CyberWire Daily - Oops, those were the FBI files.
Episode Date: March 12, 2026Iran threatens tech firms as hackers strike Stryker. The EU advances efforts toward digital sovereignty. A foreign hacker stumbles upon the FBI’s Epstein files. DOGE used ChatGPT to cull humanities ...grants. Meta claims increased efforts against scams. A Wisconsin ambulance provider discloses a data breach. CISA shortens the patch deadline for a critical SolarWinds vulnerability. We preview this year’s RSAC 2026 Innovation Sandbox with Cecilia Marinier and Paul Kocher. Dangerous digital diets miss the mark. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we share a RSAC 2026 Conference innovation preview with Cecilia Marinier and Innovation Sandbox judge Paul Kocher talking about this year's Top 10 Finalists. Selected Reading Iran-linked hackers claim responsibility for attack on US medical device maker Stryker (Reuters) 'Legitimate targets': Iran issues warning to US tech firms including Google, Amazon, Microsoft, Nvidia (The Times of India) Iranian trolls are flooding social media with pro-Tehran, anti-war propaganda (MS Now) Commission announces €75 million EURO-3C Project to build a federated Telco-Edge-Cloud infrastructure for digital sovereignty (European Commission) Hacker broke into FBI and compromised Epstein files, report says (TechCrunch) When DOGE Unleashed ChatGPT on the Humanities (The New York Times) Meta says it culled millions of scam ads amid accusations that it profits from them (The Record) Bell Ambulance Ransomware Attack Impacts Over 237,000 Individuals (Beyond Machines) CISA Mandates Emergency Patching for SolarWinds Web Help Desk Vulnerabilities (Beyond Machines) AI Chatbots Are Giving Teens Absolutely Terrible Diet Advice, Study Warns (Gizmodo) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
When cyber threats strike, minutes matter.
Booz Allen brings the same battle-tested expertise trusted to protect national security
to defend today's leading global organizations.
They safeguard their data, strengthen enterprise resilience,
and mobilize in minutes across energy, health care, financial services, and manufacturing.
Their teams don't just respond.
They anticipate, outthink, and think.
stay ahead of evolving threats.
This is powerful protection for commercial leaders only from Booz Allen.
See how your organization can prepare today at Boozalan.com slash commercial.
Iran threatens tech firms as hackers strike striker.
The EU advances efforts toward digital sovereignty.
A foreign hacker stumbles upon the FBI's Epstein files.
Doge uses chat GPT to call humanities grants.
Meta claims increased evidence.
efforts against scams. A Wisconsin ambulance provider discloses a data breach. Sisa shortens the patch
deadline for a critical solar winds vulnerability. We preview this year's RSAC-2020s sandbox with
Cecilia Marigné and Paul Coker. And dangerous digital diets miss the mark. It's Thursday, March 12,
26. I'm Dave Bittner and this is your Cyberwire Intel briefing. Thanks for joining us here. It's
great to have you with us. Rising tensions in the Middle East are increasingly spilling into cyberspace.
Iran has warned that major U.S. technology companies could become legitimate targets as regional
tensions escalate amid the ongoing conflict involving Iran, the United States, and Israel.
The warning reportedly named firms such as Google, Microsoft, Amazon, Invita, IBM, Oracle, and Palantir,
with Iranian media listing offices and cloud infrastructure linked to those companies in Israel and Gulf countries.
Iranian officials claim the facilities were identified because their technology is allegedly used for military purposes.
The warning also extended to economic centers and banks connected to U.S. and Israeli entities.
Authorities cautioned civilians to avoid areas near these locations as the conflict intensifies,
signaling a possible expansion of targets beyond military assets to include technology infrastructure.
Medical device manufacturer Stryker confirmed Wednesday that a cyber attack caused a global network disruption affecting its Microsoft environment.
The Michigan-based company said it has no indication of ransomware or malware and believes the incident is contained,
though teams are still assessing the impact.
Strikers said business continuity measures remain in place to support customers and partners.
Employees reported widespread disruptions, saying corporate laptops, phones, and servers were wiped,
and access to email and internal applications was lost early Wednesday.
Some workers said login pages displayed the logo of the Hacking Group Handela.
The group claimed responsibility online, alleging it wiped more than 200,000 systems.
and stole 50 terabytes of data.
Handala, previously linked to Iran-based threat actors and destructive wiper attacks,
said the operation was retaliation tied to the ongoing U.S., Israel, and Iran conflict.
Researchers have uncovered a coordinated influence campaign linked to Iran's Islamic Revolutionary Guard Corps
that used fake social media personas to spread pro-Theran messaging,
A Clemson University Media Forensics Hub report identified 62 accounts across X, Instagram, and Blue Sky,
posing as Scottish independence supporters, Irish nationalists, and Latino women.
The accounts used stolen or AI-generated profile photos and tailored divisive content to match their fake identities,
posting about issues like immigration, Scottish independence, and British politics.
After U.S. and Israeli airstrikes in Iran, the accounts shifted focus to the war,
sharing anti-U.S. and anti-Israel messaging, alleged strike footage and AI-generated images.
Researchers say the tactic mirrors earlier troll operations designed to blend in to online communities
and influence public opinion.
The European Commission announced the Euro3C Initiative at Mobile World Congress, 2026, a 75 million euro project funded through Horizon Europe to build Europe's first large-scale federated Telco-Edge cloud infrastructure.
The platform will integrate telecom networks, edge computing, and cloud services to deliver secure high-speed computing closer to users.
The project aims to reduce Europe's reliance on non-EU technology providers while supporting digital sovereignty.
Euro3C will bring together 87 organizations, including telecom operators, cloud providers,
equipment manufacturers, software developers, and research institutions.
The effort aligns with the proposed Digital Networks Act and broader EU programs
while supporting innovation in areas such as 6G,
artificial intelligence, cybersecurity, and advanced telecom services.
A foreign hacker accessed files tied to the FBI's investigation of Jeffrey Epstein
after breaching a server at the Bureau's New York field office in February 23,
according to a source and Justice Department documents reviewed by Reuters.
The compromised server was located in the U.S.
the FBI's child exploitation forensic lab and had reportedly been left vulnerable while an agent was
handling digital evidence. Investigators later found signs the intruder had searched through
files related to the Epstein case, though it remains unclear which materials were accessed or
whether any data was downloaded. The FBI described the event as an isolated cyber incident
and said access was quickly restricted and the network secured.
According to the source, the hacker appeared to be a cybercriminal rather than a government actor
and reportedly did not realize the server belonged to the FBI
until agents confirmed their identity during a video call.
Court documents reveal that officials from Elon Musk's Department of Government Efficiency, Doge,
used ChatGPT to help identify Humanities grants to cancel at the National Endowment for the Humanities in 2025.
The chatbot was prompted to determine whether projects were related to diversity, equity, and inclusion,
using brief online summaries rather than full proposals.
The process flagged hundreds of grants, including projects on black newspapers,
Holocaust history, indigenous language archives, and American Mews,
music scholarship. Doge ultimately recommended terminating over 1,400 grants approved during the
Biden administration, reclaiming more than $100 million, nearly half the agency's budget. Acting chairman
Michael McDonald approved the cancellations, describing the move as creating a clean slate aligned with
the Trump administration's America First priorities. Academic organizations have filed lawsuits
arguing the cuts were politically motivated and violated constitutional protections,
claiming the process targeted scholarship involving race, gender, and marginalized communities.
Meta says it removed 159 million scam ads in 2025 and shut down 10.9 million Facebook and
Instagram accounts tied to scam operators, as the company promotes new efforts to combat online fraud.
it says most fraudulent ads were detected automatically before users reported them,
before users reported them, and that it's increasingly targeting entire scam networks.
The announcement comes amid growing scrutiny from U.S. lawmakers who've questioned whether
META's business model gives it sufficient incentive to police scam advertising.
A Reuters investigation previously suggested that a significant share of the company's ad revenue could come from ads,
linked to scams or banned goods, acclaimed meta-disputes.
Many fraud operations originate from organized compounds in Southeast Asia,
running pig-butchering investment scams.
Critics say the scale of the problem highlights how easily scammers continue to exploit social media platforms.
Bell Ambulance, Wisconsin's largest ambulance provider,
disclosed a data breach affecting over 237,000 people,
following a ransomware attack attributed to the Medusa group.
Attackers accessed the company's network between February 7th and 14th, 2025,
and demanded a $400,000 ransom, which the company reportedly refused to pay.
The group later published the stolen data on a dark web leak site.
Compromised information includes names, birth dates, social security numbers,
drivers license numbers, financial account details, medical records, and health insurance information.
Although some victims were notified in April of last year, the company said the full scope of
the breach was not confirmed until this past February.
Bell Ambulance is offering affected individuals 12 months of credit monitoring and identity theft protection.
Sessa has shortened the patch deadline for a critical vulnerability in SolarWinds Web Health
desk after reports of active exploitation by cybercriminals and nation-state actors.
Federal civilian agencies must remediate the flaw by today.
The vulnerability allows remote attackers to compromise the IT service management platform,
potentially exposing sensitive data such as network architecture,
user credentials, and security tickets, while enabling lateral movement within networks.
This marks the third emergency patch directive in a month,
for the same solar winds tool, underscoring the urgency for organizations to apply the latest security updates.
Coming up after the break, we've got a preview of this year's RSAC-2020s sandbox and dangerous digital diets.
Miss the mark.
Stay with us.
AI is changing how enterprises operate and how they stay protected.
It's time to eliminate risk and protect innovation from March 23rd through the 20th.
Join TrendAI for actionable AI security insights.
Catch impactful sessions at RSAC, then unwind and grab a bite at their lounge in Trapasueño.
Experience industry-leading AI security in person, engage with the experts, and get your chance to win $500,000.
San Francisco, lets AI fearlessly.
Learn more at Trendmicro.com slash RSA.
If you're defending a network today, there's a simple question worth asking.
What does the attackers see when they look at your organization?
Nord Stellar helps answer that.
Nord Stellar is a threat exposure management platform that gives security teams visibility into external risks,
including leaked credentials, active session tokens, impersonation attempts, and exposed assets
across the surface web and the dark web.
It's built to help organizations detect the consequences of breaches,
early before attackers turn access into action.
From monitoring for InfoStealer malware logs to identifying cyber squatting and brand abuse,
Nord Stellar helps teams focus on the threats that actually matter.
Executives get clear, actionable insights tied to business risk.
Security teams get real-time alerts and one of the largest deep and dark web intelligence
pools in the industry.
Cybercriminals may already be looking for your weak spots.
Don't make it easy for them.
Be the one that's prepared.
Defend your business with Nord Stellar.
Use the code CyberWire 10 to unlock your exclusive discount.
Go to Nordstellar.com slash CyberWire Daily and learn more.
N2K Cyberwire are proud media partners of the RSAC conference.
And today we've got a conversation with Cecilia Marigny,
Cybersecurity Advisor for Strategy, Innovation and Scholars at RSAC.
Seat Conference, along with Paul Koker, who's one of the judges of this year's Innovation Sandbox.
Cecilia, Paul, welcome.
It's a real pleasure to have you back.
And it's one of my favorite times of the year as we sort of get on board the excitement
leading up to RSA conference.
And this year is no different.
And one of the most exciting things for me is, of course, the Innovation Sandbox.
And this year we've got quite a group lined up for us.
Before we dig into the names, though, can we just start with a little background here?
Cecilia, for people who aren't familiar with this program, what's it all about?
RSC Innovation Sandbox Contest is the leading contest that helps identify the future of where the industry is going.
We have selected judges that represent different perspectives and can provide a test for each of those entrepreneurs that are coming on the stage,
whether it's as a buyer, whether it's as somebody that we could be a design partner from J.P. Morgan Chase,
whether it's somebody that is like Dave Chen, who is taking Wiz transaction to the final place.
He's seen what the companies do, what it takes to get a company to be at that final sale.
We have somebody that represents the national security side.
And then we have Paul Koch, who's on this interview with us today,
who is helping us really identify from an entrepreneur's perspective, as well as testing the actual
technologies that are underlying and underpinning what's on the stage to make sure that they have
something there, there for you to actually review. So that is the Innovation Sandball Contest. It's really
helping people identify to rise the signal above the noise. This is the first place to come and to
take a look at those kind of companies that are cutting edge that will be the names that you
will know tomorrow. And there is a substantial investment on the line here, right? Well, actually, yes.
order for you to be on our stage, there is a $5 million investment that comes from
crosspoint capital. So each of the top 10 have already received their $5 million investment.
And so that makes it so that they have the opportunity to take that money and actually use it
right away to execute on being named one of the top 10 finalists. Once you get named one of
these finalists, the whole industry's eyes are on you. And there's a lot of people paying
attention. This gives the companies the leverage they need to actually execute on all of that
attention and really hopefully see some change in the marketplace for 2027. We'll see that they get there.
So Paul, you've been a judge here. This isn't your first year. So you've done this a number of
times. What do you look forward to here? What's your part as a judge? And I come from a more technical
direction. So I like seeing what technical approaches the companies are taking, how they're going about
trying to stand out in a market that's just incredibly crowded. It's also a place where the
entrance don't have kind of the inertia and legacy problems and technical debt of the incumbents.
It's also really fun to kind of see how the market is tipping and tilting where you've got
these different participants with different natural advantages. And this is really a place where
you can see kind of one side of that really playing out. And then the conference show floor
tends to be where you see the other side of it, the incumbents who have a lot of these different
advantages like customer relationships highlighting their strengths. So it's my annual chance to really see
both how the technology and the industry are shifting. Can you give us a preview of some of the
finalists here and perhaps if there were any patterns or trends that's reflected in who made it
to the final list? One level of trend isn't surprising. I mean, this year, nine or ten of,
depending how you count of the companies on the stage, basically all of them have AI as a big part of what
they're doing. There are a couple other things that have gone quieter. Like a few years ago, we had
quite a few cryptocurrency companies, many fewer zero one major entrance there this year. The
salient is truly stands out this year, though, is AI is no longer kind of a differentiator by
itself. It's assumed that everybody's going to have AI as part of their fundamental strategy,
and it's really a question of how companies are using this technology, how they're adapting to it.
Even the sort of philosophies are different, like how it shifts this interplay,
between offense and defense.
We're seeing AI dramatically empowering offense,
dramatically empowering defense.
I don't personally know how the balance is going to shift,
and that's one of the things that I think I'm going to learn more about at the conference,
but it's clear that the way things were being done a couple years ago
is not the way that they're going to be done a year or two from now,
and this is really a place where those trends are going to be surfacing.
And as a judge, what are the things that you're looking for?
What can one of these contestants do to stand out from the crowd?
I mean, I'm going to begin by saying it's an impossible problem
because we're trying to compare not even apples and oranges.
It's, you know, cars and oranges.
And, you know, there's just, it's not like there's any kind of single objective criteria
that you can use to decide which innovation, for example, is the best
or even where the market's going to go.
So I've got to approach it with a great deal of humility
because I know that there are an enormous number of things that I don't know,
and then on top of that, there are lots of things that are unknowable.
There are certain trends, though, I mean, have a really strong team.
Those are more likely to be successful than teams that aren't as mature.
There's a piece around the technology about whether there's really a new approach or a new,
in some cases it's an algorithm or a piece of software.
In other cases, it's a new way of viewing the market.
I'm personally excited about the companies that have really strong technical differentiators.
There's some of the other judges who are maybe more focused.
on that question of, you know, kind of what's the go-to-market strategy look like?
And that's partly why having a team of judges is kind of fun because we have to reach a
consensus about how these all come together with a particular company.
It's a really challenging process, especially in the last few years, where the quality
of the entrance has gone way up. And personally, I think the reason for this is that security
is one of the places where innovators have the greatest opportunities. So some of the
smartest, most capable technology innovators are attracted to the opportunities and security,
but that means then that the quality of the competition is just spectacularly high.
They're an enormous number of brilliant people competing for these opportunities.
So if I look at the entrance this year, if there had been 50 or 75 spots in the stage,
they could have been filled with strong companies.
And the whittling down to 10 was really difficult.
Cecilia, can you set the stage for us here?
I mean, one of the things that impresses me year after year is just both the scale and the energy
of what's going on in that room.
It's true.
The way that we're working this year,
I'm so excited about it
because we're doing something different
to give a little bit of fomo.
We want you to be in the room.
So when you get there,
and I'm going to keep a little bit
behind the curtain
so that it will be a surprise.
But let's just say
that we're going to start
to try to gamify
and to make something really interesting
for people who are actually in the room.
So not only you're getting
this high-octane contest
that's on the state,
super fun all the way through and then you get to see who the winner is that's awesome but additionally
we're just trying to make the entire room feel that sensation of excitement all the way through from
start to finish when you walk in to when you leave so it will be a great experience yeah i like
said i'm very much looking forward to it if you've never been you're in for a treat it's a i think
it's fair to say it's probably a bigger room than you're expecting it to be and the amount of energy
particularly when that winner is announced,
there's really nothing else like it.
Yeah, we're going to have 1,500 seats in there.
But get in there early because they fill up.
It will definitely fill up.
Paul, let me ask you one more question before we part ways here.
Can you give us a little peek behind the curtain
in the years that you've been doing this?
What is it like when you and your fellow judges
are making that final decision?
Actually, there's two parts to the decision-making process.
One is deciding which companies go on the stage.
and that's kind of a lot like what a diligence process would look like
if you were looking at a startup for any investment,
looking at the people,
looking at all the information they submit.
The behind the stage is super interesting
because it's surprising to me how much opinions a shift there.
So seeing a company present,
seeing how the CEO performs under fire,
how they answer some of the hard questions,
because I come into that with a list of questions
that I'm curious about each company.
And they're usually the hard questions
that maybe the entrepreneur doesn't actually
really want to be answering, you know, where's that weak spot? And I'll poke it. And sometimes I'm
really impressed with the answer, and sometimes I'll come away thinking that, you know, I thought that
was a stronger company than it really seemed when they got up there. So conversations are often,
one where different judges have pretty different opinions, and then generally we'll reach a
consensus around one, or in some years there'll be a runner-up or a second winner as well. So we'll see
what happens this year. I really have no idea going on to the, into this, which one will
win, there are strengths of every single one of them. And in some ways, I guess you could say they're
all winners because they all have got the $5 million safe note. But the judges take this really seriously.
It's a hard and a little stressful trying to make a decision there. Looking back in the past,
the companies that have been on the stage and the ones that have one have done extremely well,
this year is going to be hard, though, because the rules are shifting. The AI dominance and the rate
of speed of change in the industry means that my feeling of having to have.
having kind of a sense of what the future looks like is cloudier than a spin in past years.
So, well, I'm cautiously optimistic.
We can continue the trend of picking the strongest companies.
We'll see what happens.
That's Cecilia Marignay and Paul Coker from RSAC.
We'll see you at this year's Innovation Sandbox.
No, it's not your imagination.
Risk and regulation really are ramping up.
And customers expect proof of security before.
they'll sign that deal. That's where Vanta comes in. Vanta automates your compliance process and
brings compliance, risk, and customer trust together on one AI-powered platform. Whether you're
preparing for SOC2 or managing an enterprise governance, risk, and compliance program, Banta helps
keep you secure and keeps your deals moving. Companies like Ramp and writers spend 82% less time
on audits with Vanta. That's not just faster compliance. That's more to.
time for growth. Take it for me. If you're thinking about compliance, take the time to check out Vanta.
Get started at vanta.com slash cyber.
One plus one equals more of the greatest stories.
Kulu on Disney Plus. Stories about survivors.
The most dangerous planet. Family. Retribution. Murder.
Prophecy.
Beer and propane.
The ultimate soldier.
Chicago. All right.
The best of the best stories now with even more from Hulu.
Amazing.
Have it all with through you on Disney Plus.
And finally, teenagers increasingly turn to AI chatbots for advice on everything,
from homework to awkward life questions.
But a new study suggests nutrition guidance may be one area where the bots should sit this one out.
Researchers in Turkey asked five popular AI models to generate
three-day meal plans for hypothetical 15-year-olds. The results, reviewed by dietitians,
were consistently underpowered. The plans typically cut about 700 calories per day, leaned heavily
toward protein and fats and sharply reduced carbohydrates. For growing teens, that's less
diet plan and more skip a meal and hope for the best. Experts warn such deficits could disrupt
hormones, delay growth, and increase injury risks, particularly for student athletes. Carbohydrates,
they note, play a key role in normal development. The takeaway, AI, might help write an essay,
but when it comes to feeding a teenager, a real dietitian still beats a chatbot with a calorie
counter. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing
at the Cyberwire.com. We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey in the show notes or send an email to Cyberwire at n2K.com.
N2K's lead producer is Liz Stokes.
We're mixed by Trey Hester with original music and sound design by Elliot Peltzman.
Our contributing host is Maria Vermazas.
Our executive producer is Jennifer Ibin.
Peter Kilpe is our publisher, and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow.
If you only attend one cybersecurity conference this year, make it R-SAC 2026.
It's happening March 23rd through the 26th in San Francisco,
bringing together the global security community for four days of expert insights,
hands-on learning, and real innovation.
I'll say this plainly, I never miss this conference.
The ideas and conversations stay with me all year.
Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next.
Register today at rsacconference.com slash cyberwire 26.
I'll see you in San Francisco.