attacks).
Regulatory pressure is rising on tech firms, and new rules challenge longstanding data/privacy approaches.
Enterprise AI security demands dedicated, purpose-built browsers—consumer models are insufficient.
Agentic AI browsers must blend automation and robust human oversight—productivity gains require strong policies and context-aware controls.

For further reading, the episode links to Gartner’s "CyberSecurity must block AI browsers for now" report.

This summary captures the core discussions, key technical themes, and expert perspectives, providing a comprehensive overview for anyone who missed the episode.

wavePod

Persistent threats in a shifting battlefield.

Summary

CyberWire Daily: "Persistent Threats in a Shifting Battlefield"

Episode Overview

Key Topics & Discussion Points

1. Global Cyber Operations and Threat Landscape

2. Technical Threats & Vulnerabilities

Featured Interview: Braden Rogers, Island

AI in the Browser — The New Corporate Battlefront

How to Securely Harness AI in the Enterprise Browser

Humans + AI Agents — Not a Zero-Sum Game

Notable Quotes & Memorable Moments

Other News & Closing Stories

Quantum Cryptography Recognized

Tech in the Courtroom — A Smart Glasses Incident

Important Timestamps

Summary Takeaways

Summary

CyberWire Daily: "Persistent Threats in a Shifting Battlefield"

Episode Overview

Key Topics & Discussion Points

1. Global Cyber Operations and Threat Landscape

2. Technical Threats & Vulnerabilities

Featured Interview: Braden Rogers, Island

AI in the Browser — The New Corporate Battlefront

How to Securely Harness AI in the Enterprise Browser

Humans + AI Agents — Not a Zero-Sum Game

Notable Quotes & Memorable Moments

Other News & Closing Stories

Quantum Cryptography Recognized

Tech in the Courtroom — A Smart Glasses Incident

Important Timestamps

Summary Takeaways