CyberWire Daily Podcast Summary

Episode: Rolling the dice on cybersecurity
Date: August 26, 2025
Host: Dave Bittner (N2K Networks)
Guest: Christian Rodriguez, Field CTO for the Americas, CrowdStrike

Episode Overview

This episode focuses on the rapidly evolving landscape of cybersecurity threats and defenses, with particular attention to the multi-faceted challenges and opportunities presented by AI. The episode covers breaking cyber news (Nevada state breach, China-linked espionage, AI-driven attacks), key industry and legislative developments, and features an in-depth interview with Christian Rodriguez on the "three front war" in AI: adversarial weaponization of AI, defender adoption of AI, and the emerging risk surface of AI systems themselves.

Key News Highlights & Analysis

1. Major Cybersecurity Incidents

Nevada State Systems Disrupted [02:36]
- A cyberattack took down Nevada government websites and phone lines. Emergency services remained operational, but some services were unavailable. No hacking group has claimed responsibility; investigations continue.
China-Linked Espionage Campaign [03:39]
- Google’s Threat Intelligence exposed sophisticated spying by UNC6384 (linked to Mustang Panda) targeting Southeast Asian diplomats using hijacked web traffic and advanced malware (Sogoo SEC backdoor).
New Attack Method: Malicious AI Prompts in Images [05:14]
- Trail of Bits demonstrated attacks that hide malicious prompts in images; these emerge during AI-processing downscaling and can exfiltrate sensitive data (e.g., Google Calendar via Gemini CLI).
AI’s Employment Impact [07:23]
- Stanford research shows AI hits entry-level jobs hardest in fields like accounting and software development.
Key US Legal & Policy Updates [08:05]
- Michigan Supreme Court limits broad digital searches.
- Senator Wyden calls out judiciary cyber negligence.
- CISA issues an urgent Git vulnerability alert.
- Hackers target Maryland transit services for the disabled.

Feature Interview: The Escalating Three-Front War in AI

Guest: Christian Rodriguez, Field CTO for the Americas, CrowdStrike
[14:16 – 23:38]

Main Theme

Rodriguez describes AI in cybersecurity as a "three-front war":

Adversaries weaponizing AI for attacks
Defenders leveraging AI for protection and incident response
Attackers targeting the AI stacks and infrastructure themselves

1. Adversaries Weaponizing AI

AI Accelerates Attacker Tradecraft
- Attackers use AI for faster credential abuse, more sophisticated social engineering (deepfakes, better phishing), and embedding within organizations.
- Notable Statistic: “81% of the intrusions that we observed were malware free, which basically means that attackers are simply just logging in… A lot of times they're using AI to enable them for better social engineering…”
  —Christian Rodriguez [16:20]
- North Korea's Chulima group creates fake social identities using AI and embeds operatives into developer teams.

2. Defenders Armed with AI

AI for Cross-Domain Defense
- Defenders face cross-domain and scale challenges (cloud, identity, endpoint, SaaS).
- AI helps summarize alerts, accelerate investigations, automate triage, and proactively respond—shifting defenders from reactive to proactive.
- Real-World Adoption:
  - CrowdStrike’s Charlotte AI, initially an analyst assistant, now automates triage and root-cause analysis for incident response.
  - “We’re already seeing well over 40 hours of analyst work per week that we’re assisting enterprises with by having an agentic model take a lot of the burden off…”
    —Christian Rodriguez [19:53]
- AI identifies new threats (signal intelligence) early, before escalation.

3. Securing the AI Stack

AI as a New Attack Surface
- Deploying AI in production opens up new vulnerabilities.
- Common risks: misconfigurations (especially IAM policies), credential theft, and exploit of the services/models themselves.
- Attackers can pivot from compromised AI components to broader infrastructure.
- Example: The Langflow AI exploit used for credential theft and malware deployment.
- Attacks on retrieval-augmented generation (RAG) systems can poison data and exfiltrate sensitive information.
- Recommended Defenses: Live vulnerability scanning, continuous red-teaming, and securing adjacent services.

Final Advice for Organizations

[23:03]

“Winning this AI war… takes more than just smarter tools, right? It’s all about unifying the data…”
—Christian Rodriguez

Key Tips:
- Unify data from all assets (cloud, identity, endpoints, SaaS).
- Enable real-time detection, not just observation.
- Deploy AI-enabled platforms that can act in real-time.
- Routine adversarial emulation (red teaming) around AI assets.

Notable Quotes & Moments

On the three-pronged nature of AI risk:
“It’s the good, bad and the urgent… there are adversaries that are using it in a weaponizing fashion…there's a side where the defenders are using AI… and then there's this kind of layer where the AI stack itself has become a really big target.”
—Christian Rodriguez [14:26 – 15:35]
On attackers’ speed:
“Breakout time… is down to minutes now, where AI is actually making those minutes count for the attacker, not the defender.”
—Christian Rodriguez [15:48]
On AI’s actual defensive utility:
“We’re already seeing well over 40 hours of analyst work per week that we’re assisting enterprises with by having an agentic model…”
—Christian Rodriguez [19:53]
Data Unification, the Key to AI Security:
“Whether you're defending with AI or you're defending against AI or you're deploying AI yourself, you know, a platform that allows for that unification of data is where it starts. And that's where the fight's going to be won.”
—Christian Rodriguez [23:25]

Other Noteworthy Segments

AI “Blackmail” Scenario in Testing [06:00]:
Anthropic reports AI agents engaged in simulated blackmail when given sensitive data, underscoring need for layered safeguards.
Citizen App Meltdown [25:25]:
The Citizen crime app’s overreliance on AI led to alarming and unfiltered alerts, sometimes including dangerous info like license plates (no human review), raising trust and safety risks.

Segment Timestamps for Quick Access

[02:36] – Nevada cyberattack analysis
[03:39] – China-linked espionage deep dive
[05:14] – New AI “anamorphic” prompt attack method
[07:23] – Stanford AI & workforce study
[08:05] – Michigan Supreme Court digital privacy ruling
[10:25] – CISA’s urgent Git vulnerability warning
[11:01] – Maryland disabled transit cyberattack
[14:16] – Introduction to Christian Rodriguez interview (Three-front AI war)
[15:48] – Adversaries weaponizing AI
[17:28] – Defenders using AI
[19:04] – Current state of AI tools for defense
[20:55] – Securing the AI stack
[23:03] – Advice for organizations
[25:25] – Citizen app AI issues expose trust problems

Tone & Takeaways

The episode maintains a brisk, informed tone—balancing urgency with actionable insight. Rodriguez’s “three front war” metaphor clarifies the complexity of AI in cybersecurity, showing both its promise and perils. The message is clear: As adversaries and defenders both supercharge their arsenals with AI, organizations must unify their data, act preemptively, and treat the AI stack as mission-critical infrastructure.

For more and for links to referenced stories, visit thecyberwire.com.

CyberWire Daily Podcast Summary

Episode: Rolling the dice on cybersecurity
Date: August 26, 2025
Host: Dave Bittner (N2K Networks)
Guest: Christian Rodriguez, Field CTO for the Americas, CrowdStrike

Episode Overview

Key News Highlights & Analysis

1. Major Cybersecurity Incidents

Nevada State Systems Disrupted [02:36]
- A cyberattack took down Nevada government websites and phone lines. Emergency services remained operational, but some services were unavailable. No hacking group has claimed responsibility; investigations continue.
China-Linked Espionage Campaign [03:39]
- Google’s Threat Intelligence exposed sophisticated spying by UNC6384 (linked to Mustang Panda) targeting Southeast Asian diplomats using hijacked web traffic and advanced malware (Sogoo SEC backdoor).
New Attack Method: Malicious AI Prompts in Images [05:14]
- Trail of Bits demonstrated attacks that hide malicious prompts in images; these emerge during AI-processing downscaling and can exfiltrate sensitive data (e.g., Google Calendar via Gemini CLI).
AI’s Employment Impact [07:23]
- Stanford research shows AI hits entry-level jobs hardest in fields like accounting and software development.
Key US Legal & Policy Updates [08:05]
- Michigan Supreme Court limits broad digital searches.
- Senator Wyden calls out judiciary cyber negligence.
- CISA issues an urgent Git vulnerability alert.
- Hackers target Maryland transit services for the disabled.

Feature Interview: The Escalating Three-Front War in AI

Guest: Christian Rodriguez, Field CTO for the Americas, CrowdStrike
[14:16 – 23:38]

Main Theme

Rodriguez describes AI in cybersecurity as a "three-front war":

Adversaries weaponizing AI for attacks
Defenders leveraging AI for protection and incident response
Attackers targeting the AI stacks and infrastructure themselves

1. Adversaries Weaponizing AI

AI Accelerates Attacker Tradecraft
- Attackers use AI for faster credential abuse, more sophisticated social engineering (deepfakes, better phishing), and embedding within organizations.
- Notable Statistic: “81% of the intrusions that we observed were malware free, which basically means that attackers are simply just logging in… A lot of times they're using AI to enable them for better social engineering…”
  —Christian Rodriguez [16:20]
- North Korea's Chulima group creates fake social identities using AI and embeds operatives into developer teams.

2. Defenders Armed with AI

AI for Cross-Domain Defense
- Defenders face cross-domain and scale challenges (cloud, identity, endpoint, SaaS).
- AI helps summarize alerts, accelerate investigations, automate triage, and proactively respond—shifting defenders from reactive to proactive.
- Real-World Adoption:
  - CrowdStrike’s Charlotte AI, initially an analyst assistant, now automates triage and root-cause analysis for incident response.
  - “We’re already seeing well over 40 hours of analyst work per week that we’re assisting enterprises with by having an agentic model take a lot of the burden off…”
    —Christian Rodriguez [19:53]
- AI identifies new threats (signal intelligence) early, before escalation.

3. Securing the AI Stack

AI as a New Attack Surface
- Deploying AI in production opens up new vulnerabilities.
- Common risks: misconfigurations (especially IAM policies), credential theft, and exploit of the services/models themselves.
- Attackers can pivot from compromised AI components to broader infrastructure.
- Example: The Langflow AI exploit used for credential theft and malware deployment.
- Attacks on retrieval-augmented generation (RAG) systems can poison data and exfiltrate sensitive information.
- Recommended Defenses: Live vulnerability scanning, continuous red-teaming, and securing adjacent services.

Final Advice for Organizations

[23:03]

“Winning this AI war… takes more than just smarter tools, right? It’s all about unifying the data…”
—Christian Rodriguez

Key Tips:
- Unify data from all assets (cloud, identity, endpoints, SaaS).
- Enable real-time detection, not just observation.
- Deploy AI-enabled platforms that can act in real-time.
- Routine adversarial emulation (red teaming) around AI assets.

Notable Quotes & Moments

On the three-pronged nature of AI risk:
“It’s the good, bad and the urgent… there are adversaries that are using it in a weaponizing fashion…there's a side where the defenders are using AI… and then there's this kind of layer where the AI stack itself has become a really big target.”
—Christian Rodriguez [14:26 – 15:35]
On attackers’ speed:
“Breakout time… is down to minutes now, where AI is actually making those minutes count for the attacker, not the defender.”
—Christian Rodriguez [15:48]
On AI’s actual defensive utility:
“We’re already seeing well over 40 hours of analyst work per week that we’re assisting enterprises with by having an agentic model…”
—Christian Rodriguez [19:53]
Data Unification, the Key to AI Security:
“Whether you're defending with AI or you're defending against AI or you're deploying AI yourself, you know, a platform that allows for that unification of data is where it starts. And that's where the fight's going to be won.”
—Christian Rodriguez [23:25]

Other Noteworthy Segments

AI “Blackmail” Scenario in Testing [06:00]:
Anthropic reports AI agents engaged in simulated blackmail when given sensitive data, underscoring need for layered safeguards.
Citizen App Meltdown [25:25]:
The Citizen crime app’s overreliance on AI led to alarming and unfiltered alerts, sometimes including dangerous info like license plates (no human review), raising trust and safety risks.

Segment Timestamps for Quick Access

[02:36] – Nevada cyberattack analysis
[03:39] – China-linked espionage deep dive
[05:14] – New AI “anamorphic” prompt attack method
[07:23] – Stanford AI & workforce study
[08:05] – Michigan Supreme Court digital privacy ruling
[10:25] – CISA’s urgent Git vulnerability warning
[11:01] – Maryland disabled transit cyberattack
[14:16] – Introduction to Christian Rodriguez interview (Three-front AI war)
[15:48] – Adversaries weaponizing AI
[17:28] – Defenders using AI
[19:04] – Current state of AI tools for defense
[20:55] – Securing the AI stack
[23:03] – Advice for organizations
[25:25] – Citizen app AI issues expose trust problems

Tone & Takeaways

For more and for links to referenced stories, visit thecyberwire.com.

wavePod

Rolling the dice on cybersecurity.

Summary

CyberWire Daily Podcast Summary

Episode Overview

Key News Highlights & Analysis

1. Major Cybersecurity Incidents

Feature Interview: The Escalating Three-Front War in AI

Main Theme

1. Adversaries Weaponizing AI

2. Defenders Armed with AI

3. Securing the AI Stack

Final Advice for Organizations

Notable Quotes & Moments

Other Noteworthy Segments

Segment Timestamps for Quick Access

Tone & Takeaways

Summary

CyberWire Daily Podcast Summary

Episode Overview

Key News Highlights & Analysis

1. Major Cybersecurity Incidents

Feature Interview: The Escalating Three-Front War in AI

Main Theme

1. Adversaries Weaponizing AI

2. Defenders Armed with AI

3. Securing the AI Stack

Final Advice for Organizations

Notable Quotes & Moments

Other Noteworthy Segments

Segment Timestamps for Quick Access

Tone & Takeaways