Podcast appearances and mentions of Alex Stamos

In this edition of the Wide World of Cyber podcast Patrick Gray talks to SentinelOne's Steve Stone and Alex Stamos about how foreign adversaries are targeting security vendors, including them. From North Korean IT workers to Chinese supply chain attacks, SentinelOne and its competitors are constantly fending off sophisticated hacking campaigns. This edition of the Wide World of Cyber was recorded in front of a live audience in San Francisco, with Patrick attending via Zoom. The Wide World of Cyber podcast series is a wholly sponsored co-production between SentinelOne and Risky Business Media. This episode is also available on Youtube. Show notes

In this podcast, Patrick Gray chats with SentinelOne's Chris Krebs and Alex Stamos about the huge changes afoot in the United States government and what they mean for the threat environment. From the director of NSA being fired to massive job cuts at CISA and huge foreign policy shifts, tomorrow's threat environment is going to be very different to today's. Tune in to hear analysis from two of the best in the business! This episode is also available on Youtube. Show notes

In this episode of the Wide World of Cyber podcast Risky Business host Patrick Gray chats with SentinelOne's Chris Krebs and Alex Stamos about AI, DeepSeek, and regulation. From its bad transport security to its Chinese ownership and the economic implications of China “entering the chat”, everyone's freaking out over this new model. But should they be? Pat, Alex and Chris dissect the model's significance, the politics of it all and how AI regulation in Europe, the US and China will shape the future of LLMs. This episode is also available on Youtube. Show notes

In this special edition of our podcast, Simone Petrella sits down with cybersecurity luminary Alex Stamos, Chief Information Security Officer at SentinelOne, to delve into one of the most challenging years in tech history. 2024 has seen unprecedented breaches of multinational corporations, high-stakes attacks from state actors, massive data leaks, and the largest global IT failure on record. As both a seasoned security executive and respected thought leader, Stamos offers a firsthand perspective on how the security landscape is evolving under these pressures. In this exclusive keynote discussion, Stamos draws from his extensive experience to share hard-won lessons from the upheavals of 2024, discussing how companies can build — and rebuild — trust amidst this environment of constant threat. What new responsibilities do organizations have to their customers, employees, shareholders, and society? And what major shifts can we expect across cybersecurity and IT practices in response to these cascading challenges? Tune in for a deep dive into how security professionals are rising to meet their roles in a world brimming with motivated and capable adversaries. Learn more about your ad choices. Visit megaphone.fm/adchoices

The FBI flags fake videos claiming to be from the agency. Okta patches an authentication bypass vulnerability. Microsoft confirms Windows Server 2025 Blue Screen of Death issues. Scammers exploit DocuSign's APIs to send fake invoices that bypass spam filters. Hackers use smart contracts for command and control. ICS suppliers face challenges convincing customers to secure their environments. Barracuda tracks a phishing campaign impersonating OpenAI. X-Twitter makes controversial changes to its block feature. A Nigerian man gets 26 years in prison for email fraud. On our Solution Spotlight, N2K's Simone Petrella interviews Alex Stamos, CISO at SentinelOne, at the ISC2 Security Congress 2024 about lessons learned in 2024 and what that means for 2025. For a South Dakota plastic surgeon, ransomware was just the beginning of his financial woes. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K's Simone Petrella interviews Alex Stamos, CISO at SentinelOne, at the ISC2 Security Congress 2024 about lessons learned in 2024 and what that means for 2025. Selected Reading FBI flags false videos impersonating agency, claiming Democratic ballot fraud (CyberScoop) Okta security bug affects those with really long usernames (The Register) Microsoft confirms Windows Server 2025 blue screen, install issues (Bleeping Computer) Scammers Use DocuSign API to Evade Spam Filters with Phishing Invoices (Hackread) Supply Chain Attack Uses Smart Contracts for C2 Ops (Infosecurity Magazine) Siemens and Rockwell Tackle Industrial Cybersecurity, but Face Customer Hesitation (SecurityWeek) Cybercriminals impersonate OpenAI in large-scale phishing attack (Barracuda) X updates block feature, letting blocked users see your public posts (TechCrunch) US Sentences Nigerian to 26 Years in Prison for Stealing Millions Through Phishing (SecurityWeek) Doctor Hit With $500K HIPAA Fine: Feds Worse Than Hacker (GovInfo Security)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Delta Sues Crowdstrike, Hospital AI, Surge Pricing Foreign Election Interference North Korean hackers and bitcoin Linus Torvalds affirms expulsion of Russian maintainers Delta actually sues Crowdstrike Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said Anthropic publicly releases AI tool that can take over the user's mouse cursor Video game preservationists have lost a legal fight to study games remotely Apple Sharply Scales Back Production of Vision Pro Kroger and Walmart Deny 'Surge Pricing' After Adopting Digital Price Tags Founders and VCs back a pan-European C corp, but an 'EU Inc' has a rocky road ahead Musk steers X disputes to conservative Texas courts in service terms update Host: Leo Laporte Guests: Alex Stamos and Owen Thomas Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: shopify.com/twit veeam.com lookout.com expressvpn.com/twit 1password.com/twit

Delta Sues Crowdstrike, Hospital AI, Surge Pricing Foreign Election Interference North Korean hackers and bitcoin Linus Torvalds affirms expulsion of Russian maintainers Delta actually sues Crowdstrike Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said Anthropic publicly releases AI tool that can take over the user's mouse cursor Video game preservationists have lost a legal fight to study games remotely Apple Sharply Scales Back Production of Vision Pro Kroger and Walmart Deny 'Surge Pricing' After Adopting Digital Price Tags Founders and VCs back a pan-European C corp, but an 'EU Inc' has a rocky road ahead Musk steers X disputes to conservative Texas courts in service terms update Host: Leo Laporte Guests: Alex Stamos and Owen Thomas Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: shopify.com/twit veeam.com lookout.com expressvpn.com/twit 1password.com/twit

Delta Sues Crowdstrike, Hospital AI, Surge Pricing Foreign Election Interference North Korean hackers and bitcoin Linus Torvalds affirms expulsion of Russian maintainers Delta actually sues Crowdstrike Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said Anthropic publicly releases AI tool that can take over the user's mouse cursor Video game preservationists have lost a legal fight to study games remotely Apple Sharply Scales Back Production of Vision Pro Kroger and Walmart Deny 'Surge Pricing' After Adopting Digital Price Tags Founders and VCs back a pan-European C corp, but an 'EU Inc' has a rocky road ahead Musk steers X disputes to conservative Texas courts in service terms update Host: Leo Laporte Guests: Alex Stamos and Owen Thomas Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: shopify.com/twit veeam.com lookout.com expressvpn.com/twit 1password.com/twit

Delta Sues Crowdstrike, Hospital AI, Surge Pricing Foreign Election Interference North Korean hackers and bitcoin Linus Torvalds affirms expulsion of Russian maintainers Delta actually sues Crowdstrike Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said Anthropic publicly releases AI tool that can take over the user's mouse cursor Video game preservationists have lost a legal fight to study games remotely Apple Sharply Scales Back Production of Vision Pro Kroger and Walmart Deny 'Surge Pricing' After Adopting Digital Price Tags Founders and VCs back a pan-European C corp, but an 'EU Inc' has a rocky road ahead Musk steers X disputes to conservative Texas courts in service terms update Host: Leo Laporte Guests: Alex Stamos and Owen Thomas Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: shopify.com/twit veeam.com lookout.com expressvpn.com/twit 1password.com/twit

Delta Sues Crowdstrike, Hospital AI, Surge Pricing Foreign Election Interference North Korean hackers and bitcoin Linus Torvalds affirms expulsion of Russian maintainers Delta actually sues Crowdstrike Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said Anthropic publicly releases AI tool that can take over the user's mouse cursor Video game preservationists have lost a legal fight to study games remotely Apple Sharply Scales Back Production of Vision Pro Kroger and Walmart Deny 'Surge Pricing' After Adopting Digital Price Tags Founders and VCs back a pan-European C corp, but an 'EU Inc' has a rocky road ahead Musk steers X disputes to conservative Texas courts in service terms update Host: Leo Laporte Guests: Alex Stamos and Owen Thomas Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: shopify.com/twit veeam.com lookout.com expressvpn.com/twit 1password.com/twit

Delta Sues Crowdstrike, Hospital AI, Surge Pricing Foreign Election Interference North Korean hackers and bitcoin Linus Torvalds affirms expulsion of Russian maintainers Delta actually sues Crowdstrike Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said Anthropic publicly releases AI tool that can take over the user's mouse cursor Video game preservationists have lost a legal fight to study games remotely Apple Sharply Scales Back Production of Vision Pro Kroger and Walmart Deny 'Surge Pricing' After Adopting Digital Price Tags Founders and VCs back a pan-European C corp, but an 'EU Inc' has a rocky road ahead Musk steers X disputes to conservative Texas courts in service terms update Host: Leo Laporte Guests: Alex Stamos and Owen Thomas Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: shopify.com/twit veeam.com lookout.com expressvpn.com/twit 1password.com/twit

Thinking past the US 2024 Presidential Election, In part three of the series, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses reducing the impact of propaganda in the future elections with Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and host of the 8th Layer Insights Podcast, Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. Check out Part 1 & 2! Part 1: Election Propaganda Part 1: How Does Election Propaganda Work? In this episode, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses personal defensive measures that every citizen can take—regardless of political philosophy—to resist the influence of propaganda. This foundational episode is essential for understanding how to navigate the complex landscape of election messaging. Part 2: Election Propaganda: Part 2: Modern propaganda efforts. In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. References: Rick Howard, 2024. Election Propaganda Part 1: How does election propaganda work? [3 Part Podcast Series]. The CyberWire. Rick Howard, 2024. Election Propaganda: Part 2: Modern propaganda efforts. [3 Part Podcast Series]. The CyberWire. Christopher Chabris, Daniel Simons, 2010. The Invisible Gorilla: And Other Ways Our Intuitions Deceive Us [Book]. Goodreads. Chris Palmer, 2010. TFL Viral - Awareness Test (Moonwalking Bear) [Explainer]. YouTube. David Ehl, 2024. Why Meta is now banning Russian propaganda [News]. Deutsche Welle. Eli Pariser, 2011. The Filter Bubble: What the Internet is Hiding From You [Book]. Goodreads. Kara Swisher, Julia Davis, Alex Stamos, Brandy Zadrozny, 2024. Useful Idiots? How Right-Wing Influencers Got $ to Spread Russian Propaganda [Podcast]. On with Kara Swisher. Nate Silver, 2024. What's behind Trump's surge in prediction markets? [Analysis]. Silver Bulletin. Niha Masih, 2024. Meta bans Russian state media outlet RT for acts of ‘foreign interference' [News]. The Washington Post. Nilay Patel, 2024. The AI election deepfakes have arrived [Podcast]. Decoder. Nina Jankowicz, 2020. How to Lose the Information War: Russia, Fake News and the Future of Conflict [Book]. Goodreads. Perry Carpenter, 2024. FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions [Book]. Goodreads. Perry Carpenter, 2021. Meatloaf Recipes Cookbook: Easy Recipes For Preparing Tasty Meals For Weight Loss And Healthy Lifestyle All Year Round [Book]. Goodreads. Perry Carpenter, n.d. 8th Layer Insights [Podcast]. N2K CyberWire. Renee DiResta, 2024. Invisible Rulers: The People Who Turn Lies into Reality [Book]. Goodreads. Robin Stern, Marc Brackett, 2024. 5 Ways to Recognize and Avoid Political Gaslighting [Explainer]. The Washington Post. Sarah Ellison, Amy Gardner, Clara Ence Morse, 2024. Elon Musk's misleading election claims reach millions and alarm election officials [News]. The Washington Post. Scott Small, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal Cyber. Staff, n.d. Overview: Coalition for Content Provenance and Authenticity [Website]. C2PA. Staff, 2021. Foreign Threats to the 2020 US Federal Elections [Intelligence Community Assessment]. DNI. Staff, n.d. Project Origin [Website]. OriginProject. URL https://www.originproject.info/ Stuart A. Thompson, Tiffany Hsu, 2024. Left-Wing Misinformation Is Having a Moment [Analysis] The New York Times. Learn more about your ad choices. Visit megaphone.fm/adchoices

Thinking past the US 2024 Presidential Election, In part three of the series, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses reducing the impact of propaganda in the future elections with Perry Carpenter, Chief Human Risk Management Strategist at KnowBe4 and host of the 8th Layer Insights Podcast, Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project, and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. Check out Part 1 & 2! Part 1: Election Propaganda Part 1: How Does Election Propaganda Work? In this episode, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses personal defensive measures that every citizen can take—regardless of political philosophy—to resist the influence of propaganda. This foundational episode is essential for understanding how to navigate the complex landscape of election messaging. Part 2: Election Propaganda: Part 2: Modern propaganda efforts. In preparation for the US 2024 Presidential Election, Rick Howard, N2K CyberWire's Chief Analyst and Senior Fellow, discusses recent international propaganda efforts in the form of nation state interference and influence operations as well as domestic campaigns designed to split the target country into opposing camps. Guests include Nina Jankowicz, Co-Founder and CEO of the The American Sunlight Project and Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. References: Rick Howard, 2024. Election Propaganda Part 1: How does election propaganda work? [3 Part Podcast Series]. The CyberWire. Rick Howard, 2024. Election Propaganda: Part 2: Modern propaganda efforts. [3 Part Podcast Series]. The CyberWire. Christopher Chabris, Daniel Simons, 2010. The Invisible Gorilla: And Other Ways Our Intuitions Deceive Us [Book]. Goodreads. Chris Palmer, 2010. TFL Viral - Awareness Test (Moonwalking Bear) [Explainer]. YouTube. David Ehl, 2024. Why Meta is now banning Russian propaganda [News]. Deutsche Welle. Eli Pariser, 2011. The Filter Bubble: What the Internet is Hiding From You [Book]. Goodreads. Kara Swisher, Julia Davis, Alex Stamos, Brandy Zadrozny, 2024. Useful Idiots? How Right-Wing Influencers Got $ to Spread Russian Propaganda [Podcast]. On with Kara Swisher. Nate Silver, 2024. What's behind Trump's surge in prediction markets? [Analysis]. Silver Bulletin. Niha Masih, 2024. Meta bans Russian state media outlet RT for acts of ‘foreign interference' [News]. The Washington Post. Nilay Patel, 2024. The AI election deepfakes have arrived [Podcast]. Decoder. Nina Jankowicz, 2020. How to Lose the Information War: Russia, Fake News and the Future of Conflict [Book]. Goodreads. Perry Carpenter, 2024. FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions [Book]. Goodreads. Perry Carpenter, 2021. Meatloaf Recipes Cookbook: Easy Recipes For Preparing Tasty Meals For Weight Loss And Healthy Lifestyle All Year Round [Book]. Goodreads. Perry Carpenter, n.d. 8th Layer Insights [Podcast]. N2K CyberWire. Renee DiResta, 2024. Invisible Rulers: The People Who Turn Lies into Reality [Book]. Goodreads. Robin Stern, Marc Brackett, 2024. 5 Ways to Recognize and Avoid Political Gaslighting [Explainer]. The Washington Post. Sarah Ellison, Amy Gardner, Clara Ence Morse, 2024. Elon Musk's misleading election claims reach millions and alarm election officials [News]. The Washington Post. Scott Small, 2024. Election Cyber Interference Threats & Defenses: A Data-Driven Study [White Paper]. Tidal Cyber. Staff, n.d. Overview: Coalition for Content Provenance and Authenticity [Website]. C2PA. Staff, 2021. Foreign Threats to the 2020 US Federal Elections [Intelligence Community Assessment]. DNI. Staff, n.d. Project Origin [Website]. OriginProject. URL https://www.originproject.info/ Stuart A. Thompson, Tiffany Hsu, 2024. Left-Wing Misinformation Is Having a Moment [Analysis] The New York Times.

Last week, the Department of Justice announced major indictments alleging that, among other things, the Kremlin was paying right-wing influencers, like Dave Rubin, Tim Pool, and Benny Johnson, to spread Russian propaganda. The payments were funneled through a Tennessee-based company called Tenet Media, and while Rubin, Pool, and Johnson deny knowledge of the plot ... they don't seem to have asked too many questions about the mysterious benefactor who was supposedly funding Tenet and paying them unseemly large amounts of money. Unfortunately, this is only the latest in a string of foreign influence campaigns coming from Russia, China and Iran and targeting American elections. To break down all the news, Kara is joined by Julia Davis, Alex Stamos, and Brandy Zardrozny. Julia is a columnist for the Daily Beast, an investigative reporter, and the creator of the Russian Media Monitor; Alex is the chief information security officer at SentinelOne, the founder of the Stanford Internet Observatory, and a former chief security officer at Facebook; and Brandi is senior reporter at NBC News who covers the Internet, especially politics, tech, and extremism.  Questions? Comments? Email us at on@voxmedia.com or find Kara on Instagram/Threads as @karaswisher Learn more about your ad choices. Visit podcastchoices.com/adchoices

In this conversation Risky Business host Patrick Gray speaks with SentinelOne's Chris Krebs and Alex Stamos about what sort of cyber enabled interference we can expect in the 2024 US presidential race. Alex was the CISO at Facebook during the 2016 election, and Chris Krebs was responsible for US election security as the director of CISA in 2020. Watch the video version of this episode on Youtube.

, in the enterprise security news, AI is still getting a ton of funding! Netwrix acquires PingCastle Tenable looks for a buyer SentinelOne hires Alex Stamos as their new CISO Crowdstrike doesn't appreciate satire when it's at their expense Intel begins one of the biggest layoffs we've ever seen in tech Windows Downdate RAG poisoning GPT yourself The Xerox Hypothesis All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-371

, in the enterprise security news, AI is still getting a ton of funding! Netwrix acquires PingCastle Tenable looks for a buyer SentinelOne hires Alex Stamos as their new CISO Crowdstrike doesn't appreciate satire when it's at their expense Intel begins one of the biggest layoffs we've ever seen in tech Windows Downdate RAG poisoning GPT yourself The Xerox Hypothesis All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-371

In this interview we explore the new and sometimes strange world of redteaming AI. I have SO many questions, like what is AI safety? We'll discuss her presence at Black Hat, where she delivered two days of training and participated on an AI safety panel. We'll also discuss the process of pentesting an AI. Will pentesters just have giant cheatsheets or text files full of adversarial prompts? How can we automate this? Will an AI generate adversarial prompts you can use against another AI? And finally, what do we do with the results? Resources: PyRIT AI redteaming tool Microsoft's AI redteaming guide We chat with Sounil Yu, co-founder of LLM access control startup, Knostic. We discuss both the experience of participating in Black Hat's startup competition, and what his company, Knostic, is all about. Knostic was one of four finalists for Black Hat's Startup Spotlight competition and was announced as the winner on August 6th. References DarkReading: Knostic Wins 2024 Black Hat Startup Spotlight Competition Knostic's Website , in the enterprise security news, AI is still getting a ton of funding! Netwrix acquires PingCastle Tenable looks for a buyer SentinelOne hires Alex Stamos as their new CISO Crowdstrike doesn't appreciate satire when it's at their expense Intel begins one of the biggest layoffs we've ever seen in tech Windows Downdate RAG poisoning GPT yourself The Xerox Hypothesis All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-371

In this interview we explore the new and sometimes strange world of redteaming AI. I have SO many questions, like what is AI safety? We'll discuss her presence at Black Hat, where she delivered two days of training and participated on an AI safety panel. We'll also discuss the process of pentesting an AI. Will pentesters just have giant cheatsheets or text files full of adversarial prompts? How can we automate this? Will an AI generate adversarial prompts you can use against another AI? And finally, what do we do with the results? Resources: PyRIT AI redteaming tool Microsoft's AI redteaming guide We chat with Sounil Yu, co-founder of LLM access control startup, Knostic. We discuss both the experience of participating in Black Hat's startup competition, and what his company, Knostic, is all about. Knostic was one of four finalists for Black Hat's Startup Spotlight competition and was announced as the winner on August 6th. References DarkReading: Knostic Wins 2024 Black Hat Startup Spotlight Competition Knostic's Website , in the enterprise security news, AI is still getting a ton of funding! Netwrix acquires PingCastle Tenable looks for a buyer SentinelOne hires Alex Stamos as their new CISO Crowdstrike doesn't appreciate satire when it's at their expense Intel begins one of the biggest layoffs we've ever seen in tech Windows Downdate RAG poisoning GPT yourself The Xerox Hypothesis All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-371

In this episode of Wide World of Cyber, Risky Business host Patrick Gray discusses the recent CrowdStrike incident and its implications for security software that operates in kernel space with Chris Krebs and Alex Stamos of SentinelOne, a CrowdStrike Competitor. The conversation also delves into Microsoft's role in this whole disaster and the potential changes it could make to its operating system to prevent similar incidents in the future. A video version of this episode is also available on Youtube!

In this podcast Alex Stamos, Chris Krebs and Patrick Gray discuss the relationship between cybercrime and the state, which is often more complicated than it should be. While the US Government and its allies fight the scourge of ransomware, other governments are using it to either raise revenue or irritate their foes. North Korea sees ransomware as a money spinner, while the Kremlin enjoys poking the west in the eye with it. Join us for a breakdown of the relationships between governments who should know better and the worst types of people on the planet.

From August 20, 2020: This week on Lawfare's Arbiters of Truth series on disinformation, Evelyn Douek and Quinta Jurecic spoke with Alex Stamos, the director of the Stanford Internet Observatory and former chief security officer of Yahoo and Facebook. Alex has appeared on the podcast before, but this time, they discussed a new coalition he helped set up called the Election Integrity Partnership—a coalition focused on detecting and mitigating attempts to limit voting or delegitimize election results. Disinformation and misinformation around the U.S. presidential election has already started popping up online, and it's only going to increase as November draws closer. The coalition aims to counter this in real time. So how will it actually work?They also asked Alex for his hot takes on TikTok—the popular video sharing platform facing pressure over concern about influence from the Chinese government.To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also support Lawfare by making a one-time donation at https://givebutter.com/c/trumptrials.Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.

In this podcast SentinelOne's Chief Trust officer Alex Stamos and its Chief Intelligence and Public Policy Officer Chris Krebs join Patrick Gray to talk all about AI. It's been a year and a half since ChatGPT landed and freaked everyone out. Since then, AI has really entrenched itself as the next big thing. It's popping up everywhere, and the use cases for cybersecurity are starting to come into focus. Threat actors and defenders are using this stuff already, but it's early days and as you'll hear, things are really going to change, and fast.

In this special edition of the Risky Business podcast Patrick Gray chats with former Facebook CSO Alex Stamos and founding CISA director Chris Krebs about sovereignty and technology. China and Russia are doing their level best to yeet American tech from their supply chains – hardware, software and cloud services. They'll be rebuilding these supply chains – for government systems, at least – from components that they have complete visibility into, and control over. Meanwhile, America's government faces different supply chain challenges. It has a supply chain that won't be weaponised against it by its adversaries, but it lacks the same sort of visibility and control that its adversaries will eventually achieve over their supply chains. So where does this leave the west? Where does it leave China and Russia?

Stanford's Evelyn Douek and Alex Stamos are joined by Stanford Internet Observatory's Shelby Grossman to discuss SIO's just-released report on the Strengths and Weaknesses of the Online Child Safety Ecosystem. Read the report here.SIO is also calling for presentation proposals for its annual Trust and Safety Research Conference. Proposals are due April 30. Details are here: https://io.stanford.edu/conferenceJoin the conversation and connect with Evelyn and Alex on your favorite social media platform that doesn't start with “X.”Moderated Content is produced in partnership by Stanford Law School and the Cyber Policy Center. Special thanks to John Perrino for research and editorial assistance.Like what you heard? Don't forget to subscribe and share the podcast with friends!

Stanford's Evelyn Douek and Alex Stamos are joined by University of Washington professor Kate Starbird to discuss research on election rumors.Kate Starbird is an associate professor at the University of Washington in the Department of Human Centered Design & Engineering where she is also a co-founder of the Center for an Informed Public. - University of WashingtonHouse Judiciary Committee Kate Starbird interview transcriptHouse Judiciary Committee Alex Stamos interview transcriptSports CornerNoted American sports expert Evelyn Douek discusses the NCAA women's basketball championship in this slam dunk segment. Dawn Staley's South Carolina Gamecocks defeated superstar Caitlin Clark's Iowa Hawkeyes 87-75 on Sunday in what is expected to be the most watched women's basketball game of all time with an average ticket price hovering around $500. - Jill Martin/ CNN, Alexa Philippou/ ESPNJoin the conversation and connect with Evelyn and Alex on your favorite social media platform that doesn't start with “X.”Moderated Content is produced in partnership by Stanford Law School and the Cyber Policy Center. Special thanks to John Perrino for research and editorial assistance.Like what you heard? Don't forget to subscribe and share the podcast with friends!

In this episode of Discovery Matters, hosts Dodi and Conor explore how synthetic biology can lead to transformative breakthroughs when it comes to dealing with global health problems. Through their conversation with Justin Vigar, a PhD student in Dr. Keith Pardee's lab at the University of Toronto in Canada, we learn how his paper-based diagnostic tool has the potential to provide faster, more cost-efficient, and accessible diagnostics for underserved locations. This is complemented by Amir Pandi and Tobi Erb's discussion of using AI and synthetic biology to develop new antimicrobial peptides. Show notes • U of T PhD student uses synthetic biology to create low-cost diagnostic tools. • Pandi, A., Adam, D., Zare, A. et al. Cell-free biosynthesis combined with deep learning accelerates de novo-development of antimicrobial peptides. Nat Commun 14, 7197 (2023). https://doi.org/10.1038/s41467-023-42434-9 • Khalek IS, et al. Synthetic development of a broadly neutralizing antibody against snake venom long-chain α-neurotoxins. Sci Transl Med. 2024 Feb 21;16(735). https://doi.org/10.1126/scitranslmed.adk1867 • Josh A Goldstein, Jason Chao, Shelby Grossman, Alex Stamos, Michael Tomz, How persuasive is AI-generated propaganda?, PNAS Nexus, Volume 3, Issue 2, February 2024. https://doi.org/10.1093/pnasnexus/pgae034

The effort to ban TikTok in the US is back in the spotlight as a new bill has passed through the House and is now in the Senate. Today, we have a lively debate with two guests who bring competing analysis to the table. Alex Stamos is Chief Trust Officer at SentinelOne and the former Chief Information Security Officer at Facebook (he can often be heard on Moderated Content). Taylor Lorenz is a columnist at the Washington Post covering technology and culture and hosts the new VoxMedia podcast, Power User. Questions? Comments? Email us at on@voxmedia.com or find us on social media. We're on Instagram/Threads as @karaswisher and @nayeemaraza Learn more about your ad choices. Visit podcastchoices.com/adchoices

Welcome to the general election. NBC News projects Donald Trump and Joe Biden will be the nominees. Our panel dives in on what this long election will look like. Plus, Special Counsel Robert Hur testifies on his investigation of Joe Biden and classified documents. And what is next for TikTok as Congress considers a crackdown. Steve Kornacki, Mike Memoli, Katie Benner, Glenn Kirschner, Reed Galen, Robert Gibbs, Jeanna Smialek, Justin Wolfers, and Alex Stamos help break it down. 

Stanford's Evelyn Douek and Alex Stamos talk to Riana Pfefferkorn and David Thiel of the Stanford Internet Observatory about the technical and legal challenges of addressing computer-generated child sexual abuse material. They mention: Riana's new paper on the topic, “Addressing Computer-Generated Child Sex Abuse Imagery: Legal Framework and Policy Implications” - Riana Pfefferkorn / LawfareDavid's report documenting Child Sexual Abuse Material in a major dataset used to train AI models - David Thiel / SIO; Samantha Cole / 404 MediaModerated Content is produced in partnership by Stanford Law School and the Cyber Policy Center. Special thanks to John Perrino for research and editorial assistance.Like what you heard? Don't forget to subscribe and share the podcast with friends!

It was a week of serious cybersecurity incidents paired with unimpressive responses. As Melanie Teplinsky reminds us, the U.S. government has been agitated for months about China's apparent strategic decision to hold U.S. infrastructure hostage to cyberattack in a crisis. Now the government has struck back at Volt Typhoon, the Chinese threat actor pursuing that strategy. It claimed recently to have disrupted a Volt Typhoon botnet by taking over a batch of compromised routers. Andrew Adams explains how the takeover was managed through the court system. It was a lot of work, and there is reason to doubt the effectiveness of the effort. The compromised routers can be re-compromised if they are turned off and on again. And the only ones that were fixed by the U.S. seizure are within U.S. jurisdiction, leaving open the possibility of DDOS attacks from abroad. And, really, how vulnerable is our critical infrastructure to DDOS attack? I argue that there's a serious disconnect between the government's hair-on-fire talk about Volt Typhoon and its business-as-usual response. Speaking of cyberstuff we could be overestimating, Taiwan just had an election that China cared a lot about. According to one detailed report, China threw a lot of cyber at Taiwanese voters without making much of an impression. Richard Stiennon and I mix it up over whether China would do better in trying to influence the 2024 outcome here.   While we're covering humdrum responses to cyberattacks, Melanie explains U.S. sanctions on Iranian military hackers for their hack of U.S. water systems.  For comic relief, Richard lays out the latest drama around the EU AI Act, now being amended in a series of backroom deals and informal promises. I predict that the effort to pile incoherent provisions on top of anti-American protectionism will not end in a GDPR-style triumph for Europe, whose market is now small enough for AI companies to ignore if the regulatory heat is turned up arbitrarily.  The U.S. is not the only player whose response to cyberintrusions is looking inadequate this week. Richard explains Microsoft's recent disclosure of a Midnight Blizzard attack on the company and a number of its customers. The company's obscure explanation of how its technology contributed to the attack and, worse, its effort to turn the disaster into an upsell opportunity earned Microsoft a patented Alex Stamos spanking.  Andrew explains the recent Justice Department charges against three people who facilitated the big $400m FTX hack that coincided with the exchange's collapse. Does that mean it wasn't an inside job? Not so fast, Andrew cautions. The government didn't recover the $400m, and it isn't claiming the three SIM-swappers it has charged are the only conspirators. Melanie explains why we've seen a sudden surge in state privacy legislation. It turns out that industry has stopped fighting the idea of state privacy laws and is now selling a light-touch model law that skips things like private rights of action. I give a lick and a promise to a “privacy” regulation now being pursued by CFPB for consumer financial information. I put privacy in quotes, because it's really an opportunity to create a whole new market for data that will assure better data management while breaking up the advantage of incumbents' big data holdings. Bruce Schneier likes the idea. So do I, in principle, except that it sounds like a massive re-engineering of a big industry by technocrats who may not be quite as smart as they think they are. Bruce, if you want to come on the podcast to explain the whole thing, send me an email! Spies are notoriously nasty, and often petty, but surely the nastiest and pettiest of American spies, Joshua Schulte, was sentenced to 40 years in prison last week. Andrew has the details. There may be some good news on the ransomware front. More victims are refusing to pay. Melanie, Richard, and I explore ways to keep that trend going. I continue to agitate for consideration of a tax on ransom payments. I also flag a few new tech regulatory measures likely to come down the pike in the next few months. I predict that the FCC will use the TCPA to declare the use of AI-generated voices in robocalls illegal. And Amazon is likely to find itself held liable for the safety of products sold by third parties on the Amazon platform.  Finally, a few quick hits: Amazon has abandoned its iRobot acquisition, thanks to EU “competition” regulators, with the likely result that iRobot will cease competing David Kahn, who taught us all the romance of cryptology, has died at 93  Air Force Lt. Gen. Timothy Haugh is taking over Cyber Command and NSA from Gen. Nakasone  And for those suffering from Silicon Valley Envy (lookin' at you, Brussels), 23andMe offers a small corrective. The company is now a rare “reverse unicorn” – having fallen in value from $6 Billion to practically nothing Download 490th Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.

It was a week of serious cybersecurity incidents paired with unimpressive responses. As Melanie Teplinsky reminds us, the U.S. government has been agitated for months about China's apparent strategic decision to hold U.S. infrastructure hostage to cyberattack in a crisis. Now the government has struck back at Volt Typhoon, the Chinese threat actor pursuing that strategy. It claimed recently to have disrupted a Volt Typhoon botnet by taking over a batch of compromised routers. Andrew Adams explains how the takeover was managed through the court system. It was a lot of work, and there is reason to doubt the effectiveness of the effort. The compromised routers can be re-compromised if they are turned off and on again. And the only ones that were fixed by the U.S. seizure are within U.S. jurisdiction, leaving open the possibility of DDOS attacks from abroad. And, really, how vulnerable is our critical infrastructure to DDOS attack? I argue that there's a serious disconnect between the government's hair-on-fire talk about Volt Typhoon and its business-as-usual response. Speaking of cyberstuff we could be overestimating, Taiwan just had an election that China cared a lot about. According to one detailed report, China threw a lot of cyber at Taiwanese voters without making much of an impression. Richard Stiennon and I mix it up over whether China would do better in trying to influence the 2024 outcome here.   While we're covering humdrum responses to cyberattacks, Melanie explains U.S. sanctions on Iranian military hackers for their hack of U.S. water systems.  For comic relief, Richard lays out the latest drama around the EU AI Act, now being amended in a series of backroom deals and informal promises. I predict that the effort to pile incoherent provisions on top of anti-American protectionism will not end in a GDPR-style triumph for Europe, whose market is now small enough for AI companies to ignore if the regulatory heat is turned up arbitrarily.  The U.S. is not the only player whose response to cyberintrusions is looking inadequate this week. Richard explains Microsoft's recent disclosure of a Midnight Blizzard attack on the company and a number of its customers. The company's obscure explanation of how its technology contributed to the attack and, worse, its effort to turn the disaster into an upsell opportunity earned Microsoft a patented Alex Stamos spanking.  Andrew explains the recent Justice Department charges against three people who facilitated the big $400m FTX hack that coincided with the exchange's collapse. Does that mean it wasn't an inside job? Not so fast, Andrew cautions. The government didn't recover the $400m, and it isn't claiming the three SIM-swappers it has charged are the only conspirators. Melanie explains why we've seen a sudden surge in state privacy legislation. It turns out that industry has stopped fighting the idea of state privacy laws and is now selling a light-touch model law that skips things like private rights of action. I give a lick and a promise to a “privacy” regulation now being pursued by CFPB for consumer financial information. I put privacy in quotes, because it's really an opportunity to create a whole new market for data that will assure better data management while breaking up the advantage of incumbents' big data holdings. Bruce Schneier likes the idea. So do I, in principle, except that it sounds like a massive re-engineering of a big industry by technocrats who may not be quite as smart as they think they are. Bruce, if you want to come on the podcast to explain the whole thing, send me an email! Spies are notoriously nasty, and often petty, but surely the nastiest and pettiest of American spies, Joshua Schulte, was sentenced to 40 years in prison last week. Andrew has the details. There may be some good news on the ransomware front. More victims are refusing to pay. Melanie, Richard, and I explore ways to keep that trend going. I continue to agitate for consideration of a tax on ransom payments. I also flag a few new tech regulatory measures likely to come down the pike in the next few months. I predict that the FCC will use the TCPA to declare the use of AI-generated voices in robocalls illegal. And Amazon is likely to find itself held liable for the safety of products sold by third parties on the Amazon platform.  Finally, a few quick hits: Amazon has abandoned its iRobot acquisition, thanks to EU “competition” regulators, with the likely result that iRobot will cease competing David Kahn, who taught us all the romance of cryptology, has died at 93  Air Force Lt. Gen. Timothy Haugh is taking over Cyber Command and NSA from Gen. Nakasone  And for those suffering from Silicon Valley Envy (lookin' at you, Brussels), 23andMe offers a small corrective. The company is now a rare “reverse unicorn” – having fallen in value from $6 Billion to practically nothing Download 490th Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.

Global Affairs Canada investigates a major data breach. New York sues Citibank over inadequate online security. Alpha ransomware launches a dedicated leak site on the dark web. A leaked database with 50 million records may or may not be real. CISA and the FBI provide guidance for SOHO routers.Patch ‘em if ya got ‘em. Krustyloader exploits Ivanti weaknesses. Unit 42 tracks a large-scale scareware campaign. Alex Stamos calls Microsoft's security strategies “morally indefensible.” Our guests are Gianna Whitver and Maria Velasquez from the Cybersecurity Marketing Society to talk about their new podcast "Breaking Through in Cybersecurity Marketing." And do you have what it takes to protect his majesty's royal laptop? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guests Gianna Whitver and Maria Velasquez from the Cybersecurity Marketing Society join Dave to share about their podcast "Breaking Through in Cybersecurity Marketing" that is joining the N2K network. You can listen to their newest episode on our network.  Selected Reading Global Affairs investigating 'malicious' hack after VPN compromised for over one month (National Post)  Lawsuit: Citibank refused to reimburse scam victims who lost “life savings”  (Ars Technica) Unveiling Alpha Ransomware: A Deep Dive into Its Operations (Netenrich) Nearly 50 million Europcar customer records put up for sale on the dark web – or were they? (ITPro) Apple and Google Just Patched Their First Zero-Day Flaws of the Year (WIRED) Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware (Security Affairs) ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign (Palo Alto Networks) Microsoft's Dangerous Addiction To Security Revenue (LinkedIn) Be the Royal Family's Cybersecurity Manager, and get a cut-price honey dipper! (Graham Cluley)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

iOS to allow native Chromium and Firefox engines. An OS immune to ransomware? HP back in the doghouse over "anti-virus" printer bricking The mother of all breaches New "Thou shall not delete those chats" rules Fewer ransoms are being paid Verified Camera Images More on the $15/month flashlight app What happens when apps change publishers Microsoft hating on Firefox Credit Karma is storing 1GB of data on the iPhone Staying on Windows 7 Sci-Fi recommendations Windows 7 and HSTS sites TOTP codes/secrets and Bitwarden SpinRite on Mac SpinRite v6.1 is done! LearnDMARC.com Alex Stamos on "Microsoft Security" Show Notes - https://www.grc.com/sn/SN-959-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow panoptica.app kolide.com/securitynow canary.tools/twit - use code: TWIT

iOS to allow native Chromium and Firefox engines. An OS immune to ransomware? HP back in the doghouse over "anti-virus" printer bricking The mother of all breaches New "Thou shall not delete those chats" rules Fewer ransoms are being paid Verified Camera Images More on the $15/month flashlight app What happens when apps change publishers Microsoft hating on Firefox Credit Karma is storing 1GB of data on the iPhone Staying on Windows 7 Sci-Fi recommendations Windows 7 and HSTS sites TOTP codes/secrets and Bitwarden SpinRite on Mac SpinRite v6.1 is done! LearnDMARC.com Alex Stamos on "Microsoft Security" Show Notes - https://www.grc.com/sn/SN-959-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow panoptica.app kolide.com/securitynow canary.tools/twit - use code: TWIT

iOS to allow native Chromium and Firefox engines. An OS immune to ransomware? HP back in the doghouse over "anti-virus" printer bricking The mother of all breaches New "Thou shall not delete those chats" rules Fewer ransoms are being paid Verified Camera Images More on the $15/month flashlight app What happens when apps change publishers Microsoft hating on Firefox Credit Karma is storing 1GB of data on the iPhone Staying on Windows 7 Sci-Fi recommendations Windows 7 and HSTS sites TOTP codes/secrets and Bitwarden SpinRite on Mac SpinRite v6.1 is done! LearnDMARC.com Alex Stamos on "Microsoft Security" Show Notes - https://www.grc.com/sn/SN-959-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow panoptica.app kolide.com/securitynow canary.tools/twit - use code: TWIT

iOS to allow native Chromium and Firefox engines. An OS immune to ransomware? HP back in the doghouse over "anti-virus" printer bricking The mother of all breaches New "Thou shall not delete those chats" rules Fewer ransoms are being paid Verified Camera Images More on the $15/month flashlight app What happens when apps change publishers Microsoft hating on Firefox Credit Karma is storing 1GB of data on the iPhone Staying on Windows 7 Sci-Fi recommendations Windows 7 and HSTS sites TOTP codes/secrets and Bitwarden SpinRite on Mac SpinRite v6.1 is done! LearnDMARC.com Alex Stamos on "Microsoft Security" Show Notes - https://www.grc.com/sn/SN-959-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow panoptica.app kolide.com/securitynow canary.tools/twit - use code: TWIT

iOS to allow native Chromium and Firefox engines. An OS immune to ransomware? HP back in the doghouse over "anti-virus" printer bricking The mother of all breaches New "Thou shall not delete those chats" rules Fewer ransoms are being paid Verified Camera Images More on the $15/month flashlight app What happens when apps change publishers Microsoft hating on Firefox Credit Karma is storing 1GB of data on the iPhone Staying on Windows 7 Sci-Fi recommendations Windows 7 and HSTS sites TOTP codes/secrets and Bitwarden SpinRite on Mac SpinRite v6.1 is done! LearnDMARC.com Alex Stamos on "Microsoft Security" Show Notes - https://www.grc.com/sn/SN-959-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow panoptica.app kolide.com/securitynow canary.tools/twit - use code: TWIT

iOS to allow native Chromium and Firefox engines. An OS immune to ransomware? HP back in the doghouse over "anti-virus" printer bricking The mother of all breaches New "Thou shall not delete those chats" rules Fewer ransoms are being paid Verified Camera Images More on the $15/month flashlight app What happens when apps change publishers Microsoft hating on Firefox Credit Karma is storing 1GB of data on the iPhone Staying on Windows 7 Sci-Fi recommendations Windows 7 and HSTS sites TOTP codes/secrets and Bitwarden SpinRite on Mac SpinRite v6.1 is done! LearnDMARC.com Alex Stamos on "Microsoft Security" Show Notes - https://www.grc.com/sn/SN-959-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow panoptica.app kolide.com/securitynow canary.tools/twit - use code: TWIT

Stanford's Evelyn Douek and Alex Stamos weigh in on the latest online trust and safety news and developments:Elon Musk told advertisers to go f*** themselves in an interview with Jona–... sorry, Andrew Ross Sorkin of the NYT. Is this a good business strategy? - Kate Conger and Remy Tumin / The New York Times Linda doing clean-up on Aisle Elon - Linda Yaccarino / XMeta is still algorithmically promoting child sexual abuse material on its platforms. - Jeff Horwitz and Katherine Blunt / WSJThey say they're still working on it: MetaOn the flip side, Google's risk-averse approach to CSAM and its poor customer service creates a different problem for people who suddenly find themselves locked out of their entire accounts. - Kashmir Hill / New York TimesMeta says it is adopting the same approach as in the past for the 2024 election season. - Nick Clegg / MetaExcept this time, the government apparently will not be giving them any tip-offs about foreign interference. Such communication has been stalled since july. - Naomi Nix and Cat Zakrzewski / The Washington PostAs Meta detailed in its quarterly adversarial threat report, though, this is not because such interference has stopped. - MetaA district court issued a preliminary injunction preventing Montana's state-wide ban from going into effect in the new year. - Sapna Maheshwari / New York Times; US District CourtDoritos has had the most important AI breakthrough of the year, with its crunch-cancellation software for gamers who like to snack. - Sydney Page / The Washington PostJoin the conversation and connect with Evelyn and Alex on Twitter at @evelyndouek and @alexstamos.Moderated Content is produced in partnership by Stanford Law School and the Cyber Policy Center. Special thanks to John Perrino for research and editorial assistance.Like what you heard? Don't forget to subscribe and share the podcast with friends!

Discussion of upcoming Black Friday sales on Google Pixel phones and tablets Concerns with the Pixel tablet including laggy performance, inability to use independently from dock, and high pricing Leo shares his epiphany on the usefulness of AI for expert systems and personalized agents Demonstration of Leo's custom AI assistants for Lisp and Emacs programming languages Talk of Elon Musk's reputation decline after acquiring Twitter Discussion of studies showing people perceive AI-generated faces as more human than real faces Overview of lawsuit allowing school districts to sue social media companies for youth addiction Interview with Alex Stamos, former Facebook CSO and current Stanford professor Alex's perspective on risks of deepfakes in elections vs for individual harassment Thoughts on moral panic around social media and youth mental health Alex recounts attending a closed-door Senate AI hearing led by Senator Schumer Discussion of social media companies loosening policies on election misinformation Concerns about TikTok as a news source and possible propaganda risks Talk of new book ""A History of Fake Things on the Internet"" by Walter Shirer Alex's suggestion for comprehensive federal privacy regulations Revelation during Google antitrust trial of Apple's cut of Google search revenue Hosts: Leo Laporte, Jeff Jarvis, Paris Martineau, and Jason Howell Guest: Alex Stamos Sponsors: GO.ACILEARNING.COM/TWIT hid.link/twig wix.com/studio?utm_campaign=pa_podcast_studio_10/ 23_TWiT%5Esponsors_cta

Discussion of upcoming Black Friday sales on Google Pixel phones and tablets Concerns with the Pixel tablet including laggy performance, inability to use independently from dock, and high pricing Leo shares his epiphany on the usefulness of AI for expert systems and personalized agents Demonstration of Leo's custom AI assistants for Lisp and Emacs programming languages Talk of Elon Musk's reputation decline after acquiring Twitter Discussion of studies showing people perceive AI-generated faces as more human than real faces Overview of lawsuit allowing school districts to sue social media companies for youth addiction Interview with Alex Stamos, former Facebook CSO and current Stanford professor Alex's perspective on risks of deepfakes in elections vs for individual harassment Thoughts on moral panic around social media and youth mental health Alex recounts attending a closed-door Senate AI hearing led by Senator Schumer Discussion of social media companies loosening policies on election misinformation Concerns about TikTok as a news source and possible propaganda risks Talk of new book ""A History of Fake Things on the Internet"" by Walter Shirer Alex's suggestion for comprehensive federal privacy regulations Revelation during Google antitrust trial of Apple's cut of Google search revenue Hosts: Leo Laporte, Jeff Jarvis, Paris Martineau, and Jason Howell Guest: Alex Stamos Sponsors: GO.ACILEARNING.COM/TWIT hid.link/twig wix.com/studio?utm_campaign=pa_podcast_studio_10/ 23_TWiT%5Esponsors_cta

Discussion of upcoming Black Friday sales on Google Pixel phones and tablets Concerns with the Pixel tablet including laggy performance, inability to use independently from dock, and high pricing Leo shares his epiphany on the usefulness of AI for expert systems and personalized agents Demonstration of Leo's custom AI assistants for Lisp and Emacs programming languages Talk of Elon Musk's reputation decline after acquiring Twitter Discussion of studies showing people perceive AI-generated faces as more human than real faces Overview of lawsuit allowing school districts to sue social media companies for youth addiction Interview with Alex Stamos, former Facebook CSO and current Stanford professor Alex's perspective on risks of deepfakes in elections vs for individual harassment Thoughts on moral panic around social media and youth mental health Alex recounts attending a closed-door Senate AI hearing led by Senator Schumer Discussion of social media companies loosening policies on election misinformation Concerns about TikTok as a news source and possible propaganda risks Talk of new book ""A History of Fake Things on the Internet"" by Walter Shirer Alex's suggestion for comprehensive federal privacy regulations Revelation during Google antitrust trial of Apple's cut of Google search revenue Hosts: Leo Laporte, Jeff Jarvis, Paris Martineau, and Jason Howell Guest: Alex Stamos Sponsors: GO.ACILEARNING.COM/TWIT hid.link/twig wix.com/studio?utm_campaign=pa_podcast_studio_10/ 23_TWiT%5Esponsors_cta

Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well the struggles security leaders are going through, given the current market and threat landscape: Maybe not less budget, but more pressure to produce results and justify spending Security leaders being held personally accountable for performance Potential layoffs, and the need to achieve the same goals with less labor and tool overhead Segment Resources https://cybersecurity.att.com/insights-report This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them! We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors. This is part of a troubling trend, where the target of an attack only serves as a jumping off point to other organizations. China's 2023 attack of Microsoft is an example of this. It was easier to attack Microsoft 365, one of the world's largest business SaaS platforms, than to go after each of the 25 individual targets these Chinese actors needed access to. Traditionally, we've thought of lateral movement as something that happens within a network segment, or even within a single organization. Now, we're seeing lateral movement between SaaS platforms, between clouds, from third party vendors to customer, and even from open source project to open source adopters. In this segment, we'll cover five key lessons learned from Okta's breach, from information shared by Okta and three of its customers: 1Password, Cloudflare, and BeyondTrust. Protect Your Session Tokens Monitor for Unusual Behavior SaaS Vendors Are Common Targets Zero Trust Principles Work MFA Isn't a Binary (on or off) Control Segment Resources https://www.valencesecurity.com/resources/blogs/five-lessons-learned-from-oktas-support-site-breach Finally, in the enterprise security news, Lots of new security startups with early stage funding SentinelOne picks up Chris Krebs and Alex Stamos's consulting firm PE firm picks up ActiveState - a company I haven't thought about since I last downloaded ActiveState Perl 1000 years ago Microsoft announces the limited release of Security Copilot Semgrep releases a secrets scanner AGI predicted to come much sooner than you might expect NY State doubles down on cybersecurity regulations to protect its hospitals the young hackers behind Mirai, one of the biggest botnets ever Ransomware groups snitch on businesses to the SEC Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-340

Stanford's Evelyn Douek and Alex Stamos weigh in on the latest online trust and safety news and developments:Alex participated in the fifth Senate AI Insight Forum focused on AI and its impact on elections and democracy. It turns out politicians can be reasonable and bipartisan when the cameras are off. - Oma Seddiq/ Bloomberg Law, Gabby Miller/ Tech Policy Press, Cristiano Lima/ The Washington Post, Christopher Hutton/ Washington Examiner, Office of Majority Leader Chuck SchumerLabel Your AIMeta will require political advertisers to disclose if content has been digitally altered to make content potentially misleading. - Aisha Counts/ Bloomberg News, Katie Paul/ Reuters, Will Henshall/ Time, FacebookMeta will also let political ads on Facebook and Instagram question the legitimacy of the 2020 U.S. presidential election. - Salvador Rodriguez/ The Wall Street Journal Microsoft announced a free tool for politicians and campaigns to authenticate media with watermark credentials. - Margi Murphy/ Bloomberg News, Brad Smith/ MicrosoftYouTube will require creators to disclose realistic AI-generated content with new labels. Users can also request to remove manipulated video “that simulates an identifiable individual, including their face or voice.” - Olafimihan Oshin/ The Hill, Jennifer Flannery O'Connor, Emily Moxley/ YouTubeTikTok Tick TockThere's been a burst of new calls to ban TikTok over allegations that it is boosting anti-Israel and pro-Hamas content. - Alexander Bolton/ The Hill, Cecilia Kang, Sapna Maheshwari/ The New York TimesTikTok denies these allegations and faults inaccurate news reporting. - TikTokVerified transparency about this would be good, but there's no real evidence for the claim. There may be a conflation of “pro-Palestinian” and “pro-Hamas” content. Many people have pro-Palestinian views, especially TikTok's young userbase. It also turns out that other platforms have similarly prevalent content. - Drew Harwell/ The Washington PostThe renewed calls for TikTok to be banned because of content on it that lawmakers don't like gives the lie to the argument that calls for a ban are not about speech, which is... a First Amendment problem.Nepal, however, doesn't have a First Amendment so it banned TikTok citing disruption to “social harmony” including “family structures” and “social relations” - Niha Masih, Sangam Prasai/ The Washington PostA Trip to IndiaNothing massively new here, but worth highlighting this WaPo report: “For years, a committee of executives from U.S. technology companies and Indian officials convened every two weeks in a government office to negotiate what could — and could not — be said on Twitter, Facebook and YouTube.” - Karishma Mehrotra, Joseph Menn/ The Washington Post Meanwhile, Apple has been notifying opposition politicians in India that they are “being targeted by state-sponsored attackers.” - Meryl Sebastian/ BBC NewsTransparency PleaseThe first batch of DSA transparency reports have been submitted and Tech Policy Press is tracking. - Gabby Miller/ Tech Policy PressThe unsurprising news is that X is devoting far fewer resources to content moderation than its peers. Shocker! - Foo Yun Chee, Supantha Mukherjee/ Reuters“X's 2,294 EU content moderators compared with 16,974 at Google's YouTube, 7,319 at Google Play and 6,125 at TikTok.”Legal CornerThe Supreme Court struggled with two cases about when public officials can block critics online. Much of the debate came down to whether there is a difference between personal and official social media accounts. - Josh Gerstein/ Politico Pro, John Kruzel, Andrew Chung/ Reuters, Ian Millhiser/ Vox, Ann E. Marimow/ The Washington PostOverall, the Court sounded sympathetic to the claim that they shouldn't be able to block people whenever they please, but much less clear on what the test should be.Sports CornerIs there a Big Game in California this weekend? Alex has a lot to say for someone rooting for the team with a losing record in the 126-year series.Join the conversation and connect with Evelyn and Alex on Twitter at @evelyndouek and @alexstamos.Moderated Content is produced in partnership by Stanford Law School and the Cyber Policy Center. Special thanks to John Perrino for research and editorial assistance.Like what you heard? Don't forget to subscribe and share the podcast with friends!

That, at least, is what I hear from my VC friends in Silicon Valley. And they wouldn't get an argument this week from EU negotiators facing what looks like a third rewrite of the much-too -early AI Act. Mark MacCarthy explains that negotiations over an overhaul of the act demanded by France and Germany led to a walkout by EU parliamentarians. The cause? In their enthusiasm for screwing American AI companies, the drafters inadvertently screwed a French and a German AI aspirant Mark is also our featured author for an interview about his book, "Regulating Digital Industries: How Public Oversight Can Encourage Competition, Protect Privacy, and Ensure Free Speech" I offer to blurb it as “an entertaining, articulate and well-researched book that is egregiously wrong on almost every page.” Mark promises that at least part of my blurb will make it to his website. I highly recommend it to Cyberlaw listeners who mostly disagree with me – a big market, I'm told. Kurt Sanger reports on what looks like another myth about Russian cyberwarriors – that they can't coordinate with kinetic attacks to produce a combined effect. Mandiant says that's exactly what Sandworm hackers did in Russia's most recent attack on Ukraine's grid. Adam Hickey, meanwhile, reports on a lawsuit over internet sex that drove an entire social media platform out of business. Meanwhile, Meta is getting beat up on the Hill and in the press for failing to protect teens from sexual and other harms. I ask the obvious question: Who the heck is trying to get naked pictures of Facebook's core demographic? Mark explains the latest EU rules on targeted political ads – which consist of several perfectly reasonable provisions combined with a couple designed to cut the heart out of online political advertising.  Adam and I puzzle over why the FTC is telling the U.S. Copyright Office that AI companies are a bunch of pirates who need to be pulled up short. I point out that copyright is a multi-generational monopoly on written works. Maybe, I suggest, the FTC has finally combined its unfairness and its anti-monopoly authorities to protect copyright monopolists from the unfairness of Fair Use. Taking an indefensible legal position out of blind hatred for tech companies? Now that I think about it, that is kind of on-brand for Lina Khan's FTC.  Adam and I disagree about how seriously to take press claims that AI generates images that are biased. I complain about the reverse: AI that keeps pretending that there are a lot of black and female judges on the European Court of Justice.   Kurt and Adam reprise the risk to CISOs from the SEC's SolarWinds complaint – and all the dysfunctional things companies and CISOs will soon be doing to save themselves. In updates and quick hits:  Adam and I flag some useful new reports from Congress on the disinformation excesses of 2020. We both regret the fact that those excesses now make it unlikely the U.S. will do much about foreign government attempts to influence the 2024 election.  I mourn the fact that we won't be covering Susannah Gibson again. Gibson raised campaign funds by doing literally what most politicians only do metaphorically. She has, gone down to defeat in her Virginia legislative race.  In Cyberlaw Podcast alumni news, Alex Stamos and Chris Krebs have sold their consulting firm to SentinelOne. They will only be allowed back on the podcast if they bring the Gulfstream.   I also note that Congress is finally starting to put some bills to renew section 702 of FISA into the hopper. Unfortunately, the first such bill, a merger of left and right extremes called the Government Surveillance Reform Act, probably should have gone into the chipper instead.  Download 481st Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.  

Stanford's Evelyn Douek and Alex Stamos weigh in on the latest online trust and safety news and developments:President Joe Biden signed an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence today. The sweeping EO includes standards setting for generative AI watermarking and red teaming. It will also set rules to mitigate privacy and bias risks before AI systems can be used by federal officials. - Maria Curi, Ashley Gold/ Axios, Mohar Chatterjee, Rebecca Kern/ Politico, Mohar Chatterjee/ Politico, John D. McKinnon, Sabrina Siddiqui, Dustin Volz/ The Wall Street Journal, Cat Zakrzewski, Cristiano Lima/ The Washington PostThe EO is a good step forward, but the measures are limited in power without congressional action.App store rules are restricting access to some Hamas-affiliated channels on Telegram where content moderation action is rare, allowing terrorist organizations to share messaging. The restrictions are inconsistent, with some channels only blocked on the Google Play store app in some cases. - Clare Duffy, Brian Fung/ CNN, Kevin Collier/ NBC News, Wes Davis/ The VergeIt's another reminder of the power of content moderation rules in the stack — at the infrastructure or distributor level, like app stores.X-Twitter CornerIt's been one year since Elon Musk flipped the bird (and struggled to carry a sink into Twitter's San Francisco headquarters). Our original episode on this, “Musk Flips the Bird,” held up pretty well — especially the prediction that this would be very good news for Mark Zuckerberg.Legal CornerIt's not all good news for Zuck though. The state attorneys general of 41 states and D.C. sued Meta, alleging Instagram and Facebook harm kids with addictive features and privacy violations. - Barbara Ortutay/ Associated Press, Lauren Feiner/ CNBC, Rebecca Kern/ Politico, Cecilia Kang, Natasha Singer/ The New York Times, Cristiano Lima, Naomi Nix/ The Washington Post, Daphne Keller/ @daphnehkThis is a relatively novel legal argument, and it appears to be an uphill battle to sue for design harms and not content. Still, the alleged privacy violations could hold up and the political posturing alone may prove to be a winner in the multi-pronged legal, policy, and regulatory battle.The king got involved and we can't ignore the UK Online Safety Bill Act anymore. The legislation received royal assent, becoming law last week. - Imran Rahman-Jones, Chris Vallance/ BBC News, Jon Porter/ The Verge, Peter Guest/ WiredAlex and Stanford Internet Observatory graduate researcher Sara Shah published a guide on trust and safety issues in the Fediverse with tips for running a Mastodon instance.Join the conversation and connect with Evelyn and Alex on Twitter at @evelyndouek and @alexstamos.Moderated Content is produced in partnership by Stanford Law School and the Cyber Policy Center. Special thanks to John Perrino for research and editorial assistance.Like what you heard? Don't forget to subscribe and share the podcast with friends!

X, the platform formerly known as Twitter, has made cuts to its elections and disinformation team, eliminating almost all of the controls that were built after the 2016 election to prevent wide-scale manipulation. Former Facebook chief security officer, Alex Stamos describes the potential dangers ahead for the 2024 U.S. Presidential election.  Singaporean authorities have seized more than 150 properties, luxury cars and thousands of gold bars in a family office money laundering scandal that has quickly grown to $2 billion. CNBC's Wealth Editor Robert Frank reports on the international intrigue.  Plus, the job opening in the House of Representatives, it's already too late to start your holiday shopping and a hack at Clorox leaves a big stain.  Courtney Reagan,  8:12 Alex Stamos, 15:15Robert Frank, 23:15 In this episode:Alex Stamos, @alexstamosRobert Frank, @robtfrankAndrew Ross Sorkin, @andrewrsorkinJoe Kernen, @JoeSquawkBecky Quick, @BeckyQuickKatie Kramer, @Kramer_Katie

From June 11, 2019: More than two years after the 2016 presidential election, new information continues to seep into the public about the extent of Russia's sweeping and systematic efforts to interfere in the U.S. democratic process. With the 2020 presidential election on the horizon, last week, Stanford's Cyber Policy Center published a report on securing American elections, including recommendations on how the U.S. can protect elections and election infrastructure from foreign actors.On Monday, Susan Hennessey spoke with two of the report's authors: Alex Stamos, director of the Stanford Cyber Policy Center's Internet Observatory and former Chief Security Officer of Facebook, and Nate Persily, Stanford law professor and expert on election administration. They talked about what happened in 2016, and the enormously complex landscape of defending not just election infrastructure but also preserving the integrity of the information ecosystems in which Americans make their decisions about how to vote, including the possible consequences of regulating foreign media.Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.

Hosted by the William and Flora Hewlett Foundation Cyber Initiative and Aspen Digital, Verify 2023 brings together journalists and cyber and tech policy experts to discuss critical issues in cybersecurity. For this live recording of the Lawfare Podcast, Benjamin Wittes sat down at Verify 2023 with Alex Stamos of the Stanford Internet Observatory; Nicole Perlroth, formerly of the New York Times and the author of a recent book on zero days; and Dave Willner, the Head of Trust & Safety at OpenAI, the company that produces ChatGPT. They talked about cybersecurity and AI, the threats to AI algorithms, the threats from AI algorithms, and the threats from humans misusing large language models. Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.