Podcasts about breaches

Living in poor conditions shouldn't be seen as a rite of passage for university students, according to the boss of MBIE's tenancy investigations team. The team inspected 14 rentals in North Dunedin last month and found several breaches of healthy homes standards. National Manager of MBIE's tenancy and compliance team, Brett Wilson spoke to Lisa Owen.

Send us Fan MailGabe and I dig into Shiny Hunters and why the scariest cyberattacks now look like ordinary logins instead of dramatic break-ins. We map how credential theft, social engineering, and SaaS data exports turn basic security hygiene into the difference between a close call and a headline. • Shiny Hunters' scale, loose structure, and why takedowns rarely stick • Why ransomware and extortion keep growing as a business model • How the tactics evolve from Microsoft 365 and developer creds to SaaS platforms like Salesforce • Credential stuffing, vishing, and smishing as “low-friction” intrusion paths • The Snowflake-style failure mode of missing MFA and weak password practices • Password reuse and how consumer breaches can cascade into enterprise access • Data retention and why old records increase privacy risk • Vendor risk and the shared responsibility model for identity and data • Practical steps that improve security without relying on perfect users If you guys have not been to our website, theproblemlounge.com, check it out. Got some new blogs up there. Sign up for the newsletter. Support us, follow us. Let's get this out to more people. Support the show

Episode 301: This week's episode dives into the tech stories that should keep you up at night. We start with the chilling reality of the 23andMe breach—proof that your genetic code, the one thing you can never change, can be stolen, sorted, and sold to the highest bidder. Then we move to smart‑city surveillance gone rogue, where police camera networks keep recording even after the city tries to shut them down, leaving officials resorting to trash bags and tape while the data quietly flows elsewhere. Add in AI-driven hardware shortages now hitting consumer devices, and the picture gets even more unsettling.But the unease doesn't stop there. We tease emerging tech that blurs the line between science and science fiction: Wi‑Fi systems that can identify you through walls, living neuron computers that learn, and AI models struggling to admit what they don't know. Finally, we ground it all with a space‑tech reality check—from Blue Origin delays to SpaceX's crypto holdings—reminding listeners that even the companies shaping the future aren't immune to chaos. If you want the stories that reveal how fragile our digital world really is, this is the episode you don't skip all coming up on TechTime Radio, with a little whiskey on the side.-- Full Episode Details:Your genetic code is now a commodity, and the scariest part is you can't cancel it, replace it, or reset it like a password. We open with the 23andMe breach and lawsuit, unpacking how credential stuffing can unlock deeply personal genetic data, why DNA privacy is permanent, and what it means when stolen data can be resold and targeted by group. If you've ever wondered whether consumer DNA testing is worth the risk, we lay out the tradeoffs in plain terms.Then we head straight into smart city surveillance with a story that's equal parts absurd and alarming: police camera networks that can't be shut off by the city that paid for them. When officials learn data is being shared beyond local law enforcement, the “solution” becomes literal black trash bags over the lenses. It's funny until you realize it exposes a bigger issue in public tech contracts, license plate reader systems, and who truly controls the technology embedded in daily life.We also connect the dots between AI infrastructure and your wallet, using the Steam Deck OLED price hike as a real-world signal of component shortages, supply chain pressure, and AI data centers consuming the same memory and compute ecosystem that powers consumer devices. Along the way, we play Two Truths and a Lie with stories about Wi-Fi based person identification and living neuron biocomputing, then talk AI reliability and the push for models that can finally say “I don't know” instead of hallucinating. We close with a space tech reality check from Blue Origin and a blunt conversation about SpaceX's Bitcoin holdings and why crypto still feels like speculation to a lot of people.If you like tech news that's practical, skeptical, and still fun, subscribe for weekly episodes, share this with a friend who loves debating privacy and AI, and leave us a review so more people can find the show.Send us Fan MailSupport the show

Trump Mobile, Charter Communications, Carnival, Zara, Signal, and more are all part of this week's breaches!

Caesars Entertainment, GitHub, Panasonic, 7-Eleven, NYC Health and a whole lot are all part of this week's insanity!

Interview with Dimitri Sirota from BigID Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework. Segment Resources: BigID's Agent Access Management Guide BigID's podcast, CTRL + ALT + AI This Week's Topic: Cascading Breaches We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend: How we can stop the chain of breaches from a third party library, vendor, or service provider How this might get handled at the legal, contractual, and organizational levels We discuss two big recent examples: Sonicwall's 2025 breach of their cloud firewall configuration backup service The compromise of Aqua Security's widely used Trivy open source tool The Weekly Enterprise News Finally, in the enterprise security news, Funding and M&A courtesy of the Security, Funded newsletter We have evidence that attackers are leveraging AI now (this sounds like old news, but there was little to no evidence before, when people were claiming this) The Angry admin problem emerges again Vulnerability information is getting crazy to keep up with Breach information is getting crazy to keep up with You can give your Agents an allowance now - don't spend it all in one place Are vulnerabilities sparse or dense? Mythos, as a model, isn't all that special Deploy your own deception sensors! Japan made something weird. Again. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-459

Weekly update is up! Crime Pays: The Instructure Ransom; Another Week of Breaches; New Govs Onboarded: Costa Rica, Bangladesh and The Bahamas https://www.troyhunt.com/weekly-update-504/See omnystudio.com/listener for privacy information.

Interview with Dimitri Sirota from BigID Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework. Segment Resources: BigID's Agent Access Management Guide BigID's podcast, CTRL + ALT + AI This Week's Topic: Cascading Breaches We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend: How we can stop the chain of breaches from a third party library, vendor, or service provider How this might get handled at the legal, contractual, and organizational levels We discuss two big recent examples: Sonicwall's 2025 breach of their cloud firewall configuration backup service The compromise of Aqua Security's widely used Trivy open source tool The Weekly Enterprise News Finally, in the enterprise security news, Funding and M&A courtesy of the Security, Funded newsletter We have evidence that attackers are leveraging AI now (this sounds like old news, but there was little to no evidence before, when people were claiming this) The Angry admin problem emerges again Vulnerability information is getting crazy to keep up with Breach information is getting crazy to keep up with You can give your Agents an allowance now - don't spend it all in one place Are vulnerabilities sparse or dense? Mythos, as a model, isn't all that special Deploy your own deception sensors! Japan made something weird. Again. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-459

Interview with Dimitri Sirota from BigID Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework. Segment Resources: BigID's Agent Access Management Guide BigID's podcast, CTRL + ALT + AI This Week's Topic: Cascading Breaches We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend: How we can stop the chain of breaches from a third party library, vendor, or service provider How this might get handled at the legal, contractual, and organizational levels We discuss two big recent examples: Sonicwall's 2025 breach of their cloud firewall configuration backup service The compromise of Aqua Security's widely used Trivy open source tool The Weekly Enterprise News Finally, in the enterprise security news, Funding and M&A courtesy of the Security, Funded newsletter We have evidence that attackers are leveraging AI now (this sounds like old news, but there was little to no evidence before, when people were claiming this) The Angry admin problem emerges again Vulnerability information is getting crazy to keep up with Breach information is getting crazy to keep up with You can give your Agents an allowance now - don't spend it all in one place Are vulnerabilities sparse or dense? Mythos, as a model, isn't all that special Deploy your own deception sensors! Japan made something weird. Again. All that and more, on this episode of Enterprise Security Weekly. This segment is sponsored by BigID. Visit https://securityweekly.com/bigid to learn more about them! Show Notes: https://securityweekly.com/esw-459

Interview with Dimitri Sirota from BigID Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework. Segment Resources: BigID's Agent Access Management Guide BigID's podcast, CTRL + ALT + AI This Week's Topic: Cascading Breaches We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend: How we can stop the chain of breaches from a third party library, vendor, or service provider How this might get handled at the legal, contractual, and organizational levels We discuss two big recent examples: Sonicwall's 2025 breach of their cloud firewall configuration backup service The compromise of Aqua Security's widely used Trivy open source tool The Weekly Enterprise News Finally, in the enterprise security news, Funding and M&A courtesy of the Security, Funded newsletter We have evidence that attackers are leveraging AI now (this sounds like old news, but there was little to no evidence before, when people were claiming this) The Angry admin problem emerges again Vulnerability information is getting crazy to keep up with Breach information is getting crazy to keep up with You can give your Agents an allowance now - don't spend it all in one place Are vulnerabilities sparse or dense? Mythos, as a model, isn't all that special Deploy your own deception sensors! Japan made something weird. Again. All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-459

Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM This episode explores how AI is accelerating both productivity and cyber risk. As attacks become faster and more automated, traditional perimeter security no longer holds. The conversation focuses on why organisations must assume compromise, adopt zero trust thinking, and build visibility before scaling AI. It highlights practical steps to govern AI use, reduce insider risk, and modernise access models beyond legacy VPNs. The core message is clear: embracing AI without security foundations can move your business backwards.

Sailpoint, Skoda, Best Western Hotels, DigiCert, Foxconn, and OpenAI are having a not great week...

迎約櫃之事雖遭挫折，但大衛其他諸事都大蒙神祝福： 1-2外交成就。此推羅王希蘭後來也幫助所羅門建聖殿。 3-7增添家室。多立後妃後來成為大衛家庭悲劇之源。 8-17擊敗非利士人。11「巴力毘拉心」意為“突破之主“ (the Lord of breaking-through)或“沖去之主“ (the Lord of Breaches)。16「基遍」是會幕所在，參十六40、代下一3。從此處戰勝有屬靈含意。

Zara, Trellix, Citizens Bank, Medtronic, Fiserv, and one of the worst breaches of minors' data in history, are part of this week's fun!

If you've ever wondered what happens when ransomware, bad decisions, cyber insurance confusion, and TikTok tech advice all collide in one spectacular dumpster fire… this episode is for you. The conversation dives into four fresh OCR enforcement actions that all share one painfully common theme: nobody did a proper risk analysis until after everything caught on fire. Add in cybersecurity "professionals" secretly helping ransomware gangs and business owners trying to replace enterprise security tools with AI-generated software from TikTok, and you've got an episode that somehow manages to be both educational and deeply concerning. More info at HelpMeWithHIPAA.com/559

For the latest and most important news of the day | https://www.thecanadianpressnews.ca To watch daily news videos, follow us on YouTube | https://www.youtube.com/@CdnPress The Canadian Press on X (formerly Twitter) | https://twitter.com/CdnPressNews The Canadian Press on LinkedIn | https://linkedin.com/showcase/98791543

You may have heard of Chase Huges. He is a behavioral expert with a large social media footprint. He often makes the case that we live in a world shaped by abstraction. In this teaching, I talk about how this leaves in a state of fracture and alienation where we think more than participate in reality and I think through some steps we can take to rediscover vitality and bliss. If you appreciate my work please consider making a donation to: "paypal.me/newdayglobal". Thank you!

See's Candies, Vimeo, Liberty Mutual Insurance, Carnival Cruises, Pitney Bowes, ADT and more are all part of this week's mess!

The digital health revolution is here, and so are serious questions about privacy and cybersecurityData is the new gold - but many health organisations, under pressure on the front line, are leaving the door to the safe openFind The Detail on Newsroom or RNZGo to this episode on rnz.co.nz for more details

A European Commission spokesperson says the European Union will keep options open to protect its interests if the U.S. breaches the trade agreement between the two sides, after U.S. President Donald Trump threatened that he will raise tariffs to 25 percent on cars and trucks imported from the E.U. next week.

Conditions in Europe thin amid Labour Day, FTSE 100 dragged by NatWest and AstraZeneca.US equity futures are modestly mixed. Apple (+2.8%) gains after strong results, driven by iPhone sales; SanDisk (-6.1%) dips despite a strong Q3 report.DXY is a touch lower; USD/JPY sank to a 155 handle, potentially on intervention.Fixed income futures are contained in limited conditions, with US data ahead.Crude futures remain elevated heading into another weekend of geopolitical risk.Looking ahead, highlights include US ISM Manufacturing (Apr), Speakers include BoE's Pill, Earnings from Chevron, Colgate, Exxon, Moderna, Estee Lauder.Holiday: Labour Day (Eurozone cash and derivatives closed).Read the full report covering Equities, Forex, Fixed Income, Commodites and more on Newsquawk

The S&P/ASX 200 has extended its losing streak to an eighth straight session, as oil surged past US$120 a barrel following comments from US President Donald Trump that he would extend the naval blockade of the Strait of Hormuz. The effect of rising oil prices is being reflected in company reports with Woolworths Group downgrading its full-year profit outlook, despite reporting a lift in third quarter food sales. For more, Stephanie Youssef spoke with TMS Private Wealth Portfolio Manager Ben Clark.

Concerns have been raised following recent inspections of several IPAS centres in County Clare, where a number of contractual breaches were identified, including issues around overcrowding, safety and living conditions. The inspections, carried out by the Department of Justice, Home Affairs and Migration, examined facilities in Lisdoonvarna, Ennis and Miltown Malbay, with mixed findings across the centres. Earlier, Alan Morrissey was joined by John Lannon, CEO of Doras to discuss what this means for residents and the wider system. John firstly gave me his reaction to the findings. And for more on this he was joined on the line by Clare MEP Michael McNamara. Image © Clare Fm

Writing a Robophobia Policy; This Week in Breaches; NDC Sydney: Pwned with Purpose https://www.troyhunt.com/weekly-update-501/See omnystudio.com/listener for privacy information.

Link to episode This week's Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon, CISO, American Century Investments, and Michael Bickford, former CISO, New York State Gaming Commission.  Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com. Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

What if learning cybersecurity felt less like a compliance checkbox and more like an adventure? In this episode, Geoff and Skyler sit down with two special guests to explore how gamification is revolutionizing the way people learn about security tactics and concepts. TrustedSec's Senior Security Consultant Travis Kaun drops in to talk about his latest community offering: Dungeons and Daemons, a web-based RPG that simulates a "live" engagement as a Red Teamer. We are also joined by Tim Doerges who is Lead Developer of Backdoors & Breaches at Black Hills InfoSec to talk about how this incident response card game has taken off since its launch and what developments are on the horizon. See demos of these games on YouTube to get a better understanding of why the future of cybersecurity education could be through gamified experiences. YouTube podcast video - https://youtu.be/rngJj3NFk0k  About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources. Resources: Backdoors and Breaches - https://www.blackhillsinfosec.com/tools/backdoorsandbreaches/ Dungeons and Demons - https://dnd.trustedsec.net TrustedSec - https://trustedsec.com Black Hills Security - https://blackhillsinfosec.com MetaCTF platform - https://metactf.com 

Comcast, McGraw Hill, Salesforce, Humana, Booking.com, Rockstar Games, Hasbro, and Snowflake are all part of this week's fun!

Fresno Unified trustees adopted a resolution this week aimed at addressing on-campus homages to Cesar Chavez, and the school district has begun to cover murals on school campuses honoring the late labor leader. Fresno Unified spokesperson Adela Garcia Duncan confirmed the district has begun the process of amending existing murals of Chavez after the emergence of sexual abuse allegations against the late labor icon. A lone hacker used Anthropic’s Claude and OpenAI’s ChatGPT to breach nine Mexican government agencies, stealing roughly 150 GB of data—about 195 million citizen records. Claude automated around 75% of remote commands, while ChatGPT handled data processing across 305 servers, allowing one person to act like a full cyber‑team. The breach exposes how publicly accessible AI can be weaponized for large‑scale hacking and signals major new threats to cybersecurity. Please Like, Comment and Follow 'Philip Teresi on KMJ' on all platforms: --- Philip Teresi on KMJ is available on the KMJNOW app, Apple Podcasts, Spotify, YouTube or wherever else you listen to podcasts. -- Philip Teresi on KMJ Weekdays 2-6 PM Pacific on News/Talk 580 AM & 105.9 FM KMJ | Website | Facebook | Instagram | X | Podcast | Amazon | - Everything KMJ KMJNOW App | Podcasts | Facebook | X | Instagram See omnystudio.com/listener for privacy information.

Fresno Unified trustees adopted a resolution this week aimed at addressing on-campus homages to Cesar Chavez, and the school district has begun to cover murals on school campuses honoring the late labor leader. Fresno Unified spokesperson Adela Garcia Duncan confirmed the district has begun the process of amending existing murals of Chavez after the emergence of sexual abuse allegations against the late labor icon. A lone hacker used Anthropic’s Claude and OpenAI’s ChatGPT to breach nine Mexican government agencies, stealing roughly 150 GB of data—about 195 million citizen records. Claude automated around 75% of remote commands, while ChatGPT handled data processing across 305 servers, allowing one person to act like a full cyber‑team. The breach exposes how publicly accessible AI can be weaponized for large‑scale hacking and signals major new threats to cybersecurity. Please Like, Comment and Follow 'Philip Teresi on KMJ' on all platforms: --- Philip Teresi on KMJ is available on the KMJNOW app, Apple Podcasts, Spotify, YouTube or wherever else you listen to podcasts. -- Philip Teresi on KMJ Weekdays 2-6 PM Pacific on News/Talk 580 AM & 105.9 FM KMJ | Website | Facebook | Instagram | X | Podcast | Amazon | - Everything KMJ KMJNOW App | Podcasts | Facebook | X | Instagram See omnystudio.com/listener for privacy information.

In this episode, James Maude sits down with Rob Black, founder and CEO of Fractional CISO, who started his career at RSA Security and had a front-row seat to one of the most consequential breaches in cybersecurity history, all while his wife was going into labor with their first child. From inventing patents at RSA to starting a one-man LinkedIn crusade against "SOC 2 in two weeks" scams, Rob's stories are equal parts entertaining and infuriating. He explains why compliance theater is actively making companies less secure, why your CEO needs to hear things with a dollar value, and why you should think about cybersecurity less like an asteroid and more like a roulette wheel. Plus, why the "Lexus of Fractional CISOs" doesn't own a single IoT device.

US President Trump threatened massive military escalation if Iran deal terms are not met, vowed no nuclear weapons, and they are to secure the Strait of Hormuz.Iran's Parliament Speaker Ghalibaf said three clauses of the 10-point plan have been violated so far, and as such, a bilateral ceasefire or negotiations is unreasonable.IRGC claimed on Thursday that shipping through the Strait of Hormuz slowed sharply and then stopped following what it said was an Israeli ceasefire violation in Lebanon, according to CNN.FOMC Minutes stated that many said persistently higher oil prices could keep inflation elevated long enough to justify rate rises.APAC stocks were lower in a mild pullback from yesterday's ceasefire-fuelled extremes; European equity futures indicate a marginally lower open with Euro Stoxx 50 futures down 0.1%.Looking ahead, highlights include German Trade Balance (Feb), Industrial Production (Feb), US Initial Jobless Claims (Apr/04), PCE Final (Feb), GDP Final (Q4), Atlanta Fed GDP, NBP Policy Announcement, Banxico Minutes. Comments from SNB's Schlegel. Supply from Spain, UK & US.Read the full report covering Equities, Forex, Fixed Income, Commodites and more on Newsquawk

Host David Shiple covers major cybersecurity news: investigators attribute a record $285 million April 1 hack of crypto platform Drift Protocol to North Korea, describing a three-week setup involving a fake "Carbon Vote Token," wash trading to inflate value, social engineering to pre-approve backdoored transactions, Drift's removal of a timelock, and rapid collateralized withdrawals that crashed Drift's token and are now tracked by TRM Labs; the report notes North Korea's 2025 crypto theft total of $2.5B and lifetime total surpassing $7B after this incident, alongside mention of a North Korea-linked supply-chain compromise of the widely used Axios package. Stryker Medical says it has fully recovered from a March 11 Iran-linked wiper attack that used a compromised admin account and Microsoft Intune, prompting Microsoft guidance on multi-admin approval for wipes. The FBI labels a suspected China-linked breach of a U.S. surveillance system a "major incident," likening it to the 2024 Salt Typhoon campaign, while Sen. Mark Warner cites staffing cuts and leadership turmoil at CISA. TechCrunch reports embattled compliance startup Delve faces new claims it repackaged an open-source tool (Sim Studio) as its own "Pathways," as Delve denies broader fraud allegations, says it was targeted by a malicious actor, and Y Combinator cuts ties. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Headlines And Sponsor 00:54 North Korea Crypto Heist 01:16 How The Drift Hack Worked 03:20 Bigger DPRK Crypto Trend 04:24 Stryker Wiper Recovery 06:39 China Breach Major Incident 08:38 Policy And Staffing Fallout 09:37 Delve Startup In Crisis 10:29 Stolen Software Allegations 13:12 Delve Fights Back YC Cuts Ties 14:35 Wrap Up And Thanks 15:12 Sponsor Message Meter 00:00 Headlines And Sponsor 00:54 North Korea Crypto Heist 01:16 How The Drift Hack Worked 03:20 Bigger DPRK Crypto Trend 04:24 Stryker Wiper Recovery 06:39 China Breach Major Incident 08:38 Policy And Staffing Fallout 09:37 Delve Startup In Crisis 10:29 Stolen Software Allegations 13:12 Delve Fights Back YC Cuts Ties 14:35 Wrap Up And Thanks 15:12 Sponsor Message Meter

The FBI, Meta, Nike, Nissan, WhatsApp, Iranian-backed Attackers and more are all part of this week's mess.

Australia's eSafety Commissioner is investigating five major platforms for possible breaches of the under-16 social media ban, in force since December 2025. While early compliance shows progress, significant gaps remain. Experts warn of addiction risks among youth. The federal government says companies face fines up to $49.5 million for non-compliance, urging stricter enforcement to protect children and reassure parents.

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

In this special edition of CyberWire Daily's 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss the biggest breaches over the past 10 years. The foundational 2014 Sony hack kicks off our conversation, then Maria and Dave highlight: the 2015 OPM breach, which exposed sensitive security-clearance data and was attributed to long-term access by China amid outdated government systems and security 2017's WannaCry and NotPetya's global disruption and Equifax's ongoing fallout the 2020 SolarWinds breach underscored supply-chain risks and raised concerns about potential personal criminal liability for CISOs. The conversation illustrates two main threat-actor categories—nation-state espionage and financially motivated criminals—and the increasingly blurred lines between them. Join us as we reflect on how the industry and cybercrime have evolved over the past decade. Learn more about your ad choices. Visit megaphone.fm/adchoices

FBI Director Kash Patel, Elections in Hungary and Slovenia tampered with, the EU Commission compromised and a new White House app that appears to track EVERYTHING about you are all part of this week's political mess.

In today's episode, Steve speaks with Martina Navratilova. Martina is one of the most accomplished tennis players of all time, holding the record for most open era titles and Wimbledon wins. Since retiring from tennis, Martina has been a vocal advocate for gay rights and cancer awareness. In her conversation with Steve, she talks about the importance of screening and early detection, and why self-awareness and kindness to yourself are essential when you're going through something difficult. The two also discuss adapting to change, how to read your opponents and why rehearsing matters – both on the tennis court and in the world of cyber. Martina also gives the audience a piece of advice on staying resilient in the face of uncertainty, from the perspective of a champion.Key Takeaways: If something doesn't feel right in your body, get tested. And even if you're feeling fine, do that annual physical.  There is no substitute for practice when it comes to crisis preparedness. Breaches will happen, it's about how you respond – with clarity and honesty – that matters. Tune in to hear more about: Some news from Steve (1:33) Building the right team (10:18) Recovering after a breach (13:24) Standout Quotes: “We tend to overreact and overcorrect. Less is more in just about everything in life. Less is more. You can always add to it. But if you go too far, you've gone too far.” - Martina Navratilova “At the end of the day, if you are the big boss, you are making the decisions, you have to trust your gut. So you take all the information in, but you have to say, ‘Okay, what really feels right with my knowledge, with my intelligence, with my history, what is the best way forward?'” - Martina Navratilova “No system is bulletproof no matter what. You may hit the best serve ever, but that person guessed and they get it back. It's how you bounce back from that. But nothing is bulletproof. You just need to figure out where was the breach, how can we fix it and avoid doing it again?” - Martina Navratilova Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and TwitterFrom the Information Security Forum, the leading authority on cyber, information security, and risk management.

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Bil Harmer, CISO, Supabase, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Many security strategies still assume everything is allowed until proven malicious. Attackers understand that model well. That's why more organizations are rethinking endpoint security — shifting from detection-first tools to control-first approaches that reduce attack surface before an incident occurs. Learn more at ThreatLocker.com All links and the video of this episode can be found on CISO Series.com  

What happens when the news cameras show up and your business grinds to a halt? Donna Grindle, CEO of Kardon, returns to discuss the "hair on fire" reality of a data breach. We move past the paperwork to explore why "calling IT" isn't a plan, the hidden costs of notification letters, and how insurance mazes can complicate your recovery.Key Takeaways"Call IT" is Not a Plan: During a breach, IT will be busy containing the threat; you need an operational plan for when systems and phones go dark.The Paperwork Trap: Reverting to paper records stops cash flow because you aren't sending claims or bills—plus, you eventually have to manually re-enter all that data.Media & Legal Circus: If 500+ records are hit, you must notify the press. This often triggers immediate "ambulance chaser" lawsuits on social media.Tabletop Exercises: Don't find gaps in your plan during a crisis. Run practice drills to know who is authorized to speak for the company and what vendors to call.Insurance Realities: Open claims immediately to protect legal privilege, but be ready for insurance-mandated vendors that may span several time zones."Take ownership of it. Don't assume that somebody else in your office is handling it... You will likely lose your business or be on the verge of it if you are not prepared in some way." — Donna Grindle Key Concepts:Security Incident vs. Data Breach - A security incident is a panic-inducing event that requires investigation, but it may or may not officially escalate into a data breach that requires regulatory reporting.Incident Response Plan (IRP) - A comprehensive strategy that covers far more than just IT recovery; it must dictate how you communicate with employees, vendors, and clients during a crisis.Tabletop Exercise - A low-stakes practice run of your Incident Response Plan to poke holes in it before an actual emergency. It helps you figure out exactly who is in charge, who you are calling, and who is authorized to speak publicly.Links:Kardon: https://kardonhq.com/Help Me With HIPAA Podcast: https://helpmewithhipaa.com/Timestamps00:00 – Intro00:54 – Cyber Incidents vs Breaches in a HIPAA Context01:26 – Why Operational Continuity Cannot be an IT Responsibility03:02 – Questions to Ask During a Tabletop Exercise03:50 – Talking to Patients on Facebook04:06 – More Questions to Ask During a Cyber Incident05:13 – Even "Calling My MSP" Isn't an Incident Response Plan05:37 – When a Cyber Incident Becomes a Breach06:09 – "Can't We Just Send a Postcard?"06:32 – Steps to Respond to a HIPAA Breach09:03 – Final Summary: Shifting to Active Security Ownership09:59 – Where to Find Donna Grindle & KardonA note from Jen: We built Practical Cybersecurity because we were tired of the fear-mongering in this industry. Security shouldn't be a secret club. If you're trying to figure out PCI compliance or need a pen test, my team at SecurityMetrics can help you out: https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place But if you just want to learn how to protect yourself for free, start here: https://academy.securitymetrics.com/

Starbucks, Coinbase, Stryker, Avis, Telus, Michelin & also about 50 other organizations are all part of the mess this week!

US has issued a new Russia-related general license permitting the sale of Russian crude oil and petroleum products loaded on vessels as of March 12.ByteDance reportedly plans to tap NVIDIA (NVDA) Blackwell processors that are barred for export to China, with the Co. working with Aolani Cloud on plans to use some 500 Blackwell computing systems in Malaysia, according to WSJ.European equities soften, BESI NA surges on takeover rumours; US equity futures muted ahead of PCE, GDP.DXY extends above the 100 handle, GBP slips post-GDP.Fixed income choppy and energy prices and risk tone continue to dictate price action.Brent hovers around USD 100/bbl and metals dragged by a firmer dollar. Looking ahead, highlights include Canadian Jobs Report (Feb), US Core PCE Price Index (Jan), Durable Goods Orders (Jan), Personal Spending (Jan), JOLTS (Jan), University of Michigan Consumer Sentiment Prelim. (Mar), Atlanta Fed GDP. Rating updates include Scope Ratings on UK & Spain, S&P on Spain, Moody's on Greece & Germany, Fitch on Spain & Italy.Read the full report covering Equities, Forex, Fixed Income, Commodites and more on Newsquawk

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

The Unsecurity Podcast is back for our annual discussion with Pinky, FRSecure's Incident Response Manager, to discuss the "Breachmas" season.Breachmas is a time of year or a phenomenon when attackers pull a few more levers available to them—more people on PTO, increased online spending, and general busyness contributing to less focus. The result is an uptick in cyber incidents nearing the end of each calendar year.As the team lead of FRSecure's blue team, Pinky lives and breathes incident handling. Each year, we like to get his perspective on how Breachmas has changed or evolved to stay better informed on how to protect our clients (and ourselves). This is a reflection of what we saw at year-end 2025, along with suggestions moving forward!In this episode, learn about:Resurgence of RansomwareImportance of Conditional AccessTaking a Layered Approach to Security ToolsLogs, Baselining, and Anomaly DetectionEvilGinx and Token Theft AttacksNew This Year: Extortion and AILike, subscribe, and share with your network to stay informed about the latest in cyber and information security!We want to hear from you! Reach out at unsecurity@frsecure.com and follow us for more:LinkedIn: https://www.linkedin.com/company/frsecure/Instagram: https://www.instagram.com/frsecureofficial/Facebook: https://www.facebook.com/frsecure/BlueSky: https://bsky.app/profile/frsecure.bsky.socialAbout FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Cybersecurity at ViVE series on The Beat Podcast, host Sandy Vance sits down with Chad Alessi, Managing Director of Cybersecurity at CTG, for a wide-ranging conversation about what it really takes to protect healthcare organizations in today's threat landscape. With a background spanning chemical engineering, the U.S. Marines, energy sector Operational Technology security, and IT consulting, Chad brings a unique cross-industry perspective to healthcare cybersecurity. From the difference between cybersecurity and cyber resilience to the rise of AI-powered attacks, this episode is packed with practical insights for healthcare leaders who want to stay ahead of what is coming. In this episode, they talk about how: Cyber resilience focuses on operational continuity when an attack happens, not just prevention Breaches resolved within 200 days can save organizations over $1 million Bad actors often sit idle inside networks for months, collecting data before launching an attack Baseline requirements are identity-first security, including multi-factor authentication (MFA) and privileged access management Human-only Security Operations Center (SOC) models are too slow to keep up with today's automated, AI-powered attacks CTG uses Microsoft's Unified Security Operations (SecOps) platform to eliminate tool sprawl and improve response time Zero-trust architecture is expanding from department-level to enterprise-wide in healthcare New HIPAA regulations now require provable network segmentation for legacy medical devices AI-assisted security operations will continue to grow in the next few years A Little About Chad: As CTG's Managing Director of Cybersecurity, Chad Alessi leverages decades of experience in technology, cybersecurity, and operational strategy across enterprise and mid-market sectors to meet the evolving cybersecurity needs of clients in the U.S. During his time in IT consulting, Chad was instrumental in driving IT transformation in the company's regulated pipeline and gas processing business units. He holds a BS in Chemical Engineering, an MBA from the University of Alabama, an MS in Information Systems with a concentration in Information Security from Syracuse University, and post-graduate certifications in leadership, full stack development, cybersecurity, and cloud computing. Chad is known for his strong work ethic, integrity, resourcefulness, and service-based leadership, which he attributes to his time in the U.S. Marine Corps.

InstallFix attacks spread fake Claude code sites UNC4899 breaches crypto firm via trojanized file UK launches cyber-fraud crackdown unit Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-installfix-spreads-fake-claude-sites-unc4899-breaches-crypto-uk-cyber-fraud-crackdown/ Huge thanks to our sponsor, Dropzone AI It is 3 AM. New threat intelligence drops. An attack pattern targeting your industry. Your threat hunting team is four people, all on day shift, and already behind on last week's hunts.   By the time someone gets to it, the window for early detection has closed. The attacker is already inside. Tomorrow, I will tell you what Dropzone AI is bringing to RSAC to solve exactly this problem. If you cannot wait, head to dropzone.ai/rsa-2026-ai-diner.  

LexisNexis, LeakBase, Nissan, The FBI and more are all part of this week's fun!

Attackers are moving in 72 minutes. One CISO has already eliminated the entire SOC team. And the industry is spending a quarter of a trillion dollars while struggling to define what "resilience" even means. In this edition of Lens Four, Sean Martin looks at the cybersecurity landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter.

The Unsecurity Podcast returns with a truly joyful conversation with FRecure's own Jo Moldenhauer.Jo, an Associate Information Security Consultant, is famous around the FRSecure office for her weekly security news reviews, where she meticulously compiles articles and talking points for a company-wide discussion around industry trends and snapshots.And this couldn't have been easy to do. Jo's path to InfoSec is a recent and unique one—transitioning from dealing blackjack at casinos after most of them ceased operations during the COVID-19 pandemic. You can see how being tasked with leading a discussion to 75+ industry pros like this as a relative newcomer could be challenging—but Jo simply crushes it.In this episode, learn about:Non-traditional information security career pathsWhat makes "good" InfoSec newsWhy talking about industry news is important to FRSecure (and beyond)How vCISO engagements and risk assessments guide talking pointsThe Gaming (casino) and InfoSec industry Venn Diagram (and what they can learn from each other)User and security awareness training, culture, and incentive ideasLike, subscribe, and share with your network to stay informed about the latest in cyber and information security!We want to hear from you! Reach out at unsecurity@frsecure.com and follow us for more:LinkedIn: https://www.linkedin.com/company/frsecure/Instagram: https://www.instagram.com/frsecureofficial/Facebook: https://www.facebook.com/frsecure/BlueSky: https://bsky.app/profile/frsecure.bsky.socialAbout FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start or looking for a team of experts to collaborate with you, we are ready to serve.

It's episode 333! What a number! Nice round edges, repeating, it's big...ah, what a day. With GGG announcing PoE 1 and Path of Exile 2 news in the same week, they provided lots of content to throw around. We have Breaches, Vaal thingies, screen-hopping, Atlas stuff, mapping, checkpoints...nothing like a good checkpoint! Just chatting with a buddy about our favourite game for the 333rd time. Good times. Thanks for being a part this week (and so many others). We love that you're here. You're the best.Forever Exiled Info:www.foreverexiled.comPatreonTwitter @ForeverExiled82Path of Exile WebsiteWrecker of Days Builds ListDiscord...FE Merch StoreFE Nexus Store