Wired, but not fired.

Summary

CyberWire Daily Podcast Summary: "Wired, but not Fired" (May 2, 2025)

Introduction

In the "Wired, but not Fired" episode of the CyberWire Daily podcast, host Maria Vermazes, alongside guest Kevin McGee from Microsoft, delves into the latest developments in the cybersecurity landscape as of early May 2025. The episode not only covers significant cyber incidents but also provides in-depth coverage of the RSA Conference 2025, highlighting emerging trends, expert insights, and pivotal discussions shaping the future of cybersecurity.

1. Top Cybersecurity News

The episode begins with a rapid-fire overview of critical cybersecurity incidents and updates that have occurred recently:

Canadian Power Company Hit by Cyberattack

Halifax-based electric utility Nova Scotia Power, along with its parent company Emera, recently suffered a cyberattack that led to the shutdown of parts of their IT networks. According to Security Week, the attack disrupted customer care phone lines and the online portal but left physical operations unharmed. Maria Vermazes notes, "The incident has not impacted the utility's ability to safely and reliably serve customers in Nova Scotia." (01:09)
Ascension Health Discloses Data Breach

US health system Ascension informed patients about a data breach resulting from a compromised third-party vendor in December 2024. The breach exposed personal information, including Social Security numbers and detailed medical records. Dave Bittner emphasizes the severity: "The medical data included inpatient visit information, diagnosis codes, and insurance details." (01:09)
Harrods Faces Attempted Cyberattack

London's luxury department store Harrods experienced an attempted cyberattack, prompting the restriction of internet access at its locations. While the flagship store remained operational, customers are still able to shop online. Dr. Richard Horn from the UK's National Cybersecurity Centre (NCSC) commented, "These incidents should act as a wake-up call to all organizations." (01:09)
Microsoft Resolves Gmail Spam Bug

Microsoft addressed a machine learning issue in Exchange Online that mistakenly flagged legitimate Gmail emails as spam from April 25 to May 1. The problem was traced back to the ML model misclassifying emails due to their similarity to known spam patterns. By reverting to a previous model version, Microsoft mitigated the issue effectively. Dave Bittner reports, "The company reverted to a previous ML model version, effectively mitigating the issue." (01:09)
Unofficial Signal App in Trump Cabinet Meeting

A photograph from a Trump Cabinet meeting revealed that the former National Security Advisor Mike Waltz was using an unofficial version of the Signal app, known as TM Signal. This modified app includes message archiving features that could compromise Signal's standard end-to-end encryption. This raised concerns about the security of sensitive government communications. (01:09)
EU Fines TikTok for GDPR Violations

The European Union fined TikTok €530 million (~US$600 million) for violating the General Data Protection Regulation (GDPR). Ireland's Data Protection Commission found that TikTok inadequately safeguarded European users' data, particularly data accessed by staff in China. TikTok plans to appeal, asserting that the issues predate its data localization efforts under Project Clover. (01:09)
Extradition of Artem Strizhak for Ransomware Activities

Ukrainian national Artem Strizhak was extradited from Spain to the United States to face charges related to the Nephilim ransomware operation. The superseding indictment accuses him of orchestrating ransomware attacks across multiple sectors, including aviation and insurance, resulting in millions of dollars in losses. Strizhak faces up to five years in prison if convicted. (01:09)
US Treasury Designates Huion Group for Money Laundering

The US Treasury's Financial Crimes Enforcement Network (FinCEN) designated Cambodia-based Huion Group as a primary money laundering concern under the USA Patriot Act. Huion is accused of laundering over $4 billion in illicit proceeds linked to North Korean cyber heists and Southeast Asian "pig butchering" scams. This designation aims to sever Huion's access to the US financial system. (01:09)
Microsoft Moves to Passwordless Accounts

In a significant security enhancement, Microsoft announced that all new accounts will be passwordless by default. This shift aims to combat threats like phishing and credential stuffing by utilizing authentication methods such as passkeys, biometric verification (e.g., Windows Hello), security keys, or push notifications instead of traditional passwords. (01:09)

2. Highlights from RSA Conference 2025

As RSAC 2025 concluded, Maria Vermazes and Kevin McGee provided a comprehensive overview of the event's key discussions and themes:

AI Governance Panel

Leaders from OpenAI, Workday, and Uber participated in a panel focused on building trust in AI systems. The discussion emphasized the necessity of robust safety measures and compliance frameworks to ensure AI systems are reliable and secure. Notably, a panelist stated, "Building trust in AI requires a foundation of safety and compliance that cannot be overlooked." (01:09)
US Cybersecurity Policy Overview by Deputy National Security Advisor Anne Neuberger

Anne Neuberger provided an in-depth look into the US cybersecurity policy, covering initiatives related to emerging technologies like AI, 5G, and 6G. She also outlined strategies to combat ransomware and illicit cryptocurrency activities, highlighting the administration's proactive stance on evolving cyber threats. (01:09)
RSAC College Day

RSAC College Day served as a platform for aspiring cybersecurity professionals to connect with industry experts. The event focused on mentorship and career development, fostering the next generation of cybersecurity talent. According to Maria, "RSAC College Day connected aspiring cybersecurity professionals with industry experts, fostering mentorship and career development." (01:09)

3. In-Depth Interviews from RSAC 2025

Kevin McGee, acting as an intern for the CyberWire, conducted several insightful interviews with prominent figures in cybersecurity during RSAC 2025. Below are summaries of these conversations:

Christopher Sim, CTO at Bulletproof

Discussion Highlights:

Christopher expressed his enthusiasm for the advancements in AI, particularly large language models, and their potential to revolutionize cybersecurity defenses. He emphasized the importance of integrating third-party tools to consolidate threat detection and response capabilities. Christopher highlighted, "Advancements on large language models and how that can actually help cybersecurity and us as defenders in the space is going to be a game changer." (12:15)
Dr. Chase Cunningham, Dr. Zero Trust

Discussion Highlights:

Dr. Cunningham shared insights about his upcoming books, including a sequel to his Gabriel novel and "Buy the Breach," which analyzes the stock market impact of cybersecurity breaches. He anticipates that AI, Security Operations Centers (SOCs), and Managed Service Providers (MSPs) will be dominant themes at the conference. Additionally, he is hosting sessions on zero trust and 5G technologies. (13:41)
Helen Patton, Cybersecurity Advisor at Cisco

Discussion Highlights:

Helen discussed the Cybersecurity Canon project, aimed at sharing cyber wisdom through curated book recommendations. She is co-authoring a book to help mid-career professionals transition into cybersecurity roles. Helen emphasized the importance of bridging the gap between academic training and professional operational needs, stating, "I've spent my career trying to help academics understand how professional operators think." (14:49)
Jeremy Vaughn, CEO and Co-Founder of Startleft Security

Discussion Highlights:

Jeremy, a non-technical founder, highlighted Startleft Security's focus on empowering developers and advancing the "shift left" movement in cybersecurity. He anticipates that AI will be a major theme at RSAC, exploring both leveraging AI for security and securing AI systems themselves. Jeremy is excited about partnerships, especially with Microsoft, and looks forward to showcasing Startleft's value proposition. (17:35)
Vika Schneider, CEO and Co-Founder of Pint

Discussion Highlights:

Vika discussed Pint's expertise in application security and the dual themes of leveraging AI for security purposes and securing AI technologies. Despite the challenges of constant travel, she remains enthusiastic about the innovative discussions at RSAC. Vika underscored the importance of operational reality and tactical implementation in transitioning AI concepts into practical security solutions. (20:09)

4. Reflections and Closing Thoughts

Kevin McGee concluded his segment with reflective insights on the RSA Conference experience:

Community and Innovation Amidst Chaos

Kevin described RSAC as a bustling hub where cybersecurity professionals congregate, fostering a sense of community and shared purpose. He noted, "For all the noise, all the chaos and all the goats, there's something here that reminds me why I love this industry. It's the people, the purpose, the defenders who show up." (23:28)
Evolving Conversations on AI

Initially overwhelmed by the plethora of AI-related discussions and buzzwords, Kevin observed a shift towards more substantive conversations about the operational and tactical implementation of AI in cybersecurity. He highlighted debates on the roles AI should play, governance of AI decisions, and the necessity of keeping humans in the loop for critical security functions. (23:28)
Support for Startups

Emphasizing the challenges faced by startups at large conferences, Kevin encouraged attendees to engage with emerging companies exhibiting at RSAC. He advocated for supporting innovation and creativity, noting that numerous startups are poised to become significant players in the cybersecurity landscape. (23:28)
Final Takeaway

Despite the demanding environment and the overwhelming scale of RSAC, Kevin reaffirmed the value of attending, citing the inspiration drawn from the collective expertise and dedication of the cybersecurity community. "It's nice to see the community come together. Not just to learn, network, collect swag and meet Dave Bittner, but also have some fun." (23:28)

5. Additional Content and Resources

Microsoft for Startups Spotlight

The episode also highlights additional content available through the Microsoft for Startups Spotlight series. This includes interviews with startup veterans and members discussing their journeys from hackers to entrepreneurs and showcasing innovative cybersecurity solutions.
Research Saturday Preview

Listeners are teased with an upcoming episode featuring Shaked Reiner, Principal Security Researcher at CyberArk, discussing research on "Agents Under Attack: Threat Modeling Agentic AI." This segment promises to delve into the vulnerabilities and threat models associated with autonomous AI agents in cybersecurity. (22:59)
Call to Action

The podcast encourages listeners to engage with their content by sharing ratings, reviews, and feedback to ensure the delivery of relevant insights. Additionally, they promote N2K Networks' services, emphasizing their role in optimizing team performance and enhancing cybersecurity investments. (22:59)

Conclusion

The "Wired, but not Fired" episode of CyberWire Daily offers a comprehensive overview of the current cybersecurity landscape, blending timely news updates with in-depth analysis from one of the industry's premier conferences. From significant cyber incidents impacting major organizations to forward-looking discussions on AI governance and the evolving roles of cybersecurity professionals, the episode serves as an invaluable resource for staying informed and prepared in the ever-changing world of cybersecurity.

Notable Quotes:

Maria Vermazes: "Happy Friday everybody. Thanks for joining us today." (01:09)
Dr. Richard Horn, NCSC: "These incidents should act as a wake-up call to all organizations." (01:09)
Christopher Sim: "Advancements on large language models and how that can actually help cybersecurity and us as defenders in the space is going to be a game changer for me." (12:39)
Chase Cunningham: "I've done 10 years worth of data research and sure enough, there's a very clear trend." (14:26)
Helen Patton: "The Cyber Security Canon project has actually been around for about 10 years and the goal of the project is to share cyber wisdom with the community." (15:02)
Jeremy Vaughn: "In security we always forget about people. I think we've been doing cybersecurity wrong for 25 years." (18:08)
Vika Schneider: "We're not just talking about AI agents doing security tasks. We started to dive into conversations like what they should be doing, what they should be trusted with." (21:07)
Kevin McGee: "It's the people, the purpose, the defenders who show up. All of you have big responsibilities, important missions and difficult jobs." (23:28)

Additional Resources:

Show Notes and Links: For a deeper dive into the topics covered and to connect with the guests featured in this episode, listeners can refer to the show notes available at thecyberwire.com.
Research Saturday: Tuned to air with Shaked Reiner discussing "Agents Under Attack: Threat Modeling Agentic AI."

Stay Connected:

To stay updated with the latest in cybersecurity news and analysis, subscribe to the CyberWire Daily podcast and follow N2K Networks for more insightful content.

Summary

CyberWire Daily Podcast Summary: "Wired, but not Fired" (May 2, 2025)

Introduction

1. Top Cybersecurity News

The episode begins with a rapid-fire overview of critical cybersecurity incidents and updates that have occurred recently:

Canadian Power Company Hit by Cyberattack

Halifax-based electric utility Nova Scotia Power, along with its parent company Emera, recently suffered a cyberattack that led to the shutdown of parts of their IT networks. According to Security Week, the attack disrupted customer care phone lines and the online portal but left physical operations unharmed. Maria Vermazes notes, "The incident has not impacted the utility's ability to safely and reliably serve customers in Nova Scotia." (01:09)
Ascension Health Discloses Data Breach

US health system Ascension informed patients about a data breach resulting from a compromised third-party vendor in December 2024. The breach exposed personal information, including Social Security numbers and detailed medical records. Dave Bittner emphasizes the severity: "The medical data included inpatient visit information, diagnosis codes, and insurance details." (01:09)
Harrods Faces Attempted Cyberattack

London's luxury department store Harrods experienced an attempted cyberattack, prompting the restriction of internet access at its locations. While the flagship store remained operational, customers are still able to shop online. Dr. Richard Horn from the UK's National Cybersecurity Centre (NCSC) commented, "These incidents should act as a wake-up call to all organizations." (01:09)
Microsoft Resolves Gmail Spam Bug

Microsoft addressed a machine learning issue in Exchange Online that mistakenly flagged legitimate Gmail emails as spam from April 25 to May 1. The problem was traced back to the ML model misclassifying emails due to their similarity to known spam patterns. By reverting to a previous model version, Microsoft mitigated the issue effectively. Dave Bittner reports, "The company reverted to a previous ML model version, effectively mitigating the issue." (01:09)
Unofficial Signal App in Trump Cabinet Meeting

A photograph from a Trump Cabinet meeting revealed that the former National Security Advisor Mike Waltz was using an unofficial version of the Signal app, known as TM Signal. This modified app includes message archiving features that could compromise Signal's standard end-to-end encryption. This raised concerns about the security of sensitive government communications. (01:09)
EU Fines TikTok for GDPR Violations

The European Union fined TikTok €530 million (~US$600 million) for violating the General Data Protection Regulation (GDPR). Ireland's Data Protection Commission found that TikTok inadequately safeguarded European users' data, particularly data accessed by staff in China. TikTok plans to appeal, asserting that the issues predate its data localization efforts under Project Clover. (01:09)
Extradition of Artem Strizhak for Ransomware Activities

Ukrainian national Artem Strizhak was extradited from Spain to the United States to face charges related to the Nephilim ransomware operation. The superseding indictment accuses him of orchestrating ransomware attacks across multiple sectors, including aviation and insurance, resulting in millions of dollars in losses. Strizhak faces up to five years in prison if convicted. (01:09)
US Treasury Designates Huion Group for Money Laundering

The US Treasury's Financial Crimes Enforcement Network (FinCEN) designated Cambodia-based Huion Group as a primary money laundering concern under the USA Patriot Act. Huion is accused of laundering over $4 billion in illicit proceeds linked to North Korean cyber heists and Southeast Asian "pig butchering" scams. This designation aims to sever Huion's access to the US financial system. (01:09)
Microsoft Moves to Passwordless Accounts

In a significant security enhancement, Microsoft announced that all new accounts will be passwordless by default. This shift aims to combat threats like phishing and credential stuffing by utilizing authentication methods such as passkeys, biometric verification (e.g., Windows Hello), security keys, or push notifications instead of traditional passwords. (01:09)

2. Highlights from RSA Conference 2025

As RSAC 2025 concluded, Maria Vermazes and Kevin McGee provided a comprehensive overview of the event's key discussions and themes:

AI Governance Panel

Leaders from OpenAI, Workday, and Uber participated in a panel focused on building trust in AI systems. The discussion emphasized the necessity of robust safety measures and compliance frameworks to ensure AI systems are reliable and secure. Notably, a panelist stated, "Building trust in AI requires a foundation of safety and compliance that cannot be overlooked." (01:09)
US Cybersecurity Policy Overview by Deputy National Security Advisor Anne Neuberger

Anne Neuberger provided an in-depth look into the US cybersecurity policy, covering initiatives related to emerging technologies like AI, 5G, and 6G. She also outlined strategies to combat ransomware and illicit cryptocurrency activities, highlighting the administration's proactive stance on evolving cyber threats. (01:09)
RSAC College Day

RSAC College Day served as a platform for aspiring cybersecurity professionals to connect with industry experts. The event focused on mentorship and career development, fostering the next generation of cybersecurity talent. According to Maria, "RSAC College Day connected aspiring cybersecurity professionals with industry experts, fostering mentorship and career development." (01:09)

3. In-Depth Interviews from RSAC 2025

Kevin McGee, acting as an intern for the CyberWire, conducted several insightful interviews with prominent figures in cybersecurity during RSAC 2025. Below are summaries of these conversations:

Christopher Sim, CTO at Bulletproof

Discussion Highlights:

Christopher expressed his enthusiasm for the advancements in AI, particularly large language models, and their potential to revolutionize cybersecurity defenses. He emphasized the importance of integrating third-party tools to consolidate threat detection and response capabilities. Christopher highlighted, "Advancements on large language models and how that can actually help cybersecurity and us as defenders in the space is going to be a game changer." (12:15)
Dr. Chase Cunningham, Dr. Zero Trust

Discussion Highlights:

Dr. Cunningham shared insights about his upcoming books, including a sequel to his Gabriel novel and "Buy the Breach," which analyzes the stock market impact of cybersecurity breaches. He anticipates that AI, Security Operations Centers (SOCs), and Managed Service Providers (MSPs) will be dominant themes at the conference. Additionally, he is hosting sessions on zero trust and 5G technologies. (13:41)
Helen Patton, Cybersecurity Advisor at Cisco

Discussion Highlights:

Helen discussed the Cybersecurity Canon project, aimed at sharing cyber wisdom through curated book recommendations. She is co-authoring a book to help mid-career professionals transition into cybersecurity roles. Helen emphasized the importance of bridging the gap between academic training and professional operational needs, stating, "I've spent my career trying to help academics understand how professional operators think." (14:49)
Jeremy Vaughn, CEO and Co-Founder of Startleft Security

Discussion Highlights:

Jeremy, a non-technical founder, highlighted Startleft Security's focus on empowering developers and advancing the "shift left" movement in cybersecurity. He anticipates that AI will be a major theme at RSAC, exploring both leveraging AI for security and securing AI systems themselves. Jeremy is excited about partnerships, especially with Microsoft, and looks forward to showcasing Startleft's value proposition. (17:35)
Vika Schneider, CEO and Co-Founder of Pint

Discussion Highlights:

Vika discussed Pint's expertise in application security and the dual themes of leveraging AI for security purposes and securing AI technologies. Despite the challenges of constant travel, she remains enthusiastic about the innovative discussions at RSAC. Vika underscored the importance of operational reality and tactical implementation in transitioning AI concepts into practical security solutions. (20:09)

4. Reflections and Closing Thoughts

Kevin McGee concluded his segment with reflective insights on the RSA Conference experience:

Community and Innovation Amidst Chaos

Kevin described RSAC as a bustling hub where cybersecurity professionals congregate, fostering a sense of community and shared purpose. He noted, "For all the noise, all the chaos and all the goats, there's something here that reminds me why I love this industry. It's the people, the purpose, the defenders who show up." (23:28)
Evolving Conversations on AI

Initially overwhelmed by the plethora of AI-related discussions and buzzwords, Kevin observed a shift towards more substantive conversations about the operational and tactical implementation of AI in cybersecurity. He highlighted debates on the roles AI should play, governance of AI decisions, and the necessity of keeping humans in the loop for critical security functions. (23:28)
Support for Startups

Emphasizing the challenges faced by startups at large conferences, Kevin encouraged attendees to engage with emerging companies exhibiting at RSAC. He advocated for supporting innovation and creativity, noting that numerous startups are poised to become significant players in the cybersecurity landscape. (23:28)
Final Takeaway

Despite the demanding environment and the overwhelming scale of RSAC, Kevin reaffirmed the value of attending, citing the inspiration drawn from the collective expertise and dedication of the cybersecurity community. "It's nice to see the community come together. Not just to learn, network, collect swag and meet Dave Bittner, but also have some fun." (23:28)

5. Additional Content and Resources

Microsoft for Startups Spotlight

The episode also highlights additional content available through the Microsoft for Startups Spotlight series. This includes interviews with startup veterans and members discussing their journeys from hackers to entrepreneurs and showcasing innovative cybersecurity solutions.
Research Saturday Preview

Listeners are teased with an upcoming episode featuring Shaked Reiner, Principal Security Researcher at CyberArk, discussing research on "Agents Under Attack: Threat Modeling Agentic AI." This segment promises to delve into the vulnerabilities and threat models associated with autonomous AI agents in cybersecurity. (22:59)
Call to Action

The podcast encourages listeners to engage with their content by sharing ratings, reviews, and feedback to ensure the delivery of relevant insights. Additionally, they promote N2K Networks' services, emphasizing their role in optimizing team performance and enhancing cybersecurity investments. (22:59)

Conclusion

Notable Quotes:

Maria Vermazes: "Happy Friday everybody. Thanks for joining us today." (01:09)
Dr. Richard Horn, NCSC: "These incidents should act as a wake-up call to all organizations." (01:09)
Christopher Sim: "Advancements on large language models and how that can actually help cybersecurity and us as defenders in the space is going to be a game changer for me." (12:39)
Chase Cunningham: "I've done 10 years worth of data research and sure enough, there's a very clear trend." (14:26)
Helen Patton: "The Cyber Security Canon project has actually been around for about 10 years and the goal of the project is to share cyber wisdom with the community." (15:02)
Jeremy Vaughn: "In security we always forget about people. I think we've been doing cybersecurity wrong for 25 years." (18:08)
Vika Schneider: "We're not just talking about AI agents doing security tasks. We started to dive into conversations like what they should be doing, what they should be trusted with." (21:07)
Kevin McGee: "It's the people, the purpose, the defenders who show up. All of you have big responsibilities, important missions and difficult jobs." (23:28)

Additional Resources:

Show Notes and Links: For a deeper dive into the topics covered and to connect with the guests featured in this episode, listeners can refer to the show notes available at thecyberwire.com.
Research Saturday: Tuned to air with Shaked Reiner discussing "Agents Under Attack: Threat Modeling Agentic AI."

Stay Connected:

To stay updated with the latest in cybersecurity news and analysis, subscribe to the CyberWire Daily podcast and follow N2K Networks for more insightful content.

wavePod

Powered by Wave AI

Summary

Summary