CyberWire Daily: "Your private call isn’t so private."

Date: March 25, 2026

Host: Dave Bittner, N2K Networks

Episode Overview

This episode delivers updates from the 2026 RSA Conference in San Francisco, featuring frontline discussions on the evolution of cyber threats, AI security, and the increasing complexity of today’s threat landscape. Highlights include government and industry responses to cybercrime, a wave of AI-centric product rollouts, and the sobering reality of how “private” calls or meetings may be quietly recorded and repurposed. On-the-ground interviews cover compliance automation, social engineering with AI, and data resilience, before ending with an unsettling story: public Zoom calls—believed to be private—are sometimes made into podcasts without consent.

Key Discussion Points & Insights

1. Escalating Cyber Threats & National Coordination

UK Cybersecurity Chief’s Call to Action (00:48)
- Richard Horn, CEO of the UK National Cyber Security Centre, urges a “full-court press” against increasingly complex cyber threats.
- Emphasizes:
  - Cooperation between state and criminal actors is increasing consequences.
  - “No single measure will suffice”—requires resilience, disruption, regulation, and secure-by-design software.
  - Envisions a sustained, multidisciplinary effort combining law enforcement, offensive cyber operations, and software improvements to counter threats, especially those amplified by AI.
Operation Hen House: National Fraud Crackdown
- Over 500 suspects arrested in a coordinated UK operation—557 arrests, £18.1 million in assets seized, millions in scam calls blocked.

2. RSA 2026: Industry Focus on AI & Security

AI, Identities, and Supply Chain Security in Product Launches (02:20)
- Security vendors introduce:
  - AI visibility tools (Cyber Haven)
  - Identity security posture management (RSA, Savant)
  - Generative AI agents (Securonix)
  - New protections for machine learning pipelines and software repositories
- Industry trend: Protection is consolidating around AI workflows, identity risk, and automated compliance.

3. US State Department’s Bureau of Emerging Threats

New Bureau Announcement (03:10)
- Addresses risks from nation-states and terrorist organizations exploiting AI, cyberspace, and space technologies.
- Focus on strengthening national security planning and foreign policy coordination.

4. High-Impact Vulnerabilities & Attacks

Open Source Library: Team PCP Supply Chain Attack (04:15)
- Malicious update to the “Light LLM” Python library: credential stealer and malware dropper, exposing critical secrets.
- Attacks show a focus on deep AI pipeline infiltration.
TP-Link Router Vulnerabilities Patched (05:20)
- Critical flaws allowed unauthenticated firmware uploads and privileged actions; users urged to patch immediately.
PTC Windchill & FlexPLM Products—Critical Unpatched Vulnerability (06:15)
- Remote code execution risk, no available patches.
- Urgent advice: block servlet path or disconnect exposed systems.
Phishing Impersonating Palo Alto Networks Recruiters (07:00)
- Sophisticated scam combines job search anxiety with procedural realism to trick professionals into paying resume “fixing” fees of $400–$800.
Malicious Chrome Extensions Stealing AI Prompts (08:00)
- “Prompt poaching”: Extensions capture sensitive conversations with AI tools, risking IP theft and phishing.

5. Live from RSA: Startups, Compliance, Deepfakes & More

Host: Intern Kevin McGee (Microsoft for Startups)

Dale Hoch, CISO at RegScale: AI, Security, and Compliance as Code (13:23)
- Quote: “If you’re not leaning hard into AI, you’re way behind.” (13:40)
- Compliance is evolving from manual checklists to continuous, automated monitoring powered by AI.
- Quote: “I think right now we’re looking at the death of compliance… and you’re looking at it moving to key security indicators…proving everything in your operational tech stack and your cyber resilience automatically all the time.” (14:25)
- The emerging model: Compliance and security built into DevSecOps pipelines.
David Delappell, CEO of Dune Security: AI-Powered Adversarial Red Teaming (15:45)
- Focus: Preventing social engineering and insider threats at scale.
- New product rapidly generates deepfake-driven adversarial scenarios.
- Quote: “On average, roughly 1% of employees are complicit, meaning they’ll accept a bribe from our AI. And so that’s pretty insane.” (17:09)
- Integration with Reality Defender for deepfake detection: When activated, blocks these attacks entirely.
Jason Williams, ARM Cyber: Data Resilience & the “Cloaking Device” for Data (18:57)
- ARM Cyber provides real-time ransomware mitigation and data recovery.
- Fun moment: ARM’s burrito truck “is definitely getting a lot of press” on the show floor. (19:34)

Notable Quotes & Memorable Moments

“No single measure will suffice and pointed to actions spanning organizational resilience, shared infrastructure, protection and disruption of adversary networks.”
— Dave Bittner, summarizing Richard Horn’s keynote (01:10)
“If you’re not leaning hard into AI, you’re way behind.”
— Dale Hoch, CISO RegScale (13:40)
“I think right now we’re looking at the death of compliance… proving everything in your operational tech stack and your cyber resilience automatically all the time.”
— Dale Hoch (14:25)
“On average, roughly 1% of employees are complicit, meaning they’ll accept a bribe from our AI.”
— David Delappell, CEO Dune Security (17:09)
“We’re able to send a thousand phone calls, deep fake phone calls at once. …Maybe 40, 50% are actually having a conversation with the thing and not knowing it’s AI. And then we’re able to get a non zero amount of users to be complicit or socially engineered.”
— David Delappell (17:47)
“Everybody loves burritos. We’re in the hot spot here at RSA conference, giving out, you know, burritos that are chicken and veggie…”
— Jason Williams, ARM Cyber (19:34)

Deep Dive: The Privacy Illusion—Webinar TV & 'Surprise' Podcasts

The Main Story: Public Zoom Calls Recorded as Podcasts (21:16)

Webinar TV Routine:
- Scans for publicly linked Zoom meetings; joins sessions; records and republishes them as AI-generated podcasts—often without knowledge or consent of participants.
- Publishes podcasts with automated summaries, chapters, even AI "hosts."
Real Impact:
- Some users discover their participation only after receiving surprise promotional emails.
Expert Perspective:
- “Organizations often treat webinars as semi private working spaces, yet publicly shared links can quietly turn them into searchable, replayable content libraries for someone else’s business model.”
  — Dave Bittner (21:46)
- Zoom’s Response:
  - Activity happens outside of the Zoom platform; caused by users sharing public links, not by a vulnerability.
Advice:
- "The safest assumption may be that if a meeting link can be shared widely, it can also be replayed widely and possibly narrated by Phil and Amy.” (21:56)

Timeline of Important Segments

00:48 — Opening headlines, UK cyber chief, Operation Hen House
02:20 — RSA conference product rollouts and trends
03:10 — US Bureau of Emerging Threats launch
04:15–08:00 — Critical vulnerabilities, phishing scams, Chrome extensions threat
13:23–19:50 — RSAC live interviews: RegScale, Dune Security, ARM Cyber
21:16 — Main story: Webinar TV and the privacy risks of public meeting links

Takeaways

Cyber threats are increasingly blending state and criminal methods; only a coordinated, multi-pronged approach—spanning regulation, offensive cyber, and industry resilience—can offer defense.
AI is driving both attacks and defenses, transforming compliance and user risk into continuous, automated processes.
Deepfake-driven social engineering isn’t theoretical—it’s being red-teamed, detected, and deterrence is succeeding only where advanced countermeasures are in place.
The lines between private and public digital spaces are blurring: Publicly shared calls and webinars can—and are—becoming content for business models outside of participants’ control.
User awareness: If you share a link publicly, assume it (and your conversation) could end up everywhere.

CyberWire Daily: "Your private call isn’t so private."

Date: March 25, 2026

Host: Dave Bittner, N2K Networks

Episode Overview

Key Discussion Points & Insights

1. Escalating Cyber Threats & National Coordination

UK Cybersecurity Chief’s Call to Action (00:48)
- Richard Horn, CEO of the UK National Cyber Security Centre, urges a “full-court press” against increasingly complex cyber threats.
- Emphasizes:
  - Cooperation between state and criminal actors is increasing consequences.
  - “No single measure will suffice”—requires resilience, disruption, regulation, and secure-by-design software.
  - Envisions a sustained, multidisciplinary effort combining law enforcement, offensive cyber operations, and software improvements to counter threats, especially those amplified by AI.
Operation Hen House: National Fraud Crackdown
- Over 500 suspects arrested in a coordinated UK operation—557 arrests, £18.1 million in assets seized, millions in scam calls blocked.

2. RSA 2026: Industry Focus on AI & Security

AI, Identities, and Supply Chain Security in Product Launches (02:20)
- Security vendors introduce:
  - AI visibility tools (Cyber Haven)
  - Identity security posture management (RSA, Savant)
  - Generative AI agents (Securonix)
  - New protections for machine learning pipelines and software repositories
- Industry trend: Protection is consolidating around AI workflows, identity risk, and automated compliance.

3. US State Department’s Bureau of Emerging Threats

New Bureau Announcement (03:10)
- Addresses risks from nation-states and terrorist organizations exploiting AI, cyberspace, and space technologies.
- Focus on strengthening national security planning and foreign policy coordination.

4. High-Impact Vulnerabilities & Attacks

Open Source Library: Team PCP Supply Chain Attack (04:15)
- Malicious update to the “Light LLM” Python library: credential stealer and malware dropper, exposing critical secrets.
- Attacks show a focus on deep AI pipeline infiltration.
TP-Link Router Vulnerabilities Patched (05:20)
- Critical flaws allowed unauthenticated firmware uploads and privileged actions; users urged to patch immediately.
PTC Windchill & FlexPLM Products—Critical Unpatched Vulnerability (06:15)
- Remote code execution risk, no available patches.
- Urgent advice: block servlet path or disconnect exposed systems.
Phishing Impersonating Palo Alto Networks Recruiters (07:00)
- Sophisticated scam combines job search anxiety with procedural realism to trick professionals into paying resume “fixing” fees of $400–$800.
Malicious Chrome Extensions Stealing AI Prompts (08:00)
- “Prompt poaching”: Extensions capture sensitive conversations with AI tools, risking IP theft and phishing.

5. Live from RSA: Startups, Compliance, Deepfakes & More

Host: Intern Kevin McGee (Microsoft for Startups)

Dale Hoch, CISO at RegScale: AI, Security, and Compliance as Code (13:23)
- Quote: “If you’re not leaning hard into AI, you’re way behind.” (13:40)
- Compliance is evolving from manual checklists to continuous, automated monitoring powered by AI.
- Quote: “I think right now we’re looking at the death of compliance… and you’re looking at it moving to key security indicators…proving everything in your operational tech stack and your cyber resilience automatically all the time.” (14:25)
- The emerging model: Compliance and security built into DevSecOps pipelines.
David Delappell, CEO of Dune Security: AI-Powered Adversarial Red Teaming (15:45)
- Focus: Preventing social engineering and insider threats at scale.
- New product rapidly generates deepfake-driven adversarial scenarios.
- Quote: “On average, roughly 1% of employees are complicit, meaning they’ll accept a bribe from our AI. And so that’s pretty insane.” (17:09)
- Integration with Reality Defender for deepfake detection: When activated, blocks these attacks entirely.
Jason Williams, ARM Cyber: Data Resilience & the “Cloaking Device” for Data (18:57)
- ARM Cyber provides real-time ransomware mitigation and data recovery.
- Fun moment: ARM’s burrito truck “is definitely getting a lot of press” on the show floor. (19:34)

Notable Quotes & Memorable Moments

“No single measure will suffice and pointed to actions spanning organizational resilience, shared infrastructure, protection and disruption of adversary networks.”
— Dave Bittner, summarizing Richard Horn’s keynote (01:10)
“If you’re not leaning hard into AI, you’re way behind.”
— Dale Hoch, CISO RegScale (13:40)
“I think right now we’re looking at the death of compliance… proving everything in your operational tech stack and your cyber resilience automatically all the time.”
— Dale Hoch (14:25)
“On average, roughly 1% of employees are complicit, meaning they’ll accept a bribe from our AI.”
— David Delappell, CEO Dune Security (17:09)
“We’re able to send a thousand phone calls, deep fake phone calls at once. …Maybe 40, 50% are actually having a conversation with the thing and not knowing it’s AI. And then we’re able to get a non zero amount of users to be complicit or socially engineered.”
— David Delappell (17:47)
“Everybody loves burritos. We’re in the hot spot here at RSA conference, giving out, you know, burritos that are chicken and veggie…”
— Jason Williams, ARM Cyber (19:34)

Deep Dive: The Privacy Illusion—Webinar TV & 'Surprise' Podcasts

The Main Story: Public Zoom Calls Recorded as Podcasts (21:16)

Webinar TV Routine:
- Scans for publicly linked Zoom meetings; joins sessions; records and republishes them as AI-generated podcasts—often without knowledge or consent of participants.
- Publishes podcasts with automated summaries, chapters, even AI "hosts."
Real Impact:
- Some users discover their participation only after receiving surprise promotional emails.
Expert Perspective:
- “Organizations often treat webinars as semi private working spaces, yet publicly shared links can quietly turn them into searchable, replayable content libraries for someone else’s business model.”
  — Dave Bittner (21:46)
- Zoom’s Response:
  - Activity happens outside of the Zoom platform; caused by users sharing public links, not by a vulnerability.
Advice:
- "The safest assumption may be that if a meeting link can be shared widely, it can also be replayed widely and possibly narrated by Phil and Amy.” (21:56)

Timeline of Important Segments

00:48 — Opening headlines, UK cyber chief, Operation Hen House
02:20 — RSA conference product rollouts and trends
03:10 — US Bureau of Emerging Threats launch
04:15–08:00 — Critical vulnerabilities, phishing scams, Chrome extensions threat
13:23–19:50 — RSAC live interviews: RegScale, Dune Security, ARM Cyber
21:16 — Main story: Webinar TV and the privacy risks of public meeting links

Takeaways

Cyber threats are increasingly blending state and criminal methods; only a coordinated, multi-pronged approach—spanning regulation, offensive cyber, and industry resilience—can offer defense.
AI is driving both attacks and defenses, transforming compliance and user risk into continuous, automated processes.
Deepfake-driven social engineering isn’t theoretical—it’s being red-teamed, detected, and deterrence is succeeding only where advanced countermeasures are in place.
The lines between private and public digital spaces are blurring: Publicly shared calls and webinars can—and are—becoming content for business models outside of participants’ control.
User awareness: If you share a link publicly, assume it (and your conversation) could end up everywhere.

wavePod

Your private call isn’t so private.

Summary

CyberWire Daily: "Your private call isn’t so private."

Date: March 25, 2026

Host: Dave Bittner, N2K Networks

Episode Overview

Key Discussion Points & Insights

1. Escalating Cyber Threats & National Coordination

2. RSA 2026: Industry Focus on AI & Security

3. US State Department’s Bureau of Emerging Threats

4. High-Impact Vulnerabilities & Attacks

5. Live from RSA: Startups, Compliance, Deepfakes & More

Host: Intern Kevin McGee (Microsoft for Startups)

Notable Quotes & Memorable Moments

Deep Dive: The Privacy Illusion—Webinar TV & 'Surprise' Podcasts

The Main Story: Public Zoom Calls Recorded as Podcasts (21:16)

Timeline of Important Segments

Takeaways

Summary

CyberWire Daily: "Your private call isn’t so private."

Date: March 25, 2026

Host: Dave Bittner, N2K Networks

Episode Overview

Key Discussion Points & Insights

1. Escalating Cyber Threats & National Coordination

2. RSA 2026: Industry Focus on AI & Security

3. US State Department’s Bureau of Emerging Threats

4. High-Impact Vulnerabilities & Attacks

5. Live from RSA: Startups, Compliance, Deepfakes & More

Host: Intern Kevin McGee (Microsoft for Startups)

Notable Quotes & Memorable Moments

Deep Dive: The Privacy Illusion—Webinar TV & 'Surprise' Podcasts

The Main Story: Public Zoom Calls Recorded as Podcasts (21:16)

Timeline of Important Segments

Takeaways