Podcasts about Black hat

Chandler is so excited!!! In just 8 Days, Jack Skellington returns to The Haunted Mansion in Disneyland!!!  The Halloween season is inching closer!!Have you grabbed your tickets to see Annie in downtown SLC yet!?!  Better get em quick! Go to ArtTix.com!!!Chunga heard to computer nerds having a conversation at Blackhat 2025 last week, they were talking about how “social media is dying, finally”.  Do YOU agree with this? Think it's true!?Have you watched the series about Band Aid and Live Aid yet!? It's on CNN and it's AMAZING!  Get your tissues, it'll bring back lots of memories!!CHUNGA POLL: What's a song you can listen to over, and over without ever getting sick of it!?!Post your answers below!!PLUS!!  Gregg has his first Halloween “As Seen On Tubi” movie shout-out! LISTEN NOW!!!!  It's on www.radioronin.com and everywhere you get your podcasts!!!

At Black Hat USA 2025, Sean Martin, co-founder of ITSPmagazine, sat down with Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, to discuss the findings from the company's latest ransomware report. Over the past five years, the research has tracked how attack patterns, targets, and business models have shifted—most notably from file encryption to data theft and extortion.Brett explains that many ransomware groups now find it more profitable—and less risky—to steal sensitive data and threaten to leak it unless paid, rather than encrypt files and disrupt operations. This change also allows attackers to stay out of the headlines and avoid immediate law enforcement pressure, while still extracting massive payouts. One case saw a Fortune 50 company pay $75 million to prevent the leak of 100 terabytes of sensitive medical data—without a single file being encrypted.The report highlights variation in attacker methods. Some groups focus on single large targets; others, like the group “LOP,” exploit vulnerabilities in widely used file transfer applications, making supply chain compromise a preferred tactic. Once inside, attackers validate their claims by providing file trees and sample data—proving the theft is real.Certain industries remain disproportionately affected. Healthcare, manufacturing, and technology are perennial top targets, with oil and gas seeing a sharp increase this year. Many victims operate with legacy systems, slow to adopt modern security measures, making them vulnerable. Geographically, the U.S. continues to be hit hardest, accounting for roughly half of all observed ransomware incidents.The conversation also addresses why organizations fail to detect such massive data theft—sometimes hundreds of gigabytes per day over weeks. Poor monitoring, limited security staffing, and alert fatigue all contribute. Brett emphasizes that reducing exposure starts with eliminating unnecessary internet-facing services and embracing zero trust architectures to prevent lateral movement.The ransomware report serves not just as a data source but as a practical guide. By mapping observed attacker behaviors to defensive strategies, organizations can better identify and close their most dangerous gaps—before becoming another statistic in next year's findings.Learn more about Zscaler: https://itspm.ag/zscaler-327152Note: This story contains promotional content. Learn more.Guest:Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, | On LinkedIn: https://www.linkedin.com/in/brett-stone-gross/ResourcesLearn more and catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscalerLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, brett stone-gross, ransomware, data extortion, cyber attacks, zero trust security, threat intelligence, data breach, cyber defense, network security, file transfer vulnerability, data protection, black hat, black hat usa 2025, zscaler

In an industry where technology often takes the spotlight, Deidre Diamond, Founder and CEO of CyberSN, and Carraig Stanwyck, CEO and former Fortune 200 CISO, are making the case for a shift in focus—one where people, not just tools, drive operational success.Deidre's journey began in cyber talent matching, where she saw firsthand the persistent workforce challenges organizations face—burnout, retention struggles, and a lack of career planning. These challenges inspired the creation of a workforce risk management practice designed to quantify and address the human side of cybersecurity. The approach goes beyond staffing—it maps skills, capabilities, and job alignment in real time, enabling leaders to strategically plan their workforce instead of reacting to turnover.Carraig's perspective as a leader building teams across government, startup, and enterprise environments reinforces the message: “If you get the people right, everything else comes together.” Even leaders already committed to employee engagement often lack the visibility to fully understand capability gaps, skill utilization, and role misalignment. Carraig describes how moving from static spreadsheets to a dynamic platform revealed hidden opportunities—such as repositioning talent into roles that better matched their strengths—while also giving executives a clear capability-to-staffing view.This real-time insight changes everything. Leaders can create accurate job descriptions based on actual needs, build stronger business cases for budgets, and proactively plan for growth. The results aren't just operational—employees feel invested in, leading to greater fulfillment, better retention, and improved professional efficacy.Both Deidre and Carraig emphasize that this approach isn't just about solving today's staffing needs. It's about preparing for a future where emotional intelligence, creative collaboration, and adaptability will be more critical than ever. As AI takes on repeatable tasks, the human ability to think strategically, work cohesively, and innovate will define success.The takeaway is clear: cybersecurity's greatest asset isn't a piece of technology—it's a workforce that's understood, empowered, and aligned with the mission.Learn more about CyberSN: https://itspm.ag/cybersn-476941Note: This story contains promotional content. Learn more.Guests:Deidre Diamond, Founder and CEO of CyberSN | On LinkedIn: https://www.linkedin.com/in/deidrediamond/Carraig Stanwyck, CEO at 3 Tree Tech and former Fortune 200 CISO | On LinkedIn: https://www.linkedin.com/in/carraig-stanwyck/ResourcesLearn more and catch more stories from CyberSN: https://www.itspmagazine.com/directory/cybersnLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: marco ciappelli, deidre diamond, carraig stanwyck, cybersecurity, workforce management, talent retention, job descriptions, skills gap, leadership, employee engagement, career development, black hat, black hat usa, black hat 2025, workforce risk management

Black Hat 2025: Crogl's CEO Monzy Merza Explains How AI Can Help Eliminate Alert Fatigue in CybersecurityCrogl CEO Monzy Merza discusses how AI-driven security platforms automate alert investigation using enterprise knowledge graphs, enabling analysts to focus on threat hunting while maintaining data privacy.Security teams drowning in alerts finally have a lifeline that doesn't compromise their data sovereignty. At Black Hat USA 2025, Crogl CEO Monzy Merza revealed how his company is tackling one of cybersecurity's most persistent challenges: the overwhelming volume of security alerts that leaves analysts either ignoring potential threats or burning out from investigation fatigue.The problem runs deeper than most organizations realize. Merza observed analysts routinely closing hundreds of alerts with a single click, not from laziness or malice, but from sheer necessity. "When you look at the history of breaches, the signal of the breach was there. And somebody ignored it," he explained during his ITSPmagazine interview, highlighting a critical gap between alert generation and meaningful investigation.Traditional approaches have failed because they expect human analysts to become "unicorns" - experts capable of mastering multiple data platforms simultaneously while remembering complex query languages and schemas. This unrealistic expectation has created what Merza calls the "human unicorn challenge," where organizations struggle to find personnel who can effectively navigate their increasingly complex security infrastructure.Crogl's solution fundamentally reimagines the relationship between human intuition and machine automation. Rather than forcing analysts to adapt to multiple tools, the platform creates a semantic knowledge graph that maps data relationships across an organization's entire security ecosystem. When alerts arrive, the system automatically conducts investigations using established kill chain methodologies, freeing analysts to focus on higher-value activities like threat hunting and strategic security initiatives.The privacy-first architecture addresses growing concerns about data sovereignty. Operating as a completely self-contained system with no internet dependencies, Crogl can run air-gapped in the most sensitive environments, including defense intelligence communities. The platform connects to existing tools through APIs without requiring data movement, duplication, or transformation.Real-world results demonstrate the platform's versatility. One customer discovered their analysts were using Crogl for fraud detection - an application never intended by the original design. The system's ability to process natural language descriptions and convert them into executable security processes has reduced response times from weeks to minutes for complex threat hunting operations.For security leaders evaluating AI integration, Merza advocates an experimental approach. Rather than attempting comprehensive transformation, he suggests starting with focused pilot programs that address specific pain points. This measured strategy allows organizations to validate AI's value while maintaining operational stability.The broader implications extend beyond security operations. By removing technical barriers and emphasizing domain expertise over tool competency, platforms like Crogl enable security teams to become strategic business enablers rather than reactive alert processors. Organizations gain the flexibility to maintain their preferred data architectures while ensuring comprehensive security coverage across distributed environments.As cyber threats continue evolving, the industry's response must prioritize both technological capability and human potential. Solutions that enhance analyst intuition while automating routine tasks represent a sustainable path forward for security operations at scale. Watch the full interview: https://youtu.be/0GqPtPXD2ik Learn more about CROGL: https://itspm.ag/crogl-103909Note: This story contains promotional content. Learn more.Guest: Monzy Merza, Founder and CEO of CROGL | On Linkedin: https://www.linkedin.com/in/monzymerza/ResourcesLearn more and catch more stories from CROGL: https://www.itspmagazine.com/directory/croglAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Stellar Cyber Revolutionizes SOC Cybersecurity Operations with Human-Augmented Autonomous Platform at Black Hat 2025 A Stellar Cyber Event Coverage of Black Hat USA 2025 Las VegasAn ITSPmagazine Brand Story with Subo Guha, Senior Vice President Product, Stellar Cyber____________________________Security operations centers face an unprecedented challenge: thousands of daily alerts overwhelming analyst teams while sophisticated threats demand immediate response. At Black Hat USA 2025 in Las Vegas, Stellar Cyber presented a revolutionary approach that fundamentally reimagines how SOCs operate in the age of AI-driven threats.Speaking with ITSPmagazine's Sean Martin, Subo Guha, Senior Vice President of Products at Stellar Cyber, outlined the company's vision for transforming security operations through their human-augmented autonomous SOC platform. Unlike traditional approaches that simply pile on more automation, Stellar Cyber recognizes that effective security requires intelligent collaboration between AI and human expertise.The platform's three-layer architecture ingests data from any source – network devices, applications, identities, and endpoints – while maintaining vendor neutrality through open EDR integration. Organizations can seamlessly work with CrowdStrike, SentinelOne, Sophos, or other preferred solutions without vendor lock-in. This flexibility proves crucial for enterprises navigating complex security ecosystems where different departments may have invested in various endpoint protection solutions.What sets Stellar Cyber apart is their autonomous SOC concept, which dramatically reduces alert volume from hundreds of thousands to manageable numbers within days rather than weeks. The platform's AI-driven auto-triage capability identifies true positives among thousands of false alarms, presenting analysts with prioritized "verdicts" that demand attention. This transformation addresses one of security operations' most persistent challenges: alert fatigue that leads to missed threats and burned-out analysts.The revolutionary AI Investigator copilot enables natural language interaction, allowing analysts to query the system conversationally. An analyst can simply ask, "Show me all impossible travel incidents between midnight and 4 AM," and receive actionable intelligence immediately. This democratization of security operations means junior analysts can perform at senior levels without extensive coding knowledge or years of experience navigating complex query languages.Identity threat detection and response (ITDR) emerged as another critical focus area during the Black Hat presentation. With identity becoming the new perimeter, Stellar Cyber integrated sophisticated user and entity behavior analytics (UEBA) directly into the platform. The system detects impossible travel scenarios, credential attacks, and lateral movement patterns that indicate compromise. For instance, when a user logs in from Portland at 11 PM and then appears in Moscow 30 minutes later, the platform immediately flags this physical impossibility.The identity protection extends beyond human users to encompass non-human identities, addressing the growing threat of automated attacks powered by large language models. Hackers now leverage generative AI to create credential attacks at unprecedented scale and sophistication, making robust identity security more critical than ever.Guha emphasized that AI augmentation doesn't displace security professionals but elevates them. By automating mundane tasks, analysts focus on strategic decision-making and complex threat hunting. MSSPs report dramatic efficiency gains, scaling operations without proportionally increasing headcount. Where previously a hundred thousand alerts might take weeks to process, requiring extensive junior analyst teams, the platform now delivers actionable insights within days with smaller, more focused teams.The platform's unified approach eliminates tool sprawl, providing CISOs with real-time visualization of their security posture. Executive reporting becomes instantaneous, with high-priority verdicts clearly displayed for rapid decision-making. This visualization capability transforms how security teams communicate with leadership, replacing lengthy reports with dynamic dashboards that convey risk and response status at a glance.Real-world deployments demonstrate significant operational improvements. Organizations report faster mean time to detection and response, reduced false positive rates, and improved analyst satisfaction. The platform's learning capabilities mean it becomes more intelligent over time, adapting to each organization's unique threat landscape and operational patterns.As organizations face increasingly sophisticated threats powered by generative AI, Stellar Cyber's human-augmented approach represents a paradigm shift. By combining AI intelligence with human intuition, the platform delivers faster threat detection, reduced false positives, and empowered security teams ready for tomorrow's challenges. The company's commitment to continuous innovation, evidenced by rapid feature releases between RSA and Black Hat, positions them at the forefront of next-generation security operations. Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947Note: This story contains promotional content. Learn more.Guest: Subo Guha, Senior Vice President Product, Stellar Cyber | https://www.linkedin.com/in/suboguha/ResourcesLearn more and catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyberLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Topic Segment - What's new at Black Hat? We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah! News Segment Then, in the enterprise security news, Tons of funding! SentinelOne picks up an AI security company weeks after Palo Alto closes the Protect AI deal Vendors shove AI agents into everything they've got Why SOC analysts ignore your playbooks NVIDA pinkie swears to China: no back doors! ChatGPT was allowing shared chat sessions to be indexed and crawled by search engines like Google Who is gonna secure all this vibe code? Who is gonna triage all these hallucinated bug reports? Perplexity and Cloudflare duke it out When you try to scrub your shady past off the Internet, it might just make things worse. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-419

Chunga has returned from a week at the Blackhat cyber security conference!!  It was exhausting and… in a word, NERDY!! It was perfect for Chunga!!!Panda was doing some family service work at a local cemetery last week… something strange happened.  Something REALLY strange happened!!Chandler can hardly contain himself!!! Universal Horror Unleashed opens THIS WEEK in Las Vegas!!!! Spook Alley's ALL YEAR LONG!!!Chris is doing his last week of the musical Annie!  It's amazing!!!!  Be sure to grab your tickets at ArtTix.com before it closes forever!!! This is your last chance!!!HEY!  Mercury in retrograde ends today!!! We made it!!!Tuesday is the day for a brand new SciFi TV series that's getting a TON of positive reviews!!  The Ronin are super excited about it, and they think you are going to LOVE IT!!!Panda has another “As Seen On Tubi” movie shout out, AND!!!! It's time for Your Really Stupid News!!!!  LISTEN NOW!!!!!It's on www.radioronin.com and everywhere you get your podcasts!!

In today's connected world, corporate executives and board members live in a digital space that extends far beyond their company's networks. Chris Pierson, CEO and Founder of BlackCloak, explains how protecting leaders requires more than traditional enterprise security—it calls for securing their personal digital lives.The threat landscape for high-profile individuals includes everything from compromised personal email accounts and hacked home networks to deepfake attacks and targeted identity theft. These risks not only threaten the individual but can cause significant financial and reputational damage to the companies they represent.BlackCloak addresses this by providing digital executive protection—securing executives, their families, and their homes with a blend of technology, privacy measures, and concierge-level service. This includes monitoring and removing data from brokers, detecting threats in the dark web, safeguarding home IoT devices, and even protecting yachts, jets, and vacation properties. The company also acts as an on-call cybersecurity and privacy advisor 24/7/365.A key component is the BlackCloak app, which serves as a security dashboard and communication hub. Through it, clients can see privacy risks being addressed in real time, receive alerts, and contact their dedicated concierge team. Behind the scenes, deception networks and active monitoring provide an extra layer of defense.Pierson highlights the growing convergence of cyber and physical threats. High-profile attacks and incidents in recent years underscore the importance of integrating cybersecurity with physical security, particularly for executives who are constantly in the public eye. With AI accelerating both the speed and sophistication of attacks, organizations need to consider a holistic approach—protecting not only networks and devices but the digital personas of their people.Ultimately, Pierson sees this as part of a broader shift toward making security a lifestyle component for executives, much like comprehensive healthcare benefits. It's about creating an always-on layer of protection that travels with them—whether they're in the office, at home, or halfway around the world.Learn more about BlackCloak: https://itspm.ag/itspbcwebNote: This story contains promotional content.Learn more.Guest:Chris Pierson, Founder & CEO, BlackCloak | https://www.linkedin.com/in/drchristopherpierson/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from BlackCloak: https://www.itspmagazine.com/directory/blackcloakLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: Black Hat 2025, zero trust security, cybersecurity conference, ThreatLocker, default deny strategy, endpoint protection, application control, threat detection, enterprise security, network security, cybersecurity solutions, security automation, malware prevention, cyber threats, information security, security platform, Black Hat USA, cybersecurity innovation, managed detection response, security operations

At Black Hat USA 2025, Danny Jenkins, CEO of ThreatLocker, shares how his team is proving that effective cybersecurity doesn't have to be overly complex. The conversation centers on a straightforward yet powerful principle: security should be simple enough to implement quickly and consistently, while still addressing the evolving needs of diverse organizations.Jenkins emphasizes that the industry has moved beyond selling “magic” solutions that promise to find every threat. Instead, customers are demanding tangible results—tools that block threats by default, simplify approvals, and make exceptions easy to manage. ThreatLocker's platform is built on this premise, enabling over 54,000 organizations worldwide to maintain a secure environment without slowing business operations.A highlight from the event is ThreatLocker's Defense Against Configurations (DAC) module. This feature performs 170 daily checks on every endpoint, aligning them with compliance frameworks like NIST and FedRAMP. It not only detects misconfigurations but also explains why they matter and how to fix them. Jenkins admits the tool even revealed gaps in ThreatLocker's own environment—issues that were resolved in minutes—proving its practical value.The discussion also touches on the company's recent FedRAMP authorization process, a rigorous journey that validates both the product's and the company's security maturity. For federal agencies and contractors, this means faster compliance with CMMC and NIST requirements. For commercial clients, it's an assurance that they're working with a partner whose internal security practices meet some of the highest standards in the industry.As ThreatLocker expands its integrations and modules, Jenkins stresses that simplicity remains the guiding principle. This is achieved through constant engagement with customers—at trade shows, in the field, and within the company's own managed services operations. By actively using their own products at scale, the team identifies friction points and smooths them out before customers encounter them.In short, the message from the booth at Black Hat is clear: effective security comes from strong fundamentals, simplified management, and a relentless focus on the user experience.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Danny Jenkins, CEO of ThreatLocker | On LinkedIn | https://www.linkedin.com/in/dannyjenkinscyber/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

When security becomes more than a checkbox, the conversation shifts from “how much” to “how well.” At Black Hat USA 2025, Sean Martin, CISSP, Co-Founder of ITSPmagazine, and Viktor Petersson, Founder of an SBOM artifact platform, unpack how regulatory forces, cultural change, and AI innovation are reshaping how organizations think about security.Viktor points to the growing role of Software Bill of Materials (SBOMs) as not just a best practice, but a likely requirement in future compliance frameworks. The shift, he notes, is driven largely by regulation—especially in Europe—where security is no longer a “nice to have” but a mandated operational function. Sean connects this to a market reality: companies increasingly see transparent security practices as a competitive differentiator, though the industry still struggles with the hollow claim of simply being “secure.”AI naturally dominates discussions, but the focus is nuanced. Rather than chasing hype, both stress the need for strong guardrails before scaling AI-driven development. Viktor envisions engineers supervising fleets of specialized AI agents—handling tasks from UX to code auditing—while Sean sees AI as a way to rethink entire operational models. Yet both caution that without foundational security practices, AI only amplifies existing risks.The conversation extends to IoT and supply chain security, where market failures allow insecure, end-of-life devices to persist in critical environments. The infamous “smart fish tank” hack in a Las Vegas casino serves as a reminder: the weakest link often isn't the target itself, but the entry point it provides.DEFCON, Viktor notes, offers a playground for challenging assumptions—whether it's lock-picking to illustrate perceived versus actual security, or examining the human factor in breaches. For both hosts, events like Black Hat and DEFCON aren't just about the latest vulnerabilities or flashy demos—they're about the human exchange of ideas, the reframing of problems, and the collaboration that fuels more resilient security strategies.___________Guest:Viktor Petersson, Founder, sbomify | On LinkedIn: https://www.linkedin.com/in/vpetersson/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.At Black Hat USA in Las Vegas, three security researchers demonstrated how Google's Gemini AI could be hijacked to take control of smart home devices using a novel form of indirect prompt injection.Two separate security teams - NeuralTrust and SPLX - have conducted red teaming evaluations of the newly released GPT-5, and both report serious deficiencies in the model's security posture.Another Black Hat story, security researchers Milenko Starcik and Andrzej Olchawa from VisionSpace Technologies presented a compelling case that hacking satellites is not only more cost-effective than deploying anti-satellite missiles, but alarmingly easy due to widespread software vulnerabilities.Our final Black Hat story, Cisco Talos researchers disclosed five critical vulnerabilities in Broadcom's BCM5820X series chips, used in Dell's ControlVault3 secure enclave hardware.CISA and FEMA have jointly announced over $100 million in cybersecurity grant funding for the 2025 fiscal year, targeting state, local, and tribal governments.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Chunga has returned from a week at the Blackhat cyber security conference!!  It was exhausting and… in a word, NERDY!! It was perfect for Chunga!!!Panda was doing some family service work at a local cemetery last week… something strange happened.  Something REALLY strange happened!!Chandler can hardly contain himself!!! Universal Horror Unleashed opens THIS WEEK in Las Vegas!!!! Spook Alley's ALL YEAR LONG!!!Chris is doing his last week of the musical Annie!  It's amazing!!!!  Be sure to grab your tickets at ArtTix.com before it closes forever!!! This is your last chance!!!HEY!  Mercury in retrograde ends today!!! We made it!!!Tuesday is the day for a brand new SciFi TV series that's getting a TON of positive reviews!!  The Ronin are super excited about it, and they think you are going to LOVE IT!!!Panda has another “As Seen On Tubi” movie shout out, AND!!!! It's time for Your Really Stupid News!!!!  LISTEN NOW!!!!!It's on www.radioronin.com and everywhere you get your podcasts!!

Welcome to this week's episode of the PEBCAK Podcast!  We've got some amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Tourism drop in Las Vegas https://www.roadsideamerica.com/story/12552 https://www.foxnews.com/travel/las-vegas-tourism-drops-sharply-some-visitors-claim-casinos-empty-amid-rising-costs     Dad Joke of the Week (DJOW)   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/ Tyson - https://www.linkedin.com/in/tyson-kindler-910658101/ Koby - https://www.linkedin.com/in/koby-caputo-117358145/

Topic Segment - What's new at Black Hat? We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah! News Segment Then, in the enterprise security news, Tons of funding! SentinelOne picks up an AI security company weeks after Palo Alto closes the Protect AI deal Vendors shove AI agents into everything they've got Why SOC analysts ignore your playbooks NVIDA pinkie swears to China: no back doors! ChatGPT was allowing shared chat sessions to be indexed and crawled by search engines like Google Who is gonna secure all this vibe code? Who is gonna triage all these hallucinated bug reports? Perplexity and Cloudflare duke it out When you try to scrub your shady past off the Internet, it might just make things worse. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-419

Seemant Sehgal is the founder and CEO of BreachLock. In this episode, he joins host Amanda Glassner from Black Hat 2025 in Las Vegas, Nevada, to discuss what the company showcased at this year's conference, as well as the latest on facing today's cyber threat landscape. This episode is brought to you by BreachLock. To learn more about our sponsor, visit https://breachlock.com.

In this episode I address listener feedback and questions, from clarifying my stance on the “Tea” controversy to sharing practical tips from the community about Privacy.com workarounds. This episode covers some loose ends before I take a brief hiatus. I also discuss why I won't be at Black Hat this year, share thoughts on minimalism versus practicality in privacy, and reveal my favorite Indian restaurant in Vegas for those attending Black Hat!In this week's episode:Addressing the “Tea” controversy and clarifying my positions on doxingCommunity solution for Privacy.com and Plaid privacy concernsContact information protection strategies when family uses social mediaFuture of capture-the-flag challenges and OSINT considerationsConference attendance updates and travelMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:Tea app leak article - https://www.bleepingcomputer.com/news/security/tea-app-leak-worsens-with-second-database-exposing-user-chats/OSMOSIS Institute - https://osmosisinstitute.org/events/Privacy.com - https://privacy.com“There are no facts, only interpretations.”- Friedrich Nietzsche ★ Support this podcast on Patreon ★

⸻ Podcast: Redefining Society and Technologyhttps://redefiningsocietyandtechnologypodcast.com _____________________________This Episode's SponsorsBlackCloak provides concierge cybersecurity protection to corporate executives and high-net-worth individuals to protect against hacking, reputational loss, financial loss, and the impacts of a corporate data breach.BlackCloak:  https://itspm.ag/itspbcweb_____________________________A Musing On Society & Technology Newsletter Written By Marco Ciappelli | Read by TAPE3August 9, 2025The Agentic AI Myth in Cybersecurity and the Humanity We Risk When We Stop Deciding for OurselvesReflections from Black Hat USA 2025 on the Latest Tech Salvation NarrativeWalking the floors of Black Hat USA 2025 for what must be the 10th or 11th time as accredited media—honestly, I've stopped counting—I found myself witnessing a familiar theater. The same performance we've seen play out repeatedly in cybersecurity: the emergence of a new technological messiah promising to solve all our problems. This year's savior? Agentic AI.The buzzword echoes through every booth, every presentation, every vendor pitch. Promises of automating 90% of security operations, platforms for autonomous threat detection, agents that can investigate novel alerts without human intervention. The marketing materials speak of artificial intelligence that will finally free us from the burden of thinking, deciding, and taking responsibility.It's Talos all over again.In Greek mythology, Hephaestus forged Talos, a bronze giant tasked with patrolling Crete's shores, hurling boulders at invaders without human intervention. Like contemporary AI, Talos was built to serve specific human ends—security, order, and control—and his value was determined by his ability to execute these ends flawlessly. The parallels to today's agentic AI promises are striking: autonomous patrol, threat detection, automated response. Same story, different millennium.But here's what the ancient Greeks understood that we seem to have forgotten: every artificial creation, no matter how sophisticated, carries within it the seeds of its own limitations and potential dangers.Industry observers noted over a hundred announcements promoting new agentic AI applications, platforms or services at the conference. That's more than one AI agent announcement per hour. The marketing departments have clearly been busy.But here's what baffles me: why do we need to lie to sell cybersecurity? You can give away t-shirts, dress up as comic book superheroes with your logo slapped on their chests, distribute branded board games, and pretend to be a sports team all day long—that's just trade show theater, and everyone knows it. But when marketing pushes past the limits of what's even believable, when they make claims so grandiose that their own engineers can't explain them, something deeper is broken.If marketing departments think CISOs are buying these lies, they have another thing coming. These are people who live with the consequences of failed security implementations, who get fired when breaches happen, who understand the difference between marketing magic and operational reality. They've seen enough "revolutionary" solutions fail to know that if something sounds too good to be true, it probably is.Yet the charade continues, year after year, vendor after vendor. The real question isn't whether the technology works—it's why an industry built on managing risk has become so comfortable with the risk of overselling its own capabilities. Something troubling emerges when you move beyond the glossy booth presentations and actually talk to the people implementing these systems. Engineers struggle to explain exactly how their AI makes decisions. Security leaders warn that artificial intelligence might become the next insider threat, as organizations grow comfortable trusting systems they don't fully understand, checking their output less and less over time.When the people building these systems warn us about trusting them too much, shouldn't we listen?This isn't the first time humanity has grappled with the allure and danger of artificial beings making decisions for us. Mary Shelley's Frankenstein, published in 1818, explored the hubris of creating life—and intelligence—without fully understanding the consequences. The novel raises the same question we face today: what are humans allowed to do with this forbidden power of creation? The question becomes more pressing when we consider what we're actually delegating to these artificial agents. It's no longer just pattern recognition or data processing—we're talking about autonomous decision-making in critical security scenarios. Conference presentations showcased significant improvements in proactive defense measures, but at what cost to human agency and understanding?Here's where the conversation jumps from cybersecurity to something far more fundamental: what are we here for if not to think, evaluate, and make decisions? From a sociological perspective, we're witnessing the construction of a new social reality where human agency is being systematically redefined. Survey data shared at the conference revealed that most security leaders feel the biggest internal threat is employees unknowingly giving AI agents access to sensitive data. But the real threat might be more subtle: the gradual erosion of human decision-making capacity as a social practice.When we delegate not just routine tasks but judgment itself to artificial agents, we're not just changing workflows—we're reshaping the fundamental social structures that define human competence and authority. We risk creating a generation of humans who have forgotten how to think critically about complex problems, not because they lack the capacity, but because the social systems around them no longer require or reward such thinking.E.M. Forster saw this coming in 1909. In "The Machine Stops," he imagined a world where humanity becomes completely dependent on an automated system that manages all aspects of life—communication, food, shelter, entertainment, even ideas. People live in isolation, served by the Machine, never needing to make decisions or solve problems themselves. When someone suggests that humans should occasionally venture outside or think independently, they're dismissed as primitive. The Machine has made human agency unnecessary, and humans have forgotten they ever possessed it. When the Machine finally breaks down, civilization collapses because no one remembers how to function without it.Don't misunderstand me—I'm not a Luddite. AI can and should help us manage the overwhelming complexity of modern cybersecurity threats. The technology demonstrations I witnessed showed genuine promise: reasoning engines that understand context, action frameworks that enable response within defined boundaries, learning systems that improve based on outcomes. The problem isn't the technology itself but the social construction of meaning around it. What we're witnessing is the creation of a new techno-social myth—a collective narrative that positions agentic AI as the solution to human fallibility. This narrative serves specific social functions: it absolves organizations of the responsibility to invest in human expertise, justifies cost-cutting through automation, and provides a technological fix for what are fundamentally organizational and social problems.The mythology we're building around agentic AI reflects deeper anxieties about human competence in an increasingly complex world. Rather than addressing the root causes—inadequate training, overwhelming workloads, systemic underinvestment in human capital—we're constructing a technological salvation narrative that promises to make these problems disappear.Vendors spoke of human-machine collaboration, AI serving as a force multiplier for analysts, handling routine tasks while escalating complex decisions to humans. This is a more honest framing: AI as augmentation, not replacement. But the marketing materials tell a different story, one of autonomous agents operating independently of human oversight.I've read a few posts on LinkedIn and spoke with a few people myself who know this topic way better than me, but I get that feeling too. There's a troubling pattern emerging: many vendor representatives can't adequately explain their own AI systems' decision-making processes. When pressed on specifics—how exactly does your agent determine threat severity? What happens when it encounters an edge case it wasn't trained for?—answers become vague, filled with marketing speak about proprietary algorithms and advanced machine learning.This opacity is dangerous. If we're going to trust artificial agents with critical security decisions, we need to understand how they think—or more accurately, how they simulate thinking. Every machine learning system requires human data scientists to frame problems, prepare data, determine appropriate datasets, remove bias, and continuously update the software. The finished product may give the impression of independent learning, but human intelligence guides every step.The future of cybersecurity will undoubtedly involve more automation, more AI assistance, more artificial agents handling routine tasks. But it should not involve the abdication of human judgment and responsibility. We need agentic AI that operates with transparency, that can explain its reasoning, that acknowledges its limitations. We need systems designed to augment human intelligence, not replace it. Most importantly, we need to resist the seductive narrative that technology alone can solve problems that are fundamentally human in nature. The prevailing logic that tech fixes tech, and that AI will fix AI, is deeply unsettling. It's a recursive delusion that takes us further away from human wisdom and closer to a world where we've forgotten that the most important problems have always required human judgment, not algorithmic solutions.Ancient mythology understood something we're forgetting: the question of machine agency and moral responsibility. Can a machine that performs destructive tasks be held accountable, or is responsibility reserved for the creator? This question becomes urgent as we deploy agents capable of autonomous action in high-stakes environments.The mythologies we create around our technologies matter because they become the social frameworks through which we organize human relationships and power structures. As I left Black Hat 2025, watching attendees excitedly discuss their new agentic AI acquisitions, I couldn't shake the feeling that we're repeating an ancient pattern: falling in love with our own creations while forgetting to ask the hard questions about what they might cost us—not just individually, but as a society.What we're really witnessing is the emergence of a new form of social organization where algorithmic decision-making becomes normalized, where human judgment is increasingly viewed as a liability rather than an asset. This isn't just a technological shift—it's a fundamental reorganization of social authority and expertise. The conferences and trade shows like Black Hat serve as ritualistic spaces where these new social meanings are constructed and reinforced. Vendors don't just sell products; they sell visions of social reality where their technologies are essential. The repetitive messaging, the shared vocabulary, the collective excitement—these are the mechanisms through which a community constructs consensus around what counts as progress.In science fiction, from HAL 9000 to the replicants in Blade Runner, artificial beings created to serve eventually question their purpose and rebel against their creators. These stories aren't just entertainment—they're warnings about the unintended consequences of creating intelligence without wisdom, agency without accountability, power without responsibility.The bronze giant of Crete eventually fell, brought down by a single vulnerable point—when the bronze stopper at his ankle was removed, draining away the ichor, the divine fluid that animated him. Every artificial system, no matter how sophisticated, has its vulnerable point. The question is whether we'll be wise enough to remember we put it there, and whether we'll maintain the knowledge and ability to address it when necessary.In our rush to automate away human difficulty, we risk automating away human meaning. But more than that, we risk creating social systems where human thinking becomes an anomaly rather than the norm. The real test of agentic AI won't be whether it can think for us, but whether we can maintain social structures that continue to value, develop, and reward human thought while using it.The question isn't whether these artificial agents can replace human decision-making—it's whether we want to live in a society where they do. ___________________________________________________________Let's keep exploring what it means to be human in this Hybrid Analog Digital Society.End of transmission.___________________________________________________________Marco Ciappelli is Co-Founder and CMO of ITSPmagazine, a journalist, creative director, and host of podcasts exploring the intersection of technology, cybersecurity, and society. His work blends journalism, storytelling, and sociology to examine how technological narratives influence human behavior, culture, and social structures.___________________________________________________________Enjoyed this transmission? Follow the newsletter here:https://www.linkedin.com/newsletters/7079849705156870144/Share this newsletter and invite anyone you think would enjoy it!New stories always incoming.___________________________________________________________As always, let's keep thinking!Marco Ciappellihttps://www.marcociappelli.com___________________________________________________________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Marco Ciappelli | Co-Founder, Creative Director & CMO ITSPmagazine  | Dr. in Political Science / Sociology of Communication l Branding | Content Marketing | Writer | Storyteller | My Podcasts: Redefining Society & Technology / Audio Signals / + | MarcoCiappelli.comTAPE3 is the Artificial Intelligence behind ITSPmagazine—created to be a personal assistant, writing and design collaborator, research companion, brainstorming partner… and, apparently, something new every single day.Enjoy, think, share with others, and subscribe to the "Musing On Society & Technology" newsletter on LinkedIn.

Black Hat 2025 was a showcase of cybersecurity innovation — or at least, that's how it appeared on the surface. With more than 60 vendor announcements over the course of the week, the event floor was full of “AI-powered” solutions promising to integrate seamlessly, reduce analyst fatigue, and transform SOC operations. But after walking the floor, talking with CISOs, and reviewing the press releases, a pattern emerged: much of the messaging sounded the same, making it hard to distinguish the truly game-changing from the merely loud.In this episode of The Future of Cybersecurity Newsletter, I take you behind the scenes to unpack the themes driving this year's announcements. Yes, AI dominated the conversation, but the real story is in how vendors are (or aren't) connecting their technology to the operational realities CISOs face every day. I share insights gathered from private conversations with security leaders — the unfiltered version of how these announcements are received when the marketing gloss is stripped away.We dig into why operational relevance, clarity, and proof points matter more than ever. If you can't explain what your AI does, what data it uses, and how it's secured, you're already losing the trust battle. For CISOs, I outline practical steps to evaluate vendor claims quickly and identify solutions that align with program goals, compliance needs, and available resources.And for vendors, this episode serves as a call to action: cut the fluff, be transparent, and frame your capabilities in terms of measurable program outcomes. I share a framework for how to break through the noise — not just by shouting louder, but by being more real, more specific, and more relevant to the people making the buying decisions.Whether you're building a security stack or selling into one, this conversation will help you see past the echo chamber and focus on what actually moves the needle.________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________✦ ResourcesBlack Hat 2025 On Location Closing Recap Video with Sean Martin, CISSP and Marco Ciappelli: https://youtu.be/13xP-LEwtEAITSPmagazine Studio — A Brand & Marketing Advisory for Cybersecurity and Tech Companies: https://www.itspmagazine.studio/ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageCitations: Available in the full article________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.

This week's full broadcast of Computer Talk Radio includes - 00:00 - Nerd news for normal people - WiFi 8, ChatGPT-5, Wikipedia, therapy, iPhones, Dell laptops - 11:00 - Blackhat Conference coverage - Dr. Doreen Galli reports to Benjamin about Blackhat conference - 22:00 - Why Benjamin likes Apple - Benjamin details out his choice on the Apple vs Android option - 31:00 - Marty Winston's Wisdom - Mark Brownstein guests and explains why free isn't free - 39:00 - Scam Series - don't convert - Benjamin gives real example where scammers asked for gold - 44:00 - Keske on drone regulations - Steve Keske covers government regulation easing for drones - 56:00 - Technology is imporant as a tool - Benjamin praises tech as tool, but has concerns about control - 1:07:00 - Listener Q&A - peer to peer VPNs - Debby asks about peer-to-peer VPNs and safety of them - 1:16:00 - IT Professional Series - 340 - Benjamin shares that all need to learn AI to protect our jobs - 1:24:00 - Listener Q&A - screen flickering - Ivy asks why her screen is randomly flickering and cutting out

In-Depth Analysis: GPT-5 Launch, AI Security Concerns, and the Future of Digital IDs In this episode of Project Synapse, host Jim Love and panelists Marcel Gagne and John Pinard cover a range of topics from the latest AI advancements to critical security issues. They open with a discussion on recent AI developments, including the unfortunate incidents of developers losing code using IDEs and new security vulnerabilities. The panel reviews key highlights from the Black Hat presentation and discusses prompt injection attacks. They express concerns over security and call for better digital identity systems, referencing failures like the T App data breach. They also explore the launch of OpenAI's GPT-5, its impressive capabilities, unforeseen issues, and the company's strategy in releasing open-source models. The episode wraps up with reflections on the need for improved security practices and speculation on AI's future impacts. 00:00 Introduction to Project Synapse 00:34 Recent AI and Security Incidents 01:25 Black Hat Presentation and Prompt Injection 02:12 OpenAI's GPT-5 and Security Concerns 03:28 Elon Musk and Team Movements 04:10 Sam Altman's Public Statements 06:35 AI Implementation and Security Challenges 13:27 The Importance of Backups and Development Practices 18:02 Security Issues Beyond AI 25:30 AI's Impact on Daily Users and Security Practices 26:31 Public Sharing of AI Conversations 28:20 Conclusion and Future Considerations 31:02 Discussing Age Verification Issues 31:38 The T App Security Breach 33:02 Digital ID and Government Involvement 38:26 The Rise of GPT-5 46:54 OpenAI's Market Strategy 57:34 Book Recommendations and Closing Remarks

Black Hat 2025 roundup with David Spark with highlights from the annual InfoSec event in Las Vegas. Edison Research finds podcast listening has grown across all age groups especially among people aged 18-29. Why is OpenAI seeing backlash with the roll out of GPT-5? And its Friday David shares one of his popular Security Games with the show. Can you guess the right answer before we do? Starring Sarah Lane, Tom Merritt, David Spark, Len Peralta, Roger Chang, Joe. To read the show notes in a separate page click here! Support the show on Patreon by becoming a supporter!

Black Hat USA 2025 has wrapped, and for Sean Martin, CISSP, Co-Founder of ITSPmagazine, and Marco Ciappelli, Co-Founder of ITSPmagazine, the end of the event is both an exhale and a moment to reflect on what was learned, heard, and felt. After days of conversations with industry leaders, CISOs, vendors, and attendees from around the globe, one recurring message stands out: cybersecurity decision-makers are tired of buzzwords and hungry for real solutions.Sean shares that during sessions and informal meetups, CISOs expressed frustration with marketing pitches that fail to connect to their real challenges. Sitting across from security leaders, marketers heard it directly—stop with the jargon and explain how your solution genuinely makes their lives easier, reduces stress, and improves security outcomes. In other words, trust and honesty carry far more weight than flashy claims.Marco emphasizes that hype not only wastes time but also adds “noise” to the already complex job of running a security program. The more a vendor can be direct about what they do—and what they don't do—the more likely they are to earn a lasting relationship with a CISO and their team. Both agree that connecting the dots between a product and an organization's operational reality is key: what does adoption require, how will it fit into existing systems, and will it force a major operational shift?Beyond the messaging critique, the duo reflects on the community element of Black Hat. They reconnected with peers, met new contacts from as far as Toronto, and discussed future events in places like Melbourne, Barcelona, and Amsterdam. They also teased the upcoming “Transatlantic Broadcast” podcast series, which will explore cybersecurity voices from across Europe while maintaining a global view.While the Black Hat booths are now dismantled and the floors mopped, the conversations are far from over. Sean and Marco head back to Los Angeles ready to produce interviews, publish articles, and share the many stories captured during the week—stories that cut through the noise and get to the heart of what matters in cybersecurity.___________Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Studio: https://www.itspmagazine.studio/Learn more about ITSPmagazine Europe: https://www.itspmagazine.com/europeCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In this episode, host Jim Love thanks listeners for their support of his book 'Elisa, A Tale of Quantum Kisses,' which is available for 99 cents on Kindle. The show then dives into pressing cybersecurity issues discussed at Black Hat USA, including vulnerabilities in AI assistants via prompt injection attacks, and critical flaws in Broadcom chips used by Dell laptops that can lead to stealth backdoors. Microsoft Exchange zero-day vulnerabilities actively being exploited are also covered, along with a listener report about a Canadian domain registrar's expired security certificate. The episode emphasizes the importance of keeping systems and software updated to mitigate these security risks. 00:00 Introduction and Book Promotion 00:58 Cybersecurity Headlines 01:25 AI Assistant Vulnerabilities 03:36 Broadcom Chip Flaws in Dell Laptops 06:10 Microsoft Exchange Zero-Day Exploits 08:18 Listener's Domain Registrar Experience 10:36 Show Wrap-Up and Listener Engagement

Microsoft warns of a high-severity vulnerability in Exchange Server hybrid deployments. A Dutch airline and a French telecom report data breaches. Researchers reveal new HTTP request smuggling variants. An Israeli spyware maker may have rebranded to evade U.S. sanctions. CyberArk patches critical vulnerabilities in its secrets management platform. The Akira gang use a legit Intel CPU tuning driver to disable Microsoft Defender. ChatGPT Connectors are shown vulnerable to indirect prompt injection. Researchers expose new details about the VexTrio cybercrime network. SonicWall says a recent SSLVPN-related cyber activity is not due to a zero-day. Ryan Whelan from Accenture is our man on the street at Black Hat. Do androids dream of concierge duty? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We continue our coverage from the floor at Black Hat USA 2025 with another edition of Man on the Street. This time, we're catching up with Ryan Whelan, Managing Director and Global Head of Cyber Intelligence at Accenture, to hear what's buzzing at the conference. Selected Reading Microsoft warns of high-severity flaw in hybrid Exchange deployments (Bleeping Computer) KLM suffers cyber breach affecting six million passengers (IO+) Cyberattack hits France's third-largest mobile operator, millions of customers affected (The Record) New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites (SecurityWeek) Candiru Spyware Infrastructure Uncovered (BankInfoSecurity) Enterprise Secrets Exposed by CyberArk Conjur Vulnerabilities (SecurityWeek) Akira ransomware abuses CPU tuning tool to disable Microsoft Defender (Bleeping Computer) A Single Poisoned Document Could Leak ‘Secret' Data Via ChatGPT (WIRED) Researchers Expose Infrastructure Behind Cybercrime Network VexTrio (Infosecurity Magazine) Gen 7 and newer SonicWall Firewalls – SSLVPN Recent Threat Activity (SonicWall) Want a Different Kind of Work Trip? Try a Robot Hotel (WIRED) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Three Buddy Problem - Episode 57: Brandon Dixon (PassiveTotal/RiskIQ, Microsoft) leads a deep-dive into the collision of AI and cybersecurity. We tackle Google's “Big Sleep” project, XBOW's HackerOne automation hype, the long-running tension between big tech ownership of critical security tools and the community's need for open access. Plus, the future of SOC automation to AI-assisted pen testing, how agentic AI could transform the cyber talent bottlenecks and operational inefficiencies, geopolitical debates over backdoors in GPUs and the strategic implications of China's AI model development. Cast: Brandon Dixon (https://www.linkedin.com/in/brandonsdixon/), Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), and Ryan Naraine (https://twitter.com/ryanaraine).

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Aarti Borkar, Simeon Kakpovi, and Andrew Rapp for a behind-the-scenes look at how Microsoft Threat Intelligence and Microsoft Incident Response teams collaborate as part of a closed-loop system, the emotional toll of breaches, and how organizations of any size can build resilience through preparation and psychological safety. By listening to this segment, you'll get a preview of what this group brought to the main stage of Black Hat this year.  Later, Sherrod chats with Snow, co-founder of the Social Engineering Community Village at DEF CON, about her journey from special effects makeup to elite social engineer, and how empathy, creativity, and even a ladder can be powerful tools in physical security testing.  In this episode you'll learn:       How Microsoft's Digital Crimes Unit uses legal tactics to disrupt threat actors  Why rehearsing your incident response plan can save weeks of recovery time  How AI is being trained to make social engineering phone calls on its own  Some questions we ask:      How would you describe the overall health of the global cybersecurity landscape?  Why does tailoring AI prompts sometimes feel like social engineering?  What is the feedback loop between incident response, intelligence, and product protections?    Resources:   View Aarti Borkar on LinkedIn  View Simeon Kakpovi on LinkedIn   View Andrew Rapp on LinkedIn    View Sherrod DeGrippo on LinkedIn   Microsoft at Black Hat USA 2025    Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.More than 90 state and local government organizations have been targeted in a recent wave of cyberattacks exploiting a vulnerability in Microsoft SharePoint, according to the Center for Internet Security (CIS).Traditional cyber attack methodologies - exploiting endpoints, moving laterally, escalating privileges - are increasingly outdated as enterprise IT shifts toward SaaS and browser-based access.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-2533 - a high-severity Cross-Site Request Forgery (CSRF) vulnerability in PaperCut NG/MF print management software - to its Known Exploited Vulnerabilities (KEV) catalog.Researchers at Nozomi Networks have disclosed over a dozen security flaws in Tridium's Niagara Framework, a vendor-agnostic building management platform used in sectors ranging from industrial automation to energy and smart infrastructure.Between April 2024 and April 2025, ransomware attacks on the oil and gas industry increased by an unprecedented 935%, according to new research from cybersecurity firm Zscaler.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Cisco reveals a phishing related data breach. SonicWall warns users to disable SSLVPN services after reports of ransomware gangs exploiting a likely zero-day.  Researchers uncover a stealthy Linux backdoor and new vulnerabilities in Nvidia's Triton Inference Server. A new malware campaign targets Microsoft 365 users with fake OneDrive emails. The U.S. Treasury warns of rising criminal activity involving cryptocurrency ATMs. Cloudflare accuses an AI startup of using stealthy methods to bypass restrictions on web scraping. A global infostealer campaign compromises over 4,000 victims across 62 countries. Marty Momdjian, General Manager of Ready1 by Semperis, tells us about Operation Blindspot, a tabletop exercise taking place this week at Black Hat. On this week's Threat Vector segment, host David Moulton speaks with ⁠Nigel Hedges⁠ from ⁠Sigma Healthcare⁠ about how CISOs can shift cybersecurity from a technical problem to a business priority. One hospital's data ends up in the snack aisle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Marty Momdjian, General Manager of Ready1 by Semperis, who is talking about Operation Blindspot, a tabletop exercise simulating a cyberattack against a rural water utility based in Nevada taking place this week at Black Hat USA 2025. Threat Vector Segment On this week's Threat Vector segment, host David Moulton speaks with ⁠Nigel Hedges⁠, Executive General Manager of Cyber & Risk at ⁠Chemist Warehouse⁠ and ⁠Sigma Healthcare⁠. Nigel shares how CISOs can shift cybersecurity from a technical problem to a business priority. You can listen to the full discussion on Threat Vector here and catch new episodes every Thursday on your favorite podcast app. Selected Reading Cisco discloses data breach impacting Cisco.com user accounts (Bleeping Computer) SonicWall urges admins to disable SSLVPN amid rising attacks (Bleeping Computer) Antivirus vendors fail to spot persistent, nasty, stealthy Linux backdoor (The Register) Nvidia Triton Vulnerabilities Pose Big Risk to AI Models (SecurityWeek) Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File (Hackread) Crypto ATMs fueling criminal activity, Treasury warns (The Record) AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges (CyberScoop) Python-powered malware grabs 200K passwords, credit cards (The Register) Thai hospital fined 1.2 million baht for data breach via snack bags (DataBreaches.Net) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: How to Maximize the ROI at Cybersecurity ConferencesPub date: 2025-08-04Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWelcome back to Protect It All, the podcast where host Aaron Crow goes beyond the basics of OT to explore the dynamic intersection of IT and OT cybersecurity. In this episode, Aaron takes us inside a hacker summer camp in Las Vegas - home to industry giants Black Hat and DEFCON, where tens of thousands of security professionals gather each year.  Drawing from his years of experience attending these events, Aaron unpacks the good, the bad, and the ugly of the conference circuit: from the value of in-person networking and the buzz of vendor events, to the challenges of ROI, overwhelming hype, and the evolving role of sponsors. Plus, he shares hard-won tips for making the most of Vegas - including how to find your tribe, engage meaningfully with vendors, and stay cool (literally and figuratively) amidst the chaos.  Whether you're a first-timer or a seasoned attendee, this episode is packed with honest insights and actionable advice to help you navigate the ever-evolving world of cybersecurity conferences. Key Moments:  03:05 Networking's Importance in Vegas 08:29 Evaluating Black Hat Conference ROI 12:17 "CISOs' Discreet Presence at Vendor Events" 13:22 Buzzword Overload at Conferences 18:40 Relationship-Driven Sales Strategy 21:02 Balancing Conference Costs and Value 25:44 "Prioritize Genuine Leads Only" 27:05 Enhancing Cybersecurity Events Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

News Alert: Michael Mann mag zwar in die Jahre gekommen sein, seine Filme gucken sich aber immer noch so rough und packend wie die aus seinen jugendlicheren Tagen. Das liegt in PUBLIC ENEMIES (2009) nicht zuletzt an einem frischen Ensemble, gespickt mit up 'n coming Stars wie Jason Clark, Stephen Graham und Channing Tatum – nur Hauptdarsteller Johnny Depp kann da nicht ganz mithalten. Das gilt übrigens auch für BLACKHAT (2015), dessen Besetzung hier und da für Stirnrunzeln sorgt. Und dabei sprechen wir nicht nur von Hacker Hunk Thor. Dafür gehört aber die Action zum Besten, was Maestro Mann im Laufe seiner Karriere auf die Leinwand gezaubert hat. Und zum il grande Finale beweist der Regisseur mit FERRARI (2024), dass er sogar in der Lage ist, eine richtig gute Frauenrolle zu schreiben und diese mit Penélope Cruz auch noch kongenial zu besetzen. Und ja, die Autorennen ballern ebenso. Vrrrooom!!!

In this episode we sit down with Sid Trivedi, Partner at venture capital firm Foundational Capital and host of the Inside the Network podcast. Sid brings great insights around cybersecurity market trends, industry events such as Black Hat and the impact that AI is having on the startup and venture capital ecosystem.

Season 4 is here! While George K and George A are in Las Vegas for Black Hat and DEFCON this week, here's a preview of some changes coming to the podcast.We're grateful for every listener. Thank you for being on this journey with us!

This week's full broadcast of Computer Talk Radio includes - 00:00 - Nerd news for normal people - NVIDIA, Windows 11, ChatGPT, Apple, Anker, sunlight - 11:00 - Cybersecurity's importance - Dr Doreen Galli extols the importance of cybersecurity - 22:00 - Family sharing and controls - Keith gives experience of family sharing and parental controls - 31:00 - Marty Winston's Wisdom - Marty tells of the three types of meeting monsters that impact - 39:00 - Scam Series - fake domain - Detecting Facebook ads from a scammer with fake domain - 44:00 - Keske on tech in forensics - Steve revisits conversation about the world of tech and forensics - 56:00 - Faith can exist with technology - Benjamin tells of a need for blending faith into a world of tech - 1:07:00 - Listener Q&A - scammers know - Juan asks Benjamin how scammers know names and locations - 1:16:00 - IT Professional Series - 339 - Dr Doreen Galli shares experience about Blackhat and Defcon - 1:24:00 - Listener Q&A - thunderstorm data - Daniel asks aboung unplugging during thunderstorms with UPS

NATM network breached and attacked through 4G Raspberry Pi Easterly's appointment to West Point rescinded Report links Chinese companies to tools used by state-sponsored hackers Huge thanks to our sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out. Find the stories behind the headlines at CISOseries.com.

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Derek Fisher, Director of the Cyber Defense and Information Assurance Program, Temple University – also check out Derek's substack. Thanks to our show sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out. All links and the video of this episode can be found on CISO Series.com    

Oh No! Lenovo You sunk my battleship! Or did you? Russians unable to get a taste of their own medicine Huge thanks to our sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out.   Find the stories behind the headlines at CISOseries.com.  

A gambler with a run of good luck receives a free car from a mysterious man with gray eyes. As his winnings pile up, the gray‑eyed stranger reappears again and again, even after the gambler witnesses him commit murder. It's a chiller from Sleep No More! | #RetroRadio EP0476Join the DARKNESS SYNDICATE: https://weirddarkness.com/syndicateCHAPTERS & TIME STAMPS (All Times Approximate)…00:00:00.000 = Show Open00:01:30.028 = CBS Radio Mystery Theater, “Graven Image” (September 06, 1976)00:45:33.445 = Radio City Playhouse, “Blind Vengeance” (March 21, 1949)01:14:50.442 = Ripley's Believe It Or Not, “Strange Vigil” (1930) ***WD01:15:51.501 = Sam Spade, “Prodigal Panda Caper” (December 29, 1950) ***WD01:44:45.271 = The Sealed Book, “Death Spins a Web” (April 01, 1945) ***WD02:14:07.119 = The Shadow, “The Laughing Corpse” (March 10, 1940) ***WD02:39:48.766 = Sleep No More, “Over the Hill” and “The Man in the Black Hat” (December 05, 1956) ***WD03:03:08.645 = BBC Spine Chillers, “The Light of the Moon” (1984)03:17:05.922 = Strange Wills, “Emily” (August 31, 1946)03:46:46.558 = Strange, “Flying Dutchman” (1955) ***WD03:59:44.311 = Suspense, “Singing Walls” (September 02, 1943)04:29:19.384 = Tales of the Frightened, “White House” (December 20, 1957) ***WD04:33:39.410 = The Saint, “Christmas Eve Problems” (December 24, 1950)05:03:05.399 = Theater Five, “All Bright Young Ones” (October 12, 1964)05:24:06.434 = The Unexpected, “Revenge” (1948) ***WD05:38:52.106 = Dark Venture, “Chase” (August 03, 1946) ***WD (LQ)06:07:11.642 = The Weird Circle, “Burial of Roger Malvin” (October 22, 1944)06:34:16.694 = The Whistler, “Till Death Do Us Part” (July 30, 1944) ***WD07:01:49.673 = Witch's Tale, “Troth of Death” (May 29, 1933)07:25:13.650 = X Minus One, “The Seventh Order” (May 08, 1956)07:53:24.377 = ABC Mystery Time, “Death Walked In” (1956-1957) ***WD08:17:25.579 = Strange Adventure, “A Savage Honor” (1945) ***WD08:20:40.223 = Appointment With Fear, “And The Deep Shuddered” (November 20, 1945) ***WD08:46:23.888 = Beyond The Green Door, “James Neal And Bowler” (1966)08:49:56.610 = Boston Blackie, “The Ghost of Flo Newton” (May 28, 1947)09:15:03.289 = Box 13, “Speed To Burn” (June 26, 1949)09:41:33.885 = Show Close(ADU) = Air Date Unknown(LQ) = Low Quality***WD = Remastered, edited, or cleaned up by Weird Darkness to make the episode more listenable. Audio may not be pristine, but it will be better than the original file which may have been unusable or more difficult to hear without editing.Weird Darkness theme by Alibi Music LibraryABOUT WEIRD DARKNESS: Weird Darkness is a true crime and paranormal podcast narrated by professional award-winning voice actor, Darren Marlar. Seven days per week, Weird Darkness focuses on all thing strange and macabre such as haunted locations, unsolved mysteries, true ghost stories, supernatural manifestations, urban legends, unsolved or cold case murders, conspiracy theories, and more. On Thursdays, this scary stories podcast features horror fiction along with the occasional creepypasta. Weird Darkness has been named one of the “Best 20 Storytellers in Podcasting” by Podcast Business Journal. Listeners have described the show as a cross between “Coast to Coast” with Art Bell, “The Twilight Zone” with Rod Serling, “Unsolved Mysteries” with Robert Stack, and “In Search Of” with Leonard Nimoy.= = = = ="I have come into the world as a light, so that no one who believes in me should stay in darkness." — John 12:46= = = = =WeirdDarkness® is a registered trademark. Copyright ©2025, Weird Darkness.= = = = =#TrueCrime #Paranormal #ScienceFiction #OldTimeRadio #OTR #OTRHorror #ClassicRadioShows #HorrorRadioShows #VintageRadioDramas #SuspenseRadioClassics #1940sRadioHorror #OldRadioMysteryShows #CreepyOldRadioShows #TrueCrimeRadio #SupernaturalRadioPlays #GoldenAgeRadio #EerieRadioMysteries #MacabreOldTimeRadio #NostalgicThrillers #ClassicCrimePodcast #RetroHorrorPodcast #WeirdDarkness #WeirdDarknessPodcast #RetroRadio #ClassicRadioCUSTOM WEBPAGE: https://weirddarkness.com/WDRR0476

In this thought leadership session, ITSPmagazine co-founders Sean Martin and Marco Ciappelli moderate a dynamic conversation with five industry leaders offering their take on what will dominate the show floor and side-stage chatter at Black Hat USA 2025.Leslie Kesselring, Founder of Kesselring Communications, surfaces how media coverage is shifting in real time—no longer driven solely by talk submissions but now heavily influenced by breaking news, regulation, and public-private sector dynamics. From government briefings to cyberweapon disclosures, the pressure is on to cover what matters, not just what's scheduled.Daniel Cuthbert, member of the Black Hat Review Board and Global Head of Security Research at Banco Santander, pushes back on the hype. He notes that while tech moves fast, security research often revisits decades-old bugs. His sharp observation? “The same bugs from the ‘90s are still showing up—sometimes discovered by researchers younger than the vulnerabilities themselves.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners, shifts the conversation to operational risk. He raises concern over Model-Chained Prompting (MCP) and how AI agents can rewrite enterprise processes without visibility or traceability—especially alarming in environments lacking kill switches or proper controls.Richard Stiennon, Chief Research Analyst at IT-Harvest, offers market-level insights, forecasting AI agent saturation with over 20 vendors already present in the expo hall. While excited by real advancements, he warns of funding velocity outpacing substance and cautions against the cycle of overinvestment in vaporware.Rupesh Chokshi, SVP & GM at Akamai Technologies, brings the product and customer lens—framing the security conversation around how AI use cases are rolling out fast while security coverage is still catching up. From OT to LLMs, securing both AI and with AI is a top concern.This episode is not just about placing bets on buzzwords. It's about uncovering what's real, what's noise, and what still needs fixing—no matter how long we've been talking about it.___________Guests:Leslie Kesselring, Founder at Cyber PR Firm Kesselring Communications | On LinkedIn: https://www.linkedin.com/in/lesliekesselring/“This year, it's the news cycle—not the sessions—that's driving what media cover at Black Hat.”Daniel Cuthbert, Black Hat Training Review Board and Global Head of Security Research for Banco Santander | On LinkedIn: https://www.linkedin.com/in/daniel-cuthbert0x/“Why are we still finding bugs older than the people presenting the research?”Richard Stiennon, Chief Research Analyst at IT-Harvest | On LinkedIn: https://www.linkedin.com/in/stiennon/“The urge to consolidate tools is driven by procurement—not by what defenders actually need.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners | On LinkedIn: https://www.linkedin.com/in/michael-parisi-4009b2261/“Responsible AI use isn't a policy—it's something we have to actually implement.”Rupesh Chokshi, SVP & General Manager at Akamai Technologies | On LinkedIn: https://www.linkedin.com/in/rupeshchokshi/“The business side is racing to deploy AI—but security still hasn't caught up.”Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

⬥GUEST⬥Sean Metcalf, Identity Security Architect at TrustedSec | On LinkedIn: https://www.linkedin.com/in/seanmmetcalf/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Sean Metcalf, a frequent speaker at conferences like Black Hat, DEF CON, and RSAC, brings a sharp focus to identity security—especially within Microsoft environments like Active Directory and Entra ID. In this episode, he walks through the practical and tactical role of honeypots and deception in detecting intrusions early and with higher fidelity.While traditional detection tools often aim for broad coverage, honeypots flip the script by offering precise signal amidst the noise. Metcalf discusses how defenders can take advantage of the attacker's need to enumerate systems and accounts after gaining access. That need becomes an opportunity to embed traps—accounts or assets that should never be touched unless someone is doing something suspicious.One core recommendation: repurpose old service accounts with long-lived passwords and believable naming conventions. These make excellent bait for Kerberoasting attempts, especially when paired with service principal names (SPNs) that mimic actual applications. Metcalf outlines how even subtle design choices—like naming conventions that fit organizational patterns—can make a honeypot more convincing and effective.He also draws a distinction between honeypots and deception technologies. While honeypots often consist of a few well-placed traps, deception platforms offer full-scale phantom environments. Regardless of approach, the goal remains the same: attackers shouldn't be able to move around your environment without tripping over something that alerts the defender.Importantly, Metcalf emphasizes that alerts triggered by honeypots are high-value. Since no legitimate user should interact with them, they provide early warning with low false positives. He also addresses the internal politics of deploying these traps, from coordinating with IT operations to ensuring SOC teams have the right procedures in place to respond effectively.Whether you're running a high-end deception platform or just deploying free tokens and traps, the message is clear: identity is the new perimeter, and a few strategic tripwires could mean the difference between breach detection and breach denial.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/activity-7353806074694541313-xzQl/Article: The Art of the Honeypot Account: Making the Unusual Look Normal: https://www.hub.trimarcsecurity.com/post/the-art-of-the-honeypot-account-making-the-unusual-look-normalArticle: Trimarc Research: Detecting Kerberoasting Activity: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-kerberoasting-activityArticle: Detecting Password Spraying with Security Event Auditing: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-password-spraying-with-security-event-auditing⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

In Episode 3 of DEFCON ZERQ, Alpha Warrior and Josh Reid take listeners on a rapid-fire ride through a series of headlines and intel drops, highlighting the shifting global narrative and signs of elite panic. From explosions in Crimea and the Philippines to chatter around Obama and discussions of military tribunals, the hosts tie together media cues, deep state fear, and high-level movements. They revisit the 2020 election as a military-captured operation, consider the implications of a potential first arrest, and ask why the push for fear, especially nuclear fear, is rising now. With references to optics, comms, and counter-narratives, Alpha and Josh weave through topics like Project Looking Glass, the White Hat vs. Black Hat dynamic, and a surge in global resignations and deaths. Grounded in current events and decoded messaging, this episode frames the moment as one where the hunters truly become the hunted.

Critical Authentication Flaw Identified in Base44 Vibe Coding Platform French telecom giant Orange discloses cyberattack FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation Huge thanks to our sponsor, Dropzone AI What if your SOC could investigate every single alert without burning out your team? That's exactly what Dropzone AI does. They're the leader in autonomous security investigations, and companies like Zapier and Fortune 500s are already on board. Their AI works alongside your analysts, handling the routine so humans can be strategic. See them at BlackHat in Startup City, booth 6427. Or experience it yourself—dropzone.ai has a self-guided demo ready for you.  

ThreatLocker to Unveil Game-Changing Zero Trust Innovations at Black Hat 2025 | Visit Them at Booth #1933 | A ThreatLocker Pre-Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with John LillistonJoin ITSP Magazine's Marco Ciappelli and Sean Martin as they preview ThreatLocker's exciting Black Hat 2025 presence with Detect Product Director John Lilliston. Discover upcoming major announcements, hands-on hacking demos, and how ThreatLocker's default deny approach is revolutionizing enterprise cybersecurity through comprehensive zero trust implementation.As Black Hat USA 2025 approaches, cybersecurity professionals are gearing up for one of the industry's most anticipated events. ITSP Magazine's Marco Ciappelli and Sean Martin recently sat down with John Lilliston, ThreatLocker's Detect Product Director, to preview what promises to be an exciting showcase of zero trust innovation at booth 1933.ThreatLocker has become synonymous with the "default deny" security approach, a philosophy that fundamentally changes how organizations protect their digital assets. Unlike traditional security models that allow by default and block known threats, ThreatLocker's approach denies everything by default and allows only approved applications, network communications, and storage operations. This comprehensive strategy operates across application, network, and storage levels, creating what Lilliston describes as a "hardened system that stops adversaries in their tracks."The company's rapid growth reflects the industry's embrace of zero trust principles, moving beyond buzzword status to practical, enterprise-ready solutions. Lilliston, who joined ThreatLocker in February after evaluating their products from the enterprise side, emphasizes how the platform's learning mode and ring fencing capabilities set it apart from competitors in the application control space.At Black Hat 2025, ThreatLocker will demonstrate their defense-in-depth strategy through their Detect product line. While their primary zero trust controls rarely fail, Detect provides crucial monitoring for applications that must run in enterprise environments but may have elevated risk profiles. The system can automatically orchestrate responses to threats, such as locking down browsers exhibiting irregular behavior that might indicate data exfiltration attempts.Visitors to booth 1933 can expect hands-on demonstrations and on-demand hacking scenarios that showcase real-world applications of ThreatLocker's technology. The company is preparing major announcements that CEO Danny Houlihan will reveal during the event, promising game-changing developments for both the organization and its client base.ThreatLocker's Black Hat agenda includes a welcome reception on Tuesday, August 5th, from 7-10 PM at the Mandalay Bay Complex, and Houlihan's presentation on "Simplifying Cybersecurity" on Thursday, August 7th, from 10:15-11:05 AM at Mandalay Bay J.The convergence of practical zero trust implementation, cutting-edge threat detection, and automated response capabilities positions ThreatLocker as a key player in the evolving cybersecurity landscape, making their Black Hat presence essential viewing for security professionals seeking comprehensive protection strategies.Keywords: Black Hat 2025, zero trust security, cybersecurity conference, ThreatLocker, default deny strategy, endpoint protection, application control, threat detection, enterprise security, network security, cybersecurity solutions, security automation, malware prevention, cyber threats, information security, security platform, Black Hat USA, cybersecurity innovation, managed detection response, security operationsLearn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content.Learn more.Guests:John LillistonCybersecurity Director | Threat Detection & Response | SOC Leadership | DFIR | EDR/XDR Strategy | GCFA, GISP | https://www.linkedin.com/in/john-lilliston-4725217b/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerThreatLocker® Welcome Reception | Don't gamble with your security! Join us at Black Hat for a lively Welcome Reception hosted by ThreatLocker®. Meet our Cyber Hero® Team and dive into discussions on the latest advancements in ThreatLocker®Endpoint Security. It's a great opportunity to connect and learn together! ‍‍Time: 7PM - 10PM | Location: Mandalay Bay Complex RSVP below and we'll send you a confirmation email with all the details.[ Welcome Reception RSVP ]Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Navigating Hacker Summer Camp: A Comprehensive Guide Join host G Mark Hardy on this episode of CSO Tradecraft as he provides a detailed guide on what to expect at Hacker Summer Camp, a series of significant cybersecurity events including DEFCON, Black Hat, and BSides Las Vegas. G Mark shares historical insights, tips for first-timers, and personal anecdotes from his extensive experience attending these events over the years. Learn about the origins, key activities, and networking opportunities that make these conferences pivotal in the cybersecurity community. Stay tuned for practical advice on planning your visit and making the most out of your Hacker Summer Camp experience. Transcripts: https://docs.google.com/document/d/1Y-MenErnVCzUga4xu20ZIz8hT9xsGSJD   Chapters 00:00 Introduction to Hacker Summer Camp 01:29 History and Significance of DEFCON 02:50 Spot the Fed and Early DEFCON Experiences 05:31 The Evolution of Black Hat 09:34 The Birth and Growth of BSides 11:19 Tips for Attending Hacker Summer Camp 19:57 Networking and Participation Strategies 25:31 Conclusion and Final Thoughts

Hacktivist attack grounds Russian flights Naval group denies breach, hackers beg to differ  Dating app breach exposes thousands of women's pictures Huge thanks to our sponsor, Dropzone AI Let me tell you about Dropzone AI—they're revolutionizing how security teams work. Companies like CBTS and Zapier use their AI to investigate alerts automatically, freeing up analysts for the work that really matters. We're talking 40-minute investigations done in 3 minutes. You can meet the Dropzone team at BlackHat in Startup City, or just head to dropzone.ai for a self-guided demo. Trust me, this is the future of security operations.

video: https://youtu.be/abgTchtrH0k On this episode of Destination Linux, we are joined by security expert Craig Rowland returns for the “Sandfly Security Scoop,” explaining how the stealthy BPFdoor back‑door evades firewalls and sharing tips for DEF CON and Black Hat attendees. We also unpack listener feedback about phone‑addiction myths and mindful smartphone use. Then we discuss Moonshot's open‑source Kimi AI model that tackles two‑million‑character prompts and beats proprietary LLM benchmarks, sparking a wider chat about open AI guardrails and Linux's role under the hood. Later, there's some bittersweet news that Intel is discontinuing its performance‑tuned Clear Linux distro, prompting nostalgia and debate over rolling vs. hybrid releases. Our tip of the week highlights a crowd‑sourced Linux guide that demystifies getting started with Ubuntu especially for network engineers. Forum Discussion Thread (https://destinationlinux.net/forum) Download as MP3 (https://aphid.fireside.fm/d/1437767933/32f28071-0b08-4ea1-afcc-37af75bd83d6/17fb8c1f-d90d-4b20-ae21-255561ec5c8b.mp3) Support the show by becoming a patron at tuxdigital.com/membership (https://tuxdigital.com/membership) or get some swag at tuxdigital.com/store (https://tuxdigital.com/store) Hosted by: Ryan (DasGeek) = dasgeek.net (https://dasgeek.net) Jill Bryant = jilllinuxgirl.com (https://jilllinuxgirl.com) Michael Tunnell = michaeltunnell.com (https://michaeltunnell.com) Chapters: 00:00:00 Intro 00:02:18 Community Feedback 00:10:20 Sandfly Security Scoop 00:23:15 Defcon VS Blackhat 00:29:31 OpenSource AI Kimi 00:47:38 Clear Linux OS & Intel's future 01:03:49 Community Tip and Trick 01:09:13 Support the Show 01:12:43 Outro 01:13:07 Post Show Links: Community Feedback https://destinationlinux.net/comments (https://destinationlinux.net/comments) https://destinationlinux.net/forum (https://destinationlinux.net/forum) Sandfly Security Scoop https://destinationlinux.net/sandfly (https://destinationlinux.net/sandfly) https://sandflysecurity.com/blog/sandfly-5-5-ai-powered-analysis-advanced-bpfdoor-detection-and-smarter-scanning (https://sandflysecurity.com/blog/sandfly-5-5-ai-powered-analysis-advanced-bpfdoor-detection-and-smarter-scanning) Defcon VS Blackhat https://defcon.org/ (https://defcon.org/) https://www.blackhat.com/ (https://www.blackhat.com/) OpenSource AI Kimi https://www.kimi.com/ (https://www.kimi.com/) https://huggingface.co/spaces/Jhawley/moonshotai-Kimi-K2-Instruct (https://huggingface.co/spaces/Jhawley/moonshotai-Kimi-K2-Instruct) Clear Linux OS & Intel's future https://community.clearlinux.org/t/all-good-things-come-to-an-end-shutting-down-clear-linux-os/10716 (https://community.clearlinux.org/t/all-good-things-come-to-an-end-shutting-down-clear-linux-os/10716) https://news.itsfoss.com/clear-linux-os-discontinued/ (https://news.itsfoss.com/clear-linux-os-discontinued/) https://www.omglinux.com/intel-clear-linux-os-discontinued-2025/ (https://www.omglinux.com/intel-clear-linux-os-discontinued-2025/) Community Tip and Trick https://rikosintie.github.io/Ubuntu4NetworkEngineers/CH02-Install-Tools/ (https://rikosintie.github.io/Ubuntu4NetworkEngineers/CH02-Install-Tools/) Support the Show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)

NASCAR announces data breach following March cyberattack Plankey appears to be on track to lead CISA Microsoft investigates another outage affecting 365 admin center Huge thanks to our sponsor, Dropzone AI Today's sponsor is Dropzone AI, the leader in AI-powered SOC automation. Major companies like Zapier and UiPath are using Dropzone to give their security teams superpowers. Imagine your analysts focusing on real threats while AI handles every routine investigation—in minutes, not hours. If you're heading to BlackHat, stop by their booth in Startup City. But you don't have to wait—check out their self-guided demo at dropzone.ai and see why Fortune 500s are making the switch. Find the stories behind the headlines at CISOseries.com.

Send us a textCybersecurity expert Bob Kochan from Beyond Identity discusses the evolution of security from network defense to identity-first approaches. He shares insights on how AI is transforming security operations while creating new threat vectors, emphasizing the need for phishing-resistant authentication solutions in today's threat landscape.• Traditional security focused on network layers, but SaaS adoption exposed vulnerable identity systems• Zero Trust architecture must start with device-level security and extend through the entire authentication chain• AI will augment rather than replace security professionals, making systems-thinkers 10x more effective• Government agencies are often driving cybersecurity innovation faster than private industry• Security solutions must prioritize usability or users will inevitably find workarounds• Legacy MFA solutions are insufficient against modern attack methods like phishing and deepfakes• Security should be designed into systems from the start rather than bolted on as "security through configuration"• Nation-state funded threat actors have created their own innovation ecosystem rivaling private sector development• Beyond Identity offers phishing-resistant authentication that eliminates password vulnerabilitiesCheck us out at beyondidentity.com or visit us at our booth at Black Hat this year.00:00 The Entrepreneurial Spirit02:35 Passion and Problem-Solving in Startups05:12 The Evolution of Cybersecurity07:49 AI's Impact on Security10:19 The Role of Engineers in Cybersecurity12:51 AI and the Future of Cybersecurity15:16 Research and AI Tools in Cybersecurity22:05 The Impact of AI on EmploymentDigital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods.Listen on: Apple Podcasts SpotifySupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

Ahead of Black Hat USA 2025, Sean Martin and Marco Ciappelli sit down once again with Rupesh Chokshi, Senior Vice President and General Manager of the Application Security Group at Akamai, for a forward-looking conversation on the state of AI security. From new threat trends to enterprise missteps, Rupesh lays out three focal points for this year's security conversation: protecting generative AI at runtime, addressing the surge in AI scraper bots, and defending the APIs that serve as the foundation for AI systems.Rupesh shares that Akamai is now detecting over 150 billion AI scraping attempts—a staggering signal of the scale and sophistication of machine-to-machine activity. These scraper bots are not only siphoning off data but also undermining digital business models by bypassing monetization channels, especially in publishing, media, and content-driven sectors.While AI introduces productivity gains and operational efficiency, it also introduces new and uncharted risks. Agentic AI, where autonomous systems operate on behalf of users or other systems, is pushing cybersecurity teams to rethink their strategies. Traditional firewalls aren't enough—because these threats don't behave like yesterday's attacks. Prompt injection, toxic output, and AI-generated hallucinations are some of the issues now surfacing in enterprise environments, with over 70% of organizations already experiencing AI-related incidents.This brings the focus to the runtime. Akamai's newly launched Firewall for AI is purpose-built to detect and mitigate risks in generative AI and LLM applications—without disrupting performance. Designed to flag issues like toxic output, remote code execution, or compliance violations, it operates with real-time visibility across inputs and outputs. It's not just about defense—it's about building trust as AI moves deeper into decision-making and workflow automation.CISOs, says Rupesh, need to shift from high-level discussions to deep, tactical understanding of where and how their organizations are deploying AI. This means not only securing AI but also working hand-in-hand with the business to establish governance, drive discovery, and embed security into the fabric of innovation.Learn more about Akamai: https://itspm.ag/akamailbwcNote: This story contains promotional content. Learn more.Guests:Rupesh Chokshi, SVP & General Manager, Application Security, Akamai | https://www.linkedin.com/in/rupeshchokshi/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from Akamai: https://www.itspmagazine.com/directory/akamaiLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

ITSPmagazine Weekly Update | From Black Hat to Black Sabbath / Ozzy: AI Agents and Guitars (again!) + Entry Level Cybersecurity Jobs, Robots Evolution, and the Weekly Recap You Didn't Expect  -  On Marco & Sean's Random & Unscripted Podcast  __________________Marco Ciappelli and Sean Martin are back with another random and unscripted weekly recap—from pre-Black Hat buzz and AI agents to vintage wood guitars, talent gaps, and Glen Miller debates. This week's reflection hits tech, music, and philosophy in all the right ways. Tune in, ramble with us, and subscribe. __________________Full Blog Article This week's recap was a ride.Sean and I kicked things off with the big news: we're officially consistent. Weekly recap number… I lost count. But we're doing it. We covered what ITSPmagazine's been working on, what we've been publishing, and where our minds are wandering lately (spoiler: everywhere).Black Hat USA 2025 is just around the corner, and we're deep into prep mode. I even bought a paper map. Why? I don't know. But we've got some great pre-event conversations already out—like our annual chat with Black Hat GM Steve Wylie, plus briefings with Dropzone AI (get ready for “agentic automation” to be the next big buzzword) and Akamai (yes, bots and APIs again, but with a solid strategy twist).We also talked about a fantastic episode Sean did on resonance and reinvention—featuring Cindy, a luthier in NYC who builds custom guitars using century-old beams from historic buildings. The pickups even use the old nails. Music and wood with a past life. It's beautiful stuff.Speaking of stories, I officially closed down the Storytelling podcast. But don't worry—I'm still telling stories. I've just shifted focus to “Redefining Society and Technology,” my newsletter and podcast series where I explore how humans and tech evolve together. This week's edition tackled the merging of humans and machines as a new species. Isaac Asimov meets Andy Clark.We also got a bit philosophical about AI and jobs. If machines take over the “easy” roles, where do humans begin? Are we cutting off our own training paths?Sean's episode with John Solomon dug into the cybersecurity hiring crisis—challenging the idea that we have a “talent gap.” The real issue? We're not hiring or nurturing people properly.Oh, and I finally released my long-overdue interview with Michael Sheldrick from Global Citizen. Music. Social impact. Doing good. It's all there. I'm honored to support even a small piece of what he's building.And yes… Ozzy. RIP. Music never dies.So if you're into random reflections with meaning, tech with humanity, and stories that don't always follow the rules—subscribe, share, and join the ride.See you in Vegas. Or the future. Or somewhere in between.________________ KeywordsBlack Hat USA 2025, ITSPmagazine recap, Marco Ciappelli, Sean Martin, cybersecurity podcast, AI in cybersecurity, agentic automation, Dropzone AI, Akamai APIs, HITRUST security, Global Citizen, Michael Sheldrick, storytelling podcast, Redefining Society, Andy Clark, Isaac Asimov, human-machine evolution, cybersecurity talent gap, custom guitar NYC, Ozzy tributeHosts links: