CyberWire Daily – October 27, 2025

Episode: The UN’s Big Push for Global Cybercrime Rules
Host: Dave Bittner (N2K Networks)
Special Guest: Tim Starks (CyberScoop)

Episode Overview

This episode spotlights the United Nations’ landmark launch of the world’s first global treaty to combat cybercrime, analyzing its aims, controversies, and potential impact. The show also covers several major security incidents, regulatory developments, and business news in the cybersecurity sector. Special guest Tim Starks of CyberScoop joins for a deep dive into U.S. cyber policy setbacks, CISA budget cuts, and weaknesses in federal defensive programs. The show closes with a look at Meta’s privacy dilemma with stealth-modified Ray-Ban smart glasses.

Key Discussion Points & Insights

1. The UN’s Global Cybercrime Treaty [00:39]

• The United Nations introduced the first-ever global treaty to fight cybercrime, signed by 72 nations.
• • Goals:
    • Enhance cybercrime prevention, international cooperation, and capacity building, especially in developing countries.
    • Facilitate cross-border sharing of digital evidence.
• • Controversy:
    • Civil society organizations (EFF, Human Rights Watch, Privacy International) warn the treaty grants excessive surveillance powers with insufficient rights safeguards.
    • Even industry (Cisco) expresses fears it could erode the rule of law.
• • Next Steps:
    • The treaty requires ratification before coming into force.
    • Full list of signatories remains unpublished.
  • Quote:

  “US Secretary General Antonio Guterres called the signing an important milestone towards safer digital spaces, highlighting the treaty’s mechanisms for cross-border sharing of digital evidence.” [01:33]

2. Major Security Incidents

• • House Democrats Job Portal Leak [02:20]:
    • An open database linked to the DomeWatch site for House Democrats exposed sensitive info of 450+ people with top-secret clearances and about 7,000 job applicants.
    • Data included names, contact info, clearance levels—potential goldmine for espionage.
    • Vendor error. Investigation ongoing.
    • Quote:

    “The incident highlights ongoing risks from poorly secured online databases and their potential use in espionage or social engineering.” [03:00]

• • Massive Data Leak: Synthient Breach [03:35]:
    • 183 million emails and passwords exposed (3.5TB of data), some new to HaveIBeenPwned and verified by users.
    • Prompt for mass password changes and reminders to avoid reuse.

    “Experts urge password changes and avoiding reuse across accounts.” [04:22]

• • Discord Malware Abuse: RedTiger Toolkit [04:30]:
    • Open-source red teaming tool used to deploy info-stealers targeting Discord users (mainly in France).
    • Steals credentials, payment info, crypto wallets, even screenshots/webcam images.
    • Urgent advice: avoid unofficial downloads, enable MFA.

    “The malware uses anti-sandbox features and flood systems with fake processes to hinder analysis.” [05:10]

• • WordPress Plugin Exploits [05:32]:
    • Millions of attack attempts exploiting older vulnerabilities in Gutenkit and Hunk Companion plugins.
    • Attackers distribute backdoored fake plugin via GitHub, risk for outdated websites.
• • Gloversville, NY Ransomware Attack [06:10]:
    • Attackers demanded $300,000; city negotiated ransom down to $150,000.
    • Exposed city workers' personal data; federal investigation ongoing.
• • Yale New Haven Health Ransomware Breach [08:05]:
    • $18 million class-action settlement over breach affecting 5.6 million.
    • Patients eligible for compensation; security improvements mandated.

3. Industry Analysis: AI and Future of Cybersecurity

Jen Easterly’s Vision [07:07]:

• AI could “make cybersecurity obsolete” by eradicating buggy code that allows for most attacks (“secure by design”).
• Attacker and defender arms race: AI makes malware stealthier but also vulnerability discovery faster.
• • Quote:

  “The real issue isn’t cyberattacks themselves, but poor software quality… The industry must demand accountability from software vendors to fix systemic weaknesses at their source.” [07:39 - paraphrased]

• Critique of glamorizing hackers, emphasis that most breaches still exploit “long known flaws like SQL injection and memory unsafe code.”

4. Business Brief: Market Momentum [09:15]

• • Major mergers and acquisitions:
    • Veeam acquires Security AI for $1.7B
    • Dataminer acquires Threat Connect for $290M
    • AuditBoard buys FairNow; Imprivata buys Verosynt; Panther acquires Databull
    • Several investment rounds signal continued AI-driven cyber innovation (CoreStack, Kycard, Conceal, Cyberverse, etc.)

5. Deep Dive Interview: Tim Starks of CyberScoop on U.S. Cyber Strategy [14:40]

The Cyberspace Solarium Commission – Warnings of Backsliding

• • For the first time, CSC “2.0” report finds U.S. cyber posture declining.
  • Chief causes:
    • Trump-era and ongoing cuts to CISA budgets, State Department cyber offices
    • Growing tech complexity

  “This is the first time they backtracked. And one of the reasons was Trump administration budget cuts… another was a sort of a vague mention of technology just getting more complicated…” – Tim Starks [15:14]

  • Recommendations: restore funding, empower the National Cyber Director, re-centralize cyber leadership.

CISA’s CDM Program Under Scrutiny

• • F5 vulnerability emergency spotlighted gaps in Continuous Diagnostics and Mitigation.

  “CDM’s not very good at detecting the areas where F5 products live… it’s a knock on the program, I think. And to their credit, they’re aware that this is a problem and they're trying to fix it.” – Tim Starks [17:09]

• • CDM excels at tracking core infrastructure, less adept at device/edge coverage.
  • Congressional concern (Rep. Chantel Brown) over impact of cuts on programs’ effectiveness:

  “She said, I’m a supporter of CDM, but I’m worried that… like other parts of CISA… seeing their budgets cut, that's going to be bad news…” [18:44]

• • Shutdown and ongoing cuts slow cyber progress; CISA remains confident but concerns persist.

Lighter Moment

• “I don't want our defenders to be under-caffeinated, Tim.” – Dave Bittner [20:44]
  “They're running on that and Adderall and all sorts of things. So we need to get all their supplies…” – Tim Starks [21:03]

6. Privacy Moment: Meta’s Smart Glasses ‘Go Dark’ [21:35]

• • Ray-Ban smart glasses’ privacy LED easily defeated; modders sell $60 “stealth” editions—no visible light when filming.
  • Stickers to block the light also being sold.
  • Meta calls this a “violation of terms of service,” but little deterrent effect.

  “The craftsmanship is impressive if you overlook the whole ethics thing. Meta, for its part, sternly reminded everyone that disabling the light violates its terms of service. A terrifying deterrent, surely.” [21:44]

  • Raises further questions about surveillance, privacy norms in wearable tech.

Notable Quotes & Memorable Moments

| Timestamp | Speaker | Quote | |------------|----------------|-------| | 01:33 | Host | “US Secretary General Antonio Guterres called the signing an important milestone towards safer digital spaces, highlighting the treaty’s mechanisms for cross-border sharing of digital evidence.”| | 07:39 | Jen Easterly | “The real issue isn’t cyberattacks themselves, but poor software quality… The industry must demand accountability from software vendors to fix systemic weaknesses at their source.”| | 15:14 | Tim Starks | “This is the first time they backtracked. And one of the reasons was Trump administration budget cuts… another was a sort of a vague mention of technology just getting more complicated…”| | 17:09 | Tim Starks | “CDM’s not very good at detecting the areas where F5 products live… it’s a knock on the program, I think. And to their credit, they’re aware that this is a problem and they're trying to fix it.”| | 18:44 | Tim Starks | “She said, I’m a supporter of CDM, but I’m worried that… like other parts of CISA… seeing their budgets cut, that's going to be bad news…”| | 20:44 | Dave Bittner | “I don't want our defenders to be under-caffeinated, Tim.”| | 21:03 | Tim Starks | “They're running on that and Adderall and all sorts of things. So we need to get all their supplies…”| | 21:44 | Host | “The craftsmanship is impressive if you overlook the whole ethics thing. Meta, for its part, sternly reminded everyone that disabling the light violates its terms of service. A terrifying deterrent, surely.”|

Timestamps for Major Segments

• UN Cybercrime Treaty: [00:39–02:20]
• Data Breaches & Leaks: [02:20–06:47]
• Jen Easterly on AI Security Future: [07:07–08:05]
• Yale New Haven Health Breach Settlement: [08:05–09:15]
• Cybersecurity Business Brief: [09:15–14:40]
• Tim Starks Interview: U.S. Cyber Setbacks: [14:40–21:17]
• Meta Smart Glasses Privacy Flap: [21:35–23:00]

Conclusion

This episode delivers a sweeping update on global cyber policy, urgent security challenges, and the shifting landscape of digital risk. The UN’s cybercrime treaty could reshape global digital law enforcement—if it can address tough questions of rights and oversight. Meanwhile, persistent vulnerabilities and shrinking US government cyber resources signal the ongoing complexity, urgency, and stakes of cybersecurity in 2025. The episode’s tone—wry, data-driven, and candid—mirrors the gravity and absurdities in today’s cyber domain.