Podcast Summary: CyberWire Daily – The End of the Line for Garantex

Podcast Information:

• Title: CyberWire Daily
• Host/Author: N2K Networks
• Description: The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
• Episode: The End of the Line for Garantex
• Release Date: March 7, 2025

Introduction

In this episode of CyberWire Daily, hosts Maria Varmazes and Dave Bittner delve into a range of pressing cybersecurity issues, from the takedown of a notorious Russian cryptocurrency exchange to significant breaches affecting major corporations. Additionally, the episode features a special segment celebrating International Women's Day and Women's History Month, highlighting the contributions of women shaping the future of cybersecurity.

Main News Highlights

1. Seizure of Garantex

Timestamp: [02:01]

The U.S. Secret Service, in collaboration with international law enforcement agencies, successfully seized the domains of Garantex, a Russian cryptocurrency exchange implicated in facilitating ransomware gangs' money laundering activities. A Secret Service spokesperson informed The Register that Garantex has been a crucial tool for cybercriminals, enabling illicit financial transactions. The seizure is part of an ongoing investigation, with additional details pending.

A notice on Garantex's website declared, "The domain for Garantex has been seized by the United States Secret Service pursuant to a seizure warrant obtained by the United States Attorney's Office for the Eastern District of Virginia under the authority of 18 USC sections 981 and 982."

Furthermore, Tether, a stablecoin operator, has proactively blocked Garantex's wallets in alignment with EU sanctions imposed the previous week, effectively disrupting the exchange's operations.

2. NTT Communications Breach

Timestamp: [02:01]

Japanese telecom giant NTT Communications Corporation disclosed a significant security breach affecting approximately 18,000 corporate customers. Discovered in February, the breach compromised sensitive information, including names, contract numbers, phone numbers, email addresses, physical addresses, and service usage data. The attackers infiltrated NTT's order information distribution system, which stores extensive customer data. According to NTT, some of this information "might have been leaked externally," though the company has not yet detailed the extent of the data exposure.

3. Microsoft Malvertising Campaign

Timestamp: [02:01]

Microsoft reported a widespread malvertising campaign that compromised nearly one million devices globally. The attack originated from illegal streaming websites, where malvertising redirectors directed users to a GitHub repository designed to deceive them into installing malware as part of a tech support scam. Upon redirection to GitHub, the hosted malware established an initial foothold on the infected devices, acting as a dropper for additional malicious payloads. These payloads included information stealers aimed at collecting system and browser data. The malware variants involved were primarily Lummus Dealer or an updated version of Doanerium.

4. AI's Role in Canada's Next Election

Timestamp: [02:01]

Canada's Communications Security Establishment (CSE) issued a warning regarding the potential misuse of generative artificial intelligence in the upcoming federal election. The agency anticipates that foreign adversaries and hacktivists may deploy AI-generated deepfakes—realistic but fabricated videos and images—to deceive voters and influence public opinion. Such disinformation campaigns could misrepresent political events or statements, exacerbating political polarization and undermining democratic processes. The CSE forecasts an increase in AI-driven disinformation efforts over the next two years, highlighting a significant threat to the integrity of elections.

5. Scam Targeting Singapore's Prime Minister

Timestamp: [02:01]

Singapore's Prime Minister Lawrence Wong has raised alarms about the rise of deepfake videos misusing his likeness to promote fraudulent services, including cryptocurrency schemes and permanent residency application services. In a Facebook post dated March 7, 2025, at 5:00 PM, Wong emphasized that these AI-generated videos are scams and urged citizens to avoid engaging with such content or sharing personal information. He highlighted the sophistication of these scams and the importance of public vigilance in combating AI-facilitated fraud.

6. Botnets Exploiting IP Camera Vulnerability

Timestamp: [02:01]

The U.S. Cybersecurity and Infrastructure Agency (CISA) released an advisory concerning an actively exploited vulnerability in EdiMax IP cameras. This flaw allows for remote code execution and has been assigned a CVSS score of 9.3, indicating a critical severity level. Security analysts at Akamai detected multiple Mirai-based botnets exploiting this vulnerability since the fall of the previous year. These botnets leverage the flaw to gain unauthorized access and control over affected devices, posing significant risks to network security and privacy.

7. Akamai Thwarts Magecart Attack

Timestamp: [02:01]

Akamai, a leading content delivery network and cybersecurity firm, successfully thwarted a Magecart attack targeting a global retailer's e-commerce platform. Magecart groups are known for injecting malicious scripts into websites to steal customers' payment information during transactions. In this incident, Akamai's security team identified unusual activities and swiftly removed the malicious code embedded within the retailer's website. By collaborating closely with the retailer, Akamai safeguarded customer data and preserved the retailer's reputation. This case underscores the necessity of continuous monitoring and rapid response mechanisms to defend against sophisticated web-based threats.

International Women's Day Special

Timestamp: [02:01]

In celebration of International Women's Day and Women's History Month, CyberWire Daily features an inspiring segment highlighting the achievements, resilience, and critical roles of women in cybersecurity. Producer Liz Stokes introduces the segment, emphasizing the importance of recognizing and supporting women's contributions to the field.

Highlights from the Celebration:

Maria Velasquez – Chief Growth Officer and Co-founder, Cybersecurity Marketing Society

Timestamp: [11:15]

Maria Velasquez shares her journey as a minority woman, immigrant, and co-founder of the Cybersecurity Marketing Society. She underscores the challenges faced in a predominantly male industry and the importance of mentorship and support. Velasquez states, "When one of us rises, we all do," highlighting the collective advancement of women in cybersecurity.

Jennifer Iban – Executive Producer, N2K Cyberwire

Timestamp: [12:09]

Jennifer Iban discusses her role in promoting diversity within cybersecurity podcasts. As one of the founders of CyberWire, she emphasizes the necessity of elevating women's voices to change the traditional male-dominated dynamic. Iban remarks, "We prefer to share the mic with others who bring different perspectives," advocating for a more inclusive representation in the industry.

Selena Larson – Staff Threat Researcher, Proofpoint

Timestamp: [13:41]

Selena Larson, a former journalist turned cybersecurity practitioner, highlights the value of diverse backgrounds in enhancing security ecosystems. She shares her experiences overcoming sexism and prejudices, advocating for a safer and more inclusive industry. Larson notes, "Working in the cybersecurity industry is great because I know at the end of the day, the work that I do directly contributes to bad actors having bad days."

Anne Lang – Lead Technical Editor, N2K Cyber Vista

Timestamp: [14:46]

Anne Lang recounts a personal security incident that underscored the importance of end-user training in cybersecurity. She discovered her personal information was publicly posted without consent, illustrating the vulnerabilities consumers face daily. Lang emphasizes the critical role of educating users to handle information securely.

Gianna Witber – Co-founder and CEO, Cybersecurity Marketing Society

Timestamp: [16:11]

Gianna Witber shares her unconventional career path, transitioning from IBM to commercial real estate and finally into cybersecurity marketing. She underscores the importance of persistence and community support, stating, "I think being a woman in cybersecurity means sometimes you have to stand up more for yourself." Witber advocates for mutual support among women in the field to drive collective success.

Chris Hare – Project Management Specialist, N2K Networks

Timestamp: [17:55]

Chris Hare reflects on his relatively recent entry into cybersecurity after a 15-year career in technology. He celebrates the contributions of female pioneers and encourages ongoing support and inclusion within the industry. Hare emphasizes that cybersecurity is a welcoming field where professionals are supported regardless of age or background.

Maria Varmazes – Host, T Minus Space Daily & Co-host of Hacking Humans

Timestamp: [18:37]

Maria Varmazes expresses her admiration for the diverse women she has worked with in cybersecurity. She highlights the authenticity and breadth of experiences women bring to the field, challenging traditional molds and strengthening the industry. Varmazes asserts, "Whatever the day-to-day challenges may hold in our careers or in the culture at large, that is an immutable fact at the core of what we do."

Liz Stokes concludes the celebration: Timestamp: [19:49]

Liz Stokes honors all women in cybersecurity—leaders, learners, fighters, and innovators—acknowledging their resilience, brilliance, and unwavering commitment. She extends gratitude to mentors and trailblazers, affirming that every woman in the field belongs and contributes to a stronger industry.

Maria Varmazes adds a heartfelt note: Timestamp: [20:27]

Maria thanks all women in cybersecurity and beyond who are breaking barriers and driving innovation. She emphasizes the lasting impact of their contributions and encourages continued inspiration and forward momentum.

Insider Threat Case: StubHub Contractor Digital Ticket Heist

Timestamp: [22:17]

In a dramatic turn of events, two contractors from Sutherland Global Services in Jamaica executed a sophisticated digital ticket heist targeting StubHub. Tyrone Rose, 20, and Shamara Simmons, 31, exploited a security loophole to intercept nearly 1,000 high-demand tickets for major events, including Taylor Swift's Eras Tour, Ed Sheeran, Adele, NBA games, and the US Open, amassing $635,000 before the scam unraveled. Their method involved infiltrating a restricted StubHub system and redirecting ticket download links to themselves and their accomplices.

The scheme fell apart when a key accomplice passed away, leaving behind a digital trail that led investigators to Rose and Simmons. Both individuals now face charges of grand larceny, computer tampering, and conspiracy, with potential penalties of up to 15 years in prison. This case serves as a stark reminder of how insider threats can transform minor glitches into significant financial exploits, emphasizing the importance of robust internal security measures.

Conclusion

The episode of CyberWire Daily presents a comprehensive overview of critical cybersecurity incidents and celebrates the pivotal role of women in advancing the field. From high-profile breaches and sophisticated cyberattacks to inspiring stories of female leaders breaking barriers, the episode underscores the dynamic and ever-evolving landscape of cybersecurity. It highlights both the external threats facing organizations and the internal efforts to create a more inclusive and resilient industry.

In closing, the hosts encourage listeners to stay informed and engaged, emphasizing the importance of continuous learning and community support in combating cyber threats and fostering a stronger, more diverse cybersecurity ecosystem.

Notable Quotes:

• Maria Velasquez on collective advancement: "When one of us rises, we all do." ([11:15])
• Jennifer Iban on diversity: "We prefer to share the mic with others who bring different perspectives." ([12:09])
• Selena Larson on the impact of her work: "The work that I do directly contributes to bad actors having bad days." ([13:41])
• Gianna Witber on persistence: "I think being a woman in cybersecurity means sometimes you have to stand up more for yourself." ([16:11])
• Maria Varmazes on authenticity: "Whatever the day-to-day challenges may hold in our careers or in the culture at large, that is an immutable fact at the core of what we do." ([18:37])

Final Remarks:

This episode of CyberWire Daily effectively balances urgent cybersecurity news with a heartfelt tribute to the women driving progress in the industry. By addressing both external threats and internal culture, it provides a holistic view of the current state and future direction of cybersecurity. Listeners are left with actionable insights into recent cyber incidents and inspired by the stories of resilience and leadership showcased in the International Women's Day special.