CyberWire Daily — “Socks pulled, patches pushed.”
March 13, 2026
Host: Dave Bittner | Guest Host: Maria Vermazes | Guest: Jack R. Bialik

Episode Overview

The March 13, 2026, episode of the CyberWire Daily delivers the latest developments in global cybersecurity, including law enforcement busts against cybercriminal infrastructure, urgent software patching news, insider threat cases, and employee activism against surveillance tech. The highlight: an in-depth conversation between Maria Vermazes and Jack R. Bialik about the risks of a fully digital society and the peril of knowledge loss in the information age, echoing themes from Bialik’s book, In Lost in Time: Our Forgotten and Vanishing Knowledge.

Key Cybersecurity News & Analysis

1. Europol Dismantles SOX Escort Proxy Service

[00:58]

• Operation Lightning: A major joint action between Europol, Eurojust, and authorities from Austria, France, the Netherlands, the U.S., and others.
• Impact: Seizure of 34 domains, 23 servers, and $3.5M in crypto across 7 countries.
• SOX Escort: Relied on a botnet of 369,000+ compromised routers/IoT devices in 163 countries—infected via exploited vulnerabilities.
• Criminal Use: Ransomware, DDoS, distribution of child sexual abuse material via hijacked residential IPs.
• Quote: “Europol supported the investigation with intelligence analysis, crypto tracing, and coordination, highlighting the importance of international cooperation in disrupting cybercrime infrastructure.” [01:58]

2. Cyber Operations in Iran Conflict

[02:38]

• Imbalance in Capabilities: Israeli and U.S. forces outpace Iranian cyber operations.
• Tactics: Hacking Tehran’s traffic cameras for kinetic targeting, disrupting telecommunications, hijacking prayer apps for anti-regime messaging.
• Iran’s Approach: DDoS, website defacements, hack-and-leak — more symbolic than strategic.
• Global Warning: Organizations advised to boost defenses as Iranian proxies may target countries beyond Israel and the U.S.

3. Urgent Chrome and Veeam Security Patches

[03:18]

• Google Chrome: Rushed updates for two high-severity vulnerabilities already exploited in the wild (Skia graphics library, V8 JavaScript/WebAssembly engine).
  • “Users are advised to update their browsers as rollout may take time.” [03:45]
• Veeam: Four critical RCE flaws; enables low-privileged domain users/external actors to execute code on backup servers.
  • Backup Security: “Backup servers are frequent ransomware targets and attackers often reverse engineer patches to exploit unpatched systems.” [04:38]

4. Insider Threat: Incident Responder Charged with Ransomware

[05:08]

• Case Profile: Angelo Martino, ex-incident responder, charged with participating in Blackcat ransomware attacks.
• Details: Participated as an affiliate, leveraging trusted access; targeted at least 10 U.S. orgs (healthcare, finance, manufacturing, retail); $1.2M ransom paid in one incident.
  • “The case highlights the growing risk of insider threats within the cybersecurity and incident response industry.” [06:10]

5. Thomson Reuters Employee Backlash over ICE Contract

[06:28]

• Context: 200+ employees petition to end a $22.8M contract with U.S. Immigration and Customs Enforcement (ICE), which leverages TR’s data tools for surveillance.
• Worker Concerns: Potential misuse to identify/harass individuals, especially affecting local MN communities.
• Company Stance: Supports national security/public safety but claims to maintain safeguards.
• Demand: Employee and shareholder groups push for stronger human rights oversight.

6. Attackers Abuse Backup Tools for Data Theft

[07:36]

• Analysis: Ransomware attackers use open-source tool restic to exfiltrate data before deploying ransomware (ink ransomware).
• Tactics: Privilege escalation, mapping network shares, scheduled tasks for PowerShell execution; backup staged on AWS/Wasabi S3 via restic.
• Detection Issues: Partial deployment of Huntress agent and absence of SIEM resulted in delayed detection.

7. CISA Flags Critical N8N Vulnerability

[08:34]

• Vulnerability: Allows RCE via abuse of JavaScript expressions—potential system compromise for N8N automation tool users.
• Scope: 100k+ exposed instances, with tens of thousands still vulnerable earlier this year.
• Deadline: Federal patch mandate by March 25.

Feature Interview: Jack Bialik — Lost Knowledge in a Digital Age

[13:30] Maria Vermazes & Jack R. Bialik Conversation

Main Theme:

• The hidden, often-overlooked vulnerability of digital society: Loss of knowledge through technological decay, obsolescence, and lack of preservation practices.
• Inspired by historical episodes—like the destruction of the Library of Alexandria—the book draws a parallel to modern data fragility.

Key Points & Insights

1. Cycles of Knowledge—Ancient to Digital

[14:19]

• “We did all this stuff in antiquity and now we're doing it again. What happened?... Why did this happen?” — Jack R. Bialik
• Examples: Cataract surgery, metallurgy, batteries, vending machines—lost and then reinvented across millennia.

2. Digital Fragility

[15:34]

• “The data density is huge... the lifespan has gotten shorter and shorter and shorter.” — Bialik
• Modern media vs. permanence: Stone tablets lasted millennia; USB drives may fail in a decade.
• Personal anecdote: “I pulled up eight USB drives... only six of them worked.”

3. Museums & Data Obsolescence

[18:05]

• Curator at Computer History Museum: They've had to print computer programs on paper as vintage storage hardware fails.
• “It's a little bit like going backwards, you know, what's going on here?” — Bialik

4. Overwhelming Volume vs. Curation

[20:07]

• “It is an overwhelming problem... who is going to manage this, who is going to catalog all this, what kind of formats are going to last, how can it be easily searchable?” — Vermazes
• Digital data tsunami: photo morgues, family archives, obsolete file standards (JPEG to JPEG 2000).

5. Loss & Forgotten History

[21:14]

• “They estimate only 1.6% of history has been recorded...” — Bialik
• Example: Over 1 million artifacts lost during the Baghdad War, irreplaceably erasing cultural memory.

6. Credit to Our Predecessors

[22:13]

• “We need to give credit to our predecessors that they are as intelligent as we are. We just have a different set of tools.” — Vermazes
• Reflection: “It also made me think, what will people think of us 2000 years from now about our primitive means, what we had available to us.” — Vermazes

7. Recovering and Losing Inventions

[23:24]

• “The vending machine that was in ancient Rome... would dispense holy water... make steam come out and... look like [the idol] was crying so they could get more donations.”
• “Many of the human inventions are the same because we always have a need for a toilet... being able to see. So, you know, those things tend to recur.” — Bialik

8. Takeaways for Listeners

[24:51]

• Corporations: Retention policies must consider what is vital for future generations, not just immediate business needs.
• Historical loss: Roman sewer and plumbing systems were more advanced than medieval Europe’s—a cautionary example.
• Personal action: “What about these... pictures right here are important to our family. And what can I do to save them? Maybe I need to print them or make multiple copies so people have access later on.” — Bialik

Memorable Quotes

• On Digital Fragility:
  “Data density is huge... the lifespan has gotten shorter and shorter and shorter.” — Jack R. Bialik [15:34]
• On Knowledge Loss:
  “They estimate only 1.6% of history has been recorded.” — Jack R. Bialik [21:14]
• On Curatorial Dilemmas:
  “Are we just on this treadmill going over and over, kind of rediscovering the same things? Are we really making that much progress?” — Maria Vermazes [22:41]
• On Respect for the Past:
  “We need to give credit to our predecessors that they are as intelligent as we are.” — Maria Vermazes [22:13]
• On Takeaways:
  “Think about it from a corporate standpoint. What are we saving?... Maybe something on a global culture that we need to save that would be good for humanity all across the world.” — Jack R. Bialik [24:51]

Noteworthy Segment Timestamps

• Europol SOX Bust: [00:58]
• Iran Cyber Ops Imbalance: [02:38]
• Chrome/Veeam Patch Alerts: [03:18]
• Insider Ransomware Charges: [05:08]
• Thomson Reuters-ICE Protests: [06:28]
• Backup Tool Abuse Analysis: [07:36]
• CISA N8N Alert: [08:34]
• Interview Maria Vermazes & Jack Bialik: [13:30] – [26:36]

Additional Briefs

• Flight Fiasco & AI-Generated Fakery ([27:35])
  • A supposed Dubai evacuation flight was exposed by Bellingcat as likely a phantom event after noticing telltale signs of AI-generated photography.
  • “The supposed evacuation flight also proved elusive. Flight tracking data showed no Airbus A321 departing Muscat for the Netherlands on the dates mentioned.”

Summary

This episode blends up-to-the-minute cybersecurity alerts with reflective commentary on the perils of technological obsolescence. News segments make the case for vigilance—whether patching critical vulnerabilities, defending against increasingly creative attackers, or considering the ethical use of data and surveillance tools. The central interview serves as a call to action about the fragility of our digital legacy: We are at risk of becoming "lost in time" if we don’t actively steward, curate, and preserve the knowledge we are creating and storing—both as organizations and as individuals.

Practical takeaways:

• Patch Chrome and Veeam systems without delay
• Monitor for backup mechanisms being abused by attackers
• Audit corporate and personal archival strategies—short device lifespans warrant redundancy and mixed media
• Broaden the retention lens: What should humanity, not just your company, remember?

Episode Title: Socks pulled, patches pushed
Featured Guest: Jack R. Bialik, author of In Lost in Time: Our Forgotten and Vanishing Knowledge
Host: Dave Bittner, Maria Vermazes

For full resources and supporting links, visit cyberwire.com.