Podcasts about Bitdefender

Marketing im Kopf - ein Podcast von Luis BinderIn dieser Folge wird über verschiedene Unternehmen gesprochen, da Markennamen genannt werden, handelt es sich um UNBEZAHLTE WERBUNG!In dieser Folge: In der heutigen Podcastfolge von Marketing im Kopf geht es noch ein bisschen weiter mit der Radiowerbung. Wir schauen uns die Vor- und Nachteile und Zielgruppen und Nutzung von Webradio an und welche Rolle klassische Radiospots heute noch spielen. Außerdem geht es darum, was Kinowerbung leisten kann und was nicht und welche Formate es gibt.____________________________________________Marketing-News der Woche:Lidl setzt auf viralen Rap-Clip mit Discounter-Star Lidl startet eine neue Kampagne mit Schauspieler Merlin Sandmeyer, bekannt aus der Serie "Die Discounter". In Clips auf TikTok, YouTube und Instagram rappt er echte Kundenkommentare. Die Aktion stammt von der Agentur La Red und erreichte allein auf TikTok 6,6 Millionen Views. Cybercrime verursacht Milliardenverluste im Marketing Im Februar 2025 kam es laut Bitdefender zu 962 Ransomware-Angriffen, 27 davon in Deutschland. Besonders betroffen ist das Online-Marketing: 2023 gingen 84 Milliarden Dollar durch Anzeigenbetrug verloren. Bis 2028 könnte sich dieser Wert laut Juniper Research mehr als verdoppeln. Marken kämpfen mit Bots, nutzlosen Werbeumfeldern und sinkender Sichtbarkeit. Ad-Verification und technische Schutzmaßnahmen werden immer wichtiger.Erste TV-Werbung komplett mit KI produziertFür die Marke Lacalut wurde ein Spot entwickelt, der vollständig von künstlicher Intelligenz erstellt wurde. Gezeigt werden Szenen aus 100 Jahren Markengeschichte, komplett mit synthetischen Menschen, Musik und Stimme. Die Produktion spart Kosten und könnte zum Vorbild für weitere KI-Kampagnen werden. ____________________________________________Über den Podcast: In dem Podcast Marketing im Kopf soll es um die Frage gehen, was notwendig ist, um ein Produkt oder eine Dienstleistung gut vermarkten zu können und was für grundsätzliche Strategien verfolgt und ganz leicht umgesetzt werden können. Egal, ob du selbst im Bereich Marketing arbeitest, oder, ob du dich einfach nur für das Thema interessierst, in diesem Marketing-Podcast lernst du alle Grundlagen und Strategien, die aktuell im Marketing verwendet werden.____________________________________________Vernetz dich gerne auf LinkedIn: ⁠https://www.linkedin.com/in/luisbinder/⁠ Instagram: https://www.instagram.com/marketingimkopf/Du hast Fragen, Anregungen oder Ideen? Melde dich unter: marketingimkopf@gmail.com Die Website zum Podcast findest du hier. [⁠⁠⁠https://bit.ly/2WN7tH5⁠⁠⁠]

Aston Martin's Team Principal knows what it takes to win in Formula 1. Andy Cowell leads a team which now includes Adrian Newey. They have the newest factory in the sport. Fernando Alonso and Lance Stroll are in the driving seat. Owner Lawrence Stroll is funding the team's future. When will these ingredients bring trophies? Andy tells Tom Clarkson that Aston Martin are in ‘the building phase' against ‘mighty' opponents, but he's confident they will overtake their rivals. He compares his current job to his time winning championships with Mercedes, and explains why F1's new era of racing with sustainable fuel from 2026 is so important. He also shares his hope that partnering with Honda will give them an advantage. It's All To Drive For. Be there! Book your seat at a 2025 Grand Prix – tickets.formula1.com This episode is sponsored by: Bitdefender: Team partner of Ferrari. Visit Bitdefender.com to learn more about how Bitdefender supports Ferrari to stay ahead of cyber threats and how you can make your digital life safer. Saily: get an exclusive 15% discount on your first Saily data plans! Use code grid at checkout. Download Saily app or go to to https://saily.com/grid Shopify: sign up for your one-dollar-per-month trial period at shopify.com/beyondthegrid

Analizamos la nueva Orden para evitar el Fraude Telefónico y de Mensajes, también damos un repaso a Stargate, la iniciativa billonaria de IA y hacemos un repaso de la evolución de formatos físicos: desde el CD al Blu-Ray. Gracias a: Cyber Guru, CATO Networks, nettaro y Bitdefender. Con: Maribel Morales, Alexia Cué, Alfonso Calvo y Santiago Ingold. Producción: ClickRadioTV.

Analizamos la nueva Orden para evitar el Fraude Telefónico y de Mensajes, también damos un repaso a Stargate, la iniciativa billonaria de IA y hacemos un repaso de la evolución de formatos físicos: desde el CD al Blu-Ray. Gracias a: Cyber Guru, CATO Networks, nettaro y Bitdefender. Con: Maribel Morales, Alexia Cué, Alfonso Calvo y Santiago Ingold. Producción: ClickRadioTV.

Hoy nos acompaña Mar Sánchez, Country Manager de CYBER GURU en España, para contarnos la importancia de la concienciación en ciberseguridad. También hablamos de la Gestión de Riesgos de Terceros (TPRM), y Rafa nos presenta su último libro 'El Arte de la Ciberguerra' Con: Rafa López y Carlos Valerdi. Dirige: Carlos Lillo Gracias a: nettaro, Cato Networks, Cyber Guru y Bitdefender.

Hoy nos acompaña Mar Sánchez, Country Manager de CYBER GURU en España, para contarnos la importancia de la concienciación en ciberseguridad. También hablamos de la Gestión de Riesgos de Terceros (TPRM), y Rafa nos presenta su último libro 'El Arte de la Ciberguerra' Con: Rafa López y Carlos Valerdi. Dirige: Carlos Lillo Gracias a: nettaro, Cato Networks, Cyber Guru y Bitdefender.

El impacto de DeepSeek ha revolucionado el sector de la IA. Con: Alba Sánchez, Carlos Valerdi, Ray Mills. Como invitado tenemos a Ángel Gálvez, CISO de AVOLTA. Dirige: Carlos Lillo. Gracias a: nettaro, Cyber Guru, Bitdefender clickciber.com

DeepSeek blames DDoS for recent outages. Hackers behind last year's AT&T data breach targeted members of the Trump family, Kamala Harris, and Marco Rubio's wife.The EU sanctions Russians for cyberattacks against Estonia. ENGlobal confirms personal information was taken in last year's ransomware attack. CISA issues a critical warning about a SonicWall vulnerability actively exploited. A large-scale phishing campaign exploits users' trust in PDF files and the USPS. Apple patches a zero-day affecting many of their products. A ransomware attack on an Ohio-based operator of skilled nursing and rehabilitation facilities affects over 70,000. President Trump has a tumultuous first week back in office. Our guest is Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. A nonprofit aims to clean up the AI industry's mess.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. Check out Bitdefender's research on the topic here. Selected Reading DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge (SecurityWeek) DeepSeek FAQ (Stratechery) We tried out DeepSeek. It worked well, until we asked it about Tiananmen Square and Taiwan (The Guardian)  Hackers Mined AT&T Breach for Data on Trump's Family, Kamala Harris (404 Media) European Union Sanctions Russian Nationals for Hacking Estonia (SecurityWeek) ENGlobal Says Personal Information Accessed in Ransomware Attack (SecurityWeek) CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild (Cyber Security News) Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam (Security Boulevard) Amazon Prime Security Warning As Hackers Strike—What You Need To Know (Forbes)  Apple plugs exploited security hole in iOS, updates macOS (The Register) Nursing Home, Rehab Chain Says Hack Affects Nearly 70,000 (GovInfo Security) A Tumultuous Week for Federal Cybersecurity Efforts (Krebs on Security) Initiative Aims to Enable Ethical Coding LLMs (IEEE Spectrum) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Primer programa de 2025, hoy muy enfocado al HW y al CES. Ademas recogemos las noticias semanales y damos consejos para roaming en el extranjero. Gracias a: nettaro y Bitdefender. Producción: ClickRadioTV. Con: Eva Prieto, Alfonso Calvo y Pedro Montes. Dirige: Carlos Lillo. clickciber.com

Primer programa de 2025, hoy muy enfocado al HW y al CES. Ademas recogemos las noticias semanales y damos consejos para roaming en el extranjero. Gracias a: nettaro y Bitdefender. Producción: ClickRadioTV. Con: Eva Prieto, Alfonso Calvo y Pedro Montes. Dirige: Carlos Lillo. clickciber.com

Our first F1 race and our first official podcast sponsor too!!! Thank you so much to Bitdefender for this amazing opportunity! In this podcast we talk about our time in Las Vegas and going behind the scenes with Ferrari and Bitdefender! #ad https://bitdefend.me/JennaTA --- Support this podcast: https://podcasters.spotify.com/pod/show/samebrain/support

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is our sponsored guest Daniel Daraban, senior director of product management, Bitdefender. In this episode: Practice makes perfect Shaming doesn't help anyone Cybersecurity is a flat circle Building the bridge Thanks to our podcast sponsor, Bitdefender! Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services. Learn more at Bitdefender.com.

Anul acesta producătorii auto, în special cei europeni, au ieșit în media să ne spună că piața a devenit dură şi că vor trebui luate decizii dificile. Subiectul pe care Marian Hurducaș l-a ales pentru această ediție e complicat, cauzele situației actuale sunt multe - dar cea mai tare nucă e reprezentată de producătorii auto chinezi, japonezi şi sud-coreeni au o ofertă auto diversificată şi destul de echilibrată ca preţ. Industria auto este foarte importantă pentru Uniunea Europeană și acum se află, cel puțin conform declarațiilor oficiale, la cotitură. Această industrie reprezintă peste 7% din PIB-ul Uniunii Europene și angajează cam 8% din forța de muncă din producție UE. Investește anual 59.1 miliarde de euro în R&D, 31% din totalul cheltuielor din acest segment al Uniunii Europene. Guests: Mircea Meșter (Autocritica.ro) ; Mihai Tănase (Director de Marketing Dacia RO + MD) Profilurile invitaților: Mircea Meșter: jurnalist auto și sportiv; Owner Autocritica.ro (cronică auto) + Cronici.ro (cronică sport); 22 de ani experiență în media, 19 ani experiență jurnalism auto; Fost Project Manager + Chief Editor Automarket (2005 - 2020); Pilot de Raliuri în FIA Eco Rally (concurs de regularitate cu mașini electrice) în 2023 (a pilotat un Hyundai Ioniq 5) și 2024 ( Mihai Tănase: Marketing Director Dacia România & Moldova din August 2024; Aproape 12 ani experiență în industria auto (Online Strategy Manager la BMW Group RO, Head of Digital la Groupe Renault) Experiență anterioară la Bitdefender & agenția specializată pe Search Outrider din Danemarca -unde a avut drept client Toyota.

Send us a textIn this eye-opening episode, Joey Pinz and cybersecurity expert Martin Zugec delve deep into the ransomware ecosystem, exploring the cultural and economic factors driving cybercrime. Martin shares his unique insights on how motivations vary globally, with financial gain and resentment fueling much of the activity in Eastern Europe and Russia.

In this bonus episode of the Business of Tech, host Dave Sobel engages in a compelling conversation with Martin from Bitdefender, who describes his role as a popular scientist focused on making cybersecurity research more accessible and understandable. Martin Zugec highlights Bitdefender's long-standing commitment to research, particularly in Romania, where a wealth of security researchers contribute to the field. He emphasizes the importance of visibility for their groundbreaking work, aiming to inspire researchers who may feel their contributions go unnoticed.The discussion shifts to the evolving profile of cyber criminals, particularly in the context of ransomware. Martin explains that the landscape has changed significantly since 2017, with a clear distinction between operators—primarily based in Russia—and affiliates who operate globally. He likens the cybercrime ecosystem to a gig economy, where individuals can leverage their unique skills, such as negotiation or business acumen, to participate in this illicit market. This transactional nature allows for a diverse range of participants, complicating the fight against cybercrime.As the conversation progresses, Martin delves into the challenges of disrupting the cybercrime ecosystem. He notes that trust is a critical component of this world, and takedown operations can destabilize the entire network of criminals. For instance, when Bitdefender releases a decryption tool, it not only aids victims but also creates mistrust among affiliates and operators, leading to internal conflicts. Martin shares insights into how law enforcement agencies are beginning to adopt psychological tactics to undermine the trust within these criminal networks, showcasing the innovative approaches being taken to combat cyber threats.Finally, Martin stresses the importance of prevention and the human factor in cybersecurity. He points out that many organizations fail to recognize the early signs of an attack, often focusing solely on the final stages of encryption. By understanding that cyber attacks can take weeks or even months to unfold, companies can better prepare and respond to threats. The episode concludes with a call for improved public-private collaboration in cybersecurity efforts, emphasizing the need for streamlined communication between organizations and law enforcement to effectively combat the ever-evolving landscape of cybercrime. All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

What is the probability of our existence? Neil deGrasse Tyson and cohosts Chuck Nice and Gary O'Reilly learn about the probabilities all around us, the idea of risk, and how they factor into our own security in the digital age with cybersecurity expert Alex Cosoi.NOTE: StarTalk+ Patrons can listen to this entire episode commercial-free here: https://startalkmedia.com/show/the-power-of-probability-with-alex-cosoi/Thanks to our Patrons Ben Jackson, James Hall, XYZ, Rick Reyes, Brian Gilstrap, Jeffrey Silva, Simon Schwartz, Lori Thomas, Sally Sapp, Alberto.p, Kenneth W Miller, Richard Hart, Patience, Brent Fraliex, 4 Light Years Away, Michele Raiola, Tess Gleason, Connie Schreiber, Metthew Tucker, Hickory Ogle, and Aldeeep for supporting us this week. Subscribe to SiriusXM Podcasts+ on Apple Podcasts to listen to new episodes ad-free and a whole week early.

META details its efforts against pig butchering. The Salt Typhoon attack on major U.S. telecoms sparks interest from Congress.  Microsoft dismantles 240 domains linked to the ONNX phishing-as-a-service platform. A major U.S. gambling and lottery provider suffers a cyberattack. Hackers exploit newly patched zero-days in Palo Alto Networks firewalls. Researchers say Fortinet VPN servers lack sufficient logging. A pilot program looks to improve security for small U.S. water utilities. Bitdefender warns of scammers using Black Friday-themed spam emails. Our guest is DataDome's CEO and Co-founder, Benjamin Fabreto, discussing how "Fake Accounts Threaten Black Friday Gaming Sales." A fond farewell for a true cyber innovator.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In advance of Black Friday shopping next week, our guest is  DataDome's CEO and Co-founder, Benjamin Fabreto discussing their team's work on "Fake Accounts Threaten Black Friday Gaming Sales."  Selected Reading Meta cracks down on millions of accounts it tied to pig-butchering scams (CyberScoop) China's Hacking Reached Deep Into U.S. Telecoms (New York Times) FCC leaders skirt call for wiretap security reform, hope to ‘go deeper' on telecom breach briefings (NextGov) Microsoft disrupts ONNX phishing-as-a-service infrastructure (Bleeping Computer) Gambling and lottery giant disrupted by cyberattack, working to bring systems back online (The Record) Over 2,000 Palo Alto firewalls hacked using recently patched bugs (Bleeping Computer) Fortinet VPN design flaw hides successful brute-force attacks (Bleeping Computer) First Water Utilities Take Volunteer Cyber Help (The University of Chicago Harris School of Public Policy) Three-Quarters of Black Friday Spam Emails Identified as Scams (Infosecurity Magazine) Thomas E. Kurtz, a Creator of BASIC Computer Language, Dies at 96 (New York Times) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

This episode is brought to you by T-Mobile, official 5G partner of F1 Las Vegas Grand Prix Why did he become Alpine Team Principal? How does his background as a racing driver and team owner prepare him for this new challenge? And what are his priorities in 2025 and beyond? Speaking to Tom Clarkson at the team's headquarters in Enstone, Oliver Oakes answers all the key questions around Alpine's future with him at the helm. Ollie discusses his mixed feelings after their double podium in Brazil, why Alpine have chosen Mercedes as their power unit supplier from 2026, whether Pierre Gasly is ready to lead the team next season, and much more. More official F1 Podcasts F1 Nation - Grand Prix reviews and previews from inside the F1 paddock F1 Explains - answering your questions about Formula 1 Be there when the 2024 F1 World Champion is crowned Get tickets for Las Vegas, the rest of 2024 and early 2025 at tickets.formula1.com This episode is sponsored by: Uncommon Goods: to get 15% off your next gift go to uncommongoods.com/GRID Vanta: get $1,000 off Vanta at vanta.com/grid Bitdefender: visit Bitdefender.com to learn more about why Ferrari chose Bitdefender to stay ahead of cyber threats and how YOU can make your digital life safer

Hoy martes 19 de noviembre, Apple envió una actualización poco esperada en iOS y es la que corresponde a la versión 18.1.1, la cual no se tenia detalles y todos los usuarios estaban esperando la 18.2, por supuesto es imprescindible instalar, ademas; Instagram pronto te permitirá restablecer tu algoritmo de recomendaciones; El Departamento de Justicia de Estados Unidos quiere que Google venda Chrome; y por supuesto esperamos sus comentarios... Bitdefender desarrolla un descifrador gratuito para las víctimas del ransomware “ShrinkLocker” https://unaaldia.hispasec.com/2024/11/bitdefender-desarrolla-un-descifrador-gratuito-para-las-victimas-del-ransomware-shrinklocker.html El Departamento de Justicia de Estados Unidos quiere que Google venda Chrome https://www.bloomberg.com/news/articles/2024-11-18/doj-will-push-google-to-sell-off-chrome-to-break-search-monopoly Apple lanza la actualización de iOS 18.1.1 Bluesky supera los 20 millones de usuarios y reduce la brecha con Instagram Threads https://www.similarweb.com/blog/insights/social-media-news/bluesky-sustained-growth/ Google Docs incorpora IA para crear imágenes personalizadas https://es.gizmodo.com/google-docs-incorpora-ia-para-crear-imagenes-personalizadas-lo-que-debes-saber-2000135570 Instagram pronto te permitirá restablecer tu algoritmo de recomendaciones https://techcrunch.com/2024/11/19/instagram-will-soon-let-you-reset-your-recommendation-algorithm/ Video del día en las redes https://www.instagram.com/p/DCknZCTPbB7/ ESPERAMOS TUS COMENTARIOS...

Desde el marco del Estadio Metropolitano de Madrid, durante las sesiones del ISMS Forum, realizamos el programa con público en directo para tratar temas tan interesantes como un pequeño debate sobre el papel de los CISO en las organizaciones. Con: Silvia Roldán, Carlos Valerdi, Pedro Montes y Eudón Mercedes. Dirige: Carlos Lillo Gracias a: nettaro, Ingecom, Estratec360, Cybertix, Bitdefender. Producción: ClickRadioTV. clickciber.com

Desde el marco del Estadio Metropolitano de Madrid, durante las sesiones del ISMS Forum, realizamos el programa con público en directo para tratar temas tan interesantes como un pequeño debate sobre el papel de los CISO en las organizaciones. Con: Silvia Roldán, Carlos Valerdi, Pedro Montes y Eudón Mercedes. Dirige: Carlos Lillo Gracias a: nettaro, Ingecom, Estratec360, Cybertix, Bitdefender. Producción: ClickRadioTV. clickciber.com

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jimmy Benoit, vp, cybersecurity, PBS. In this episode: Starting early on security awareness The limits of gamification Technically qualified Understanding your risk tolerance Thanks to our podcast sponsor, Bitdefender! Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

Repasamos el concepto del WAF, elemento esencial en ciberseguridad de la mano de Rafa Tortajada. Silvia Roldán comanda las noticias semanales y Carlos Valerdi nos habla del futuro personalizado de la medicina en el que la IA tendrá un papel decisivo. Dirige: Carlos Lillo. Patrocinan: ALLOT, NETTARO, CYBERTIX, ESTRATEC360, BITDEFENDER.

Despite being a hugely versatile racing driver, who competed in Formula 3000, IndyCar, Sports Cars and Touring Cars, Christian Danner was unable to showcase his full potential in Formula 1 in the mid-late 1980s. During an era characterised by poor reliability and pre-qualifying, he either failed to start many of the races he entered, or he failed to finish them. But that certainly doesn't mean he's short of some fascinating tales from his time in the sport. Speaking to Tom Clarkson, Christian remembers becoming the first F1 driver to be disqualified for dangerous driving and how Ayrton Senna leapt to his defence. He also talks about the opposition he faced from the media back home in Germany, why Zakspeed teammate Martin Brundle kept him on his toes , how he climbed from P26 on the grid to a career-best finish of P4 at the US Grand Prix in 1989, and much more. This episode is sponsored by Bitdefender, the official cybersecurity partner of Ferrari. Visit Bitdefender.com to learn more about why Ferrari chose Bitdefender to stay ahead of cyber threats and how YOU can make your digital life safer.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Jason Shockey, CISO, Cenlar FSB. In this episode: Ground the SOC in communication Training and mentoring talent Nailing a first security hire A case for optimism Thanks to our podcast sponsor, Bitdefender! Enterprise-grade cybersecurity without complexity. Backed by extensive research from hundreds of experts in Bitdefender Labs and consistently top-rated in independent tests, Bitdefender GravityZone platform provides multi-layered prevention, protection, detection, and response capabilities, including managed security services.

Are you aware of the growing threat of fake AI supplements? In this episode, I explore a shocking report from Bitdefender that uncovers how cybercriminals are using deepfake technology to promote fraudulent health products. With over 1,000 deepfake videos featuring celebrities like Brad Pitt and Dr. Ben Carson, these scams are reaching vast audiences on platforms like Facebook and Instagram. I share tips on how to avoid these scams and the importance of doing your research before buying any health-related products. Don't fall victim to these deceptive ads!Supplements Featured In This Episode:• Accelerated Liver Care™ https://www.acceleratedhealthproducts.com/products/accelerated-liver-care• Accelerated Cogniblast® https://www.acceleratedhealthproducts.com/products/cogniblast-nootropic

Two men are accused of stealing almost a quarter of a billion dollars from one person's cryptocurrency wallet, but why on earth would they be handing out handbags to strangers? And social media comes under the spotlight once more, as we ask if you are delving into misinformation in your most private moments...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:ZachXBT's thread on Twitter.Indictment Charges Two in $230 Million Cryptocurrency Scam - Department of Justice.Two men arrested one month after $230 million of cryptocurrency stolen from a single victim - Bitdefender.Skylar Harrison tells her handbag story - TikTok.Social media's role in fueling extremism and misinformation in a divided political climate - PBS News.Misinformation on social media - statistics & facts - Pew Research.Social Media and News Fact Sheet, 2024 - Pew Research Center.Cribbage JD - Play Online - Cardsjd.Paddlers Cribbage - L.L. Bean.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!...

Prieteni, Vorbitorincii LEADERS îl are invitat pe Florin Talpeș, cofondatorul Bitdefender, apariție rară în peisajul media și unul dintre cei mai puternici oameni din IT-ul românesc. Stăm de vorbă despre siguranța noastră cibernetică și Dark Web, despre inteligența artificială și job-urile noastre, ce-ar trebui să facem noi, ca indivizi și societate.    02:30 Bitdefender s-a născut în România 04:09 Parteneriat cu Ferrari 09:54 Atacuri cibernetice 14:44 Încrederea nu se construiește cu promisiuni 26:47 Noul val de AI 38:56 AI-ul ne amenință locurile de muncă? 55:48 Este o industrie în care nu contează unde ești 1:07:13 Mr. T 1:22:38 Platforma Pipera 1:37:31 Listarea la Bursă 1:44:24 Campion, alături de soție, la Dans Sportiv Senior 1:57:53 Atuurile României 2:06:34 Ce ne lipsește 2:14:30 Sprijin pentru oamenii de viitor ai României 2:22:02 Știm toți candidații la președinție?    

Podcast: Error Code (LS 25 · TOP 10% what is this?)Episode: EP 43: Hacking Large-Scale Off-Grid Solar Systems and Other Consumer IoT DevicesPub date: 2024-08-13This is a story about how we've essentially learned nothing about IOT over the last decade, and why we really need to do more today to help secure our tomorrow. Dan Berte, Director of IoT security for BitDefender, discusses his more than a decade in IoT, how the vendor maturity often isn't there for our smart TVs or for our solar panels, so reporting vulnerabilities sometimes goes nowhere. That doesn't stop defenders like Dan, who, along with his team, work hard to change and to educate the industry.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

This is a story about how we've essentially learned nothing about IOT over the last decade, and why we really need to do more today to help secure our tomorrow. Dan Berte, Director of IoT security for BitDefender, discusses his more than a decade in IoT, how the vendor maturity often isn't there for our smart TVs or for our solar panels, so reporting vulnerabilities sometimes goes nowhere. That doesn't stop defenders like Dan, who, along with his team, work hard to change and to educate the industry.

The U.S. blood supply is under pressure from a ransomware attack. CrowdStrike shareholders sue the company. There's a critical vulnerability in Bitdefender's GravityZone Update Server. BingoMod RAT targets Android users. Hackers use Google Ads to trick users into a fake Google Authenticator app. Western Sydney University confirms a major data breach. Marylands leads the way in gift card scam prevention. NSA is all-in on AI. My guest is David Moulton, host of Palo Alto Networks' podcast Threat Vector. Attention marketers: AI isn't the buzzword you think it is.  Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest David Moulton, host of Palo Alto Networks' podcast Threat Vector and Director of Thought Leadership, discussing the evolution of his show and what we can expect to see coming next. You can catch the latest episode of Threat Vector where David welcomes Palo Alto Networks Founder and CTO Nir Zuk here. Selected Reading Ransomware attack on major US blood center prompts hundreds of hospitals to implement shortage protocols (The Record) CrowdStrike sued by shareholders over global outage (BBC) Bitdefender Flaw Let Attackers Trigger Server-Side Request Forgery Attacks (GB Hackers) BingoMod Android RAT Wipes Devices After Stealing Money (SecurityWeek) Google being impersonated on Google Ads by scammers peddling fake Authenticator (Cybernews) Western Sydney University reveals full scope of January data breach (Cyber Daily) Maryland becomes first state to pass law against gift card draining (CBS News) More than 7,000 NSA analysts are using generative AI tools, director says (Defense One) Study Finds Consumers Are Actively Turned Off by Products That Use AI (Futurism) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In the podcast episode, host Dave Sobel covers key highlights from the PAX 8 BEYOND conference. The conference showcased Pax8's achievements, including surpassing $2 billion in annual recurring revenue and unveiling updates to their platform. Pax8 is focusing on leveraging AI to empower partners in tapping into the global economy, with new features like Opportunity Explorer and Storefronts being introduced to enhance the partner experience.The episode delves into various tech updates, such as Synchro's AI ticketing solution for MSPs, Acronis XDR security platform, and Bitdefender's Ultimate Small Business Security suite. These innovations aim to streamline operations, enhance cybersecurity, and provide comprehensive protection for small businesses. Additionally, Compliance Scorecard and CloudRadial Portal 365 introduce advanced tools to improve compliance management and client experience, respectively.Broadcom's revenue forecast increase and VMware Cloud on AWS license changes are also discussed. Broadcom's strategic moves, including a stock split and altered VMware licenses, reflect the company's focus on advanced networking chips and cloud services Three things to know today: 00:00 Pax8 Beyond Conference Highlights: $2 Billion Revenue Milestone, AI-Driven Platform Updates, and New Security Program03:41 Syncro's AI Ticketing, Acronis XDR, Bitdefender's Small Business Security, Compliance Scorecard Updates, CloudRadial's Portal, and Microsoft's GPT Builder Retirement07:41 Broadcom Increases 2024 Revenue Forecast, Announces Stock Split, and Changes VMware Cloud on AWS Licenses   Supported by:  https://huntress.com/mspradio/  All our Sponsors:   https://businessof.tech/sponsors/   Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

Summary for Joey Pinz Disciple Conversations with Richard Tallman

In today's episode, we discuss fake browser updates distributing BitRAT and Lumma Stealer via Discord (https://thehackernews.com/2024/06/beware-fake-browser-updates-deliver.html), a malicious npm package targeting Gulp users with a RAT (https://thehackernews.com/2024/06/researchers-uncover-rat-dropping-npm.html), and the high-severity Atlassian Confluence RCE vulnerability (CVE-2024-21683) for which a PoC is now available (https://www.helpnetsecurity.com/2024/06/03/cve-2024-21683-poc/). Tune in to learn about these critical cybersecurity threats and how you can protect your systems.Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Browser Updates, Cybersecurity Threat, BitRAT, Lumma Stealer, eSentire, Fake Browser Updates, Discord, Malicious npm Package, Gulp Toolkit, Remote Access Trojans, Software Supply Chain Attacks, CVE-2024-21683, Atlassian Confluence, Remote Code Execution, Cyber Attackers, Cybersecurity Researchers, Downloader Malware, Exploit, Developer Security, Cyber Attack Mitigation Search Phrases: How to avoid fake browser updates BitRAT malware detection What is Lumma Stealer Discord used for malware distribution Malicious npm packages 2024 Latest remote access trojans CVE-2024-21683 Atlassian Confluence vulnerability Protect against software supply chain attacks eSentire cybersecurity report Remote code execution in Atlassian Confluence https://thehackernews.com/2024/06/beware-fake-browser-updates-deliver.html Rise of Fake Browser Updates as Malware Vectors: Cybercriminals now use fake browser updates to distribute BitRAT and Lumma Stealer malware. These attacks typically start when users visit compromised websites that redirect them to fraudulent update pages. Actionable Insight: Avoid downloading updates from unfamiliar sources; always verify the legitimacy of update prompts through official channels. Discord as a Malware Distribution Platform: Attackers use Discord to host malicious files, leveraging its widespread use among legitimate users. Bitdefender found over 50,000 harmful links on Discord in the past six months. Actionable Insight: Exercise caution when downloading files from Discord and report suspicious links to platform moderators. Sophisticated Attack Chain Mechanisms: Attacks involve JavaScript and PowerShell scripts within ZIP files to execute malware. These scripts load additional payloads disguised as PNG image files, adding a layer of obfuscation. Actionable Insight: Use advanced endpoint protection that can detect and mitigate script-based attacks. BitRAT and Lumma Stealer Capabilities: BitRAT can harvest data, mine cryptocurrency, and take control of infected devices. Lumma Stealer, available for rent, steals information from web browsers and crypto wallets. Actionable Insight: Regularly update and patch software, employ strong passwords, and use multi-factor authentication to protect sensitive information. Emerging Threats: Drive-by Downloads and Malvertising: Fake browser update attacks often utilize drive-by downloads and malvertising techniques. Recent campaigns trick users into manually executing malicious PowerShell code under the guise of browser updates. Actionable Insight: Educate users on the risks of drive-by downloads and ensure robust network defenses are in place. Lumma Stealer's Growing Popularity: Lumma Stealer logs for sale increased by 110% from Q3 to Q4 2023, indicating its effectiveness and high success rate. Actionable Insight: Implement continuous monitoring and threat intelligence to detect and respond to emerging threats promptly. Exploiting Pirated Software: Attackers use pirated software and adult game installers to distribute various malware, including Orcus RAT and XMRig miner. Actionable Insight: Avoid using pirated software and educate users about the risks involved. CryptoChameleon's DNSPod Utilization: CryptoChameleon uses DNSPod servers for fast flux evasion, making it difficult to track and mitigate. Actionable Insight: Employ advanced DNS security measures and stay updated on threat actor tactics to enhance detection capabilities. Malicious npm Package Alert: Cybersecurity researchers discovered a suspicious npm package named "glup-debugger-log" targeting Gulp users. This package aims to drop a remote access trojan (RAT) on compromised systems. [Source: Phylum] Target Audience: The malicious package specifically targets developers using the Gulp toolkit by posing as a logger for Gulp plugins. So far, it has been downloaded 175 times. [Source: Phylum] Technical Breakdown: The package contains two obfuscated files working together. One file acts as an initial dropper to compromise the target machine and download additional malware. The other file provides persistent remote access to the attacker. [Source: Phylum] Detection Evasion: The malware includes checks for network interfaces, specific Windows OS types, and the number of files in the Desktop folder. This step likely aims to avoid deployment in controlled environments like virtual machines (VMs) or new installations. [Source: Phylum] Persistence Mechanism: If all checks pass, the malware launches another script to set up persistence and execute commands from a URL or local file. It establishes an HTTP server on port 3004 to listen for incoming commands. [Source: Phylum] Capabilities: The RAT can execute arbitrary commands and send the output back to the attacker. Despite its minimal functionality, the malware is sophisticated due to its obfuscation techniques and targeted approach. [Source: Phylum] Industry Implications: This discovery highlights the evolving landscape of malware in open-source ecosystems. Attackers are increasingly using clever techniques to create compact, efficient, and stealthy malware. [Source: Phylum] Critical Update Alert: If you self-host Atlassian Confluence Server or Data Center, immediately upgrade to the latest version to fix a remote code execution (RCE) flaw, CVE-2024-21683. The PoC and technical details are already public. (Source: SonicWall) Vulnerability Details: CVE-2024-21683 allows attackers to exploit Confluence via a specially crafted JavaScript language file, with no user interaction required. However, attackers must be logged in and have privileges to add new macro languages. (Source: SonicWall) Technical Insight: The flaw lies in the input validation mechanism of the 'Add a new language' function in the 'Configure Code Macro' section. Insufficient validation allows the injection of malicious Java code. (Source: SonicWall) Exploit Conditions: To exploit, an attacker needs network access to the system, the ability to add new macro languages, and a forged JavaScript file containing malicious Java code. (Source: SonicWall) Proof of Concept: A working PoC is available on GitHub, showcased by security researcher Huong Kieu, highlighting the ease with which this vulnerability can be weaponized. (Source: GitHub) Upgrade Urgency: Given Confluence's critical role in many organizations' knowledge bases, users are strongly advised to upgrade to the latest versions as per the vendor advisory to mitigate potential exploits. (Source: SonicWall) Impact and Mitigation: The vulnerability has a high impact on system confidentiality, integrity, and availability. SonicWall has released IPS signatures (4437 and 4438) to protect against exploitation. (Source: SonicWall) Listener Engagement: Have you upgraded your Confluence instance yet? What's your strategy for handling such critical updates? Share your thoughts with us!

At the end of his glittering career, four-time World Champion Sebastian Vettel said he was in the ‘best shape possible' thanks to his performance coach Antti Kontsas. So how do you physically and mentally prepare a Formula 1 driver for a season of racing around the world? With over 10 years of experience working in the paddock, coaching the likes of Sebastian Buemi, Jean Eric Vergne and Vettel, Kontsas tells Tom Clarkson his secrets to training these extraordinary humans for the pinnacle of motorsport. This episode is brought to you by... Bitdefender: visit bitdefender.com to learn more about why Ferrari chose Bitdefender to stay ahead of cyber threats and how you can make your digital life safer. Related Episodes Sebastian Vettel  Jean Eric Vergne 

Spyware is discovered on U.S. hotel check in systems. A Microsoft outage affects multiple services. Bitdefender uncovers Unfading Sea Haze. University of Maryland researchers find flaws in Apple's Wi-Fi positioning system. Scotland's NRS reveals a sensitive data leak. Rapid7 tracks the rise in zero-day exploits and mass compromise events. The SEC hits the operator of the New York Stock Exchange with a ten million dollar fine. Operation Diplomatic Specter targets political entities in the Middle East, Africa, and Asia. The FCC considers AI disclosure rules for political ads. N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guests Brianna Bace and Unal Tatar PhD sharing their work on Legal Perspectives on Cyberattacks Targeting Space Systems. Tone-blasting underwater data centers.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guests Brianna Bace and Unal Tatar PhD sharing their work on their paper: Law in Orbit: International Legal Perspectives on Cyberattacks Targeting Space Systems. You can learn more about their work in this post. Check out T-Minus Space Daily for your daily space intelligence.  Selected Reading Spyware found on US hotel check-in computers ( TechCrunch) Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search (Bleeping Computer) Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea (Bitdefender)  Apple's Wi-Fi Positioning Can Be System Abused To Track Users (GB Hackers)  National Records of Scotland Data Breached in NHS Cyber-Attack (Infosecurity Magazine) Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report (SecurityWeek) NYSE Operator Intercontinental Exchange Gets $10M SEC Fine Over 2021 Hack (SecurityWeek) Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia (Palo Alto Networks Unit 42 Intel) FCC chair proposes requirement for political ads to disclose when AI content is used (The Record) Acoustic attacks could be a serious threat to the future of underwater data centers (TechSpot) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

The FBI seizes BreachForums. NCSC rolls out a 'Share and Defend' initiative. ESports gaming gets a level up in their security. The spammer becomes the scammer. Bitdefender is sounding the alarm. The city of Wichita gets a wake-up call. In our Threat Vector segment, host David Moulton discusses the challenges and opportunities of AI adoption with guest Mike Spisak, the Managing Director of Proactive Security at Unit 42. And no one likes a cyber budgeting blunder. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In our Threat Vector segment, David Moulton, Director of Thought Leadership at Unit 42, discusses the challenges and opportunities of AI adoption with guest Mike Spisak, Managing Director of Proactive Security at Unit 42. They emphasize the importance of early security involvement in the AI development lifecycle and the crucial role of inventorying AI usage to tailor protection measures. You can listen to the full episode here.  Selected Reading FBI seize BreachForums hacking forum used to leak stolen data (Bleeping Computer)  New UK system will see ISPs benefit from same protections as government networks (The Record) Riot Games, Cisco to Connect and Protect League of Legends Esports Through Expanded Global Partnership (Cisco)  To the Moon and back(doors): Lunar landing in diplomatic missions (WeLiveSecurity) New Black Basta Social Engineering Scheme (ReliaQuest) IoT Cameras Exposed by Chainable Exploits, Millions Affected (HackRead) Kimsuky APT Using Newly Discovered Gomir Linux Backdoor (Decipher) Law enforcement data stolen in Wichita ransomware attack (The Record)  Nigeria Halts Cybersecurity Tax After Public Outrage (Dark Reading)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Bogdan Botezatu from Bitdefender is discussing research on "Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms." Dave and Joe shares some follow up from listener Lara, who writes in to discuss a few topics regarding a previous episode. Joe's story is sharing a game changer in the social engineering world. Dave shares the story of a listener's grandmother who had fallen victim to a pig butchering scam. Our catch of the day comes from listener Kenneth who shares an email he received from a "Cardiologist" on some puppies. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms PCI DSS v4.0 a game-changer in social engineering awareness, prevention Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

FOLLOW UP: CONTINENTAL FINED $107M FOR DIESELGATEContinental, the automotive parts supplier, has been fined €100 million for its part in the dieselgate scandal. The fine was such due to the full cooperation of the company and changes they have subsequently made to their compliance structures. There are six weeks for Continental to pay the fine. Click this Reuters article for more information. STELLANTIS LASHES OUT AT EV MANDATESCarlos Tavares criticises the current UK EV mandates as “terrible”. He has met with the Transport Secretary, Mark Harper, to discuss the situation and suggest alterations that will make it more workable for the industry. We are finding out that you cannot just manufacture demand, when reviewing the monthly SMMT registration figures. You can read more, via a Peter Campbell thread here. For another article, click here to view an Autocar article. LOTUS CHIEF COMMERCIAL OFFICER IS LEAVINGMike Johnson, who is the chief commercial officer of Lotus and the public facing executive for the brand, will be leaving the company after only 18 months in role. He is said to be staying in automotive, but we will have to wait to find out where and when. If you wish to read more on this, click the Autocar article link here. RANSWOMWARE ATTACK IMPACTS STREET LIGHTSA ransomware attack on Leicester City Council has led street lights to “misbehave”. This should cause great concern as more and more systems are linked and accessible remotely. Hopefully, more important and safety critical systems are being looked at across the country so there is not a serious impact from such incidents. Click this BitDefender story link here, to read more.MERCEDES EACTROS 600 CHARGES AT 1MWMercedes-Benz are preparing for the Megawatt Charging System (MCS), that is due to be finalised in 2025, and have successfully charged an eActros 600 prototype at 1MW for the first time. Not details were given on how long the vehicle charged or even how long at 1MW. You can read more, by clicking this electrive article link here. SAMSUNG TEASES FASTER CHARGING LONG LIFE BATTERYAt the 37th Electric Vehicle Symposium & Exposition, in Seoul, Samsung revealed that they will start production of a new electric vehicle batteries that will charge to 80% in nine minutes and some will last 20 years. The plan is for production to start in 2026, but it being fitted to cars in 2029. That's all a little way off, hopefully this isn't like solid state batteries and just far enough ahead for us to forget the last date that was declared. Click this article link from The Register for more. If you like what we do, on this show, and think it is worth a £1.00, please consider supporting us via Patreon. Here is the link to that CLICK HERE TO...

20 years since his infatuation with Formula 1 began at China's first race in 2004, Zhou Guanyu will race in front of his home fans for the first time as an F1 driver at the Chinese Grand Prix. Zhou tells Tom Clarkson what racing in Shanghai will look like through his eyes; from his helmet design and sold-out grandstand, to the reaction he's expecting on his first lap of the track and what it would mean to score his first points of the season in the city he was born in. The Sauber driver also talks about what impact his success has had on motorsport culture in China, his crash at Silverstone in 2022, the documentary being made about his journey to F1, his passion for fashion, uncertainty over his future in the sport with no seat confirmed for 2025 yet, and much more. Related Episodes Zhou's first BTG appearance  This episode is sponsored by: Bitdefender: visit Bitdefender.com to learn more about why Ferrari chose Bitdefender to stay ahead of cyber threats and how you can make your digital life safer BetterHelp: our listeners get 10% off their first month at betterhelp.com/GRID

Florin Talpeș a fondat și conduce Bitdefender, o companie globală, lider în domeniul securității cibernetice. După mai bine de trei decenii în lumea tehnologiei, are o perspectivă cuprinzătoare, dar și înțeleaptă, despre ce înseamnă să construiești o organizație, despre leadership, cultură, investiții și tema esențială a pericolelor care vin din relația atât de strânsă cu tehnologia. Am vorbit cu Florin în martie 2024, într-o conversație live, la Iași, în fața a peste 200 de invitați, despre temele importante ale prezentului, principii de leadership și de viață, etape critice în viața unei organizații, lecțiile dificile pe care le-a avut de integrat pentru deveni un lider și un om mai bun, cum îți păstrezi vie motivația după trei decenii de business, de ce întrebările sunt mai importante decât răspunsurile și multe altele.  **** Conversațiile noaste live sunt susținute de BCR. BCR construiește mecanisme și produse pentru o Românie mai inteligentă financiar. Și, pentru că totul pleacă de la oameni și nevoile lor, soluțiile BCR se bazează pe sute de mii de conversații cu companii și oameni obișnuiți.  Iar sistemul lor gratuit de consiliere financiară a contribuit deja la o viață mai bună pentru 200.000 de oameni care au beneficiat de un plan financiar personalizat.   **** Partenerul nostru este de asemenea MedLife, cea mai mare rețea de servicii medicale private din România. O organizație construită cu pasiune și îndrăzneală de către un grup de antreprenori români, dar și de medici buni, care cred că împreună putem să facem România bine. **** Evenimentele live vă sunt prezentate și de Autonom. O companie de familie, fondată de Dan și Marius Ștefan în 2006, la Piatra Neamț, Autonom este acel gen de succes rapid care a rezultat după 20 de ani de muncă susținută. Azi, conduc cel mai mare grup de produse și servicii de mobilitate din România.  De la o simplă închiriere de mașină, la soluții complexe pentru flote sau soluții de finanțare, soluțiile Autonom susțin companiile, în orice moment s-ar afla pe drum. **** Note, un sumar al conversației, precum și cărțile și oamenii la care facem referire în podcast se găsesc pe andreearosca.ro Pentru a primi noi episoade, vă puteți abona la newsletter pe andreearosca.ro. Dacă ascultați acest podcast, vă rog lăsați un review în Apple Podcasts. Durează câteva secunde și ne ajută să îmbunătățim temele și calitatea și să intervievăm noi oameni interesanți. 

Romania-based security company Bitdefender offers a comprehensive protective suite for Windows and MacOS computers, as well as IOS and Android phones. The package includes enough licenses for all devices used by everyone in the family unless you have an exceptionally large family or everyone has five or six devices. In Short Circuits: Your internet service provider would like you to continue renting a modem from them, but there are good reasons to buy your own and cost is just one of the reasons. • Scam offers appear like clockwork every couple of months for counterfeit US postage stamps that are often shipped from China. Facebook seemingly can't (or won't) do anything to stop them.

Dive into the cyber-landscape where LG smart TVs, Google Workspace, and SharePoint vulnerabilities lay bare the challenges and defenses in our interconnected world. Discover how Bitdefender unearths vulnerabilities in LG's webOS, prompting an urgent patch rollout for millions. Explore Google's stride towards double-layered security with multi-party approvals in Workspace, a bold move against unauthorized changes. Unpack Varonis' latest discovery of SharePoint flaws allowing stealthy data theft, spotlighting the silent battles in cybersecurity. Engage with us on strategies and stories from the front lines of digital defense. Sources: The Hacker News: https://thehackernews.com/2024/04/researchers-discover-lg-smart-tv.html Bitdefender Labs: https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/ Help Net Security: https://www.helpnetsecurity.com/2024/04/09/google-workspace-multi-party-approvals/ Google Workspace Updates: https://workspaceupdates.googleblog.com/2024/04/multi-party-approvals-for-sensitive-admin-actions.html BleepingComputer: https://www.bleepingcomputer.com/news/security/new-sharepoint-flaws-help-hackers-evade-detection-when-stealing-files/ Varonis Blog: https://www.varonis.com/blog/sidestepping-detection-while-exfiltrating-sharepoint-data Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: LG Smart TV, Google Workspace, SharePoint, cybersecurity, vulnerabilities, webOS, multi-party approvals, data exfiltration, root access, security patches, digital defense, cloud security, Bitdefender, Varonis, Microsoft SharePoint, tech news, information security, cyber threats, administrative controls Search Phrases: Bitdefender LG smart TV vulnerabilities Google Workspace multi-party approval feature Varonis exposes SharePoint flaws How to secure LG smart TVs against hackers Implementing Google Workspace multi-party approvals Protecting SharePoint data from undetected theft Latest cybersecurity threats and defenses Root access vulnerabilities in LG TVs Enhancing cloud security with administrative approvals Stealthy data exfiltration techniques in SharePoint Cybersecurity updates for LG smart TV owners Advanced security features in Google Workspace Mitigating risks in Microsoft SharePoint Cyber threat insights from Bitdefender and Varonis Protecting digital assets against unauthorized access Transcript: Apr 10 Welcome back to the Daily Decrypt. Bitdefender reveals a series of high criticality vulnerabilities in LG Smart TV's which could potentially allow attackers to bypass security measures and gain unauthorized root access, which could affect tens of thousands of smart TVs globally. Do you have an LG smart TV? If so, keep listening to find out how you can protect yourself from these vulnerabilities. Someone recently told Google that it's important to check with a friend before making any important decisions. Google is introducing multi party approvals for security features in Google Workspace, which will require multiple admins to approve any sensitive changes. Why is this important? And what types of things can this protect against? And finally, Varonis Threat Labs has just exposed two new vulnerabilities in Microsoft SharePoint that allow hackers to download sensitive files undetected, which will put thousands of businesses at risk. In a recent cybersecurity revelation, researchers at the Romanian firm Bitdefender have brought to light a series of severe vulnerabilities in LG's webOS, the operating system powering its smart TVs. These weaknesses span across versions 4. 9. 7 to 7. 3. 1. of webOS and present a critical threat potentially allowing unauthorized users to gain root access and take control of the devices. So it sounds like Bitdefender did the honorable thing and let LG know about this months ago before disclosing it to the public. And finally LG on March 22nd issued some patches to address these vulnerabilities. Now that's all well and good, but Smart TVs go un updated, potentially forever, the most alarming vulnerability that has been patched, which is CVE 2023 6317, allows attackers to circumvent PIN verification processes to add a privileged user to the TV, requiring no interaction from the device owner. Another vulnerability lets attackers elevate their access level to root, or the highest level of access. Bitdefender's research uncovered that over 91, 000 devices worldwide had this vulnerable service exposed to the internet. Which essentially means that Bitdefender can open up their laptop and scan the internet for your device and find it. And if Bitdefender can do it, any attacker can do it. So make sure that your TVs are up to date, go into the settings, double check which version it is, And make sure it's the most up to date. There should be some sort of indicator saying your system is up to date. If it's not, and your TV is internet facing, attackers can infiltrate your TV, create a backdoor, so that even after the update, they can still access. Then, if your TV has a microphone or a camera, they'll be able to access those things and see what's going on inside your house. They could use those things to steal data. If you've entered in your credit card number into the TV, they'll have access to that. It could be used as a pivot point to try to get to your more sensitive devices like your laptop or your phone, and then inject malware there. If your office space uses an LG Smart TV, it could be used to pivot and conduct a ransomware attack. The uses of this vulnerability are limited only by the attacker's creativity, so make sure to go in. And ensure your device is updated. And a lot of these devices just go to sleep. They don't do a full power cycle or a restart. So go in, maybe unplug the TV for a couple minutes, maybe overnight, however long you can. And then replug it in when you need to use it again. That should wipe the temporary memory and increase the chances that you've gotten rid of the attacker from your TV. In an effort to bolster security measures for its Google Workspace customers, Google has introduced a new feature designed to mitigate the risk of unauthorized or accidental changes within its system. The tech giant announced the rollout of multi party approvals for its cloud based productivity and collaboration platform. This optional security measure requires that certain sensitive admin actions receive approval from another admin before they can be executed. The multi party approvals feature aims to combat potential threats from both inside and outside an organization. By ensuring that changes to critical settings, such as two step verification and account recovery policies, undergo an additional layer of scrutiny. Admins will have the ability to review details of each request, making informed decisions on whether to allow or deny the proposed changes. This process not only secures the platform against unauthorized access, but also streamlines administrative tasks by executing actions automatically once they receive approval. Google Workspace's multi party approvals will be accessible to a broad range of customers, including those subscribed to the enterprise standard. Enterprise Plus, Education Standard, Education Plus, and Cloud Identity Premium plans. But, the feature is turned off by default and can be enabled through the admin console under the multi party approval settings. This is a pretty nice feature for Google to introduce. Probably pretty easy to do on their end, just require more permissions before being able to accomplish certain tasks. Granted, this only requires twice as many permissions as were required before, so if an attacker can get in and make these changes, what's to say they can't get in, create a new account, new admin account, and get the required approvals that way. Anyway, The blog post by Google doesn't address this use case specifically, but it would be great if Google required multiple admins in order to create a new admin, which would essentially solve this problem. And then what's also cool about this new feature is that, yeah, it's introducing new automation features as well. Once you have the approvals, Google will automatically go in and place the changes that were already requested. This doesn't save any time from the legacy workflow, which is where admins would go in and do these actions. They would happen immediately. Because the admins will still have to go in and perform these actions, they will just require approvals afterwards. So the action time is the same, but luckily they don't have to wait for approval and then go perform the action again or something like that. It'll happen automatically. And this is so important because one of the first things that an attacker will try to do once they infiltrate your environment is to make sure they can get back in. And one of the ways they can do that is to create accounts or alter security settings, maybe change logging preferences so that their tracks might be more covered up, allowing them to move more freely throughout your network and perform more malicious actions unrestricted. If it requires multiple admins, To edit logging preferences from debug to verbose or turn off two factor authentication so that attackers can sign in from wherever or any of these things, attackers are less likely to succeed down the line. So if you do run a Google workspace, however small, and you have multiple admins, I highly encourage you to go enable this feature once it's available. It's coming out and it's going to be cool. Our final segment discusses new Microsoft SharePoint vulnerabilities that Varonis Threat Labs discovered, which could allow hackers to stealthily download files from SharePoint, evading traditional audit logs or detection methods. The first method exploits the quote, open in app feature of SharePoint, which when used does not log a file downloaded event, but rather an access event, which might not raise immediate alarms for administrators. This loophole could facilitate what's being termed as silent data exfiltration, allowing for the downloading of documents in a manner that doesn't attract the usual scrutiny. So there's so many events that go on in the Microsoft ecosystem, especially in SharePoint, whether it's opening or downloading or transferring. So many events, they all kind of get funneled into different categories of event. As mentioned, there's a download event and there's an access event. So you might be able to see the Severity difference in these two events. If someone's downloading something that's a little more severe than just opening something. And so security teams will create alerts for different types. of event. So they might have a more serious alert for the download event than they do the access event. And so this first attack is essentially leveraging a bet that security teams aren't alerting as scrutinously on access events, and they're able to download files while only triggering an access event, not a download event. The second vulnerability, uh, Involves spoofing the user agent string of file access requests to appear as if the actions are part of a routine data syncing operation within Microsoft's SkyDrive sync. Thus making the download seem less suspect and more like benign sync events. Both methods open the door to stealthy exfiltration of sensitive documents, bypassing the eyes of cloud access, security tools, and security information and event management platforms, or SIMs. Some recommendations include monitoring for unusual access patterns or high volumes of data activity, which could indicate unauthorized data movements. Until Microsoft addresses these vulnerabilities, we're not sure. Which have currently been acknowledged, but rated as moderate and hence are not slated for immediate patching. Organizations are urged to adopt proactive measures to mitigate potential risks. And I would agree with that assessment. It's a moderate vulnerability and it will be slated for patching, but maybe not immediately since they are still generating events, just maybe not at the correct severity. If this is an important thing to you, make sure to write to Microsoft. Send them an email, get your whole team to send them an email. Try to get them to bump up the priority on this to get it patched. Otherwise, there's going to be a lot of false positive alerts if you're trying to monitor for things that are generally less severe. Hoping for the needle in the haystack. That's going to exhaust your security teams and Reduce the quality of their output. My best advice, if you are planning to take the alerting route, is to create some sort of event sequence based alerting. Like, if someone does this, and someone does this, and someone does this, then generate an alert. Now, not everyone has the ability to do that, but simply raising the severity of Access based alerts isn't going to be the best method and potentially the download alerts will fall through the cracks while analysts are focusing on these. Less severe alerts looking for that, like I said, needle in a haystack. That's all I got for you today. Thanks so much for listening. Hope you got a chance to enjoy the solar eclipse on Monday. I was lucky enough to have the day off from work and this podcast. Huge thanks to dogespan for covering down for me. And it was a really cool experience. And send us a message, send us a DM, send us an email with anything. We'd love to hear from you. Any feedback, anything you'd like to see, we'd greatly appreciate it. And we will talk to you some more later.

Insights on fake AI law firms, Facebook malware schemes, and critical VPN vulnerabilities. Discover the intricate web of SEO manipulation, the alarming spread of malware through counterfeit AI services, and the global impact of a new VPN flaw. Stay ahead with actionable advice and join the conversation on safeguarding against these sophisticated digital threats. Original URLs: https://arstechnica.com/gadgets/2024/04/fake-ai-law-firms-are-sending-fake-dmca-threats-to-generate-fake-seo-gains/ https://www.bleepingcomputer.com/news/security/fake-facebook-midjourney-ai-page-promoted-malware-to-12-million-people/ https://www.bleepingcomputer.com/news/security/new-ivanti-rce-flaw-may-impact-16-000-exposed-vpn-gateways/ https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: cybersecurity, AI scams, malware, VPN vulnerabilities, SEO manipulation, digital threats, fake law firms, Facebook malware, Ivanti, RCE flaw, data security, online safety, cybersecurity tips, tech news, hacking Search Phrases: Cybersecurity threats and AI scams How to spot and avoid online malware schemes Understanding VPN vulnerabilities and their impact Dealing with fake DMCA threats for SEO gains Protecting against Facebook AI service scams Ivanti VPN gateways security flaws Tips for enhancing online data security Latest in cybersecurity and hacking news Identifying and responding to digital threats Navigating SEO manipulation and fake law firms Transcript Apr 6 Welcome back to the Daily Decrypt. Fake law firms like Commonwealth Legal out of Arizona are sending out copyright infringement notices to manipulate SEO rankings. This is just another way attackers are getting more and more creative to manipulate the things that you see on the day to day. Over 1. 2 million people were tricked using a Facebook scam where hackers peddled fake services like Midjourney or OpenAI's Sora that deployed malware designed to hijack users data. How can you identify this type of scam and protect yourself? And finally, Ivanti has patched a critical security flaw that affects over 16, 000 vPN gateways. What is this vulnerability and how can administrators protect their VPN gateways? We live in a world where everyone has a website, whether it's your personal business or your hobby. There are tons of websites and they're easy to spin up. Well, Ars Technica is reporting that there are now fake law firms who are sending copyright infringement notices to personal and hobby websites. For example, you're using an image that doesn't belong to you, please provide compensation. Ars Technica. Taking it down doesn't work. The most notable firm. is titled Commonwealth Legal, even though it's out of Arizona or so it says, which isn't a state that's deemed a Commonwealth. And they're claiming to represent the Intellectual Property Division of Tech4Gods. Like I mentioned, there are a lot of key indicators that this legal firm is fake. For example, it's a brand new domain registration, which means their website's brand new. It's also a Canadian IP address and the physical address doesn't match the one listed on the website. If you actually go to the website for Commonwealth Legal, you'll see a bunch of AI generated images of attorneys. Yeah, doesn't take much to realize this is probably a fake website. But regardless, if you receive a copyright infringement notice, That's a pretty scary thing. So why does this exist? Why is this happening? Well, it's pretty clever. This legal firm claims to represent the company Tech4Gods, which may or may not be a legitimate site, but the whole goal of this is to boost the SEO for Tech4Gods. And the way that it does that is by placing backlinks or just links to the Tech4Gods website all over the internet, which is a gold mine for SEO rankings. Now, if you want more specifics than that, you can check out the article by Ars Technica in the show notes, but make sure to just be skeptical of every threat or every email you get from someone who you don't know. If you get an email that claims you're infringing on someone's copyright, Look for signs that it's fake. Maybe reach out to a different law firm. Maybe reach out to the police because maybe they've heard of this scam before and will be able to verify that it's a scam. Nothing in our legal system, especially in the United States goes quickly. So don't act with a sense of urgency. You don't need to pay anything immediately. Take your time and work through this. Over 1. 2 million people on Facebook have been tricked into clicking links for counterfeit AI services such as Midjourney, OpenAI Sora, ChatGPT-5, and DAL E by promising previews of unreleased features. And you'll never guess how attackers have done this. They have purchased ads. That's right. Anyone can purchase ads. Attackers do it. They promise you something that's too good to be true. You click it, and now you've downloaded some malicious software. So these specific Facebook ads coax users into joining fake Facebook groups that look real, and then immediately the users are bombarded with Seemingly legitimate updates, AI generated visuals, and enticing offers or, quote, early access to AI innovations. So these are just baits to lure victims into downloading malicious software, but instead of getting the cutting edge tools you were promised, you're getting password theft malware, like, Rylide, Vidar, IceRat, and Nova. Once this malware is downloaded, it's gonna go into your browser and try to grab your session cookies, credentials, maybe stored in your Google Chrome password manager. It's gonna look for cryptocurrency details and more. The case outlined by Bitdefender and reported by Blooping Computer in our show notes. It showcases a mid journey fan page that had over 1. 2 million followers, which was initially a legitimate fan page, but was taken over by hackers in June of 2023. It operated from June of 2023 up until last week when Facebook finally took it down. Once attackers had taken over this Facebook page, they created a fake website, flawlessly mimicking the mid journey website. which only helped them push this fake malware onto its users. When they click on the website, it actually goes to a website that looks exactly like Midjourney. Here is where users would be tricked into downloading the malware disguised as the state of the art image generation tools. Once they download, It looks like they were required to install a Google Translate browser extension, which is where the malware lives. Even though this page has been taken down by Facebook, the attackers have quickly moved over to a new page which already has 600, 000 plus followers. So this is just a case of malvertising. I'm actually gonna start making stickers. Don't click on Google ads. Now I'm gonna include don't click on Facebook ads because they're pretty cheap to run. I did a test the other day on a Daily Decrypt Reel on Instagram and I got 3, 000 views for five bucks. Now if I had attacker kind of money, That would be a lot more views, a lot more clicks. So just be weary of Facebook ads. I literally don't click any ads anymore, even if the product looks polished and pristine, there are some legitimate ads out there, but at this point, I don't trust any of them. So keep an eye out. for a Daily Decrypt store opening up soon with some fresh new stickers handmade by me, and don't click on any ads. And finally, Ivanti has disclosed a high severity remote code execution flaw which affects up to 16, 500 of its connect secure and poly secure gateways. This vulnerability is due to a heap overflow in the IPSet component impacting versions 9. 0 and 22. And could potentially allow unauthorized attackers to execute remote code. or initiate denial of service by sending specifically crafted requests. This issue came to light following reports by internet search engine Shodan and threat monitoring service Shadow Server, which initially discovered approximately 29, 000 exposed services. Ivanti, however, has reassured its customer base that there have been no observed instances of exploitation, but emphasizes the importance of applying necessary updates without delay to avoid breaches. ShadowServer's subsequent assessments revealed that the number of susceptible devices might be closer to around 16, 000, with the highest concentrations of vulnerable gateways located in the United States. Japan, the UK, Germany, France, and the list goes on. This vulnerability is not the first to raise alarms with Ivanti's user community. Earlier this year, various Ivanti products flaws were exploited by state sponsored actors and hacking groups to facilitate their use. unauthorized access, and control over affected devices. A recent report by Mandiant highlights the exploitation of Ivanti endpoints by Chinese hackers employing a malware family dubbed Spawn. Ivanti has released patches for all supported versions of the affected products. So yeah, get out there, update your systems, and sleep well at night. That's all I got for you today. If you like what you hear, we'd really appreciate a review on Spotify or Apple podcasts and a follow on Instagram, subscription on YouTube, wherever you consume your media and send us a comment. We'd love to hear from you. I hope you have a great rest of your weekend. Go check out the solar eclipse this Monday and we'll talk to you some more later.

Is there any truth behind the alleged data breach at Fortnite maker Epic Games? Who launched the ransomware attack that caused a fallout at pharmacies? And what's the latest on the heart-breaking hack of Finnish therapy clinic Vastaamo?All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mogilevich claims it has breached Epic Games - Twitter.Fraudster's fake data breach claims should remind media to be carefu what we report - DataBreaches.net.Prescription orders delayed as US pharmacies grapple with "nation-state" cyber attack - Bitdefender.US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say - Reuters.Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment - Wired.Vastaamo data breach - Wikipedia.The CEO who also ran IT, Strava strife, and TikTok tall tales - Smashing Security podcast.Ex-CEO of hacked therapy clinic sentenced for failing to protect patients' session notes - Bitdefender.Ex-CEO of breached pyschotherapy clinic gets prison sentence for bad data security – Sophos.Vastaamo victims' lawyer: Some took their own lives after patient record leak - Yle.Prosecutors call for maximum penalty over Vastaamo hacking - Helsinki Times.Self-pay gas station pumps break across NZ as software can't handle Leap Day - Ars Technica.Citrix, Sophos software impacted by 2024 leap year bugs - Bleeping Computer.Resident Alien trailer - YouTube.

Forecast = Partly Sunny With A Chance Of Catastrophic Haboobs In this episode of Storm⚡️Watch, we open with a critical discussion on the NSA's recent tracking of Chinese groups targeting Ivanti kit within the defense sector, as reported by TechCrunch. We also feature an in-depth analysis of JFrog's investigation into malicious AI/ML models on Huggingface, highlighting the silent backdoors that pose a threat to data scientists. We delve into the White House's "Back to the Building Blocks" technical report, shedding light on the administration's approach to cybersecurity. The conversation then shifts to the startling revelations of MQTT-based 3D printer hacks, specifically targeting Anycubic printers, as uncovered by Bitdefender. This segment underscores the importance of security in the rapidly growing field of 3D printing. We also explore the latest trends and active campaigns in cybersecurity, utilizing resources like GreyNoise's visualization tools and CISA's known exploited vulnerabilities catalog. Our episode concludes with a roundup of the most recent KEV updates and a discussion on the new submission form for actively exploited vulnerabilities, emphasizing the ongoing efforts to enhance cybersecurity response and reporting. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>  

A LastPass imitator sneaks its way past Apple's app store review. Bitdefender identifies a new macOS backdoor. The Air Force and Space Force collaborate for stronger cyber defense. CISA offers an election security advisory program. The FCC bans AI robocalls. The Feds put a bounty on the Hive ransomware group. Senators introduce a bipartisan drone security act. Cisco Talos IDs a new cyber espionage campaign. Fighting the good fight against software bloat. On our Solution Spotlight, N2K President Simone Petrella talks with Amy Kardel, Senior Vice President for Strategic Workforce Relationships at CompTIA about the cyber talent gap. And sports fans check your passwords.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella talks with Amy Kardel, Senior Vice President for Strategic Workforce Relationships at CompTIA about their perspectives and initiatives in response to the cyber talent gap. Selected Reading Fake LastPass App Sneaks Past Apple's Review Team (MacRumors) Warning: Fraudulent App Impersonating LastPass Currently Available in Apple App Store (LastPass) New Rust-Based macOS Backdoor Steals Files, Linked to Ransomware Groups (HACKREAD) New Department of Air Force partnership brings cyber, space and information units closer (DefenseScoop) Federal Cybersecurity Agency Launches Program to Boost Support for State, Local Election Offices (SecurityWeek) FCC votes to outlaw scam robocalls that use AI-generated voices (CNN Business) US offers $10 million for tips on Hive ransomware leadership (Bleeping Computer) New legislation would give NIST drone cybersecurity responsibilities (FedScoop)  New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization (Talos Intelligence) Why Bloat Is Still Software's Biggest Vulnerability (IEEE Spectrum) Super Bowl of Passwords: Chiefs vs. 49ers in the Battle of Cybersecurity (Security Boulevard) Taylor Swift's Influence on Cybersecurity (Enzoic) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

He's the second longest-serving Team Principal on the 2023 Formula 1 grid, but after 18 years in charge of AlphaTauri and Toro Rosso, Franz Tost is hanging up his pitwall headphones. Ahead of his final race in Abu Dhabi, Tost sits down with Tom Clarkson to talk about the highs and lows of leading the team from its inception. Hear about Franz's, sometimes challenging, relationship with senior team Red Bull Racing, their sensational Grand Prix wins at Monza in 2008 and 2020, and how he helped launch the careers of multiple World Champions, Sebastian Vettel and Max Verstappen. Plus, the Austrian tells Tom which of the 17 drivers he's worked with have impressed him the most and his five stages of development for rookies. Follow, rate and review F1 Beyond The Grid and share this episode using #F1BeyondTheGrid. Related Episodes Sebastian Vettel Pierre Gasly Yuki Tsunoda  Liam Lawson Daniel Ricciardo  Carlos Sainz  Adrian Newey  Mario Theissen This episode is sponsored by:  Bitdefender: visit Bitdefender.com to learn more about how Bitdefender supports Ferrari to stay ahead of cyber threats and how YOU can make your digital life safer. Uncommon Goods: to get 15% off your next gift, go to uncommongoods.com/GRID Babbel: get six months free with a purchase of a 6-month subscription when you visit babbel.com/play, and use promo code GRID

This episode is brought to you by Bitdefender, Team partner of Ferrari. Visit Bitdefender.com to learn more about how Bitdefender supports Ferrari to stay ahead of cyber threats and how you can make your digital life safer. Red Bull were midfield minnows in the early years of their F1 mission to becoming the serial World Champions they are today. But during those humble beginnings, the team was renowned for nurturing young talent like Vitantonio Liuzzi. The Italian drove for Red Bull and their sister outfit, Toro Rosso, among others in a Formula 1 career spanning 12 years. Liuzzi was unable to replicate the success he had at junior level, but looks back at his time in the sport with fond memories when speaking to Tom Clarkson. He talks about Red Bull's party reputation, politics within the team, his sour exit from Toro Rosso in 2007 and a number of missed opportunities to finish on the podium. Plus, hear Liuzzi relive his famous victory over Michael Schumacher in the Karting World Championship finals. Follow, rate and review F1 Beyond The Grid and share this episode using #F1BeyondTheGrid. Related Episodes David Coulthard, Vitantonio's teammate at Red Bull  Christian Klein, Red Bull's first F1 prodigy Scott Speed, Red Bull's American prodigy  Sebastian Vettel, Vitantonio's teammate at Toro Rosso  Adrian Newey, the genius behind Red Bull's transformation into World Champions 

Ferrari's wait for a record 32nd World Championship is set to continue in 2023. But are the most successful team in Formula 1 history at least heading in the right direction? Ahead of their home race at Monza, who better to answer that question than Ferrari Team Principal, Fred Vasseur? Cracking jokes throughout, Fred tells Tom Clarkson how the culture at Ferrari is like no other he's experienced in F1 and why this job is the ‘biggest challenge' of his career. He talks about the development of Charles Leclerc and Carlos Sainz, the team's strengths and weaknesses, and he sends a message to the Tifosi. Follow, rate and review F1 Beyond The Grid and share this episode using #F1BeyondTheGrid. Related Episodes Charles Leclerc, ‘2nd isn't enough'  Carlos Sainz  Fred's previous F1 BTG appearance  This episode is sponsored by:  Factor: Head to factormeals.com/btg50 and use code btg50 to get 50% off  Bitdefender: visit Bitdefender.com to learn more about how Bitdefender supports Ferrari to stay ahead of cyber threats and how YOU can make your digital life safer