meta_pixel
Tapesearch Logo
Log in
CyberWire Daily

More bark than byte. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

Technology, News, Tech News, Daily News

4.81.1K Ratings

🗓️ 27 June 2026

⏱️ 25 minutes

🧾️ Download transcript

Summary

This week we are joined by Daniel Schwalbe, Chief Information Security Officer & Head of Investigations at DomainTools, discussing their work on "ZionSiphon OT Malware First Attempts? Psyops? Both?" Researchers at DomainTools take a closer look at ZionSiphon, a purported operational technology malware sample targeting the water sector, and find that despite its alarming appearance, it lacks many of the capabilities needed to function as a credible cyber-physical weapon. They break down the malware's architecture, its operational shortcomings, and why it may be more of a prototype or proof of concept than a deployable threat. With heightened concern surrounding attacks on critical infrastructure amid the ongoing U.S.-Iran conflict, the research offers timely insight into separating genuine OT threats from overhyped malware. The research and executive brief can be found here: Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both? Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0

You're listening to the Cyberwire Network, powered by N2K.

0:11.5

AI is making fishing attacks faster, more convincing, and harder for people to spot,

0:17.3

and traditional security awareness and fishing training weren't designed for this level of attack.

0:22.6

Hock's Hunt helped security teams prepare employees for the attacks they face every day,

0:27.6

with personalized fishing training that adapts to each employee and reduces risky behavior over time.

0:34.6

For IT and security leaders looking to strengthen their human layer of defense,

0:39.0

without adding more manual work, visit hoxhunt.com slash cyberwire to learn more. That's

0:46.5

h-o-x-hunt-com slash cyberwire. slash CyberWire.

1:05.0

Hello, everyone, and welcome to the CyberWire Research Saturday.

1:12.3

I'm Dave Bittner, and this is our weekly conversation with researchers and analysts tracking down the threats and vulnerabilities,

1:18.3

solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.

1:19.7

Thanks for joining us.

1:31.5

We've been focusing on various threat actors in the Middle East, and this came across our desk, I would say,

1:35.7

just because it was allegedly focusing on Israel,

1:41.4

based on the metadata that we were able to see in the malware.

1:45.0

And so we decided to look into it a little bit more in-depth and see if any conclusions that we could draw.

1:52.0

That's Daniel Schwabby, Chief Information Security Officer and Head of Investigations at Domain Tools.

1:59.0

The research we're discussing today is titled Zion Siphon-O-T malware, first attempts,

2:05.0

Psiops, both?

2:13.5

But when you first encountered this malware sample, what was it that made you think that maybe it needed a closer look than, say, ordinary Windows malware?

2:23.6

Yeah, so I would say the fact that it was, the naming itself was kind of a little bit too on the nose.

2:32.7

And then the other results that our colleagues had already published on some of the functionality

...

Transcript will be available on the free plan in 23 days. Upgrade to see the full transcript now.

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2026.