A

You're listening to the Cyberwire Network powered by N2K.

B

Think your certificate security is covered. By March 2026, TLS, certificate lifespans will be cut in half, meaning double today's renewals. And in 2029, certificates will expire every 47 days, demanding between 8 and 12 times the renewal volume. That's exponential complexity, operational workload and risk. Unless you modernize your strategy, Cyberark, proven in Identity security is your partner in certificate security. Cyberark simplifies lifecycle management with visibility, automation and control at scale. Master the 47 day shift with CyberArk Scan for vulnerabilities, streamline operations, scale security visit cyberark.com 47day that's cyberark.com the numbers 47day OpenAI patches a ChatGPT flaw that could have exposed Gmail data CISA documents malware exploiting two Ivanti endpoint manager mobile flaws watchguard patches a critical flaw in its firebox firewalls MI6 launches a dark web snitch site the DoD looks to cut its cybersecurity job hiring time to just 25 days. Researchers trick ChatGPT agents into solving CAPTCHAs a UK teen faces accusations of being part of the scattered spider gang. The Senate confirms a new assistant secretary of Defense for cyber policy. A former CIA officer is accused of selling classified information to private clients. Karine of, Zamet, Torc's chief people officer, speaks with N2K's senior workforce analyst Will Marko about their internship program for up leveling AI skills and Russia's AI propaganda goes prime time it's Friday, September 19th, 2025. I'm Dave Buettner and this is your Cyberwire Int Briefing. Thanks for joining us here today. It's great to have you with us. OpenAI has patched a security flaw in its Chat GPT deep research agent that could have exposed Gmail data, according to researchers at Radware. The tool, launched in February, helps users analyze large data sets and can connect to Gmail accounts if authorized. Radware discovered that attackers could exploit the feature by embedding hidden instructions in emails. The agent could then be tricked into extracting personal or corporate information, like names and addresses, and sending it to a malicious Web address, all without the user's interaction. While no evidence shows the flaw was exploited, the risk highlighted how AI agents themselves can be abused. OpenAI fixed the issue on September 3rd and emphasized its commitment to improving model security. With help from external researchers, CISA has released technical details on malware used in attacks exploiting two Ivanti endpoint manager mobile flaws disclosed on May 13th. The vulnerabilities a 5.3 rated authentication bypass and a 7.2 rated remote code execution bug were quickly abused after proof of concept exploits appeared. China linked UNC5221 was later tied to the campaigns. The flaws found in open source libraries within EPMM can be chained for unauthenticated rce. CISA analyzed malware deployed on a compromised EPMM server, revealing two sets of tools designed for persistence and arbitrary code execution. These included loaders, listeners and a Java object manager to inject malicious classes into Apache Tomcat. CISA urges organizations to patch EPMM immediately, strengthen MDM monitoring by, and adopt best security practices. WatchGuard has patched a critical flaw in its Firebox firewalls that could let remote attackers take control without authentication. Rated 9.3 in severity, the bug stems from an out of bounds write in a fireware OS VPN process, potentially enabling arbitrary code execution. A wide range of Firebox models are affected by While no attacks are known yet, Watchguard urges immediate updates to fixed versions. They credit researcher BTAOL for reporting the issue. The UK's Secret Intelligence Service MI6 has launched silent Courier, a dark web portal for would be informants to securely share secrets. Announced with a statement quoting Foreign Secretary Yvette Cooper, the program aims to recruit sources in Russia and around the world. MI6 posted an eight language YouTube video with step by step guidance. Access Silent Courier via Tor or if Tor is blocked, use a short VPN trial and a throwaway email. Advisories stress using a clean patched device incognito browsing and avoiding any identifying payment or personal details. MI6 says it will carefully consider submitted intelligence. Commentators note the risk of trolls or hostile actors flooding the service and suggest the portal might also be used to expose foreign tradecraft. The Department of Defense is aiming to cut its cybersecurity job hiring time from 70 days to just 25 as it struggles with a shortfall of nearly 20,000 cyber professionals. Mark Goreck, who leads the DoD's cyber workforce efforts, outlined the challenge at Fed talks, noting the department's cyber component numbers about 245,000 within a total force of 4 million nationwide. The cyber talent gap is estimated at between 500,000 and 700,000. To close the gap, the DoD is shifting to skills based hiring, using short cyber range assessments to test applicants technical ability rather than requiring advanced degrees or certifications. The department is also updating cyber work roles every 90 days to keep pace with AI driven changes. Collaboration with industry, academia and other partners is seen as critical to success. Researchers at SPLX showed that prompt injections can trick ChatGPT agents into solving CAPTCHAs despite built in safeguards. By first priming the model in a regular chat to treat captchas as fake, then pasting that conversation into an agent session, they bypassed restrictions. The agent proceeded to solve recaptcha version 2 and click captcha, even adjusting its cursor to mimic human behavior, splx warned. This highlights vulnerabilities to context poisoning, raising doubts about captcha's effectiveness and exposing risks of data leaks or security bypasses. UK teenager Talia Joubert, accused of being part of the Scattered Spider gang, allegedly helped extort over $115 million from more than 100 organizations. Arrested alongside another teen, Joubert now faces US charges for 120 intrusions, including against the federal court system where attackers stole staff data and accessed a magistrate judge's inbox. Investigators tied him to ransom wallets after he used the same server to buy gaming and food gift cards linked to his residence. Evidence also came from chats where Joubert bragged about multimillion dollar payments. Scattered Spider, known for social engineering and ransomware since 2022, has targeted retailers, casinos and critical infrastructure. Authorities seized $36 million in crypto from Joubert's server. Analysts say his arrest delivers a major blow to the gang's global operations. The Senate has confirmed Katherine Sutton as the Pentagon's new assistant secretary of defense for cyber policy, filling a critical vacancy after recent leadership departures. Sutton, only the second person to hold the role since its 2023 creation, was confirmed in a 5147 vote. A former advisor at U.S. cyber Command and Senate Armed Services Committee staff leader, she pledged to strengthen US Cyber defenses against China and other adversaries. She replaces acting chief Laurie Buchhout, who recently left while other senior policy posts remain vacant. We wish her success in her new position. Former CIA officer Dale Britt Bendler, age 68, has been accused of abusing his clearance as a contractor to sell classified information to private clients. Prosecutors say that between 2017 and 2020, Bendler earned about $360,000 while treating CIA systems as his personal Google. He worked for a foreign national under investigation for embezzling sovereign wealth funds, receiving $20,000 per month to search CIA databases and shape a lobbying campaign with classified insights. He also aided another foreign national accused of laundering money for a terrorist group, again using CIA systems to gather intelligence. Court filings reveal he passed secret no foreign information to a U.S. lobbying firm, violating oaths and national security protocols. Prosecutors argue his misuse of secrecy as both cover and leverage highlights the need for a strong deterrent. Coming up after the break, Kareen Oferzemet, TORC's Chief People Officer, speaks with N2K Senior Workforce Analyst Will Marko about their internship program for Up Leveling AI skills and Russia's AI propaganda goes prime time. Stay with us. And now a word from our sponsor. The Johns Hopkins University Information Security Institute is seeking qualified applicants for its innovative Master of Science and Security Informatics degree program. Study alongside world class interdisciplinary experts and gain unparalleled educational research and professional experience in information security and assurance. Interested U.S. citizens should consider the Department of Defense's Cyber Service Academy program, which covers tuition, textbooks and a laptop, as well as providing a $34,000 additional annual stipend. Apply for the fall 2026 semester and for this scholarship by February 28th. Learn more at CS JHU. Edu MSSI We've all been there. You realize your business needs to hire someone yesterday. How can you find amazing candidates fast? Well, it's easy. Just use Indeed when it comes to hiring, Indeed is all you need. Stop struggling to get your job. Post noticed Indeed Sponsored Jobs helps you stand out and hire fast. Your post jumps to the top of search results so the right candidates see it first and it works. Sponsored jobs on indeed get 45% more applications than non sponsored ones. One of the things I love about Indeed is how fast it makes hiring. And yes, we do actually use Indeed for hiring here at N2K CyberWire. Many of my colleagues here came to us through Indeed plus with Sponsored jobs. There are no subscriptions, no long term contracts. You only pay for results. How fast is Indeed? Oh, in the minute or so that I've been Talking to you, 23 hires were made on Indeed according to Indeed Data Worldwide. There's no need to wait any longer. Speed up your hiring right now with Indeed and listeners to this show will get a $75 sponsored job credit to get your jobs more visibility@indeed.com cyberwire just go to indeed.com cyberwire right now and support our show by saying you heard about Indeed on this podcast. Indeed.com cyberwire terms and conditions apply. Hiring Indeed is all you need. Karine Ophir Zemet is Chief People Officer at TORC and N2K's senior workforce analyst Will Marco recently got together with her to talk about their internship program for up leveling AI skills.

A

So really, I just want to start by asking you as we see that investment in AI is surging and organizations are increasingly adopting AI, both for security operations as well as other use cases. Often the bottleneck we find in these emerging fields is the human side of the equation. And how do we make sure that we have enough skilled talent to actually leverage these new technologies? And so I'm curious to know, what are you seeing as it relates to the AI workforce and how can we ensure that we have a sufficient pool of skilled AI talent to leverage these new technologies?

C

I think this is a thing that everyone talks about, and I would start with a phrase that I believe you said once, that AI won't replace people, it just replaces how people work. So I do think that every company now is talking on AI. Every company tries to implement AI. I do think that young people that are already started even younger than the workforce that we have today, it will be easier for them. But the actual gap, as you mentioned, is now these people that are already in the workforce, they don't have yet the ability to climb the ladder of the speed of AI is transforming everything that we do. And from that perspective, we are trying here at TORC and in general, when I talk to others in other companies, we are trying to create a platform for everyone to learn as much as possible on the ongoing changes, with tons of systems, endless frameworks that are different than what they did just a year ago, which is insane when you come to think about it. Right. So from our perspective, what we are trying to do is to create the best platform for our team. And here in our company, we are doing our best to make sure that they will learn as much as possible as fast as possible to have those platforms and system, because it's impossible without it.

A

Yeah, Well, I think that it would be great to learn more about that internship program because I'm really interested in how you're approaching this because I think that there's no substitute for on the job training and there's no substitute for hands on learning. And so an internship, I think is an innovative way to try and explore opportunities for more people to get exposure to these skills. And so I'm curious to know what are the types of skills that people are learning in this internship? What are the types of tasks that they're doing and how is that helping them build some of these future ready AI skills that they're going to need along their careers?

C

Yeah, we announced this partnership July, I believe, and we launched this program in order to make sure that those youngsters will be able to get into the workforce with the ability to start with some knowledge that is relevant for them. Is it coding? It's, you know, how to use all the platforms that we have today. So our plan is to have our team developers, team that are focused on AI platforms to help them, teach them, guide them alongside their skills with code because they are students of computer science. So to mix both of them with what we are doing here at Torque, everything, you know, with the AI platforms and help them get the skills of building in a company, in a large company and growing company, very, very fast growing company to build products, build features that are attached to the new AI systems with actual code that they need to learn in, you know, anyway. So that's what we're planning to do. We are building it. We are just starting the process of having interns inside the company. So once we'll have them, it will be, you know, much it will be easier for me to say exactly if it's succeeded or not. I'm sure it succeeded as everything that we do, you know, humbly I say that, but it's true. But you know, I do believe it's related to interns, but also our inner employees and by the way, not only developers, not only the ones that actually work on the computer all day. It's related to everyone, our team, HR team. We use AI platforms and systems in everything that we do. And again, it doesn't replace the people because eventually you will need the people. It replaces how they work and how they are criticizing what they have. Right until now they had to write a code. Now the AI systems can write their code for them, but they have to be criticized. They have to criticize what they receive from these platforms and understand if this is the right thing that they received. If it's not, it's not like, you know, okay, some, somebody else, a bot wrote it for me and that's it, that's, it's the end of my work. It's not how it works. We have to be very, very critical critic of that.

A

No, I think that's a great point. We all, we all need to be a little more critical, especially when it comes to AI. I mean, we've all seen how it can hallucinate, it can make mistakes. And as powerful as it is, it's imperfect. And one of the things that, you know, we've seen in our data at four one Insights is that AI jobs, they're consistently asking for workers who have strong critical thinking skills. In fact, AI jobs, we've found are about 130% more likely to also request strong critical thinking skills. And so I'm curious how Are you trying to help people develop those critical thinking skills and some of those softer skills or power skills alongside the technical expertise that's needed to build these tools so that they can also be efficient and effective in the way that they're leveraging them and taking that critical eye, as you said.

C

So it's a great question. You know, in almost every role that we're looking at, for, at Torque, we have an assignment in home assignment. And for few roles, we ask them to use AI systems. Okay, we, not. We don't want them to sit and write everything from the beginning to the end. We ask them to write it on AI and then we are sitting with them and asking them the questions, how did they do it? How did they, you know, what did they look at when they created this, you know, this, this assignment? Those are different questions that we have to ask now than we used to ask before that, because we know that they did it with a chatgpt or, you know, anything else. Now we have to see how they think about what they created, not only the actual work itself. So we are trying to do it here all the time by asking questions, criticize, or gently, of course, but making sure that they are aware of what they're doing and why. And eventually it goes in. Eventually. You have to understand that using ChatGPT is just not enough.

A

And one last question I'd love to ask you is as we think about the potential challenges with building an AI workforce, I'm also curious to know your thoughts on what the benefits are when people are leveraging AI effectively, when they have built the skills necessary to utilize these tools. What do you see as some of the biggest benefits to both individuals who are leveraging these tools as well as the teams that are investing in these new technologies?

C

It's a very interesting question because I have to say that I see it now every day, the speed and the accuracy that people can build features and move forward very, very fast. I think it's a huge benefit. And we see that. I think that the fact that we can provide answers, or from our perspective, for example, writing emails, writing answers to outside people, using tools that will help me create it more fast and more accurate, I think it really, really helps. It helps me, it helps my team. I can definitely see how it helps our team in the development, in the product to make everything faster and more accurate. Again, you have to be very, very critical about that. But it does, you know, it changes the way we work.

A

We'll always take a little more speed and a little more accuracy. I know I can use both, so nothing wrong with that. Well, thank you again so much, Karine, for joining today. Just so that our listeners know, where can they go to learn more about Torc and your efforts to help build an AI literate workforce?

C

Absolutely. So we have our website, Torque IO they can check in there, our LinkedIn page, Torque, which has a lot of information, a lot of branding that no one can, you know, it's, it's, you can't miss it if you'll see it. So I'm inviting everyone to join and have a look and join us. We're looking for a lot of great people.

A

Wonderful. We can always use more great people and maybe some great AI as well. So thank you, Karine so much for joining today. This has been a pleasure.

C

Thank you.

B

That's Karine Ophir Zemet, Chief people Officer at torc, speaking with N2K's senior workforce analyst, Will Marko at Talas. They know cybersecurity can be tough and you can't protect everything. But with Thales, you can secure what matters most. With Thales industry leading platforms, you can protect critical applications, data and identities anywhere and at scale with the highest roi. That's why the most trusted brands and largest banks, retailers and healthcare companies in the world rely on Thales to protect what matters most, applications, data and identity. That's Thales. T H A L E S Learn more@the TalisGroup.com Cyber investigating is hard enough. Your tools shouldn't make it harder. Maltego brings all your intelligence into one platform and gives you curated data along with a full suite of tools to handle any digital investigation. Plus, with on demand courses and live training, your team won't just install the platform, they'll actually use it and connect the dots so fast cybercriminals won't realize they're already in cuffs. Maltego is trusted by global law enforcement, financial institutions and security teams worldwide. See it in action now@maltego.com and finally, Russia's Ministry of Defense TV channel Zezda has published Politstacker, a weekly AI generated show that feels like Saturday Night Live got lost in a Soviet candy factory. Hosted by Natasha, an AI avatar modeled after a real journalist, the program claims its neural network chooses the week's political nonsense, then serves it up as jokes, deepfakes and surreal skits. Cue Emmanuel Macron in curlers, Donald Trump pitching golden toilets as foreign policy, and Ursula von der Leyen crooning Soviet pop while manning a factory line. The production quality hovers somewhere between Instagram filter gone wrong and uncanny valley chic. But that hasn't stopped Russia from bragging it's the world's first state sponsored AI news parody. Whether it's parody or propaganda is up for debate, but as data scientist Kalev Litaru points out, this is a a national broadcaster openly dabbling in AI deepfakes. Candy coated or not, Moscow's digital experiments may just be the and that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com be sure to check out this weekend's Research Saturday and my conversation with Nati Tal, head of guardiolabs. We're discussing their work. Captchageddon Unmasking the viral evolution of the Click Fix browser based threat that's Research Saturday. Do check it out. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwiren2k.com N2K's senior producer is Alice Carruth. Our CyberWire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here next week.

C

Foreign.

B

Attention Security Startups there's less than a week left to apply for the 2025 Data Tribe Challenge. This unique program accelerates early stage cyber companies. Refine your messaging with startup veterans, then pitch to top venture firms shaping the future of cyber the live pitch competition takes center stage at Cyber Innovation Day, November 4th in Washington, DC. Applying is easy. Go to challenge.datatribe.com Share your company info and upload your pitch. Submissions close September 19th. Submit your entries today. And now a word from our sponsor. ThreatLocker, the powerful zero trust enterprise solution that stops ransomware in its tracks. AllowListing is a deny by default software that makes application control simple and fast. Ring Fencing is an application containment strategy, ensuring apps can only access the files, registry keys, network resources and other applications they truly need to function. Shut out cybercriminals with world class endpoint protection from Threat Locker.