Podcasts about breaches

Starbucks, Coinbase, Stryker, Avis, Telus, Michelin & also about 50 other organizations are all part of the mess this week!

US has issued a new Russia-related general license permitting the sale of Russian crude oil and petroleum products loaded on vessels as of March 12.ByteDance reportedly plans to tap NVIDIA (NVDA) Blackwell processors that are barred for export to China, with the Co. working with Aolani Cloud on plans to use some 500 Blackwell computing systems in Malaysia, according to WSJ.European equities soften, BESI NA surges on takeover rumours; US equity futures muted ahead of PCE, GDP.DXY extends above the 100 handle, GBP slips post-GDP.Fixed income choppy and energy prices and risk tone continue to dictate price action.Brent hovers around USD 100/bbl and metals dragged by a firmer dollar. Looking ahead, highlights include Canadian Jobs Report (Feb), US Core PCE Price Index (Jan), Durable Goods Orders (Jan), Personal Spending (Jan), JOLTS (Jan), University of Michigan Consumer Sentiment Prelim. (Mar), Atlanta Fed GDP. Rating updates include Scope Ratings on UK & Spain, S&P on Spain, Moody's on Greece & Germany, Fitch on Spain & Italy.Read the full report covering Equities, Forex, Fixed Income, Commodites and more on Newsquawk

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

The Unsecurity Podcast is back for our annual discussion with Pinky, FRSecure's Incident Response Manager, to discuss the "Breachmas" season.Breachmas is a time of year or a phenomenon when attackers pull a few more levers available to them—more people on PTO, increased online spending, and general busyness contributing to less focus. The result is an uptick in cyber incidents nearing the end of each calendar year.As the team lead of FRSecure's blue team, Pinky lives and breathes incident handling. Each year, we like to get his perspective on how Breachmas has changed or evolved to stay better informed on how to protect our clients (and ourselves). This is a reflection of what we saw at year-end 2025, along with suggestions moving forward!In this episode, learn about:Resurgence of RansomwareImportance of Conditional AccessTaking a Layered Approach to Security ToolsLogs, Baselining, and Anomaly DetectionEvilGinx and Token Theft AttacksNew This Year: Extortion and AILike, subscribe, and share with your network to stay informed about the latest in cyber and information security!We want to hear from you! Reach out at unsecurity@frsecure.com and follow us for more:LinkedIn: https://www.linkedin.com/company/frsecure/Instagram: https://www.instagram.com/frsecureofficial/Facebook: https://www.facebook.com/frsecure/BlueSky: https://bsky.app/profile/frsecure.bsky.socialAbout FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Cybersecurity at ViVE series on The Beat Podcast, host Sandy Vance sits down with Chad Alessi, Managing Director of Cybersecurity at CTG, for a wide-ranging conversation about what it really takes to protect healthcare organizations in today's threat landscape. With a background spanning chemical engineering, the U.S. Marines, energy sector Operational Technology security, and IT consulting, Chad brings a unique cross-industry perspective to healthcare cybersecurity. From the difference between cybersecurity and cyber resilience to the rise of AI-powered attacks, this episode is packed with practical insights for healthcare leaders who want to stay ahead of what is coming. In this episode, they talk about how: Cyber resilience focuses on operational continuity when an attack happens, not just prevention Breaches resolved within 200 days can save organizations over $1 million Bad actors often sit idle inside networks for months, collecting data before launching an attack Baseline requirements are identity-first security, including multi-factor authentication (MFA) and privileged access management Human-only Security Operations Center (SOC) models are too slow to keep up with today's automated, AI-powered attacks CTG uses Microsoft's Unified Security Operations (SecOps) platform to eliminate tool sprawl and improve response time Zero-trust architecture is expanding from department-level to enterprise-wide in healthcare New HIPAA regulations now require provable network segmentation for legacy medical devices AI-assisted security operations will continue to grow in the next few years A Little About Chad: As CTG's Managing Director of Cybersecurity, Chad Alessi leverages decades of experience in technology, cybersecurity, and operational strategy across enterprise and mid-market sectors to meet the evolving cybersecurity needs of clients in the U.S. During his time in IT consulting, Chad was instrumental in driving IT transformation in the company's regulated pipeline and gas processing business units. He holds a BS in Chemical Engineering, an MBA from the University of Alabama, an MS in Information Systems with a concentration in Information Security from Syracuse University, and post-graduate certifications in leadership, full stack development, cybersecurity, and cloud computing. Chad is known for his strong work ethic, integrity, resourcefulness, and service-based leadership, which he attributes to his time in the U.S. Marine Corps.

InstallFix attacks spread fake Claude code sites UNC4899 breaches crypto firm via trojanized file UK launches cyber-fraud crackdown unit Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-installfix-spreads-fake-claude-sites-unc4899-breaches-crypto-uk-cyber-fraud-crackdown/ Huge thanks to our sponsor, Dropzone AI It is 3 AM. New threat intelligence drops. An attack pattern targeting your industry. Your threat hunting team is four people, all on day shift, and already behind on last week's hunts.   By the time someone gets to it, the window for early detection has closed. The attacker is already inside. Tomorrow, I will tell you what Dropzone AI is bringing to RSAC to solve exactly this problem. If you cannot wait, head to dropzone.ai/rsa-2026-ai-diner.  

Zero Trust is easy to say. Hard to execute.Most organizations try to build it themselves.Most underestimate the complexity.Most get stuck in architecture diagrams instead of protecting what actually matters: data.If execution determines success – should you really be doing it alone?In this episode of Threat Talks, Lieuwe Jan Koning, Co-Founder and CTO at ON2IT Cybersecurity, sits down with Dr. Chase Cunningham, architect of the Zero Trust Extended (ZTX) framework, to break down what Zero Trust really requires in practice – not in theory.Zero Trust isn't a product. It's not a checkbox.It's a decision about what you protect first – and how seriously you take execution.If your job is to protect critical data without drowning in complexity, this episode will recalibrate your approach.Because in the end, Zero Trust doesn't fail on strategy.It fails on execution.Timestamps00:00 – Introduction to Zero Trust Data Protection00:50 – How Zero Trust Started at Forrester03:19 – The ZTX Framework and Structuring Zero Trust05:05 – Data at the Core of Zero Trust Data Protection08:22 – Success Factors for Effective Zero Trust Data Protection13:06 – Why Most Organizations Should Not DIY Zero Trust15:36 – Breaches, Misconfiguration, and Market Reality18:07 – How COVID Accelerated Zero Trust Adoption19:25 – Closing Thoughts on Zero Trust Fundamentals Key Topics Covered·         Where Zero Trust actually started – and how it evolved beyond network segmentation·         The shift from perimeter thinking to data-first protection·         Why most internal Zero Trust programs stall·         The operational discipline required to make Zero Trust workResources·         Threat Talks: https://threat-talks.com/ ·         ON2IT (Zero Trust as a Service): https://on2it.net/ ·         AMS-IX: https://www.ams-ix.net/ams·         Threat Talks playlist on Zero Trust:   https://www.youtube.com/playlist?list=PLF5mXtEG4t5wigSRB3fpyFfMYp3l1Ux2g·         Zero Trust Dictionary: https://on2it.net/resources/zero-trust-dictionary/ Subscribe to Threat Talks and turn on notifications for deep dives into the world's most active cyber threats and hands-on exploitation techniques.

In der 354. Episode von Irgendwas mit Recht ist Dr. Henrik Hanßen von Hogan Lovells zu Gast. Henrik wollte ursprünglich Richter werden, doch während des Referendariats entdeckte er seine Leidenschaft für die internationale Rechtsberatung. Heute liegt sein Schwerpunkt im IT-Recht und Datenschutzrecht. Ein zentrales Thema der Folge sind komplexe Verträge im Bereich Cloud Computing. Diese Verträge müssen unzählige regulatorische und technische Anforderungen von Unternehmen erfüllen. Ebenso berichtet er eindrucksvoll über den juristischen Umgang mit Ransomware-Angriffen. Dabei geht es um erpresserische Hackerangriffe auf Unternehmensnetzwerke. Wie laufen solche extrem eiligen Einsätze ab? Welche gesetzlichen Meldepflichten bestehen für betroffene Unternehmen? Warum vertrauen Unternehmen kriminellen Gruppierungen bei der Datenfreigabe? Zudem verrät unser Gast wertvolle Tipps für angehende Juristen. Worauf achten Großkanzleien wirklich bei Bewerbungsgesprächen? Sind Examensnoten am Ende das wichtigste Kriterium? Antworten auf diese und viele weitere Fragen erhaltet Ihr in dieser Folge von IMR. Viel Spaß!

LexisNexis, LeakBase, Nissan, The FBI and more are all part of this week's fun!

Attackers are moving in 72 minutes. One CISO has already eliminated the entire SOC team. And the industry is spending a quarter of a trillion dollars while struggling to define what "resilience" even means. In this edition of Lens Four, Sean Martin looks at the cybersecurity landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter.

The Unsecurity Podcast returns with a truly joyful conversation with FRecure's own Jo Moldenhauer.Jo, an Associate Information Security Consultant, is famous around the FRSecure office for her weekly security news reviews, where she meticulously compiles articles and talking points for a company-wide discussion around industry trends and snapshots.And this couldn't have been easy to do. Jo's path to InfoSec is a recent and unique one—transitioning from dealing blackjack at casinos after most of them ceased operations during the COVID-19 pandemic. You can see how being tasked with leading a discussion to 75+ industry pros like this as a relative newcomer could be challenging—but Jo simply crushes it.In this episode, learn about:Non-traditional information security career pathsWhat makes "good" InfoSec newsWhy talking about industry news is important to FRSecure (and beyond)How vCISO engagements and risk assessments guide talking pointsThe Gaming (casino) and InfoSec industry Venn Diagram (and what they can learn from each other)User and security awareness training, culture, and incentive ideasLike, subscribe, and share with your network to stay informed about the latest in cyber and information security!We want to hear from you! Reach out at unsecurity@frsecure.com and follow us for more:LinkedIn: https://www.linkedin.com/company/frsecure/Instagram: https://www.instagram.com/frsecureofficial/Facebook: https://www.facebook.com/frsecure/BlueSky: https://bsky.app/profile/frsecure.bsky.socialAbout FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start or looking for a team of experts to collaborate with you, we are ready to serve.

Attackers are moving in 72 minutes. One CISO has already eliminated the entire SOC team. And the industry is spending a quarter of a trillion dollars while struggling to define what "resilience" even means. In this edition of Lens Four, Sean Martin looks at the cybersecurity landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter.

The French Government, PayPal, Wynn Resorts, Candian Gun Owners, and so many more are part of this week's data breaches! Honestly, this week felt like Canada Week!

Irish SMEs may be unknowingly breaching GDPR and failing to meet Workplace Relations Commission (WRC) record-keeping requirements due to widespread gaps in how HR documents are stored, accessed, and governed. That is, according to new findings published from the Irish SME HR Report, by Ireland's leading people management platform, HRLocker. The report, based on responses from professionals working on HR in organisations employing 20–249 people, reveals that document disorder has become one of the most significant, yet preventable, compliance risks facing Irish businesses. Two-thirds breach GDPR due to insecure HR data storage Under Articles 5 and 32 of the EU's General Data Protection Regulation (GDPR), employers must ensure the integrity, confidentiality, and security of employees' personal data. Yet 66 per cent of SMEs continue to store HR documents in insecure systems, including general cloud folders (32 per cent), local hard drives (11 per cent), paper files (11 per cent) and email threads (9 per cent). The Data Protection Commission has already investigated SMEs for similar failures. In a recently published case, an employer mishandled sensitive employment information during a data breach, prompting an official complaint and regulatory intervention. The DPC found that the organisation had not implemented adequate safeguards to protect employee data, providing a clear example of the real?world consequences of poor HR document governance. Under GDPR, failures of this kind can result in administrative fines of up to €10 million or 2 per cent of global turnover, as well as compensation claims from affected employees. More than half failing to comply with data protection regulations The report highlights that 59 per cent of SMEs lack accurate, formal version control, risking breaches of GDPR Article 5(1)(d), which requires organisations to maintain accurate and up?to?date employee records. Further, 56 per cent do not have a current retention policy for HR data, despite the GDPR storage limitation principle and obligations under the Data Protection Act 2018. Mid-sized SMEs (50–99 employees) are the least compliant, with over one-third (39 per cent) lacking any retention policy at all. Without version control or retention schedules, SMEs cannot demonstrate compliance during WRC inspections or GDPR investigations, leaving them exposed to enforcement action, compensation claims, and costly remediation work. More than one in three risks undermining accountability requirements There is a clear lack of auditability in the sector, with 26 per cent of SMEs reporting that they do not maintain an audit trail for HR document access and changes. A further 27 per cent are unsure whether one exists, meaning more than one in three lack robust processes. This lack and uncertainty place organisations at risk of breaching GDPR Articles 24 and 30, which require employers to demonstrate accountability and maintain clear records of processing activities. In the event of a data-access request, breach investigation, or WRC inspection, the absence of an audit trail can lead to immediate compliance failure. Non-compliance carries real financial and operational consequences Governance gaps fuelled by document disorder also undermine compliance with core Workplace Relations Commission (WRC) record-keeping obligations, including requirements to maintain accurate, accessible, and up-to-date records on: Working hours Annual leave and public holidays Contracts and terms of employment Payroll and remuneration Disciplinary and grievance procedures Under the Workplace Relations Act 2023, missing audit trails, outdated files, or scattered storage systems can result in fixed-payment notices of up to €2,000 per offence, in addition to compensation awards to employees and orders to rectify records at the employer's expense. These costs come on top of business disruption during follow-up inspections and reputational damage that undermines employee trust. A preven...

An AI-driven hacking campaign breached 600 Fortinet devices, Ivanti was hacked via its own product, Wikipedia bans Archive-dot-Today for DDoS attacks, and Chinese hackers breached Italy's police force. Show notes Risky Bulletin: AI-driven hacking campaign breaches 600+ Fortinet devices

Patient stories are powerful and that's exactly why pharma want to use them. In this episode, Rina and Jean analyse three AstraZeneca videos that used patient testimony describing treatment as “the best”, and why that language ultimately led to PMCPA breaches. A must-listen for anyone approving patient-facing or patient-led materials under the ABPI Code.(Case/0360/11/24 & /0355/11/24 & /0377/11/24)

It's episode 333! What a number! Nice round edges, repeating, it's big...ah, what a day. With GGG announcing PoE 1 and Path of Exile 2 news in the same week, they provided lots of content to throw around. We have Breaches, Vaal thingies, screen-hopping, Atlas stuff, mapping, checkpoints...nothing like a good checkpoint! Just chatting with a buddy about our favourite game for the 333rd time. Good times. Thanks for being a part this week (and so many others). We love that you're here. You're the best.Forever Exiled Info:www.foreverexiled.comPatreonTwitter @ForeverExiled82Path of Exile WebsiteWrecker of Days Builds ListDiscord...FE Merch StoreFE Nexus Store

The Dutch Police, Salesforce, CarGurus, Adidas, Canada Goose are all part of this week's fun! FYI, I'm trying a new format for info delivery in this segment. If you're a regular Breaches watcher/listener, I'd love feedback (good or bad!)

This week on Driving Law, Kyla Lee discusses appearing at the Supreme Court of Canada on behalf of Women in Canadian Criminal Defence (WiCCD) in a case about compelled accident statements and the right to silence. The episode explores how roadside detention laws disproportionately impact women and marginalized people. Kyla and Paul also break down a major B.C. Court of Appeal decision upholding the Privacy Commissioner's authority to ban Clearview AI's facial recognition scraping in British Columbia, and discuss privacy breaches connected to the Lapu-Lapu Day tragedy. Plus, a Florida Jaguar driver wedges a convertible under a school bus and somehow survives — Ridiculous Driver of the Week. Check out the "Lawyer Told Me Not To Talk To You" T-shirts and hoodies at Lawyertoldme.com and "Sit Still Jackson" at sitstilljackson.com.

In this special joint episode of The Consumer Finance Podcast and Payments Pros, Taylor Gess and Kim Phan discuss key privacy and data security risks in point-of-sale finance. They dive into regulators' growing view that every player in the payments chain shares responsibility for protecting data, highlighting best practices for vendor management, PCI DSS oversight, and incident response planning. The episode also touches on the shifting patchwork of state privacy and breach notification laws, GLBA exemptions, and the risks of data monetization, including when packaging and selling transaction data can trigger Fair Credit Reporting Act obligations. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Volvo, Comcast, the entire population of Senegal, Telegram, an AI Chat App, and Russia's state required messaging platform are all the reasons why we should just quit the internet...

This week on Driving Law, Kyla Lee and Paul Doroshenko break down a constitutional challenge out of Nunavut arguing that mandatory driving prohibitions amount to cruel and unusual punishment for Inuit hunters. They also analyze a major B.C. impaired driving decision involving multiple Charter breaches and what it means for roadside investigations going forward. Plus, a discussion about proposed changes to allow paralegals to handle serious driving offences — and Florida earns Ridiculous Driver of the Week. Check out the "Lawyer Told Me Not To Talk To You" T-shirts and hoodies at Lawyertoldme.com and "Sit Still Jackson" at sitstilljackson.com.

This episode was first published on 18 July 2025.Cyber attacks can feel a layer detached from the real world. Yes, businesses frequently see IP stolen, get frozen out of systems, or have data wiped by malicious actors. But if you haven't got your finger on the pulse, cyber attacks can also fail to register in your day to day.But there are instances where cyber attacks come crashing into the lives of everyday people, and become impossible to ignore: when attackers go after critical infrastructure and operational technology. Breaches and malware attacks at power and water plants, against core supply chain organizations, or against transport networks can all cause catastrophic damage, enormous financial losses – and even lead to deaths.In this episode, Rory speaks with Magpie Graham, technical director of intel and services at Dragos, to discuss attacks on operational technology, critical infrastructure, and the future of large-scale cyber attacks.Read more:What is operational technology – and why is it at risk?Manufacturing firms are struggling to handle rising OT security threatsWhen everything connects, everything's at riskFormer NCSC head says the Jaguar Land Rover attack was the 'single most financially damaging cyber event ever to hit the UK' as impact laid bareCISA shares lessons learned from Polish power grid hack – and how to prevent disaster striking again

Flickr, Substack, Panera, Iron Mountain, Harvard, roughly every Chinese citizen and AI Social Network Moltbook are all part of this week's breaches insanity!

Welcome to the second annual Florida February, where the stories get dumber, the dramatics get louder, and our sound-FX machine is working overtime. Trevin falls for another brilliant marketing trap courtesy of Lil Dicky's Buzzballs commercials and arrives with a “celebratory” beverage. Amanda dresses up for a fancy work New Year party, only to crash in her makeup and wake up with her acne in full goblin mode. We kick things off with Killer Facts from the Sunshine State. Amanda spotlights the adorable oddity of the world's smallest police station in Carrabelle, Florida, while Trevin heads to Quincy, where Pat Munroe's Coca-Cola hunch turned a tiny town into a community of soda millionaires. Our first story dives into the Wreck Bar in Fort Lauderdale, home to performing mermaids Whitney Fair and Mia Mellies. Their years-long rivalry involves nudity, alleged witchcraft, and multiple visits from law enforcement. You may have seen this case on HBO's It's Florida, Man—but you've never heard it like this. And yes, we've got an update. Then Trevin takes us to St. Petersburg and the offices of 1-800Accountant, where a new HR director's petty streak and serious attitude problem spiral into an unauthorized access nightmare that threatens the entire company. Two Florida stories, one shared theme: system breaches fueled by pure pettiness. So hack into your podcast app of choice and dive in. Welcome to Florida. Today's Stories: • A Mermaid Scorned • HR Nightmare Join our Facebook Group: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.facebook.com/groups/livelaughlarcenydoomedcrew⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ For ad-free episodes and lots of other bonus content, join our Patreon! ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/LiveLaughLarceny⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Check out our website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Here⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Follow us on Instagram: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Here⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Follow us on Facebook: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Here⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Follow us on TikTok: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Here⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you have a crime you'd like to hear on our show OR have a personal petty story, email us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠livelaughlarceny@gmail.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ or send us a DM on any of our socials! Learn more about your ad choices. Visit podcastchoices.com/adchoices

Guest Samantha Schalk, LMSW, CAADC, CIMHP, shares common HIPAA compliance gaps therapists often miss, including missing written policies, skipped security risk analyses, and weak device and website security. She also offers practical guidance on preventing breaches and staying compliant through simple, ongoing check-ins and documentation. Learn more about today's guest here: https://www.guardianclinicalessentials.com/ & https://www.facebook.com/people/Guardian-Clinical-Essentials/61580153491733/ Sponsored by TherapyNotes®: Looking to switch EHRs? Try TherapyNotes® for 2 months free by using promo code ABUNDANT at therapynotes.com. Ready to fill your practice faster? Join the Abundance Party today and get 99% off your first month with promo code PODCAST: www.abundancepracticebuilding.com/abundanceparty

Hackers aren't stealing passwords anymore. They're stealing what makes companies valuable.We cover: • The European Space Agency breach and why even elite organizations aren't safe • Pig butchering romance scams and how social engineering targets human psychology • The Nike data breach where attackers stole intellectual property, not customer data • AI voice cloning, deepfake scams, and real-world fraud attempts • Why modern cybercrime looks more like organized crime than traditional hacking.If you care about cybersecurity threats, ransomware groups, AI scams, social engineering attacks, or how hackers actually operate today, this episode will change how you think about risk.Cybercrime is evolving fast. Most defenses aren't.CHAPTERS00:00 – Hackers stopped stealing passwords and started stealing everything 01:50 – Welcome to Chaos + panel intros 03:40 – Meme culture, cold weather, and why Dino has too much free time 04:25 – European Space Agency hacked twice in one month 06:00 – If rocket scientists can't keep hackers out… 07:10 – Space nerds, Carl Sagan, and stardust detour 08:15 – Romance scams and pig butchering explained 09:20 – “Wrong number” texts and how the scam really starts 10:50 – How victims are slowly manipulated into crypto scams 12:25 – The 764 gang and psychological weaponization 13:40 – The dark twist: scammers as human trafficking victims 16:40 – Luxury lifestyles, urgency, and fake success 18:20 – Why victims don't report scams 23:30 – Fake job offers and too-good-to-be-true salaries 24:20 – Nike breach isn't what you think 25:45 – Why hackers skipped customer data entirely 27:10 – WorldLeaks, ransomware evolution, and pure extortion 28:35 – 1.4TB of stolen intellectual property 30:30 – Stealing what actually makes Nike… NikeQuestions? Text our Studio direct. We read these and when helpful we give a special shout out for those to contact us.Growth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show

Panera Bread, Canada Computers, Stellantis, Match, Hinge, OKcupid, Krispy Kreme, Bumble and one Kiwi's desire to get some teeth are all part of this week's breaches!

Max and Q cover the latest happenings in the world of Bitcoin, privacy and much more. AOBBusy BoyFTF: New Year. New Freedom Tech GoalsSamourai reminderBitcoin/Crypto donations now available14.8 k SignaturesThird letter from Keonne now available via The RageNEWSBanter Rule UK- https://www.dailymail.co.uk/news/article-15454419/Labour-banter-ban-cost-firms-60million-enforce.html A French company that helps calculate taxes on crypto has been breached and it's suspected that info on 50,000 clients has been leaked.- https://www.leparisien.fr/faits-divers/cryptomonnaies-la-plate-forme-waltio-victime-de-tentative-dextorsion-par-les-mysterieux-shiny-hunters-23-01-2026-KBCBLDCHANDMDIUM6W2JIMJHMM.php Bitcoin hashrate drops 8% as US miners curtail during Winter Storm Fern- https://blockspace.media/insight/bitcoin-hashrate-drops-8-as-us-miners-curtail-during-winter-storm-fern/ Meet John Lick: Stealer of Stolen Funds - https://x.com/zachxbt/status/2014685263327351116 Write a letter of support for Roman Storm- https://freeromanstorm.com/write-letterFrom "A developer": I'm not going to post this on socials as I'm done arguing with plebs who can't verify and read the code for themself, but FYI, I just read through the BIP110 activation client code and: Contrary to the activation parameters as written in the BIP (BIP9 style activation, miner activated), the actual activation client has an additional BIP148 style enforcement starting around August 1st. When the threshold of 55% blocks signaling for bip110 in a single window (2016 blocks) has not been reached, any block that is not signaling for BIP110 after August 1st will be rejected by the activation client, basically splitting themself of, or even coming to a complete halt if there's no hashpower. Looking at the node counts and virtue signaling on X, this is going to be interesting to watch.https://github.com/dathonohm/bitcoin/commit/10bb4479dff1b9cb833795df5e6fab27c71def6d#diff-97c3a52bc5fad452d82670a7fd291800bae20c7bc35bb82686c2c0a4ea7b5b98R4652UPDATES/RELEASESPhoenixd Dashboard: New Analytics Page- https://x.com/_miguelmedeiros/status/2013989529196060902Bithypha: New auto-analysis - display all taint paths between transactions, clusters, and addresses.- https://x.com/bithypha/status/2014650957611561356Envoy 2.2.1: Prime Connectivity- https://x.com/FOUNDATIONdvcs/status/2014679768365482491MyNymBox- DNS Management and Client Portal Merged (https://x.com/mynymbox/status/2015141559239356477)- New Docs Site (https://docs.mynymbox.io/)- Tons of New Templates (https://mynymbox.io/apptemplates)Clawdbot: The New AI Frenzy- https://x.com/damianplayer/status/2015105669620269373MapleAI: Connect Your Clawdbot- https://x.com/marksuman/status/2015653223504269602Crypto Privacy Tracker: Tracking private cryptocurrency value across coins and protocols- https://x.com/cryptoprvcy/status/2014439254592462999Peach: BTC Payserver Plugin- https://x.com/peachbitcoin/status/2015791375854321702Zeus: Adds Stealth Mode- https://x.com/ZeusLN/status/2015782022439190639EDUCATIONEscape the Technocracy: 3D Printing for Radicals Course- https://escapethetechnocracy.com/product-3d-printing-video-course/Cryptography Mathematics Course by Fundamentals ( https://cryptography-xi.vercel.app/)Sparrow Wallet Course by Fundamentals (https://sparrow-deploy.vercel.app/)HELP GET SAMOURAI A PARDONSIGN THE PETITION ----> https://www.change.org/p/stand-up-for-freedom-pardon-the-innocent-coders-jailed-for-building-privacy-tools DONATE TO THE FAMILIES ----> https://www.givesendgo.com/billandkeonneSUPPORT ON SOCIAL MEDIA ---> https://billandkeonne.org/VALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!MYNYMBOXhttps://mynymbox.ioYour go-to for anonymous server hosting solutions, featuring: virtual private & dedicated servers, domain registration and DNS parking. We don't require any of your personal information, and you can purchase using Bitcoin, Lightning, Monero and many other cryptos.Explore benefits such as No KYC, complete privacy & security, and human support.(00:00:00) INTRO(00:00:57) THANK YOU FOUNDATION(00:01:38) THANK YOU CAKE WALLET(00:02:42) Crunch Time, Stress & Coffee(00:07:03) Pardon Samourai Updates(00:09:57) UK "Banter Ban" (00:12:47) French Crypto Tax Business Hacked(00:15:03) Crypto Thieves Flex, ZachXBT Traces Funds(00:20:14) US Winter Storm Leads Hashrate Loss(00:28:38) BIP 110 Activation Drama(00:40:26) Letter of Support for Roman(00:41:44) BOOSTS(00:48:33) PhoenixD Dashboard Analytics(00:51:39) Bithypha: New Auto-Analysis(00:54:14) Envoy 2.2.1: Prime Connectivity(00:55:21) MyNymBox Updates(00:56:55) Clawdbots...Now Moltbots(01:04:54) MapleMoltBots(01:07:09) Crypto Privacy Tracker(01:08:13) Peach BTC Pay Plugin(01:09:45) ZEUS Stealth Mode(01:11:17) ETT: 3D Printing for Radicals(01:13:46) Cryptography Mathematics Course by Fundamentals(01:14:47) Sparrow Wallet Course by Fundamentals(01:17:51) THANK YOU MYNYMBOX

Got a question or comment? Message us here!Insider threats don't start with malware ... they start with access. From disgruntled employees to overlooked contractors, this episode breaks down real-world cases, common patterns, and how organizations can better protect what matters most.

This episode of Security Squawk breaks down a familiar and dangerous pattern in cybersecurity. Major brands are losing data. Attackers are moving fast. And companies are still relying on silence and delay as a response strategy. We cover hackers auctioning stolen source code from a major retailer, an unprotected database exposing millions of Gmail and Instagram records, ransomware claims involving Nike and Under Armour, and a gas station breach that exposed Social Security numbers. This is not about advanced hacking techniques or rare exploits. It is about basic security failures, weak response decisions, and the real business impact of hesitation after data exposure. If you are a business owner, executive, or IT leader, this episode explains why modern breaches cause damage long before confirmation and why waiting to respond often shifts risk onto customers and employees

Gmail, Nike, Under Armour, McDonald's, Apple, Nvidia, LG, Tesla, SoundCloud, Crunchbase and whole bunch of fines are all part of this week's mess...

President Donald Trump is set to be at the World Economic Forum in Davos with Greenland top of the agenda. Lindsey Halligan is stepping away from her as US Attorney role. The Justice Department admits that DOGE employees have inappropriately handled sensitive data. Israeli Prime Minister Benjamin Netanyahu has joined Trump's “Board of Peace” for Gaza. Plus, the man who assassinated Japan's former Prime Minister has been sentenced. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Kaiser Permanente, Oracle (again), Petco, JPMorgan, Eurail, the AI agents use and love(?) and about a billion lawsuits are all part of this week's breaches!

Mentor Sessions Ep. 047: Human Hacking Bitcoin Wallets, Deadly Social Engineering Scams & Nuclear Breaches | Christopher HadnagyWhat if one phone call could drain your Bitcoin wallet like MGM's $190M ransomware nightmare, or social engineering tricks from Jamaican bank heists expose why Bitcoin's human element is your biggest security flaw? In this episode of BTC Sessions, world-renowned human hacking expert Christopher Hadnagy reveals how AI-fueled scams like sextortion are exploding, and targeting Bitcoin holders with FOMO, romance frauds, and voice phishing that bypasses security. He breaks down wild stories of tailgating, breaking into nuclear facilities and owning bank servers with just a clipboard, proving no system is safe from psychological manipulation. Chris warns of dark web guides and shares pro defenses like code words, MFA, and OSINT to hack-proof your sats. From QR phishing to AI accent-erasing vishing, he exposes how hackers spoof LinkedIn for $250K Bitcoin thefts. As founder of Innocent Lives Foundation, Chris flips his skills to hunt predators worldwide, rescuing kids from exploitation rings. If you're self-custodying BTC, this is your must-watch guide to human hacking threats, social engineering secrets, and Bitcoin security mastery—don't let hackers own you!About Christopher HadnagyWebsite: https://www.social-engineer.com/Podcast: https://www.social-engineer.org/podcast/X: @humanhackerInnocent Lives Foundation: https://www.innocentlivesfoundation.org/Chapters:00:00:00 Teaser & Intro00:01:35 Guest Intro & Social Engineering Definition00:02:58 Jamaican Bank Heist00:09:21 Heist Reflections00:10:19 Tactics: OSINT, Pretexts & Influence00:14:51 Bitcoin's Human Flaw00:16:31 Common Pretexts & LinkedIn Scams00:20:57 Scam Losses & Global Impact00:22:55 Motivations: FOMO, Romance & Sextortion00:28:42 AI's Role in Scams00:32:35 Vectors: Phishing, Vishing & MGM00:35:17 Generational Shifts: Smishing/QR00:38:53 Defenses: Verification, Code Words & MFA00:42:19 Breaches & Security Failures00:45:51 Sovereign Computing & Nostr00:47:22 Nuclear Facility Stories00:53:57 Innocent Lives Foundation Origins00:58:06 ILF Mission, Impact & Resources01:02:46 Podcast, Class & ClosingPrevious Episode:Mentor Sessions Ep. 046: Bitcoin 2026 Bull Run, TradFi Myths & Fed Liquidity Secrets | Joe Consorti: https://youtu.be/7p16VXpyEpU⚡ POWERED by Abundant Mines: Fully managed Bitcoin mining. Learn more at https://qrco.de/bgYKPB

Today on Security Squawk we are breaking down three different incidents that all point to the same underlying issue. Basic security failures with real consequences. An Oregon state agency exposes personal information tied to environmental complaints. Nissan suffers a ransomware incident that leaks nearly 900 gigabytes of internal data. And an Illinois government agency exposes sensitive information connected to more than 700,000 individuals. Randy Bryan, Reginald Andre, and Bryan Hornung walk through what actually happened, why these incidents keep repeating across industries, and what they mean for businesses that assume they are too small or too quiet to be targeted. If government agencies and global manufacturers are struggling with access control, monitoring, and accountability, the real question is what that means for your organization. Join us live to understand the risks and what to do next. Join Randy Bryan, Reginald Andre, and Bryan Hornung live and be part of the conversation.

The FBI warns of Kimsuky quishing. Singapore warns of a critical vulnerability in Advantech IoT management platforms. Russia's Fancy Bear targets energy research, defense collaboration, and government communications. Malaysia and Indonesia suspend access to X. Researchers warn a large-scale fraud operation is using AI-generated personas to trap mobile users in a social engineering scam. BreachForums gets breached. The NSA names a new Deputy Director. Monday Biz Brief. Our guest is Sasha Ingber, host of the International Spy Museum's SpyCast podcast. The commuter who hacked his scooter.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Sasha Ingber, host of the International Spy Museum's SpyCast podcast, on the return of SpyCast to the N2K CyberWire network. Selected Reading North Korea–linked APT Kimsuky behind quishing attacks, FBI warns (Security Affairs)  Advantech patches maximum-severity SQL injection flaw in IoT products (Beyond Machines) Russia's APT28 Targeting Energy Research, Defense Collaboration Entities (SecurityWeek) Malaysia and Indonesia block X over deepfake smut (The Register) New OPCOPRO Scam Uses AI and Fake WhatsApp Groups to Defraud Victim (Hackread) BreachForums hacking forum database leaked, exposing 324,000 accounts (Bleeping Computer) Former NSA insider Kosiba brought back as spy agency's No. 2 (The Record) Vega raises $120 million in a Series B round led by Accel. Reverse engineering my cloud-connected e-scooter and finding the master key to unlock all scooters (Rasmus Moorats) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

NordVPN, Hardware wallet giant Ledger, Instagram, 5 major countries are all part of this week's mess.

Microsoft to enforce MFA for Microsoft 365 admin center sign-ins Cisco patches ISE security vulnerability after PoC release Illinois state agency breaches itself Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk reduction and earning a CSO50 Award. See the Qualcomm case at hoxhunt.com/qualcomm Find the stories behind the headlines at CISOseries.com.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Barracuda, Oracle, Aflac, The European Space Agency, Wired and the "Tinder for N*zis" are all part of this week's insanity...

A new year - and so much to do! To start 2026, Richard flies solo again to discuss the issues he's seen on sysadmins' minds as we head into the new year. Obviously, AI is eating up a lot of the conversation from many different angles: tools that can help us be more productive, security issues in our organizations due to misuse, and now, AI-driven hacking. Security still looms large, and not just from an AI perspective - the latest round of supply chain attacks has led to litigation, putting new emphasis on making sure you're secure. Windows has a new leader, things are changing there, and there's the ongoing migration to the cloud. Does it still make sense? There seems to be more concern about data sovereignty than ever, and some meaningful conversations to have. Happy New Year!LinksAzure SRE Agents with Deepthi ChelupatiMicrosoft PurviewThe M365 Copilot Data Readiness Checklist with Nikki ChappleQuering for Breaches with Mark MorowcyznskiManaging Vendor Incidents with Mandi WallsIncident Management and the Crowdstrike event with Lieam WestleyMicrosoft IntuneMicrosoft Entra IDMicrosoft Defender for EndpointMicrosoft Entra ID Protection with Corissa KoopmansWindows Server 2025Upgrading to Windows Server 2025 with Robert SmitRecorded December 20, 2025

LastPass, SoundCloud, Pornhub, a lot of credit unions and so much more are all part of this week's mess!

We're going around the world to look at the worst breaches out there, including the possible worst breach ever in the internet age!

Meghan has finally managed to get a private letter to her father after days of trying to reach him, with her team accusing the Daily Mail of making discreet contact nearly impossible. An Express columnist criticises the email approach, calling it a “box-ticking exercise” while revisiting the long-running tensions inside the Markle family. Harry and Meghan also release a statement praising Australia's ban on under-sixteens using social media, saying the move protects children but doesn't solve tech's deeper problems. The couple add a surprise new Netflix documentary to their slate, Masaka Kids, A Rhythm Within, celebrating a Ugandan dance collective they've long supported. A PR expert argues Meghan should embrace the Hollywood model more openly. Meanwhile, King Charles launches a new line of royal Christmas ornaments and attends an Advent service at Westminster Abbey, speaking of “light, hope and peace.” Princess Anne earns praise for signing her Christmas card simply as “Anne and Tim,” a modest gesture that fans call quintessentially her.Hear our new show "Crown and Controversy: Prince Andrew" here.Check out "Palace Intrigue Presents: King WIlliam" here.

23andMe (again), Washington Post, hundreds of banks (again), ASUS, multiple politicians in Canada, and a breach so bad that someone had to move to the other side of the planet(!) are all part of this week's breaches!

This episode focuses on a security incident that prompts an honest discussion about transparency, preparedness, and the importance of strong processes. Sean Martin speaks with Viktor Petersson, Founder and CEO of Screenly, who shares how his team approaches digital signage security and how a recent alert from their bug bounty program helped validate the strength of their culture and workflows.Screenly provides a secure digital signage platform used by organizations that care deeply about device integrity, uptime, and lifecycle management. Healthcare facilities, financial services, and even NASA rely on these displays, which makes the security posture supporting them a priority. Viktor outlines why security functions best when embedded into culture rather than treated as a compliance checkbox. His team actively invests in continuous testing, including a structured bug bounty program that generates a steady flow of findings.The conversation centers on a real event: a report claiming that more than a thousand user accounts appeared in a public leak repository. Instead of assuming the worst or dismissing the claim, the team mobilized within hours. They validated the dataset, built correlation tooling, analyzed how many records were legitimate, and immediately reset affected accounts. Once they ruled out a breach of their systems, they traced the issue to compromised end user devices associated with previously known credential harvesting incidents.This scenario demonstrates how a strong internal process helps guide the team through verification, containment, and communication. Viktor emphasizes that optional security features only work when customers use them, which is why Screenly is moving to passwordless authentication using magic links. Removing passwords eliminates the attack vector entirely, improving security for customers without adding friction.For listeners, this episode offers a clear look at what rapid response discipline looks like, how bug bounty reports can add meaningful value, and why passwordless authentication is becoming a practical way forward for SaaS platforms. It is a timely reminder that transparency builds trust, and security culture determines how confidently a team can navigate unexpected events.Learn more about Screenly: https://itspm.ag/screenly1oNote: This story contains promotional content. Learn more.GUESTViktor Petersson, Co-founder of Screenly | On LinkedIn: https://www.linkedin.com/in/vpetersson/RESOURCESLearn more and catch more stories from Screenly: https://www.itspmagazine.com/directory/screenlyLinkedIn Post: https://www.linkedin.com/posts/vpetersson_screenly-security-incident-response-how-activity-7393741638918971392-otkkBlog: Security Incident Response: How We Investigated a Data Leak and What We're Doing Next: https://www.screenly.io/blog/2025/11/10/security-incident-response-magic-links/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlightKeywords: sean martin, marco ciappelli, viktor petersson, security, authentication, bugbounty, signage, incidentresponse, breaches, cybersecurity, brand story, brand marketing, marketing podcast, brand story podcast, brand spotlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the electric chaos of DEF CON—where dial tones, solder smoke, and hacker legends collide—one figure stands out: John Aff, aka PANDA.A veteran in the hacker community, he moves effortlessly between challenge design, telephony wizardry, mesh networking experiments, and the culture that surrounds it all.Behind the reputation is a journey that started with game hacking, shifted into enterprise security, and evolved into a life built around creativity, community, and technical obsession. It's also a story of identity—of finding a place where personal expression and professional skill finally intersected.This conversation pulls back the curtain on a mind shaped by curiosity, lived experience, and a deep love for the craft.CHAPTERS00:00 - Introduction to Barcode Podcast00:24 - Meet Panda: Cybersecurity Icon01:47 - Panda's Journey into Cybersecurity10:12 - Creating Interactive Challenges for Conferences22:11 - Badge Building: The Art and Science28:00 - Lessons from Offensive Security for Defenders30:11 - Winning the TeleChallenge: A Team Effort35:10 - Nostalgia in Gaming: The Phone Verse Experience37:30 - Understanding LoRa and Mesh Networking43:20 - Real-World Applications of MeshTastic Technology49:14 - The Intersection of Furry Culture and Cybersecurity56:54 - Community Building and Future Aspirations in TechLINKSTeleFreak – https://telefreak.org Home of the legendary TeleChallenge and a cornerstone of phreaking culture at DEF CON.DEF CON – https://defcon.org The world's largest hacker conference and the backdrop for many of Panda's stories, competitions, and breakthroughs.RedSeer Security – https://redseersecurity.com The security practice Panda supports on the defensive and strategic side.Assura, Inc. – https://assurainc.com Where Panda leads offensive security operations and continuous testing programs.MeshTastic – https://meshtastic.org Open-source long-range mesh communication project central to Panda's community work.Comms For All – https://commsforall.com Panda's initiative focused on mesh networking, LoRa radios, and community education.B-Sides Jax – https://bsidesjax.org Conference where Panda built the interactive phone-based badge challenge.HackSpaceCon – https://hackspacecon.com The first conference where you and Panda crossed paths; a major Florida hacker gathering.JLCPCB – https://jlcpcb.com PCB manufacturing service used for producing custom badge hardware.EasyEDA – https://easyeda.com Design tool Panda uses to create the multilayer art and circuitry for badges.Vectorizer.AI – https://vectorizer.ai The AI-powered tool Panda relies on to convert artwork into vector format for PCB badge design.KiCad – https://kicad.org Open-source PCB design suite used for laying out circuits and prototyping badge hardware.Adtran – https://www.adtran.com Telecom hardware vendor whose legacy gateways were used in the BSides Jax phone challenge.QueerCon – https://www.queercon.org Long-running LGBTQ+ hacker community at DEF CON that collaborated with Panda on early badge projects.National Cyber Games (NCA Cyber Games) – https://nationalcybergames.org Competition platform where Panda designed MeshTastic-based CTF challenges.UNF Osprey Security – https://www.unf.edu University of North Florida's student security group that runs CTFs and collaborated locally with Panda.HackRedCon – https://hackredcon.com Security conference where Panda volunteers and participates in community events.Jax2600 – https://2600.com Local chapter of the classic 2600 hacker community, part of Panda's long-term involvement in grassroots infosec groups.Backdoors & Breaches – https://blackhillsinfosec.com/projects/backdoors-breaches Incident response card game Panda used for blue team development and tabletop exercises.

PREVIEW. Hezbollah Rises Again: Unfinished Business and Ceasefire Breaches in Lebanon. Edmund Fitton-Brown described Hezbollah as a "punched out fighter on the mat getting up slowly," rearming to a new scale of threat. There is definitely "unfinished business in Lebanon." Hezbollah intends to break the ceasefire, which is monitored by the United States and Israel. The Lebanese state has shown reluctance to disarm Hezbollah, which the ceasefire requires. 1899 BEIRUT