Podcasts about 2fa

Crypto's newest threat isn't a smart contract exploit, it's a knock at your door. In this episode, Ryan sits down with Jameson Lopp (Casa) and Beau (former CIA, now safety at Pudgy Penguins) to map the real security landscape for crypto holders in 2026: the phishing traps you'll see daily, the physical “wrench attacks” that terrify the community, and the practical systems that can make both dramatically less effective. If going bankless is about freedom, this is the playbook for keeping that freedom without turning into your own security team. ---

This show has been flagged as Explicit by the host. Hackerpublic Radio New Years Eve Show 2026 Episode 1 Facebook https://www.facebook.com/ LinkedIn linkedin.com/ Matrix https://matrix.org/ Twitter / X https://x.com/home Telegram https://telegram.org/ Mastadon https://joinmastodon.org/ India https://www.incredibleindia.gov.in/en Poland https://www.poland.travel/en/ Hacker Public Radio https://hackerpublicradio.org/ Mumble https://www.mumble.info/ Linux Lugcast https://linuxlugcast.com/ Jitsi https://jitsi.org/ Ton Roosendaal (former Blender CEO) https://en.wikipedia.org/wiki/Ton_Roosendaal https://www.blender.org/press/blender-foundation-announces-new-board-and-executive-director/ Linus Torvalds https://github.com/torvalds Hack A Day https://hackaday.com/ Terry Pratchett https://terrypratchett.com/ UTC https://www.timeanddate.com/time/aboututc.html DMCA https://www.eff.org/issues/dmca Spotify https://open.spotify.com/ Youtube https://www.youtube.com/ Peertube https://joinpeertube.org/ Day Trading https://www.investopedia.com/articles/trading/05/011705.asp https://www.nerdwallet.com/investing/best/online-brokers-platforms-for-day-trading Ogg Camp https://www.oggcamp.org/ FosDem https://fosdem.org/2026/ Brussels https://www.visit.brussels/en/visitors Ohio Linux Fest https://olfconference.org/ Jacksonville, Florida https://www.visitjacksonville.com/ Ebike https://www.bikeradar.com/advice/buyers-guides/what-is-an-electric-bike Electric Scooter https://engineerfix.com/what-is-an-electric-scooter-and-how-does-it-work/ Elliptical https://ellipticalking.com/what-is-an-elliptical/ Panera Bread https://www.panerabread.com/ Tech and Coffee https://techandcoffee.info/ HTC Phones https://www.htc.com/us/smartphones-learn/ Apple https://www.apple.com/ Windows https://www.microsoft.com/en-us/windows LG https://www.lg.com/us/ 2FA (2 Factor Authentication) https://www.investopedia.com/terms/t/twofactor-authentication-2fa.asp Symantec VIP https://vip.symantec.com/ Android https://www.android.com/ Discord https://discord.com/ NewPipe https://newpipe.net/ iCloud https://www.icloud.com/ Bloomberg Terminal https://www.bloomberg.com/professional/terminal-introduction/ Linux Mint https://linuxmint.com/ Suse https://www.suse.com/ EndeavourOS https://endeavouros.com/ Pop OS https://system76.com/pop/ Debian https://www.debian.org/ Red Hat https://www.redhat.com/en EB / Electronics Boutique / EB Games) https://en.wikipedia.org/wiki/EB_Games RockBox https://www.rockbox.org/ Hi Fi Walker https://hifiwalker.com/ MPEG https://www.mpeg.org/ MP3 https://www.magix.com/us/music-editing/audio-formats/mp3/ MicroSD Card https://www.businessinsider.com/reference/what-is-a-micro-sd-card RSS Feed https://en.wikipedia.org/wiki/RSS https://www.reddit.com/r/explainlikeimfive/comments/15kfcsm/eli5_what_is_rss_feed_and_how_is_it_useful/ YouTube DL https://ytdl-org.github.io/youtube-dl/index.html Jupiter Extras Podcast https://www.jupiterbroadcasting.com/show/jupiter-extras/ Late Night Linux Podcast https://latenightlinux.com/ Sound Show Podcast https://grokipedia.com/page/the_sound_show Linux Lugcast https://linuxlugcast.com/ Tux Jam https://tuxjam.otherside.network/ Hacker Public Radio https://hackerpublicradio.org/ 3D Printing https://3dprinting.com/what-is-3d-printing/ Raspberry Pi https://www.raspberrypi.com/ Nextcloud https://nextcloud.com/ Jellyfin https://jellyfin.org/ DVD Ripping https://www.tomshardware.com/software/how-to-rip-your-dvds-with-handbrake-preserve-your-dvd-library-before-bit-rot-claims-another-victim Port Forwarding https://www.noip.com/support/knowledgebase/general-port-forwarding-guide NginX https://nginx.org/ LiquidSoap https://www.liquidsoap.info/doc-dev/ IceCast https://icecast.org/ DYN DNS https://account.dyn.com/ Etherpad https://etherpad.org/ Audio Bookshelf https://www.audiobookshelf.org/ Funk Whale https://www.funkwhale.audio/ Pixel Art https://www.sandromaglione.com/articles/getting-started-with-pixel-art Aseprite https://www.aseprite.org/ Krita https://krita.org/en/ RPG Maker https://www.rpgmakerweb.com/ Stable Diffusion https://stablediffusionweb.com/ GIMP https://www.gimp.org/ Balatro https://www.playbalatro.com/ Magic The Gathering Balatro MOD https://balatromods.miraheze.org/wiki/Magic:_the_Jokering Yoshi https://www.mariowiki.com/Yoshi Gungeon (Enter the Gungeon) https://enterthegungeon.fandom.com/wiki/Enter_the_Gungeon_Wiki Clover Pit https://store.steampowered.com/app/3314790/CloverPit/ Trackball https://www.techtarget.com/whatis/definition/trackball Humble Bundle https://www.humblebundle.com/ Dungeons / Dungeons II / Dungeons III http://www.realmforgestudios.com/ Deltarune https://deltarune.com/ Undertale https://undertale.com/ DNS https://www.cloudflare.com/learning/dns/what-is-dns/ Universal Studios https://www.universalorlando.com/web/en/us/theme-parks/universal-studios-florida Electric Blanket https://www.silentnight.co.uk/blog/guides/tips-for-using-your-electric-blanket Electric Vests https://www.fieldandstream.com/outdoor-gear/hunting/hunting-apparel-and-accessories/best-heated-vests LG Neckband Headphones https://www.lg.com/us/neckbands/view-all Lotus Notes https://en.wikipedia.org/wiki/HCL_Notes John Deer https://www.deere.com/en/ Dairy Queen https://www.dairyqueen.com/en-us/ Alco (retail store) https://en.wikipedia.org/wiki/ALCO_Stores AMI Pro https://www.computinghistory.org.uk/det/18775/Ami-Pro-for-Windows/ Disgraphia https://my.clevelandclinic.org/health/diseases/23294-dysgraphia Cursive https://brainspring.com/orton-gillingham-weekly/what-is-cursive-why-is-it-used/ SUNLU Wood PLA https://store.sunlu.com/collections/wood/products/optimized-wood-pla-3d-printer-filament-1kg-optimized-and-upgraded-wood-texture Hobby Lobby https://www.hobbylobby.com/ Hobby Lobby Branded PLA https://www.hobbylobby.com/crafts-hobbies/kids-crafts-activities/arts-crafts-supplies/white---3d-printing-filament/p/81250151 Hot End https://e3d-online.com/blogs/news/anatomy-of-a-hotend 2.5 GB Network Switch https://www.servethehome.com/the-ultimate-cheap-2-5gbe-switch-mega-round-up-buyers-guide-qnap-netgear-hasivo-mokerlink-trendnet-zyxel-tp-link/ fsck https://linux.die.net/man/8/fsck ProxMox https://www.proxmox.com/en/ Open Media Vault https://www.openmediavault.org/ Readarr https://github.com/Readarr/Readarr RSYNC https://linux.die.net/man/1/rsync Mario Kart T Shirt https://www.nintendo.com/us/store/products/mario-kart-jersey-t-shirt-119900-1/ Super Nintendo World https://www.universalorlando.com/web/en/us/epic-universe/worlds/super-nintendo-world Mario Kart Ride (Universal Studios - Super Nintendo World) https://www.universalorlando.com/web/en/us/things-to-do/rides-attractions/mario-kart-bowsers-challenge Donkey Kong Country (Universal Studios - Super Nintendo World) https://www.zeldadungeon.net/forum/threads/donkey-kong-themed-area-to-open-at-usj-dec-11-2024.77660/ Donkey Kong Country (video game) https://donkeykong.fandom.com/wiki/Donkey_Kong_Country Mario Games https://nintendo.fandom.com/wiki/List_of_Mario_games Mario World 2 https://www.mariowiki.com/Super_Mario_World_2:_Yoshi%27s_Island Harry Potter Ride https://www.universalorlando.com/web/en/us/things-to-do/rides-attractions/harry-potter-and-the-forbidden-journey Hagrid's Magical Creatures Motorbike Adventure https://www.universalorlando.com/web/en/us/things-to-do/rides-attractions/hagrids-magical-creatures-motorbike-adventure Harry Potter Wands https://www.universalorlando.com/web/en/us/things-to-do/shopping/potter-wands Harry Potter Wand Holder (3D printable) https://makerworld.com/en/models/917744-wand-stand-harry-potter#profileId-879432 Bronze PLA https://www.hatchbox3d.com/products/3d-pla-1kg1-75-brnz Linux Mint https://linuxmint.com/ Clem (Linux Mint) https://blog.linuxmint.com/?author=1 New Harry Potter TV Show https://www.teenvogue.com/story/harry-potter-tv-reboot-hbo-everything-you-need-to-know JK Rowling https://www.jkrowling.com/ HBO https://www.hbomax.com/ Iraq https://www.state.gov/countries-areas/iraq Arcane Casebook (Author - Dan Willis) https://www.goodreads.com/series/259903-arcane-casebook Altered Carbon (Book) https://elitistbookreviews.com/2018/04/05/altered-carbon/ Arcanum Unbounded (Author - Brandon Sanderson) https://www.brandonsanderson.com/blogs/blog/introducing-arcanum-unbounded Amazon Music https://music.amazon.com/?referrer=https%3A%2F%2Fwww.google.com%2F Richard Pryor https://www.richardpryor.com/ John Pinette https://www.dead-frog.com/comedians/comic/john-pinette Stormlight Archive https://www.brandonsanderson.com/pages/the-stormlight-archive-series Mistborn Saga https://www.brandonsanderson.com/pages/the-mistborn-saga-the-original-trilogy The Last Airbender https://avatar.fandom.com/wiki/Avatar:_The_Last_Airbender Wax and Wayne https://www.brandonsanderson.com/pages/the-mistborn-saga-the-wax-wayne-series Tress And The Emerald Sea https://www.brandonsanderson.com/pages/standalones-cosmere Isles of the Amber Dark Legion https://www.brandonsanderson.com/pages/collections-non-cosmere Wheel of Time (Sanderson books) https://www.brandonsanderson.com/pages/the-wheel-of-time-series Sunreach https://www.brandonsanderson.com/pages/skyward-flight Benedict Jacka https://benedictjacka.co.uk/ Project Hail Mary (Andy Weir) https://andyweirauthor.com/#project-hail-mary The Martian (Andy Weir) https://andyweirauthor.com/#the-martian Artemis (Andy Weir) https://andyweirauthor.com/#artemis Libby https://libbyapp.com/interview/welcome#doYouHaveACard Analog Hole https://en.wikipedia.org/wiki/Analog_hole Provide feedback on this episode.

Supercharge Points & Miles with Gift Card Reselling - QCGC Hurdy Gurdy Travel Podcast | Justin Vacula Justin Vacula hosts Taylor from QCGC (qcgc.io) to show how gift card reselling can help you earn more credit card points, miles, and cashback beyond everyday spending. By buying gift cards during promotions and reselling them through QCGC, keep the rewards while scaling your credit card spending. Recorded February 6, 2026, this episode covers QCGC's newly launched portal (live since December 2025) that replaces the old spreadsheet system. Taylor walks through the platform's deals section (profit, end dates, sources, remaining capacity, payout rates, and timeframes), the rates page that consolidates brands and denominations (including anywhere sources), and customizable deal alerts (with SMS planned). They also discuss entering payment details for ACH payouts and enabling optional two-factor authentication. Chapters / Timestamps: 00:00 Intro: Travel with Points & Miles 00:32 Meet Taylor & QCGC 01:57 Gift Card Reselling 101 04:31 Inside the New QCGC Portal: Deals Page, Alerts 06:14 Rates Page, Popular Brands & Converting Multi-Brand Gift Cards 08:37 Payout Timing, ACH Deposits & Bank Account Bonuses 09:30 De-Risking & Bank Scrutiny: Amex and Safer Buying Habits 13:15 More Portal Features: SMS Alerts, Payment Info, 2FA & Feature Requests 15:09 How to Join QCGC + Community: Onboarding, Support 17:02 Break + Announcements: Socials, Meetups, FTU, and CardPointers 21:20 Deal Math in Action: Lowe's Promo, Gas Points, Staples & Profit Thresholds 26:06 Best Cards to Us 27:44 Real-World Friction: Store Limits, Cashiers Making Up Rules 29:39 Listener Q&A: Trust, Reputation, Starting Small 32:55 Step-by-Step Submissions: Reserving Capacity, Uploading Cards 34:52 Avoiding Mistakes 37:04 Wrap-Up —

Suffield Police warning, Email mess, Anthropic promises to not impact your electric bill, AI Steam platform pulls game in error, Discord Age Verification lets you access the kid level of Discord, 2FA for text messages and phishing, No more emails from my ipad should I re-sync?

In Episode 159 of the Award Travel 101 podcast, Angie Sparks and Mike Zaccheo cover listener tips, loyalty news, and Angie's recent “actual vacation.” The highlight post addresses how to handle two-factor authentication (2FA) when traveling internationally, especially when using a local eSIM. Community suggestions include switching to authenticator apps instead of SMS and keeping your primary line active for texts and calls while using an eSIM for data. In the news, they discuss a new United Business card offer (100,000 miles plus 2,000 PQP), Air Canada adding ITA Airways as a distance-based redemption partner, a targeted Marriott Bonvoy points purchase bonus, and several loyalty promotions set to expire. They also share updates on their current credit card strategies and upcoming trips.The main topic centers on Angie's first true vacation in years. After initially considering a resort stay in Anguilla, she and her husband opted for a seven-night Norwegian Cruise Line sailing out of San Juan with a port stop each day. They intentionally limited excursions, choosing instead to relax—reading, enjoying the sun, and unplugging. Angie strategically used a mix of cash, points, and credit card perks to offset costs, including Ultimate Rewards points to book the cruise through Chase Travel, free night certificates at the Caribe Hilton for a pre-cruise stay, and various statement credits for rides, dining, and lounge access. She also highlights how her Southwest Priority card delivered outsized value under the airline's new seat assignment policy, saving nearly $500 on seat selection and baggage fees. While the trip delivered the relaxation they wanted, Angie notes some declines in NCL's onboard experience and wouldn't necessarily recommend that specific ship in the future.Episode LinksUnited Business card offerAir Canada/ ITA partnershipMarriott buy points promoWhere to Find Us The Award Travel 101 Facebook Community. To book time with our team, check out Award Travel 1-on-1. You can also email us at 101@award.travel Buy your Award Travel 101 Merch here Reserve tickets to our Spring 2026 Meetup in Phoenix now. award.travel/phx2026 Our partner CardPointers helps us get the most from our cards. Signup today at https://cardpointers.com/at101 for a 30% discount on annual and lifetime subscriptions! Lastly, we appreciate your support of the AT101 Podcast/Community when you signup for your next card! Technical note: Some user experience difficulty streaming the podcast while connected to a VPN. If you have difficulty, disconnect from your VPN.

In this WP Builds episode, Nathan Wrigley talks with Thomas Raef about WordPress website security. Thomas shares his journey founding We Watch Your Website, discusses the prevalence of attacks on US WordPress sites, and explores how hackers increasingly use stolen credentials and AI-powered methods. The episode gets into AI tools for both attackers and defenders, highlighting strategies like behavioural analysis and other mathematical things I don't understand! It wraps up with advice on implementing security measures like 2FA and device trust, and the ongoing AI "arms race" in cybersecurity. Go listen...

Caitlin Sarian (aka "Cybersecurity Girl") is one of the most recognized cybersecurity educators online (1.2M+ followers). She previously led TikTok's Global Cybersecurity Advocacy & Culture work, and spent ~10 years in cybersecurity and privacy across consulting and leadership rolesWe talk about the simple security habits that actually matter (passwords, passkeys, and the right kind of 2FA), how people get tricked by phishing and “perfect copy” fake login pages, what data brokers are really doing with your information, how tracking and permissions quietly follow you around, and how AI is changing the game for both privacy and scams. The goal is simple: help you protect yourself, think clearer, and make smarter decisions online without needing to be “technical.”Chapters: 0:00 Intro3:30 Caitlin's story: from engineering to cybersecurity9:24 The interview that pulled her into cybersecurity11:12 Why she started teaching cyber online15:04 Password mistakes & common scam setups19:28 Cookies, tracking & “I accept” traps27:18 Voice scams & impersonation tricks37:57 The 3 things your apps are collecting39:03 Data brokers — how your info gets sold42:55 Protecting your identity 51:02 Cyber warfare between countiesLearn Unreal Engine in 14 Days - $300 OFF https://join.baddecisions.studio/c/podcast?discounts=PODCASTIf this podcast is helping you, please take 2 minutes to rate our podcast on Spotify or Apple Podcasts, It will help the Podcast reach and help more people!Spotify - https://open.spotify.com/show/12jUe4lIJgxE4yst7rrfmW?si=ab98994cf57541cfApple Podcasts (Scroll down to review)- https://podcasts.apple.com/us/podcast/bad-decisions-podcast/id1677462934Find out more about Cybersecurity girl:- Instagram: https://www.instagram.com/cybersecuritygirl/- LinkedIn: https://www.linkedin.com/in/caitlin-sarian- Youtube: youtube.com/cybersecuritygirlJoin our discord server where we connect and share assets: https://discord.gg/zwycgqezfDIf you wanna see us to do cool things follow us here too:Instagram:https://www.instagram.com/badxstudio/Twitter: https://twitter.com/badxstudioTikTok: https://www.tiktok.com/@badxstudioLinkedIn: https://www.linkedin.com/company/badxstudioOur personal handles: (if you wanna stalk us)https://www.instagram.com/farhad_baddecisions/https://www.instagram.com/faraz_baddecisions/https://www.linkedin.com/in/farhadshababi/https://www.linkedin.com/in/farazshababi/

North Korean hackers with the Lazarus Group have stolen over $300 million with this Telegram phishing scam. Subscribe to the Blockspace newsletter! Welcome back to The Blockspace Podcast! Today, Taylor Monahan, a security lead at MetaMask, joins us to talk about a highly sophisticated $300M phishing attack linked to North Korea's Lazarus Group. Taylor shares how the Lazarus Group hijacks Telegram accounts to lure victims into fake Zoom meetings and download a Trojan horse malware program. We break down the hackers' strategy, how the malware works, which wallet types are most vulnerable to theft, and what users can do to protect themselves if they have fallen prey to the scam or not. Tune in to learn how to identify these red flags and implement better digital hygiene for your crypto assets. Check out this article for a deep dive into how the malware works; plus, follow Taylor for updates on X and keep track of Laars Group's history of hacks via her Github.  Subscribe to the newsletter! https://newsletter.blockspacemedia.com Notes: * Lazarus Group stole over $300M in the last year. * Attackers hijack Telegram accounts. * Scammers use fake Zoom links to deploy malware. * Malware often bypasses paid antivirus software. * Sandbox architecture on iOS offers more safety. * Software wallets and browser wallets are most vulnerable. * 2FA remains critical for sensitive account access. Timestamps: 00:00 Start 03:51 Telegram attack 11:30 2 Factor Authenticators 13:48 Losses 16:38 Calculating losses 19:08 North Korea 21:52 Malware 24:17 Malware detection 25:16 EDR 27:12 Wallets 34:21 Is verifying addresses enough? 39:28 Wallet malware design 44:11 What do they want? 54:16 Taylor stealing payloads 1:01:49 Steps to protect

Cybersecurity isn't just a technology issue, it's a family and financial issue. In this episode, Julina is joined by cybersecurity expert Sam Disraelly, Founder of Your Tech Department, to discuss the real online risks individuals and families face every day, from phishing scams to identity theft and account takeovers. You'll learn simple, practical steps to better protect your personal and financial information and build confidence navigating today's digital world. Timestamps:04:50 – The two types of cyber attacks people face07:00 – How COVID, Colonial Pipeline, and now AI changed the threat landscape10:45 – Why you should NOT click links in emails 12:30 – The Google search trap & the fake USAA site story 15:15 – The most common mistake families make17:00 – Passwords: “Long, Strong, Unique” 19:00 – Why built-in browser password managers (Google/Chrome/Apple) are risky22:15 – How to move your passwords into a real password manager 24:30 – The hidden dangers of free email accounts27:30 – The Optimum.net warning30:20 – What your email MUST be able to do (2FA, login visibility, session control)31:30 – Verizon outage example: why SMS 2FA can fail32:40 – Kids & teens online: AI, images, and why this is getting scarier34:00 – DNS filters: the most powerful tool parents don't know about38:00 – Pi-Hole and network-level protection at home39:10 – The easiest habits to start TODAY41:00 – Use a trusted partner before you click 48:00 – Three email strategy50:00 – “Plus addressing” with Gmail to control spam52:30 – Cyber insurance in homeowners & umbrella policies 56:30 – Sam's takeaway: 95–98% of attacks are stopped by 3 thingsConnect with Julina Ogilvie:WebsiteYouTubeLinkedInEmail- jogilvie@principlewealthpartners.comConnect with Sam Disraelly:https://yourcyber.team/https://yourcyber.news/https://www.linkedin.com/in/aridisraelly/The information provided is for educational and informational purposes only and does not constitute investment advice and it should not be relied on as such. The statements and opinions expressed in this podcast are those of the author. PWP cannot guarantee the accuracy or completeness of any statements or data. For current PWP information, please visit the Investment Adviser Public Disclosure website at www.adviserinfo.sec.gov by searching with PWP's CRD #290180

DOGE staff face scrutiny over possible Hatch Act violations. GitLab fixes a serious 2FA bypass. North Korean hackers target macOS developers through Visual Studio Code. Researchers say the VoidLink malware may be largely AI-built. MITRE rolls out a new embedded systems threat matrix. Oracle drops a massive patch update. Minnesota DHS reports a breach affecting 300,000 people. Germany looks to Israel for cyber defense lessons. A major illicit marketplace goes dark. Our guest is Ashley Jess, Senior Intelligence Analyst from Intel 471, with a “crash course” on underground cyber markets. And auditors emerge as an unlikely line of cyber defense. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we have Ashley Jess, Senior Intelligence Analyst from Intel 471, sharing a “crash course” on how underground cyber markets and emerging trends. Selected Reading Trump administration concedes DOGE team may have misused Social Security data (POLITICO) GitLab warns of high-severity 2FA bypass, denial-of-service flaws (Bleeping Computer) North Korean Hackers Target macOS Developers via Malicious VS Code Projects (SecurityWeek) Voidlink Linux Malware Was Built Using an AI Agent, Researchers Reveal (Infosecurity Magazine) MITRE Launches New Security Framework for Embedded Systems (SecurityWeek) Oracle's First 2026 CPU Delivers 337 New Security Patches (SecurityWeek) Minnesota Agency Notifies 304,000 of Vendor Breach (GovInfo Security) Germany and Israel Pledge Cybersecurity Alliance (BankInfo Security) $12B Scam Market Tudou Guarantee Shuts Down (GovInfo Security) Research reveals a surprising line of defence against cyber attacks: accountants (The Conversation) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Send us a textWe trade office chaos for focused remote work, then chart the journey from a 1999 idea to one of security's most-used tools. The talk widens to cyber warfare, scams, and practical privacy steps anyone can take without going off-grid.• year-end boundaries and remote work focus• origin of WhatIsMyIPAddress and staying humble• don't invite hackers, real-world conference fallout• elite cyber training, Ukraine drones, satellite comms• podcast guest vetting, authenticity, and value• preventing scams, empathy for victims, proof problems• privacy without becoming a hermit, actionable steps• 2FA on email, credit freezes, password strategy• data collection at retail, saying no with confidence• ads as social engineering, better defaults online“I will give anyone who wants the book can come to my website and get the book… If you don't want to give me your email address or your name, I'll give you the book without the email address and your name.”Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast Affiliates➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh➡️ OffGrid Coupon Code: JOE➡️ Unplugged Phone: https://unplugged.com/Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.

Send us a textAs we kick off 2026, the world feels more unpredictable than ever, political shifts, economic pressures, tariffs, cyber threats, and global chaos are hitting small businesses hard. If you're a solo entrepreneur, side hustler, or thinking about scaling (or even launching) your independent business, ignoring these forces could be costly.In this episode of Mastering Risk, Dr. D breaks down the four critical risks every lean business owner must address right now, risks you can actually control in a world where almost everything else is out of your hands. You'll discover:-Why cybersecurity is no longer optional. Simple, affordable steps (password managers, patches, 2FA, off-site backups) that prevent disaster (plus why managed service providers are a game-changer for small ops)-How inflation, tariffs, and regulatory changes (like the new EU AI rules starting June 2026) are silently squeezing margins, and the KISS principle to stay compliant without overwhelm-The hidden danger of overload, burnout, and scaling limits — how to automate ethically with AI (saving 12–16 hours/week), keep systems dead simple, and always leave white space in your calendar-The surprising #4: You win in collectives, why solo grinding is a myth, and how building real human relationships, joining entrepreneur networks, and leveraging social capital will exponentially boost your successThis isn't theory, it's battle-tested advice from recent expert immersions, real-world experience, and years of studying risk as a professor and entrepreneur.Whether you're questioning "Is now the time to launch?" or ready to take your business to the next level, watch this episode to gain clarity and confidence in turbulent times.https://preparednesslabs.caDISCLOSURE Information shared here is for educational purposes only.  Individuals and business owners should evaluate their own business strategies, and identify any potential risks.  The information shared here is not a guarantee of success. Your results may vary.Copyright © 2026.Support the showhttps://preparednesslabs.ca/

Send us a textWe look back at 2025's privacy and security reality: useful AI where data was ready, repeating breach patterns, and infrastructure limits that slowed the hype. We call out backdoors, weak 2FA, and the shift toward passkeys, decentralization, and owning more of our stack.• AI succeeds when data, process and governance are mature• Power, chips and cost constraints limit AI growth• SALT Typhoon shows backdoor risk and patching failures• SMS 2FA remains weak while passkeys gain ground• Data hoarding expands breach blast radius• Streaming consolidation drives algorithm control and piracy's return• Decentralization and self‑hosting rebuild trust with users• 2026 outlook: AI contraction, ML pragmatism, fewer but stronger toolsCheck out our website: the problemlounge.comIf you have episode guest ideas or topics you want us to talk about, please send them our wayGo check out YouTube channel, Privacy Please PodcastIn 2026, would you like to see us do live streams?  Everyday AI: Your daily guide to grown with Generative AICan't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead.Listen on: Apple Podcasts SpotifySupport the show

While our team is out on winter break, please enjoy this episode of Research Saturday. Today we are joined by ⁠⁠Selena Larson⁠⁠, co-host of ⁠⁠Only Malware in the Building⁠⁠ and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at ⁠⁠Proofpoint⁠⁠, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens, and session cookies, targeting nearly 3,000 Microsoft 365 accounts across 900 environments in 2025. Microsoft's upcoming security changes and strengthened email, cloud, and web defenses, along with user education, are recommended to reduce these risks. The research can be found here: ⁠⁠⁠⁠Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing Learn more about your ad choices. Visit megaphone.fm/adchoices

While our team is out on winter break, please enjoy this episode of Research Saturday. Today we are joined by ⁠⁠Selena Larson⁠⁠, co-host of ⁠⁠Only Malware in the Building⁠⁠ and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at ⁠⁠Proofpoint⁠⁠, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens, and session cookies, targeting nearly 3,000 Microsoft 365 accounts across 900 environments in 2025. Microsoft's upcoming security changes and strengthened email, cloud, and web defenses, along with user education, are recommended to reduce these risks. The research can be found here: ⁠⁠⁠⁠Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing Learn more about your ad choices. Visit megaphone.fm/adchoices

Visit our website for breaking news, analysis, op-eds, articles to learn about crypto, and much more: unchainedcrypto.com Security remains work in progress for crypto — and that may be putting it mildly. This year Bybit was hacked for $1.5 billion, the largest exploit ever, crypto or otherwise.  In this Unchained episode, Security Alliance members explain how crypto exploits have evolved, why smart contracts are no longer the primary vulnerability and why a security plan alone may not be enough. They take us inside how North Koreans are getting jobs at crypto and tech companies and how they operate.  Plus, best practices for individuals that intend to hold their assets for the long-term. Test transactions and 2FA based on authenticator apps may not be ideal. Thank you to our sponsors, ⁠Uniswap⁠ and ⁠Mantle⁠! Guests: Pablo Sabbatella, Member of SEAL (Security Alliance) and Founder of Opsek Isaac Patka, Wargames Initiative Lead at SEAL, and Founder of Shield3 Links: Unchained: How the $1.5 Billion Bybit Hack Could Have Been Prevented The Chopping Block: Code, Chaos & Consequences — What the Balancer Hack and Rollback Debates Mean for Crypto's Future How AI Agents Hacked Smart Contracts for $1 Apiece – DEX in the City DEX in the City: How Privacy in Crypto Makes Everyone's Finances More Secure Chainalysis crypto crime report SEAL 911 bot SEAL website with profiles of confirmed DPRK IT workers Timestamps:

The Tech talk to have with family over the holidays. We dive into why tracking passwords and setting up two-step authentication safely is a must—especially for seniors and elderly users. Plus we have hunting news of a rare pheasant. Join radio hosts Rebecca Wanner aka ‘BEC' and Jeff ‘Tigger' Erhardt (Tigger & BEC) with the latest in Outdoors & Western Lifestyle News! Rare White Pheasant Harvested in North Dakota According to KFYR TV, a Minot, North Dakota hunter harvested a rare white Pheasant south of the city on December 7, 2025. 37-year-old Eric Henke of Minot first saw the bird a few years ago on his family farm. A couple weeks ago, he and six others, plus four dogs, went out for a pheasant hunt. The group flushed the bird, and it flew into some brush. It was flushed again about 10 yards from Henke. With a pull of the trigger from his Benelli Super Black Eagle II 12 gauge, the bird dropped and ran, thankful to have one of the dogs retrieve it for him. Henke is now having the bird mounted by Dakota Taxidermy in Bismarck, North Dakota. In addition to being a rare white pheasant, it also had magnificent tail feathers that measured to about 22.5 inches long. Congrats Eric Henke! The Importance of Tracking Passwords and Two-Step Authentication for Seniors and Families Why Password Management Is More Important Than Ever In today's digital world, almost every essential service requires a password—banking, medical portals, email, social security accounts, utilities, and even prescription refills. For elderly and older adults, managing multiple passwords can quickly become overwhelming. Forgotten passwords, locked accounts, and inaccessible phones can lead to stress, financial risk, and complete loss of access to critical services. Common Problems Seniors Face: Forgotten passwords or PINs Locked accounts due to failed login attempts Smartphones breaking, updating, or resetting Two-step authentication codes sent to unavailable devices Difficulty remembering complex security rules Without a proper system in place, a simple phone update can become a major crisis. What Is Two-Step Authentication (2FA) — and Why It Can Be Risky Without Backup Two-step authentication (also called 2FA or multi-factor authentication) adds an extra layer of security by requiring: Something you know (password) Something you have (phone, text message, authentication app) While 2FA improves security, it can lock users out permanently if: The phone is lost or broken The phone number changes The device updates or resets The authentication app is deleted This is especially dangerous for seniors who rely on one single smartphone. How to Set Up Two-Step Authentication the Right Way (Senior-Friendly) To avoid lockouts, seniors and families should always set up backup access options. Best Practices: Save backup recovery codes on paper and digitally Add a trusted family member's email or phone number Use authentication apps that allow device recovery Avoid using only SMS codes when possible Tip: Print recovery codes and store them in a safe, labeled folder at home. Final Checklist for Seniors and Caregivers Track all passwords in one secure place Set up 2FA with backup recovery options Share access with trusted family members Store printed recovery information safely Review passwords yearly or after major updates Final Thought - A broken phone or forgotten password should never mean losing access to your life. OUTDOORS FIELD REPORTS & COMMENTS We want to hear from you! If you have any questions, comments, or stories to share about bighorn sheep, outdoor adventures, or wildlife conservation, don't hesitate to reach out. Call or text us at 305-900-BEND (305-900-2363), or send an email to BendRadioShow@gmail.com. Stay connected by following us on social media at Facebook/Instagram @thebendshow or by subscribing to The Bend Show on YouTube. Visit our website at TheBendShow.com for more exciting content and updates! https://thebendshow.com/ https://www.facebook.com/thebendshow WESTERN LIFESTYLE & THE OUTDOORS Jeff ‘Tigger' Erhardt & Rebecca ‘BEC' Wanner are passionate news broadcasters who represent the working ranch world, rodeo, and the Western way of life. They are also staunch advocates for the outdoors and wildlife conservation. As outdoorsmen themselves, Tigger and BEC provide valuable insight and education to hunters, adventurers, ranchers, and anyone interested in agriculture and conservation. With a shared love for the outdoors, Tigger & BEC are committed to bringing high-quality beef and wild game from the field to your table. They understand the importance of sharing meals with family, cooking the fruits of your labor, and making memories in the great outdoors. Through their work, they aim to educate and inspire those who appreciate God's Country and life on the land. United by a common mission, Tigger & BEC offer a glimpse into the life beyond the beaten path and down dirt roads. They're here to share knowledge, answer your questions, and join you in your own success story. Adventure awaits around the bend. With The Outdoors, the Western Heritage, Rural America, and Wildlife Conservation at the forefront, Tigger and BEC live this lifestyle every day. To learn more about Tigger & BEC's journey and their passion for the outdoors, visit TiggerandBEC.com. https://tiggerandbec.com/

In this episode of Banking on Fraudology, Hailey Windham reflects on a transformational year in fraud by unpacking recent, high-stakes cases and zooming out to address the "seismic shift" in the payment ecosystem. The conversation dives into the industry's evolution , highlighting how human intuition, technology, and a unified view of risk are shaping the future of fraud prevention. Key Takeaways: Cases, Controls, and the Future of PaymentsEmpathy and Human Intuition are Essential: The episode shares several cases that underscore the power of the human element.The Mrs. Doubtfire Scam: A bizarre case where a man disguised himself as his deceased 82-year-old mother to collect her pension for three years. The case was cracked by a frontline clerk who noticed the hands looked too young and the voice slipped, proving that intuition is irreplaceable. The Frontline Hero: A Missouri bank teller saved a woman from a jury duty arrest scam by quietly slipping her a note, proving that no AI system can replace human compassion and intuition. The End of Siloed Intelligence (Internal Threat): Insider threats highlight a control problem, not just an employee problem. Cases involving unauthorized withdrawals, debit card ordering, and forged checks by multiple employees at a major US bank point to patterns of inadequate monitoring and excessive permissions. The Tacoma Credit Union case, where a remote employee stole $345,000 weeks after hire, reinforces that remote work requires stronger oversight, and new hires are high-risk periods. Innovation is Working For Us (External Threats): Scams are evolving alongside technology. Scammers are using real bank activity (transaction amounts and timestamps) to build trust and bypass knowledge-based authentication. New tactics include fake CAPTCHAs that install malware to bypass 2FA, log keystrokes, and spy on sessions, leading to rapidly climbing losses. The State of the Fraud Fighter (Payment Rail Shift): The industry must adapt to the speed of instant payments. Scams are the #1 driver of losses across every rail (ACH, Wires, P2P, Zelle, RTP, FedNow); the vulnerability is social engineering, not the rail itself. The number one strategic imperative is to build a unified, real-time view of risk across every payment rail, as regulators now demand real-time resilience and proof that harm could have been prevented. Get in the mood of being grateful for the fraud-fighting community, and be reminded of how strong the fraud-fighting community truly is. Show Notes — Resources & Articles MentionedInsider Fraud Cases1 - Multiple Trust Employees Accused of Draining Customer Accounts — $363,452 in Losses2 - The “Mrs. Doubtfire” Fraud Case (Italian Identity Fraud Scandal) - Source via Frank on Fraud (PDF)3 - Tacoma Credit Union Insider Steals...

Everyone in crypto has a horror story. In this episode, Joel and Travis turn the mic on themselves and the community for a raw, honest look at loss, regret, and the painful side of the crypto journey. Travis recounts how he lost 55 Bitcoin he mined back in 2010 after a hardware failure and no backup of his keys. Joel shares how he was seconds away from reading a 2FA code to a fake “Google security” caller that could have compromised everything tied to his account. Add in a 10 ETH honeypot scam, drained wallets, and NFT phishing, and you start to see a pattern: nobody is immune. Along the way, they read anonymous posts from the CoinFessions account on X – real stories of people who:– Turned life-changing gains into dust by trying to time “one more pump”– Lost six figures to scams and bad decisions– Sat through entire bull runs and never took profits– Finally got it right after years of pain and one big, smart exit This episode covers:– Why even experienced users still get wrecked– The psychology behind never taking profits on the way up– How grief, stress, and desperation make you vulnerable to scams– Why experiences and relationships matter more than your portfolio balance– A brief look ahead at what macro conditions and liquidity might mean for the next phase of the market If you have ever:– Round-tripped your portfolio– Lost coins to a scam, bad link, or bad judgment– Felt alone or ashamed about your mistakes …this is group therapy. You are not the only one. The Bad Crypto Podcast has been here since 2017, and the guys are still in the arena with you. Pull up a chair, listen in, and maybe walk away feeling a little less wrecked and a little more human.Support the show: https://badcryptopodcast.comSee omnystudio.com/listener for privacy information.

Do you think your passwords don't matter because you use 2FA everywhere? I'll break down why weak passwords still put you at risk, how attackers work around 2FA, and the steps that keep your accounts safe.

2FA continued, Win 11 data Transfer, Proton Mail in my New Years resolution!, Transunion Fraud Alert should I pay for monitoring? My External Drive is Full, Upgraded my phone and I can't get in my mail, new Dell for only $299? Copper Line? Webroot install,

The Cybersecurity Landscape in Austin In this episode, Alison Dixon shares insights into the fast-evolving cybersecurity environment in Austin, Texas. She discusses the rising importance of protecting both personal and corporate data amid growing cyber threats, emphasizing the dual challenge of convenience versus protection. Alison and Michael explore how AI complicates the landscape—accelerating innovation but also introducing new vulnerabilities. They underscore the urgent need for smarter, password-free security solutions and thoughtful tech adoption that prioritizes user safety. AI Integration with Intention Michael and Alison explore the importance of deliberate, strategic integration of AI into business operations. They agree that AI should serve genuine business value, not simply act as a marketing add-on. Clear processes and structured systems must precede AI adoption to avoid inefficiencies. Michael points out that transparency in AI systems, such as chatbots identifying themselves and providing human contact options, can significantly enhance customer trust. Both emphasize the need for balance, restraint, and purpose when embracing new technologies. Balancing AI Budgets and Cybersecurity Priorities The conversation turns to the tension between investing in AI and maintaining strong cybersecurity foundations. Alison warns that over-investing in AI while cutting cybersecurity budgets increases the risk of attacks like phishing and ransomware. Michael shares a real-life story about a senior manager's phone hack that illustrates the importance of vigilance and response protocols. Alison reinforces the need for proactive defenses and risk-reduction strategies rather than reactive training. AI Voice Scams and Public Awareness Michael recounts a growing trend of AI-driven voice scams, where criminals mimic loved ones' voices to exploit victims. He shares a case involving an elderly Toronto couple who lost nearly $100,000 to a voice fraud scheme, stressing the importance of using family “safe words” to verify identity. The discussion underscores how easily anyone—public figure or private citizen—can become a target, highlighting the growing sophistication of AI misuse. Human Factors and Preventive Strategies Alison and Michael discuss why human behavior remains the weakest link in cybersecurity. They argue that education alone is insufficient and that organizations should focus on eliminating risk exposure through stronger systems and policies. Practical steps such as multi-factor authentication, unique passwords, and an “assume it's fake” mindset can dramatically reduce vulnerability. Alison notes that leadership accountability and proactive system design are the true foundations of digital safety. The Role of Two-Factor Authentication and Holiday Vigilance In closing, Michael and Alison revisit the vital role of two-factor authentication (2FA). While it adds a few extra seconds to login, they agree it is a small price for peace of mind. They also caution that the holiday season often brings a spike in cyberattacks, as people let their guard down. Their message is clear: cybersecurity is not just about technology—it's about disciplined habits, awareness, and making security a leadership priority. Alison Dixon, the Chief Customer Experience Officer at Portnox, a leading zero trust network access control platform. Alison is at the forefront of shaping how technical, high-stakes industries like cybersecurity can deliver world-class customer experiences. With a background that spans HR, Sales Enablement, and IT, she brings a uniquely holistic view to customer success—balancing strategy, empathy, and execution. At Portnox, she's led the charge in transforming onboarding into a competitive advantage, expanding CX beyond support, and building programs that reduce churn and drive long-term value. LinkedIn:  https://www.linkedin.com/in/alison-dixon-msod/    

GRADING MY RECRUITMENT FORECASTS FOR 2025   Every year I write a long post making 20 predictions for the year ahead. This year, for the first time ever, I'm going to grade my predictions and see how I have got on   20 x Predictions for Recruiting in 2025   1. AI Assessment mainstreams; 50% of high volume hirers (more than 5000 hires per year) will have a solution in place by EOY. 2. ‘Skill based hiring' revives as employers describe deployment of AI assessment as commitment to SBH. %age of employers describing themselves as SBH increases 50%. 3. 2FA on job ads increases 400% as an attempt to suppress increased applicant flow. 4. Applications per job increase by 25% as AI-enablement mainstreams candidate side. 5. Big round of investment for AI voice interview vendors currently at Seed - $100M raised in this sector by EOY 2025. 6. Non-FTE vs FTE hiring increases by 10% in 2025. 7. Avg internal TA team goes 25% non-FTE. 8. Req load per recruiter increases 15%. 9. Percentage of solo TA function goes from 73% to 83%. 10. TA teams continue geographic dispersal - %age of TA teams with multinational component increases by 30%. 11. More companies decentralise talent acquisition - %age of employers where HM do outreach increases by 10%. 12. Candidate resentment stabilises - with 2% points either side of 2024 level. 13. ‘Chief Automation Officer' becomes an industry talking point in 2025, same as Chief Diversity Officer in 2020. 14. Speaking of DEIB, clear Atlantic divergence in 2025 - US explicit retrench, Europe implicit progress. 15. US vs UK economic integration deepens - %age of new UK based TA jobs from US employers increases 100%. 16. Global Staffing agencies revenue / profit down another 10% (profit warning again in Q1 2025). 17. But medium sized agencies / RPO stage mini bounce back as employers push more requirements out from denuded TA teams. 18. RecOps, Talent Intelligence roles decline 20%, EB roles decline 30%. People & Culture roles increase 15%. 19. Somebody Ubersises the legions of fractional TA's out there. Probably this is Indeed. 20. Over half of these predictions will be directionally incorrect, 20% will be absolutely incorrect.   What should the grading system be? I thinking a sliding scale A to E.   What should be the source of truth? That is where we will be bringing in experts from industry who can validate the claims.   It's going to be a good one folks.   Friday 14th November, 12pm GMT   Register by click on the green button (save my spot) and follow the channel here (recommended) to be noticed when we go live.     Ep 344 is sponsored by our friends Popp   Popp's AI recruitment platform amplifies what your team can do by effortlessly and instantly scaling your recruiting capacity. Popp's recruitment platform sits between your ATS and your talent team, providing unprecedented hiring power at unlimited scale.   Our AI automates repetitive tasks throughout the hiring journey, intelligently and accurately. Meaning your team can focus on higher value tasks. Randstand, Robert Walters, Bloom & Wild, AMN Healthcare and more are using Popp to x10 their hiring capacity.   Want to know more?   Book a demo with one of Popp's friendly founding team

This show has been flagged as Clean by the host. Oathtool 06 OATH Options and Oathtool The OATH standard has several options. You need to know which OATH options the site you wish to log into uses in order to use OATH. 07 Options - TOTP versus HOTP There are two different types of OATH one time passwords, HOTP and TOTP. HOTP uses a counter. I won't go into more detail on HOTP as I haven't come across anyone using it. TOTP uses the current time instead of a counter. The time is fed into the OATH algorithm along with the shared secret to generate a new password on both ends of the connection. All the instances of OATH that I am familiar with use TOTP. 08 TOTP Mode Totp has different "modes". These modes are hash encoding algorithms such as SHA1, SHA256, or SHA512. The correct mode must be selected in order to log in using OATH with TOTP. 09 Encoding - Hex versus Base32 Both ends of the connection must be initialized with a shared secret or key which is required as part of the OATH algorithm. This key could be encoded in one of two forms, either hexadecimal or base32. Web sites often do not document which encoding method they are using. If you cannot determine the encoding of the key by simply looking at it you may need to use trial and error during your first OATH log in attempts to see which type of key has been used. 10 Github and Pypi Options Github and Pypi are two of the most prominent web sites using OATH. Both use the same options, TOTP with SHA1 mode, and base32 encoding. 11 Using Oathtool oathtool is a simple command line application which generates one time passwords for use with OATH. It can be run in a terminal. However, can also be turned into a simple GUI application using Zenity. Will discuss this in more detail later. By default oathtool uses hotp and hex encoding. To use totp and base32 encoding you must specify these on the command line. To specify base32 encoding for use with for example Github, pass the "-b" or "--base32" argument on the command line. To specify TOTP, pass the "--totp" argument on the command line. By default, oathtool uses SHA1 with totp, so you don't need to specify that if you require SHA1. If you need a different TOTP mode, you specify that as part of the TOTP argument separated by an "=" character. For example "--totp=SHA256". 12 Oathtool Example Here is a simple example of using oathtool to create a one time password to use with Github or Pypi. Open a terminal and type the following. oathtool -b --totp SOMEBIGBASE32SECRETCODE The one time password will be printed out in the terminal. You can try this out without using a valid key so long as it is a valid base32 string. When used with a valid key you then enter that one time password into Github, Pypi, or other web site where it asks for the one time password. Note that I have not covered in the above how to store and retrieve the key securely, as that is too big of a topic to cover here. 13 Zenity Example Oathtool is a command line application, but if you are using Linux it is simple to convert it into a GUI application by using "Zenity". Zenity is a simple to use package that creates GUI windows on the command line or in a shell script. There are two steps to the proceess. First create the OTP from the key by using oathtool and save it in a variable. Next, call a Zenity "info" window with the OTP as part of the provided text. You can now copy and paste the OTP from the window into your web browser. To close the window, click on the "OK" button. See the previous note on storing the key securely. hprcode=$(oathtool -b --totp SOMEBIGBASE32SECRETCODE) zenity --info --width=150 --title="HPR 2FA" --text="2FA code is: nn $hprcode n" If you are using Gnome you can make the script launchable from the desktop by creading a ".desktop" file in the "Desktop" directory. Provide feedback on this episode.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, Mikah Sargent lists some of his favorite two-factor authenticator apps for listener Stuart and some of the pros and cons using 2FA applications. Send in your questions for Hands-On Tech to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Hey everyone—it's Steve Edwards here, and in this episode of JavaScript Jabber, I'm joined by returning guest Feross Aboukhadijeh, founder of Socket.dev, for a deep dive into the dark and fascinating world of open source supply chain security. From phishing campaigns targeting top NPM maintainers to the now-infamous Chalk library compromise, we unpack the latest wave of JavaScript package attacks and what developers can learn from them.Feross explains how some hackers are even using AI tools like Claude and Gemini as part of their payloads—and how defenders like Socket are fighting back with AI-powered analysis of their own. We also dive into GitHub Actions vulnerabilities, the role of two-factor authentication, and the growing need for “phishing-resistant 2FA.” Whether you're an open source maintainer or just someone who runs npm install a little too often, this episode will open your eyes to how much happens behind the scenes to keep your code safe.

In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate Microsoft WSUS bug being exploited in the wild Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG SpaceX finally starts disabling Starlink terminals used by scammers Garbage HP update deletes certificates that authed Windows systems to Entra This week's episode is sponsored by automation company Tines. Field CISO Matt Muller joins to discuss how Tines has embraced LLMs and the agentic-AI future into their workflow automation. This episode is also available on Youtube. Show notes US accuses former L3Harris cyber boss of stealing and selling secrets to Russian buyer | TechCrunch Attackers bypass patch in deprecated Windows Server update tool | CyberScoop CVE-2025-59287 WSUS Unauthenticated RCE | HawkTrace CVE-2025-59287 WSUS Remote Code Execution | HawkTrace Catching Credential Guard Off Guard - SpecterOps Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica Uncovering Qilin attack methods exposed through multiple cases Safety on X: "By November 10, we're asking all accounts that use a security key as their two factor authentication (2FA) method to re-enroll their key to continue accessing X. You can re-enroll your existing security key, or enroll a new one. A reminder: if you enroll a new security key, any" / X SpaceX disables more than 2,000 Starlink devices used in Myanmar scam compounds | The Record from Recorded Future News SpaceX: Update Your Inactive Starlink Dishes Now or They'll Be Bricked How we linked ForumTroll APT to Dante spyware by Memento Labs | Securelist Former Polish official indicted over spyware purchase | The Record from Recorded Future News HP OneAgent Update Broke Entra Trust on HP AI Devices Windows' Built-in OpenSSH for Offensive Security How Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA | WIRED

Aggressive Government RegulationStates are intervening heavily in tech markets. Texas mandated app stores verify ages and restrict minor access starting January 2026, requiring parental approval for under-18 users. The Netherlands took partial control of Chinese chipmaker Nexperia to block sensitive technology transfer. The U.S. FCC forced retailers to delist millions of Chinese electronics from Huawei, ZTE, and others over security concerns.Privacy vs. Security BattlesThe EU postponed "Chat Control" legislation requiring message scanning after insufficient support - only 12 of 27 states backed it. Germany called it "taboo for the rule of law" while 40+ tech firms warned it would harm privacy. Digital activism generated massive opposition emails to lawmakers.California expanded privacy enforcement beyond tech giants, fining Tractor Supply $1.35 million for violating job applicant rights - the CPPA's largest fine. New legislation requires browsers to offer one-click tracking opt-outs by 2027.Evolving Cyber Threats"Scattered LAPSUS$ Hunters" breached Salesforce via compromised third-party app, stealing 1 billion records from major companies including 5.7 million from Qantas. Researchers discovered "pixnapping" attacks on Android that bypass browser protections to steal screen data, including 2FA codes from Google Authenticator in under 30 seconds.Key ImplicationsGeopolitical tensions drive protectionist tech policies as governments prioritize security over privacy. Regulatory enforcement extends beyond major tech to all data-collecting businesses. Supply chain vulnerabilities remain critical attack vectors, with novel mobile threats challenging existing security assumptions.

EP 262In this week's update:Texas's App Store Accountability Act mandates age verification, raising privacy concerns for Apple and Google users.The Dutch government seizes control of Chinese-owned chipmaker Nexperia to protect sensitive technology transfers.And the FCC enforces removal of millions of banned Chinese electronics from U.S. retailers over national security risks.'Pixnapping' attack exposes Android app vulnerabilities, stealing sensitive data like 2FA codes.California fines Tractor Supply $1.35M for violating consumer and job applicant privacy rights.California's 'Opt Me Out Act' requires browsers to offer one-click tracking opt-out by 2027.Danish engineer's mass email campaign disrupts EU's 'Chat Control' bill, highlighting privacy concerns.EU postpones 'Chat Control' vote amid privacy backlash, but revised proposals may resurface.Salesforce data breach leaks customer records after ransom refusal, exposing supply chain vulnerabilities.And...  since we have no age restrictions we can get started right away!​Find the full transcript to this week's podcast here.

Do you ever feel like your practice culture is toxic? In this episode, Kirk Behrendt brings back Adriana Booth, one of ACT's amazing coaches, to list the seven toxic habits that you might be doing, how they're affecting your culture, and what you can do to create a happier, more committed team. Great culture doesn't happen by accident! To learn how you might be sabotaging your team and what you can do to fix it, listen to Episode 951 of The Best Practices Show!Learn More About Adriana:Join Adriana on Facebook: https://www.facebook.com/adriana.boothFollow Adriana on Instagram: https://www.instagram.com/adrimariebSend Courtney an email to learn more about ACT: courtney@actdental.com More Helpful Links for a Better Practice & a Better Life:Subscribe to The Best Practices Show: https://the-best-practices-show.captivate.fm/listenJoin The Best Practices Association: https://www.actdental.com/bpaDownload ACT's BPA app on the Apple App Store: https://apps.apple.com/us/app/best-practices-association/id6738960360Download ACT's BPA app on the Google Play Store: https://play.google.com/store/apps/details?id=com.actdental.join&hl=en_USJoin ACT's To The Top Study Club: https://www.actdental.com/tttGet The Best Practices Magazine for free: https://www.actdental.com/magazinePlease leave us a review on the podcast: https://podcasts.apple.com/us/podcast/the-best-practices-show-with-kirk-behrendt/id1223838218Episode Resources:Watch the video version of Episode 951: https://www.youtube.com/@actdental/videosRegister to ACT's BPA for their Guide to Building Trust: https://join.actdental.com/users/sign_in?post_login_redirect=https%3A%2F%2Fjoin.actdental.com%2Fc%2Fpractice-coaching-tools%2Fa-team-playbook-to-maximize-performance-handout#emailRegister to ACT's BPA for their How Trustworthy Are You? tool: https://join.actdental.com/users/sign_in?post_login_redirect=https%3A%2F%2Fjoin.actdental.com%2Fc%2Fpractice-coaching-tools%2Fhow-trustworthy-are-you#emailRegister to ACT's BPA for their Rules of Engagement tool:

The Secret Service dismantles an illegal network. Jaguar Land Rover (JLR) extends the shutdown production plants. The EU probes tech giants over online scams. Iranian APT Nimbus Manticore expands operations in Europe. North Korean Kimsuky deploys a shortcut-based espionage campaign. Github and Ruby Central roll out supply-chain security upgrades. Lastpass warns of macOS ClickFix campaign using fake GitHub repos. AT&T's CISO warns hackers mimic Salt Typhoon's unconventional tactics. CISO Perspectives host Kim Jones previews the upcoming season. An attorney pays $10K for AI hallucinations. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest CISO Perspectives host Kim Jones previews the upcoming season, sharing what's ahead for listeners. From leadership challenges to the evolving role of the CISO, Kim highlights the conversations and insights you can expect this season.You can check out the season opener here. Selected Reading Cache of Devices Capable of Crashing Cell Network Is Found Near U.N. (The New York Times) Secret Service Disrupts Threat Network Near UN General Assembly (YouTube) JLR extends shutdown – again – as toll on workers laid bare (The Register) The EU is scrutinizing how Apple, Google, and Microsoft tackle online scams (The Verge) Nimbus Manticore Deploys New Malware Targeting Europe (Check Point Research) Kimsuky attack disguised as sex offender notice information (Logpresso) GitHub tightens npm security with mandatory 2FA, access tokens (Bleeping Computer) NPM package caught using QR Code to fetch cookie-stealing malware (Bleeping Computer) LastPass: Fake password managers infect Mac users with malware (Bleeping Computer) Telecom exec: Salt Typhoon inspiring other hackers to use unconventional techniques (CyberScoop) Attorney Slapped With Hefty Fine for Citing 21 Fake, AI-Generated Cases (PCMag) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

If you like what you hear, please subscribe, leave us a review and tell a friend!

Anthropic support CA AI laws, Albania has a new minister of Corruption and it's AI, A man was convinced by ChatGPT to build a computer to free it, Senator Wyden calls out Microsoft for still allowing RC4 to be used in Ransomware attacks. Cell Phone Recycle, Win 10 update, 2FA, backup to cloud. New HP Laptop, e-Cycle very old laptop, E-cycle and shredding, Win 11 playing DVD on my AIO,

Today we are joined by Selena Larson, co-host of Only Malware in the Building and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at Proofpoint, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens, and session cookies, targeting nearly 3,000 Microsoft 365 accounts across 900 environments in 2025. Microsoft's upcoming security changes and strengthened email, cloud, and web defenses, along with user education, are recommended to reduce these risks. The research can be found here: ⁠Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing Learn more about your ad choices. Visit megaphone.fm/adchoices

Two-time Emmy and Three-time NAACP Image Award-winning, television Executive Producer Rushion McDonald interviewed Gregory Richardson. A cybersecurity expert and AI consultant. The conversation explores cybersecurity best practices, the rise of AI, and how Gregory is helping churches and nonprofits leverage technology to spread the gospel.

Two-time Emmy and Three-time NAACP Image Award-winning, television Executive Producer Rushion McDonald interviewed Gregory Richardson. A cybersecurity expert and AI consultant. The conversation explores cybersecurity best practices, the rise of AI, and how Gregory is helping churches and nonprofits leverage technology to spread the gospel.

Two-time Emmy and Three-time NAACP Image Award-winning, television Executive Producer Rushion McDonald interviewed Gregory Richardson. A cybersecurity expert and AI consultant. The conversation explores cybersecurity best practices, the rise of AI, and how Gregory is helping churches and nonprofits leverage technology to spread the gospel.

- Report: Foxconn Sends Most Chinese Employees in India Back to China - Report: Tariffs on Apple Hardware from Vietnam Jump from ~4% to 20% - Canalys: Exciting Q1 PC Import Numbers Are Nothing to Get Excited About - Apple Quizzes Headset Owners on Smart Glasses - Apple Sues Former Vision Pro Exec for Alleged Theft of Trade Secrets - Ming-Chi Kuo Eyes Apple Roadmap for Smart Glasses and Headsets - MLS Season Pass Drops to Half-Price - Jennifer Aniston Onboard for Apple TV+ Series “I'm Glad My Mom Died” - Three-Part Docuseries on UCONN Women's Basketball Bouncing to Apple TV+ - Apple TV+ Kids Series “Stillwater” Coming Back for Fourth Season - Ten-Part Apple TV+ “Neuromancer” Now in Production - Apple TV+ Teases Third Season of “Invasion” - Ahead of Premier, Critics Are Digging Third Season of “Foundation” - Avoiding SMS for 2FA and a Plot Twist for 23andMe on Checklist No. 428 - find it at checklist.libsyn.com - Catch Ken on Mastodon - @macosken@mastodon.social - Send Ken an email: info@macosken.com - Chat with us on Patreon for as little as $1 a month. Support the show at Patreon.com/macosken

- Apple Appeals “Epic” Ruling to 9th Circuit Court - Bipartisan US Senators Reintroduce Legislation to Open App Stores - DOJ iPhone Monopoly Case Set to Proceed - Proton Sues Apple for the Usual Reasons - Apple Shareholder Sues Over Smarter Siri Debacle - Apple Seeds Second Betas for Current OS Updates - Apple Brings Added RAW Support and Image Playground to Pixelmator Pro - Apple Updates Sports App - Podcaster, Blogger Tim Robertson Logs Off - Avoiding SMS for 2FA and a Plot Twist for 23andMe on Checklist No. 428 - find it at checklist.libsyn.com - Catch Ken on Mastodon - @macosken@mastodon.social - Send Ken an email: info@macosken.com - Chat with us on Patreon for as little as $1 a month. Support the show at Patreon.com/macosken