POPULARITY
Categories
Google and Microsoft issue critical updates. CISA warns of active exploitation of a critical flaw in Wing FTP Server. Cloudflare restores their DNS Resolver service following a brief outage. A critical vulnerability in a PHP documentation tool allows attackers to execute code on affected servers. NSA and FBI officials say they've disrupted Chinese cyber campaigns targeting U.S. critical infrastructure. A UK data breach puts Afghan soldiers and their families at risk. Researchers find malware hiding in DNS records. A former U.S. Army soldier pleads guilty to charges of hacking and extortion. Ben Yelin joins us with insights on the Senate Armed Services Committee's response to rising threats to critical infrastructure.The large print giveth and the small print taketh away. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Ben Yelin, co host of our Caveat podcast and Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, discussing the Senate Armed Services Committee's and Trump administration nominees' recent conversation about rising threats to critical infrastructure. You can find the article Ben discusses here. Selected Reading Google fixes actively exploited sandbox escape zero day in Chrome (Bleeping Computer) Windows KB5064489 emergency update fixes Azure VM launch issues (Bleeping Computer) Exploited Wing file transfer bug risks ‘total server compromise,' CISA warns (The Record) Cloudflare 1.1.1.1 incident on July 14, 2025 (Cloudflare) Critical template Injection flaw in LaRecipe Documentation Package enables remote code execution (Beyond Machines) NSA: Volt Typhoon was ‘not successful' at persisting in critical infrastructure (The Record) Defence secretary 'unable to say' if anyone killed after Afghan data breach (BBC News) Hackers exploit a blind spot by hiding malware inside DNS records (Ars Technica) 21-year-old former US soldier pleads guilty to hacking, extorting telecoms (The Record) WeTransfer says files not used to train AI after backlash (BBC News) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The Department of Veterans Affairs' acting chief information officer doubled down on the agency's reshaping of its IT workforce, telling lawmakers in a Monday hearing that change is “challenging” but “necessary.” Eddie Pool told members of the House VA's subcommittee on technology modernization that the agency's Office of Information and Technology (OIT) is pushing forward with workforce reductions as the division increasingly turns to automation and other technology modernization efforts. “This reorganization, reallocation of positions, is designed to cut bureaucratic overhead, accelerate decision making and focus every OIT position on delivering secure, reliable and modern IT solutions to improve veterans' lives,” Pool said in opening remarks at the hearing. Subcommittee Chair Tom Barrett, R-Mich., lauded the VA OIT's “smarter, not bigger” strategy in its fiscal 2026 budget request, asking Pool if technology improvements can alleviate the need for manual, human processes. “Absolutely,” Pool responded. “It is about automating what we can automate.” In its fiscal 2026 budget, the VA OIT requested funding to support approximately 7,000 full-time equivalent employees, marking an 11.7% decrease from its fiscal 2025 budget request, according to Carol Harris, the director of information technology and cybersecurity for the Government Accountability Office. Former White House national security adviser Mike Waltz brushed aside criticisms Tuesday that he put sensitive military operations at risk by holding discussions about military strikes in a Signal group chat, claiming the app's use was authorized by the federal government's top civilian cyber agency. In a Senate Foreign Relations Committee hearing, Waltz — who has been nominated to represent the U.S. at the United Nations — was pressed about his short tenure as President Donald Trump's top national security official. In particular, he was grilled by Sen. Chris Coons, D-Del., for his use of the end-to-end encrypted messaging application Signal to coordinate with other officials over airstrikes on Houthi rebels.While much of the initial attention was focused on Waltz adding journalist Jeffrey Goldberg to the chat, national security experts were also aghast by government officials at the highest levels coordinating highly sensitive military operations using a free application. The incident is widely viewed as contributing to Waltz's departure just months after leaving Congress to take the role, and his subsequent shuffling to a new nomination at the U.N. “The use of Signal is not only … authorized; it was recommended in the Biden-era CISA guidance,” he said. Waltz was referencing a piece of 2024 guidance put out by CISA on mobile security. He later read from a portion of the guidance, which recommended using “only end-to-end encrypted communication” and to “adopt a free messaging application to secure communications that guarantees end to end encryption, particularly if you are a highly targeted individual, such as Signal or other apps.” The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast on Apple Podcasts, Soundcloud, Spotify and YouTube.
British and Romanian authorities make arrests in a major tax fraud scheme. The Interlock ransomware gang has a new RAT. A new vulnerability in Google Gemini for Workspace allows attackers to hide malicious instructions inside emails. Suspected Chinese hackers breach a major DC law firm. Multiple firmware vulnerabilities affect products from Taiwanese manufacturer Gigabyte Technology. Nvidia warns against Rowhammer attacks across its product line. Louis Vuitton joins the list of breached UK retailers. Indian authorities dismantle a cyber fraud gang. CISA pumps the brakes on a critical vulnerability in American train systems. Our guest is Cynthia Kaiser, SVP of Halcyon's Ransomware Research Center and former Deputy Assistant Director at the FBI's Cyber Division, with insights on Scattered Spider. Hackers ransack Elmo's World. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Cynthia Kaiser, SVP of Halcyon's Ransomware Research Center and former Deputy Assistant Director at the FBI's Cyber Division, discussing "Scattered Spider and Other Criminal Compromise of Outsourcing Providers Increases Victim Attacks." You can check out more from Halcyon here. Selected Reading Romanian police arrest 13 scammers targeting UK's tax authority (The Record) Interlock Ransomware Unleashes New RAT in Widespread Campaign (Infosecurity Magazine) Google Gemini flaw hijacks email summaries for phishing (Bleeping Computer) Chinese hackers suspected in breach of powerful DC law firm (CNN Politics) Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment (Security Week) Nvidia warns of Rowhammer attacks on GPUs (The Register) Louis Vuitton UK Latest Retailer Hit by Data Breach (Infosecurity Magazine) Indian Police Raid Tech Support Scam Call Center (Infosecurity Magazine) Security vulnerability on U.S. trains that let anyone activate the brakes on the rear car was known for 13 years — operators refused to fix the issue until now (Tom's Hardware) End-of-Train and Head-of-Train Remote Linking Protocol (CISA) Hacker Makes Antisemitic Posts on Elmo's X Account (The New York Times) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode of 'Cybersecurity Today,' hosted by David Shipley from the Exchange Security 2025 conference, urgent updates are provided on critical cybersecurity vulnerabilities and threats. CISA mandates a 24-hour patch for Citrix NetScaler due to a severe vulnerability actively being exploited, dubbed 'Citrix Bleed.' Fortinet's FortiWeb also faces a critical pre-auth remote code execution flaw that demands immediate patching. Additionally, significant vulnerabilities in AI-driven developments are highlighted, including shortcomings in Jack Dorsey's BitChat app and a method to extract Windows keys from ChatGPT-4. The episode emphasizes the importance of timely updates, robust security measures, and the potential risks involved with AI-generated code. 00:00 Introduction and Overview 00:35 Urgent Citrix Vulnerability Alert 03:26 Fortinet FortiWeb Exploit Details 06:23 Ingram Micro Ransomware Recovery 09:26 AI Coding and Security Risks 14:03 ChatGPT Security Flaw Exposed 17:20 Conclusion and Contact Information
CISA gives one day for Citrix Bleed 2 fix Google Gemini flaw hijacks email summaries for phishing Louis Vuitton says UK customer data stolen in cyber-attack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
A radio equipment vulnerability can bring trains to sudden stops, researchers prevent a Lazarus crypto attack, Spain hands Huawei control over its phone wiretapping system, and CISA warns of ongoing CitrixBleed 2 attacks. Show notes
Fortinet patches a critical flaw in its FortiWeb web application firewall. Hackers are exploiting a critical vulnerability in Wing FTP Server. U.S. Cyber Command's fiscal 2026 budget includes a new AI project. Czechia's cybersecurity agency has issued a formal warning about Chinese AI company DeepSeek. The DoNot APT group targets Italy's Ministry of Foreign Affairs. Mexico's former president is under investigation for alleged bribes to secure spyware contracts. The FBI seizes a major Nintendo Switch piracy site. CISA releases 13 ICS advisories. A retired US Army lieutenant colonel pleads guilty to oversharing classified information on a dating app. Our guest is Catherine Woneis, VP of Product at Fingerprint, to discuss how bots are being used to facilitate music royalty fraud. A federal judge is not impressed with a crypto-thief's lack of restitution. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Catherine Woneis, VP of Product at Fingerprint, to discuss how bots are being used to facilitate music royalty fraud and how companies can protect themselves. Selected Reading Critical SQL injection vulnerability in Fortinet FortiWeb enables unauthenticated remote code execution (Beyond Machines) Critical Wing FTCritical Wing FTP Server Vulnerability Exploited - SecurityWeekP Server Vulnerability Exploited (SecurityWeek) Cyber Command creates new AI program in fiscal 2026 budget (DefenseScoop) DeepSeek a threat to national security, warns Czech cyber agency (The Record) Indian Cyber Espionage Group Targets Italian Government (Infosecurity Magazine) Former Mexican president investigated over allegedly taking bribes from spyware industry (The Record) Major Nintendo Switch Piracy Website Seized By FBI (Kotaku) CISA Releases Thirteen Industrial Control Systems Advisories (CISA) Lovestruck US Air Force worker admits leaking secrets on dating app (The Register) Crypto Scammer Truglia Gets 12 Years Prison, Up From 18 Months (Bloomberg) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
¿Problemas de adicción al #alcohol, #drogas…? ☎️ 915 630 447 ¡LLAMANOS 24H! 🌐 https://bienestar.neurosalus.com/ Solicita ahora mismo información sobre tratamientos de desintoxicación, precios, disponibilidad de plazas… HA SIDO POSIBLE CREAR EL PROGRAMA “LA REUNIÓN SECRETA” GRACIAS A TU AYUDA COMO GUARDIÁN MECENAS. ***** HAZTE MECENAS EN https://www.patreon.com/lareunionsecreta Esta noche vive un nuevo directo de #LaReuniónSecreta desde la 22:00 hora española. Te decimos lo que nadie dice: sin anestesia y sin edulcorantes. ¡La Reunión Secreta somos todos! No se lo digas a nadie… ¡PÁSALO! 🔁💪🤫 🎸 CARLITOS TÍNEZ https://www.youtube.com/channel/UC0eeuxpQ70z-Pe0rHhOq9Fg Conexiones en directo con: - 🎖️ Dr. Guillermo Rocafort (Doctor en Ciencias Económicas por la Universidad San Pablo. Profesor de Economía Pública y Economía de la Empresa en la Universidad Carlos III de Madrid. Profesor del Departamento de Derecho Económico y Social de la Universidad Pontificia Comillas. Abogado) - Rayco Pérez (Exmilitar. Director de DREAM Project Group. Especialista en Gestión de Seguridad. Ha redactado el Plan de Emergencias de El Paso, en la isla de La Palma) - 🎖️ Alfredo Perdiguero (Subinspector de la Policía Nacional. Delegado de ASP) - Álex N. Lachhein (Naturalista. Divulgador medioambiental) - Gabriel Araújo (Secretario general de la Asociación Nacional de Tasadores y Peritos Judiciales Informáticos - ANTPJI. Perito en informática forense. Auditor de sistemas CISA. Hacker ético CEHv7) - Francisco Vaquero (Realizador extremeño. Director del documental “Vidas irrenovables” donde da voz a los afectados por la implantación de infraestructuras de energías renovables en toda España) - César Sallén (Inventor de Ecofire, una innovadora solución para combatir el fuego) Con el equipo habitual de La Reunión Secreta: Dr. José Miguel Gaona, Joan Miquel MJ, Carlos Martínez, Lourdes Martínez, Marta Vim, Olga Ralló, Luna de María, Tatiana y Piluca. _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ SÍGUENOS EN REDES Twitter: https://twitter.com/lrsecreta Instagram: https://www.instagram.com/lareunionsecreta/ Facebook: https://www.facebook.com/LRsecreta REDES SOCIALES DEL EQUIPO | DR. JOSÉ MIGUEL GAONA | - https://twitter.com/doctorgaona | DIRECTOR | - Joan Miquel MJ - https://www.instagram.com/official_joan_miquel_mj/ | PRODUCTORA | - Lourdes Martínez - https://twitter.com/chicadelaradio | AYUDANTE DE DIRECCIÓN | - Olga Ralló - https://twitter.com/olgarallo | AYUDANTE DE PRODUCCIÓN | - Carlos Martínez - https://twitter.com/Carlitos_Tinez _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. Beware of a new ransomware group called Bert. Call of Duty goes offline after reports of RCE vulnerabilities. President Trump's spending bill allocates hundreds of millions for cybersecurity. Nearly 26 million job seekers' resumes and personal data are leaked. CISA adds four actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. Outsmarting AI scraper bots with math. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment Cyber attackers are increasingly targeting the very tools developers trust—integrated development environments (IDEs), low-code platforms, and public code repositories. In this segment of Threat Vector, host David Moulton speaks with Daniel Frank and Tom Fakterman from Palo Alto Networks' threat research team about “Hunting Threats in Developer Environments.” You can hear David and Tyler's full discussion on Threat Vector here and catch new episodes every Thursday on your favorite podcast app. Selected Reading Public exploits released for Citrix Bleed 2 NetScaler flaw, patch now (Bleeping Computer) Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild (SecurityWeek) Hacker leaks Telefónica data allegedly stolen in a new breach (Bleeping Computer) Italian police arrest Chinese national wanted by FBI for alleged industrial espionage (Reuters) Beware of Bert: New ransomware group targets healthcare, tech firms (The Record) Call of Duty takes PC game offline after multiple reports of RCE attacks on players (CyberScoop) GOP domestic policy bill includes hundreds of millions for military cyber (CyberScoop) TalentHook leaks resumes of 26 Million job seekers (Beyond Machines) CISA Adds Four Known Exploited Vulnerabilities to Catalog (CISA) The Open-Source Software Saving the Internet From AI Bot Scrapers (404 Media) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this session, we take a deep dive into Domain 2 of the CISA certification — focusing on IT governance and management. You'll learn how to align IT strategies with business objectives, manage IT risks, implement controls, and support compliance with global standards.We walk through the critical concepts, best practices, and exam-focused strategies you need to confidently tackle this domain. Whether you're actively preparing for the exam or want to deepen your knowledge in IT audit and governance, this episode delivers practical insights and proven tips for success.
They're not leaving the firm. They're leaving you. Gear Up for GrowthWith Jean CaragherFor CPA TrendlinesWhat's driving talent out of accounting firms? According to Kimberly Ellison-Taylor, CPA, CGMA, CITP, CISA, everything from outdated leadership to untold success stories is pushing promising professionals away. In this episode of Gear Up for Growth, powered by CPA Trendlines, host Jean Caragher sits down with the powerhouse behind KET Solutions to explore how the profession can—and must—change to attract and retain the next generation. Gear Up for Growth spotlights the best strategies for smart and efficient growth in today's competitive landscape. More Gear Up for Growth | More Capstone Conversations with Jean Caragher | More Jean Caragher here | Get her best-selling handbook, The 90-Day Marketing Plan for CPA Firms, here | More CPA Trendlines videos and podcasts here Ellison-Taylor, former chair of both the AICPA and the Maryland Association of CPAs, started her journey into accounting as a third grader inspired by a career-day presentation. That spark led to decades of leadership—and now, a mission to transform the narrative around what it means to be a CPA.Originally published Jan. 10, 2025.
Watch The X22 Report On Video No videos found (function(w,d,s,i){w.ldAdInit=w.ldAdInit||[];w.ldAdInit.push({slot:17532056201798502,size:[0, 0],id:"ld-9437-3289"});if(!d.getElementById(i)){var j=d.createElement(s),p=d.getElementsByTagName(s)[0];j.async=true;j.src="https://cdn2.decide.dev/_js/ajs.js";j.id=i;p.parentNode.insertBefore(j,p);}})(window,document,"script","ld-ajs");pt> Click On Picture To See Larger PictureCanada tried to put pressure on Trump and the US, it backfired, and Canada has now bowed to Trump. If they followed through Canada would have been a disaster. Inflation is not showing up in the tariffs, Powell running out of time. BBB is on its way, and once the President signs it, the economy is going to take off.Stage is set for the Federal Reserve.The [DS] is panicking, they thought they would be able to start WWIII, strings were cut and now their power is lost. CISA has now issued a cyber attack warning, right on schedule. The stage is set. All roads lead to Obama and Trump and team are bringing the [DS] down the path they want them to follow. This will not end well for the [DS]. Economy are hereby terminating ALL discussions on Trade with Canada, effective immediately. We will let Canada know the Tariff that they will be paying to do business with the United States of America within the next seven day period. Thank you for your attention to this matter! https://twitter.com/disclosetv/status/1939522597550518357 If Canada had kept the Digital Services Tax (DST) in place, the financial and economic consequences would have been significant, primarily due to potential U.S. retaliation and disruptions to the Canada-U.S. trade relationship. Lost Tax Revenue vs. Retaliatory Tariffs: The DST was projected to generate approximately C$5.9 billion (about US$4.3 billion) over five years, or roughly C$1.2 billion (US$870 million) annually, according to Canada's 2024 federal budget However, U.S. President Donald Trump threatened to impose new tariffs on Canadian goods in response to the DST, which could have far exceeded the tax revenue. For context, Canada exports over US$400 billion in goods annually to the U.S., representing 75% of its total goods exports. If the U.S. imposed tariffs (e.g., 10-50% as suggested by Trump's April 2025 tariff levels), the cost to Canadian exporters could have ranged from US$40 billion to US$200 billion annually, depending on the tariff rate and scope. Specific sectors like automobiles, energy, steel, and aluminum (already facing 50% U.S. tariffs) would have been hit hardest, with ripple effects across supply chains. Increased Costs for Canadian Consumers and Businesses: The DST would have imposed a 3% tax on digital services revenue from Canadian users, affecting U.S. tech giants like Amazon, Google, Meta, and Apple. Some companies, like Google, had already introduced surcharges (e.g., a 2.5% “Canada DST Fee” on ads starting October 2024) to offset compliance costs, which would have raised prices for Canadian consumers and businesses reliant on digital services. Canadian business groups warned that these costs would be passed on, increasing the price of digital subscriptions, online marketing, and e-commerce. Economic Impact of Retaliation: The U.S. could have targeted Canadian pension funds and investments through retaliatory measures, as warned by the Canadian Chamber of Commerce. A trade war could have exacerbated Canada's economic slowdown, with unemployment already at 7% in 2025, potentially leading to job losses in export-dependent industries like manufacturing and energy. Sector-Specific Impacts: Automotive and Manufacturing: Tariffs on automobiles and parts would have disrupted integrated North American supply chains, increasing costs for Canadian manufacturers and potentially le...
U.S. agencies issue urgent warning over Iran threat Canada bans Chinese surveillance company CISA names new executive director Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• The GRIP is one year old and to celebrate, we're running an anniversary sale!!• Join the GRIP in July and use promo code HOTJULY2025 to receive a 20% discount!• (TLP:CLEAR) Hostile Nation States Employing Non-State Actors• Surge in MOVEit Transfer Scanning Could Signal Emerging Threat Activity• ‘Suspended animation': US government upheaval has frayed partnerships with critical infrastructure• Short-term extension of expiring cyber information-sharing law could be on the table• Gate 15 is excited to offer a low-cost ransomware resilience exercise for executives! Contact us today for more information on this great opportunity!Main Topics:Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. CISA, the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA) published Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. This joint fact sheet details the need for increased vigilance for potential cyber activity against U.S. critical infrastructure by Iranian state-sponsored or affiliated threat actors. Defense Industrial Base companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk. At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. Beazley Report: U.S. Executives Misjudge Their Cyber Preparedness. U.S.-based executives feel more prepared to counter cyber threats, potentially indicating a false sense of security because many companies lack the ability to be adequately preparedness, according to a new report from specialist insurer Beazley. According to the report, Spotlight on Tech Transformation & Cyber Risk 2025, the perception of cyber resilience rose to 81% from 73% a year ago. Hostile Events:• A violent ambush in Idaho leaves 2 firefighters dead and 1 injured. What to know about the attack• Suspect Identified in Deadly Ambush of Idaho Firefighters• Chilling ‘coincidence' of Idaho shooting sends internet sleuths into overdrive• Gunman started Idaho blaze and then fatally shot 2 firefighters in ambush attack, officials say• Here's a timeline of how the Canfield Mountain ambush shooting unfolded• Multiple firefighters reportedly shot while responding to fire near Coeur d'Alene• Europol: New report - major developments and trends on terrorism in Europe in 2024Quick Hits:• Canadian Centre for Cyber Security - Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543 • Over 1,200 Citrix servers unpatched against critical auth bypass flaw• The State of Ransomware 2025• Scattered Spider hackers shift focus to aviation, transportation firms • Scattered Spider's Calculated Path from CFO to Compromise • M&S fashion rivals ‘benefited from its pause on online orders after cyber-attack' • Ransomware attack contributed to patient's death• Canada orders Chinese CCTV biz Hikvision to quit the country ASAP• FBI PSA - Criminals Posing as Legitimate Health Insurers and Fraud Investigators to Commit Health Care Fraud• 50 Customers of French Bank Hit by Insider SIM Swap Scam; An intern at Société Générale is believed to have facilitated the theft of more than EUR1mn (USD1.15mn) from the bank's customers.• State of CPS Security 2025: Building Management System Exposures • H1 2025 Crypto Hacks and Exploits: A New Record Amid Evolving Threats
Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society. Justin interviews RIMS General Counsel and VP of External Affairs Mark Prysock about the RIMS Legislative Summit in March 2025, how it went, and what to expect next. Mark mentions the registrant participation records they set and the connections they made as they lobbied. As Mark exits, Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management magazine enter the studio to talk with Justin about the mid-year in risk and four Q2 articles in RIMS Risk Management magazine on tariffs, the 2025 hurricane season, the USDA budget cuts and food safety, and minimizing risk while using AI for innovation. After lessons from the articles, Hilary invites listeners to submit risk management articles to RIMS Risk Management magazine. If you publish in the magazine, what opportunities will that open for you? Listen to learn more about the highlights of the first two quarters of 2025 and what to prepare for the rest of the year. Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. We've got three guests today. We'll get a RIMS legislative update from Mark Prysock, and we will look back at major risk management news from the first half of 2025 with Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management magazine. [:48] RIMS-CRMP Workshops! The next Virtual RIMS-CRMP exam prep, co-hosted by Parima, will be held on September 2nd and 3rd. [:58] The next RIMS-CRMP-FED virtual workshop will be led by Joseph Mayo on July 17th and 18th. Register by July 16th. Links to these courses can be found on the Certification Page of RIMS.org and through this episode's show notes. [1:16] RIMS Virtual Workshops! We have a day-long course on July 24th, “Risk Taxonomy for Effective Risk Management.” On August 5th, we have a day-long course about “Emerging Risks.” RIMS members enjoy deep discounts! [1:31] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:42] If you tuned in to the recent episode featuring James Lam, you will know that he is hosting a new six-module workshop for us, the “RIMS-CRO Certificate in Advanced Enterprise Risk Management”. [1:56] The inaugural summer course is completely sold out! We are filled to the virtual capacity! Don't worry, in the Fall, the bi-weekly course will begin on October 9th. Registration closes on October 2nd. A link is in this episode's notes. Check it out and register today! [2:15] Mark your calendars for November 17th and 18th for the RIMS ERM Conference 2025 in Seattle, Washington. The agenda is being built. Soon, we will distribute a Call for Nominations for the ERM Award of Distinction. I'll update this episode's show notes when that link is ready. [2:38] Think about your organization's ERM program or one that you know of, and how it has generated value. We will have more on that in the coming weeks. [2:47] RISKWORLD 2026 will be in Philadelphia, Pennsylvania, from May 3rd through May 6th. RIMS members can now lock in the 2025 rate for a full conference pass to RISKWORLD 2026 when registering by September 30th. [3:01] This also lets you enjoy earlier access to the RISKWORLD hotel block. Register by September 30th, and you will also be entered to win a $500 raffle. Don't miss out on this chance to plan and score some extra perks. [3:14] The members-only registration link is in this episode's show notes. If you are not yet a member, this is the time to register at RIMS.org/membership. [3:24] On with the show! Mark Prysock is the RIMS General Counsel and VP of External Affairs. It's always wonderful to have him on the show. [3:32] He is here to remind us of the RIMS legislative priorities, how they were addressed during the RIMS Legislative Summit in March, and what else we can expect in the way of public policies that RIMS would like to prevent and those we'd like to support. [3:46] There are lots of links in this episode's notes, as well, including ones to RISK PAC and an upcoming fundraiser. Let's get to it! [3:54] Interview! Mark Prysock, welcome back to RIMScast! [4:14] RIMS's top legislative or advocacy priorities for 2025 include opposing legislation on taxing non-profit associations. RIMS is working with other associations on this. The tax would have a significant impact on RIMS. [5:26] Another issue is the Freedom to Invest in Tomorrow's Workforce Act, which would allow individuals to use college savings 529 plans to pay for certifications like the RIMS-CRMP. It's a very popular issue in the association community. [5:55] Third-party litigation funding has become a very big issue, followed by nuclear verdicts. What can we do to stop that? That's an issue that's been growing in both the House and the Senate. RIMS is working within a broad coalition to address that issue. [6:14] RIMS believes, at a bare minimum, there needs to be disclosures when third-party litigation funding agreements are in place so that everyone understands who stands to benefit from a nuclear verdict. It's not the plaintiff. [6:37] The last issue is the National Flood Insurance Program. [7:01] Mark and his team spent Day 1 of the RIMS Legislative Summit in March prepping the registrants so they understood the ins and outs of the issues. They all received one-page leave-behind documents to take to the Congressional offices. [7:18] Panellists had talked to them about the issues. The registrants were prepped to be lobbyists on these issues. [7:30] On Day 2, the registrants went to the Hill and lobbied on behalf of RIMS. [7:39] There were over 60 registrants this year. That was a RIMS Legislative Summit record. They had around 100 Congressional meetings, also a RIMS Legislative Summit record. [8:15] Mark says holding the event at the U.S. Chamber of Commerce building is fantastic. It's a classic D.C. building that everyone knows. It's fairly close to Capitol Hill. You can get all the speakers you want to come and meet with your group there. It's perfect for the Summit. [8:49] A couple of years ago was the first time the Summit met at the Chamber building. Going back this year confirmed that it's going to be the new location for the Summit. Mark says it was an enriching experience for the attendees. [9:33] The Summit lobbyists focus on committees in both the House and Senate with jurisdiction over insurance. [9:47] The House Financial Services Committee has a Subcommittee on Housing and Insurance. Most of the legislation the Summit is concerned about comes from the House. [10:04] That Subcommittee has a new Chair, Congressman Mike Flood from Nebraska. The Summit has made inroads with his office and with other offices, too. [10:28] The Summit's focus is on establishing relationships with newer Congressional offices that are in a position to impact RIMS's legislative priorities. [10:52] Mark says, typically when we meet with a Member of Congress, it might be that we're talking to them because they're well-situated to talk to us about NFIP. [11:02] On other issues, we don't know that they necessarily align with us, but we know that with what we're trying to accomplish with the NFIP, they are going to be a great ally. That's our foot in the door to discuss other legislative issues. [11:24] Marks says the Summit is looking to establish long-term relationships with Members of Congress and educate them on the importance of different issues. [11:58] The RIMS Public Policy Committee will continue hammering on these issues for the remainder of 2025 and into 2026. The tax issues are likely to be resolved in RIMS's favor in the Omnibus tax bill Congress is wrestling with now. [12:18] The One Big Beautiful Bill does not include language for imposing new taxes on non-profits, but it does include the language about liberalizing the use of College 529 plans, which RIMS supports. Mark thinks that it will be wrapped up soon. [12:39] NFIP has been reauthorized through September 30th, the end of the Federal Government's Fiscal Year. There is legislation out there to reauthorize it for a longer period. The RIMS Public Policy Committee is talking with Members of Congress about that. [12:57] Third-party litigation funding is an issue to keep working on for the next couple of years. [13:04] The RIMS Public Policy Committee will be working closely with the RISK PAC Trustees to figure out how they can help to raise more money for the PAC. They have some ideas for things to do at RISKWORLD 2026 in Philadelphia. [13:22] They have a fundraising event in Philadelphia in the middle of July. They'll be sending out Calendar invites to the RIMS membership. 2026 will be an election year, so they want to raise as much money as they can for RISK PAC and the right re-election campaigns. [14:02] At RIMS.org/advocacy, you can see that the RIMS Legislative Summit 2026 will be held from March 16th through 18th. Mark is more excited than ever for next year's Summit! It's an election year. They've got the details nailed down. They'll be at the U.S. Chamber of Commerce. [14:53] They will have a hotel block nailed down soon. They'll start promoting this event far in advance. Mark your calendars, please! As you build your chapters next year, please include some money to send your Advocacy Ambassador to the Legislative Summit 2026 in March. [15:20] We've got the link in this episode's show notes and at RIMS.org/advocacy. You can reach out to Mark Prysock directly through his email address on the RIMS Advocacy page. Write to him if you have questions about what it takes to get there or how you can contribute. [15:43] As Morgan O'Rourke and Hilary Tuttle walk into the studio, Justin thanks Mark Prysock for being on the show. [16:04] Plugs! The very first RIMS Texas Regional Conference will be held from August 4th through the 6th in San Antonio at the Henry B. González Convention Center. Public Registration is open. [16:17] Hotel cut-off for the discounted rate is available through July 7th. The full Conference Agenda is now live, so you can start planning your experience. Don't miss the post-conference workshop, the RIMS-CRMP Exam Prep Course, available onsite. [16:33] This event is open to any RIMS Chapter member. If you are local to the area, you might consider becoming a RIMS member today, so that you can get all the benefits and begin networking with your new RIMS Texas peers. Links are in this episode's show notes. [16:48] You can also visit the Events Page of RIMS.org for more information. We look forward to seeing you in Texas! [16:56] Just a month later, we will be up North for the RIMS Canada Conference 2025, from September 14th through 17th in Calgary. Registration is open. Visit RIMSCanadaConference.CA and lock in those favorable rates. We look forward to seeing you in Calgary! [17:15] On October 1st through the 3rd, the RIMS Western Regional Conference will be held in North San Jose at the Santa Clara Marriott. The agenda is live. It looks fantastic! Visit RIMSWesternRegional.com and register today. [17:31] Let's Get on with the Show! It is July 1st. We have reached the midpoint of 2025. On RIMScast, we like to take stock of the year in risk, so far. Morgan O'Rourke and Hilary Tuttle are going to break it all down for us. [17:54] Morgan O'Rourke is the RIMS Senior Director of Content and Publications. Hilary Tuttle is the Managing Editor of RIMS Risk Management magazine. That's our flagship, at RMmagazine.com. [18:07] We will look back on the Q2 digital issue of RIMS Risk Management magazine and discuss some of the news and trends that have been driving the risk profession. We'll talk about tariffs, AI, and more. Let's get to it! [18:23] Interview! Morgan O'Rourke and Hilary Tuttle, welcome back to RIMScast! [18:50] We are here to talk about the mid-point of 2025 in risk and what it has meant for the profession and the reporting on the profession. The Q2 digital issue of RIMS Risk Management magazine is now available. The link is on this page. [19:26] A big story from this quarter was tariff volatility. In April, Neil Hodge wrote a great article “How to Navigate the Volatile Tariff Landscape.” Many companies underestimate their exposure to tariffs through lower-tier suppliers. [20:06] Hilary says the number one tip is to map your exposure to tariffs via suppliers. Also, think about finished goods as well as what hypothetical future scenarios would mean. We've seen that tariffs are consistently volatile. Map different scenarios to see how they will play out. [20:43] In the article, Neil also mentions alternatives such as near-shoring, alternative suppliers, and technicalities about working within the system. Morgan mentions contract management. Another tip was tariff engineering by modifying your product design or where it's assembled. [21:35] Morgan shares an example. Converse All Stars have a layer of felt on the bottom, which classifies them as slippers, which have a lower tariff. They tweaked the product so it could be classified differently. Morgan just bought a new pair and saw the felt he had never noticed. [23:24] Morgan says certain auto imports may leave out features that would classify them as commercial vehicles, so they don't have a commercial vehicle duty. [24:08] Equipment that was bought before steel tariffs will be more expensive to repair after steel tariffs, and insurance that was in place before the tariffs may not cover the drastically more expensive repairs. This will affect heavy machinery. Revisit your insurance coverage. [25:06] Considering what major assets may be changing with tariff changes would be a helpful next step for people. Morgan refers to finding alternate suppliers or diversifying. If you're starting a new relationship with a supplier, tariffs need to be part of the contract conversation. [25:42] If tariffs are a risk you have not been accounting for in your supplier agreements, you may want to build more flexibility into future agreements. [26:03] Justin mentions the 2025 hurricane season and accurate weather reporting. That relates to supply chain. Hilary includes replacement values, as materials cost more. [26:33] Hilary wrote an article, “The 2025 Hurricane Season Outlook.” Hilary says it's interesting to tell similar stories every year in different ways. She looked at the outlook for this season and compared it to the results from last year. [27:35] She looked for the key trends that drove the results last year and that will impact this year. It's an outlook and also a strategic input. How does your organization need to adapt to this outlook? It's about seeing the overarching trends and figuring out how to act on them. [28:20] Hurricane Beryl came in the summer of 2024. It was one of the earliest major hurricanes to form. It reached Category 5 in 42 hours. What strategies should organizations take to address fast-developing storms? [28:43] Rapid intensification is a major trend with hurricanes. This is fueled by above-average ocean temperatures and other impacts of climate change. Storms are getting worse faster. The energy at the surface level contributes to faster-building hurricanes. Then there are trade winds. [29:09] It is a very big challenge for governments and private industry because you need to prepare much faster. You might only have a day of notice between a tropical storm and a Category 3 hurricane. [29:29] Preparedness is a state of being, not something you deal with if and when a storm arises. It needs to be a constant state of readiness. This year there have been significant budget cuts to NOAA and FEMA. This affects weather forecasting and the number of emergency staff. [30:22] Organizations need to understand that they need an increased amount of self-reliance. You cannot count on the cavalry coming. Preparedness means more than ever this year. [30:38] Morgan says it's less about coordinating with Federal agencies and more about making sure you have your ducks in a row. You may not have access to outside resources. You might be able to coordinate with other companies and organizations. Cooperation helps. [31:43] Hilary says, after last year, we saw with Hurricane Helene that some of these disasters are increasing and hitting in unpredictable areas that don't have the preparedness or the infrastructure because there is not a legacy sense of being at risk for hurricanes. [32:05] Preparedness is different in different regions. Taking an assessment, thinking about some of those scenarios is a strategic risk management issue that may need to shift in new ways. In some of those areas, you might not have local disaster resources because it has not been a risk. [32:38] Prepare by taking a realistic assessment of emergency resources on the ground, what has the historical risk been, and how that is shifting? [32:51] A Small Break! The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved, in part, by its collaboration with risk management and insurance educators across the U.S. and Canada. [33:10] Since 2010, Spencer has awarded over $3.3 million in General Grants to support over 130 student-centred experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process is now open through July 30th, 2025. [33:30] General Grant awardees are typically notified at the end of October. The link is in this interview's show notes. Be sure to visit the programs page of SpencerEd.org. [33:40] The Spencer 2025 Funding their Future Gala will be held Thursday, September 18th at the Cipriani 42nd Street in Manhattan, New York. This year's honoree is Tim Ryan, the U.S. President of Lockton, and we hope to have him here on RIMScast this summer. A link is in the show notes. [34:03] Let's Return to the Conclusion of My Interview with Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management magazine! [34:55] Jennifer Post, one of the editors, wrote an article, “USDA Budget Cuts Present Food Safety Risks.” Budget cuts may increase the likelihood of an outbreak of foodborne diseases and compromise the USDA's ability to respond and notify consumers of an outbreak. [36:28] Hilary notes recent outbreaks with cucumbers and tomatoes, which have been deadlier than one might expect. The cucumber recall was for cucumbers that had been sold six weeks before. Hilary has never had a cucumber for more than two weeks. [37:11] Shifting responsibility to under-resourced states creates uneven safety standards. Private companies will have to incur some of the costs of testing and monitoring their food. Who is responsible for coordinating food safety between states or countries is a question mark. [37:50] This is not a great solution. It's an area of uncertainty for now. It is likely to increase costs for individual companies. It also increases the risk exposure for companies that are distributing food that makes people sick, but they don't know it. [38:09] The number of people getting sick and the amount of money a company will lose balloon as a function of time and notice. There are a lot of components to this issue. [38:30] Hilary says we are also seeing some concern around whether some of the shifting standards are going to create different levels of safety in different types of products or from different regions. This shifts a lot of the burden onto the consumer and private companies. [38:42] Morgan adds that beyond the cuts to NOAA, FEMA, and the USDA, there are cuts to cybersecurity infrastructure with CISA. These cuts remove a level of oversight that people have come to rely on. The cuts push responsibility for risks further onto states and private industry. [39:26] Morgan says they were worried about the appetite for change in the government from the Trump administration. The administration is making changes. Some of the fallout is that it has changed the risk landscape regarding storm damage, food safety, cybersecurity, and more. [39:46] You may have to reassess your risks in the light of these cuts to Federal agencies. Hilary points out that the cuts are not fluff when you realize the functions these agencies have. [40:21] Hilary quotes a food safety professor from the article. “Oversight is not a bureaucratic formality; it's the invisible line between routine production and preventable tragedy.” Hilary thinks that quote applies across a number of the cuts that have been made. [40:39] The magazine has an article on AI called “Balancing Innovation and Compliance When Implementing AI.” Morgan reports that AI is all over the place now. The conversation has to involve implementation issues and liability risks. AI hallucinations and data security are issues. [42:03] You need to have a level of human intervention and involvement to be looking for things that you might have taken for granted are true, but that are problematic or make you liable for something. [42:17] Hilary says another big issue is that the technology is drastically outpacing regulation, safety measures, and best practices. You need to be asking, “What do we have a defensible business reason to do, and what are we putting in place to safeguard those?” [42:44] Some of the AI applications around hiring incur very real consequences in terms of human impact and regulatory impact. You may be dealing with serious employment fines or other things of that nature that regulators will catch up on. [43:06] AI systems are designed to please you. They are not designed to do the right thing or to make intelligent choices. They guide a user, and the user needs to guide them. Hilary compares using AI to riding an elephant. The elephant can go where it wants to go; you need to control it. [43:55] Hilary says that a lot of these AI engines perpetuate bias that the people who developed them may or may not have or may not realize that they have. A large company for a while only hired white men because those were the people who had been successfully hired in the past. [44:20] The content online that trains these models is the content that is published online. It requires a certain amount of privilege, experience, education, and life perspective. It doesn't draw on the body of human experience and knowledge for representative bodies. [44:49] You have to bring a certain diversity of experience, and also check those inputs with either people or other sources. Morgan talks about the feeling you might get that something like an email was written by an AI. The homogeneity starts to erode the quality of things. [45:27] Morgan has read that one of ChatGPT's quirks is that a lot of responses will have a “not this but that” structure. For instance, “It's not just soup, it's a meal!” Once you see it, you start to see it everywhere. Hilary says a giveaway is the use of inserted emojis. [46:32] Morgan and Hilary have been editing for quite a while. Morgan can identify who wrote a piece of writing by its style. If you get an email from someone with turns of phrase they would never use, you know it's AI. Losing track of what's going on is not to your advantage. [47:26] Having AI write an email is an example of something that just because you can do it, doesn't mean you should do it. Should you be working in an environment in which you don't know how to interact functionally with your coworkers, the length of an email? [48:13] Engineering prompts are one of the biggest skills people need to learn in working with AI. Prompt engineering is the most important component that Hilary had to struggle to learn in an AI course she took. It makes the biggest difference to AI being usable. Take a prompt class. [49:05] Justin shares an experience he had using AI to make an email response he had written much shorter and less defensive. It wasn't perfect, but it helped him to revise his message. [49:47] Hilary said that Justin gave a great example of prompt engineering. You want to tell it who the recipient is, who you are, and what your specific concern is to address. You can also ask it to explain the changes that it makes, so you learn how to write better emails next time. [50:43] Hilary urges caution on choosing the platform. ChatGPT is decent for writing because you can prime it. You can't prime Copilot, and she says a lot of the results are garbage. [51:46] The Q2 edition of RIMS Risk Management magazine is online. All the articles are on the site as links and as part of the digital edition. [51:56] A reminder to the audience: RIMS Risk Management magazine is always seeking contributors and contributions, primarily from the risk profession. The topics that are important to you are the topics that are important to your colleagues. Get your voices out there! [52:37] A good submission answers two questions: Why this? And why now? Why should other people care about this issue? New regulations? New fines? A recent court case? Is there a nuance you are highlighting? Another question is, so what? What do you do about it? [53:28] Justin offers, How will the audience be able to do their job better based on the information you're telling them? Morgan comments that the idea is risk management. You want to get to the management part of it so your organization can do something about it. [53:58] Go to RMMagazine.com and see the Contribute button at the top. That's where you'll find the editorial submission guidelines and the contact information for Morgan, Hilary, and Jennifer. They are open to your ideas, so by all means, reach out. You never know what it could lead to! [54:58] Hilary says they also welcome feedback on their existing coverage and the challenges you are seeing in the field. [55:27] Hilary and Morgan are going to rejoin us at the end of the year. We always close the year with an episode when they look back on the year and forward to the next. [56:01] Special thanks to my RIMS colleagues Mark Prysock, Morgan O'Rourke, and Hilary Tuttle for joining us here on RIMScast! Visit RIMS.org/advocacy to connect with Mark, and RMMagazine.com to connect with Morgan and Hilary, and get the latest risk news and insight. [56:23] Links are in this episode's show notes, including a link to the Contribute page on RMMagazine.com. [56:29] Plug Time! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes. [56:57] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [57:15] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [57:33] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [57:49] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [68:04] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [58:11] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe! Links: RIMS Texas Regional 2025 — August 3‒5 | Registration now open. RIMS-CRMP In-Person Workshop in Texas Aug. 6 & 7 RIMS Canada 2025 — Sept. 14‒17 | Registration now open! RIMS Western Regional — Oct 1‒3 | Bay Area, California | Registration now open! RISKWORLD 2026 — Members-only early registration! Register through Sept 30! RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy | RIMS Legislative Summit SAVE THE DATE — March 18‒19, 2026 RIMS Risk Management magazine | Contribute “How to Navigate Tariff Volatility” (April 3, 2025) “2025 Hurricane Season Outlook” (June 9, 2025) “USDA Budget Cuts Present Food Safety Risks” (May 21, 2025) “Balancing Innovation and Compliance When Implementing AI” (April 30, 2025) RIMS Now The Strategic and Enterprise Risk Center Spencer Education Foundation — General Grants 2026 — Application Deadline July 30, 2025 RIMS ERM Conference 2025 — Nov 17‒18 in Seattle! [Save the Date!] “RIMS-CRO Certificate in Advanced Enterprise Risk Management” — Featuring Instructor James Lam! Summer course sold out! | Fall bi-weekly course begins Oct 9. RIMS Diversity Equity Inclusion Council RIMS Webinars: RIMS.org/Webinars Upcoming RIMS-CRMP Prep Virtual Workshops: RIMS-CRMP-FED Exam Prep Virtual Workshop — July 17‒18 RIMS-CRMP Exam Prep Virtual Workshop — Sept 2‒3, 2025 | Presented by RIMS and PARIMA Full RIMS-CRMP Prep Course Schedule “Risk Taxonomy for Effective Risk Management” | July 24 | Instructor: Joe Mayo “Emerging Risks” | Aug 5 | Instructor: Joe Mayo See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops Related RIMScast Episodes: “James Lam on ERM, Strategy, and the Modern CRO” “RIMS Legislative Priorities in 2025 with Mark Prysock” “Q1 2025 Risks with Morgan O'Rourke” Sponsored RIMScast Episodes: “The New Reality of Risk Engineering: From Code Compliance to Resilience” | Sponsored by AXA XL (New!) “Change Management: AI's Role in Loss Control and Property Insurance” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Demystifying Multinational Fronting Insurance Programs” | Sponsored by Zurich “Understanding Third-Party Litigation Funding” | Sponsored by Zurich “What Risk Managers Can Learn From School Shootings” | Sponsored by Merrill Herzog “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS President Kristen Peed! RIMS Events, Education, and Services: RIMS Risk Maturity Model® Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information. Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts. Have a question or suggestion? Email: Content@rims.org. Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn. About our guests: Mark Prysock, General Counsel at Risk and Insurance Management Society, Inc. (RIMS) Morgan O'Rourke, Director of Publications at RIMS Hilary Tuttle, Managing Editor of Risk Management Magazine Production and engineering provided by Podfly.
CISA warns organizations of potential cyber threats from Iranian state-sponsored actors.Scattered Spider targets aviation and transportation. Workforce cuts at the State Department raise concerns about weakened cyber diplomacy. Canada bans Chinese security camera vendor Hikvision over national security concerns.Cisco Talos reports a rise in cybercriminals abusing Large Language Models. MacOS malware Poseidon Stealer rebrands.Researchers discover multiple vulnerabilities in Bluetooth chips used in headphones and earbuds. The FDA issues new guidance on medical device cybersecurity. Our guest is Debbie Gordon, Co-Founder of Cloud Range, looking “Beyond the Stack - Why Cyber Readiness Starts with People.” An IT worker's revenge plan backfires. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, Debbie Gordon, Co-Founder of Cloud Range, shares insights on looking “Beyond the Stack - Why Cyber Readiness Starts with People.” Learn more about what Debbie discusses in Cloud Range's blog: Bolstering Your Human Security Posture. You can hear Debbie's full conversation here. Selected Reading CISA and Partners Urge Critical Infrastructure to Stay Vigilant in the Current Geopolitical Environment (CISA) Joint Statement from CISA, FBI, DC3 and NSA on Potential Targeted Cyber Activity Against U.S. Critical Infrastructure by Iran (CISA, FBI, DOD Cyber Crime Center, NSA) Prolific cybercriminal group now targeting aviation, transportation companies (Axios) U.S. Cyber Diplomacy at Risk Amid State Department Shakeup (GovInfo Security) Canada Bans Chinese CCTV Vendor Hikvision Over National Security Concerns (Infosecurity Magazine) Malicious AI Models Are Behind a New Wave of Cybercrime, Cisco Talos (Hackread) MacOS malware Poseidon Stealer rebranded as Odyssey Stealer (SC Media) Airoha Chip Vulnerabilities Expose Headphones to Takeover (SecurityWeek) FDA Expands Premarket Medical Device Cyber Guidance (GovInfo Security) 'Disgruntled' British IT worker jailed for hacking employer after being suspended (The Record) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
¿Problemas de adicción al #alcohol, #drogas…? ☎️ 915 630 447 ¡LLAMANOS 24H! 🌐 https://bienestar.neurosalus.com/ Solicita ahora mismo información sobre tratamientos de desintoxicación, precios, disponibilidad de plazas… HA SIDO POSIBLE CREAR EL PROGRAMA “LA REUNIÓN SECRETA” GRACIAS A TU AYUDA COMO GUARDIÁN MECENAS. ***** HAZTE MECENAS EN https://www.patreon.com/lareunionsecreta Esta noche vive un nuevo directo de #LaReuniónSecreta desde la 22:00 hora española. Te decimos lo que nadie dice: sin anestesia y sin edulcorantes. ¡La Reunión Secreta somos todos! No se lo digas a nadie… ¡PÁSALO! 🔁💪🤫 🎸 CARLITOS TÍNEZ https://www.youtube.com/channel/UC0eeuxpQ70z-Pe0rHhOq9Fg Conexiones en directo con: - 🎖️ Alfredo Perdiguero (Subinspector de la Policía Nacional. Delegado de ASP) - Carlos Paz (Analista político especializado en Oriente Medio. Escritor) - 🎖️ Dr. Guillermo Rocafort (Doctor en Ciencias Económicas por la Universidad San Pablo. Profesor de Economía Pública y Economía de la Empresa en la Universidad Carlos III de Madrid. Profesor del Departamento de Derecho Económico y Social de la Universidad Pontificia Comillas. Abogado) - Gabriel Araújo (Secretario general de la Asociación Nacional de Tasadores y Peritos Judiciales Informáticos - ANTPJI. Perito en informática forense. Auditor de sistemas CISA. Hacker ético CEHv7) - 🎖️ Profesor Dr. Ismael Santiago (Economista. Profesor doctor en Finanzas en la Universidad de Sevilla. Es fundador del proyecto AgoBlockchain y OlivaCoin. Es asesor internacional en procesos de Ofertas Iniciales de Moneda - ICO y en finanzas descentralizadas - DeFi. Experto en macroeconomía, ciclos económicos y criptoactivos) Con el equipo habitual de La Reunión Secreta: Dr. José Miguel Gaona, Joan Miquel MJ, Carlos Martínez, Lourdes Martínez, Marta Vim, Olga Ralló y Luna de María. _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ SÍGUENOS EN REDES Twitter: https://twitter.com/lrsecreta Instagram: https://www.instagram.com/lareunionsecreta/ Facebook: https://www.facebook.com/LRsecreta REDES SOCIALES DEL EQUIPO | DR. JOSÉ MIGUEL GAONA | - https://twitter.com/doctorgaona | DIRECTOR | - Joan Miquel MJ - https://www.instagram.com/official_joan_miquel_mj/ | PRODUCTORA | - Lourdes Martínez - https://twitter.com/chicadelaradio | AYUDANTE DE DIRECCIÓN | - Olga Ralló - https://twitter.com/olgarallo | AYUDANTE DE PRODUCCIÓN | - Carlos Martínez - https://twitter.com/Carlitos_Tinez _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Cybercriminals target financial institutions across Africa using open-source tools. Threat actors are using a technique called Authenticode stuffing to abuse ConnectWise remote access software. A fake version of SonicWall's NetExtender VPN app steals users' credentials. CISA and the NSA publish a guide urging the adoption of Memory Safe Languages. Researchers identify multiple security vulnerabilities affecting Brother printers. Fake AI-themed websites spread malware. Researchers track a sharp rise in signup fraud. A new Common Good Cyber Fund has been launched to support nonprofits that provide essential cybersecurity services. Tim Starks from CyberScoop joins us to discuss calls for a federal cyberinsurance backstop. A Moscow court says ‘nyet' to more jail time for cyber crooks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are again joined by Tim Starks, Senior Reporter from CyberScoop. Tim discusses his recent piece on “Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends.” Selected Reading Cybercriminals Abuse Open-Source Tools To Target Africa's Financial Sector (Unit 42) Hackers Abuse ConnectWise to Hide Malware (SecurityWeek) Fake SonicWall VPN app steals user credentials (The Register) CISA Publishes Guide to Address Memory Safety Vulnerabilities in Modern Software Development (GB Hackers) New Vulnerabilities Expose Millions of Brother Printers to Hacking (SecurityWeek) Black Hat SEO Poisoning Search Engine Results For AI (ThreatLabz) Half of Customer Signups Are Now Fraudulent (Infosecurity Magazine) Common Good Cyber Fund Launched to Support Non-Profit Security Efforts (Infosecurity Magazine) Russia releases REvil members after convictions for payment card fraud (The Record) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this episode, Logan Wamsley talks with George Barham about The IIA's Cybersecurity Topical Requirement. They discuss how internal audit functions should prepare for its 2026 effective date, and why CAEs should take action now. The conversation also highlights the requirement's companion user guide, outsourcing considerations, framework references, and IIA resources available to help internal audit functions conform with confidence. HOST:Logan WamsleyAssociate Manager, Content Development, The IIA GUEST:George Barham, CIA, CRMA, CISA,Director, Standards & Guidance, The IIA KEY POINTS: Introduction [00:00-00:00:21] Background on the Cybersecurity Topical Requirement [00:00:21-00:01:31] Key Feedback and Early Implementation Advice [00:01:31-00:03:09] Tips from CAEs on Getting Started [00:03:09-00:04:37] How to Use the Companion User Guide [00:04:37-00:05:57] Outsourcing Considerations [00:05:57-00:07:30] Framework References and Mapping [00:07:30-00:09:37] Keeping Up with the Evolving Cyber Landscape [00:09:37-00:11:30] Annual Review and Updates [00:11:30-00:12:24] Advice as the Effective Date Approaches [00:12:24-00:14:26] Additional IIA Resources and Support [00:14:26-00:16:38] Final Thoughts [00:16:38-00:18:23] THE IIA RELATED CONTENT: Interested in this topic? Visit the links below for more resources: Cybersecurity Topical Requirement Executive Knowledge Brief: The Cybersecurity Topical Requirement in Practice GTAG: Assessing Cybersecurity Risk 2025 Cybersecurity Virtual Conference Cyber Resource Center A New Tool to Monitor Established Risks Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer
WEDI's Privacy & Security Workgroup Co-Chair Lesley Berkeyheiser (DirectTrust) speakers with Charles Sweat Jr. MD, Healthcare and Public Health Sector Liaison, Cybersecurity and Infrastructure Security Agency (CISA) & Charlee Hess, Director Cybersecurity Division, Critical Infrastructure Protection, US Department Health and Human Services on their organizations' missions, purposes and the resources they have that can help guide best practices for the healthcare industry as it pertains to cybersecurity.
¿Problemas de adicción al #alcohol, #drogas…? ☎️ 915 630 447 ¡LLAMANOS 24H! 🌐 https://bienestar.neurosalus.com/ Solicita ahora mismo información sobre tratamientos de desintoxicación, precios, disponibilidad de plazas… HA SIDO POSIBLE CREAR EL PROGRAMA “LA REUNIÓN SECRETA” GRACIAS A TU AYUDA COMO GUARDIÁN MECENAS. ***** HAZTE MECENAS EN https://www.patreon.com/lareunionsecreta Esta noche vive un nuevo directo de #LaReuniónSecreta desde la 22:00 hora española. Te decimos lo que nadie dice: sin anestesia y sin edulcorantes. ¡La Reunión Secreta somos todos! No se lo digas a nadie… ¡PÁSALO! 🔁💪🤫 🎸 CARLITOS TÍNEZ https://www.youtube.com/channel/UC0eeuxpQ70z-Pe0rHhOq9Fg Conexiones en directo con: - Gabriel Araújo (Secretario general de la Asociación Nacional de Tasadores y Peritos Judiciales Informáticos - ANTPJI. Perito en informática forense. Auditor de sistemas CISA. Hacker ético CEHv7) - 🎖️ Profesor Dr. Ismael Santiago (Economista. Profesor doctor en Finanzas en la Universidad de Sevilla. Es fundador del proyecto AgoBlockchain y OlivaCoin. Es asesor internacional en procesos de Ofertas Iniciales de Moneda - ICO y en finanzas descentralizadas - DeFi. Experto en macroeconomía, ciclos económicos y criptoactivos) - 🎖️ Dr. Guillermo Rocafort (Doctor en Ciencias Económicas por la Universidad San Pablo. Profesor de Economía Pública y Economía de la Empresa en la Universidad Carlos III de Madrid. Profesor del Departamento de Derecho Económico y Social de la Universidad Pontificia Comillas. Abogado) - José Luis Martín Ovejero (Abogado. Experto en retórica y argumentación jurídica. Experto en análisis del comportamiento no verbal y la detección de la mentira. Máster y Profesor en Comunicación No Verbal y Oratoria) Con el equipo habitual de La Reunión Secreta: Dr. José Miguel Gaona, Joan Miquel MJ, Carlos Martínez, Lourdes Martínez, Marta Vim, Olga Ralló y Luna de María. _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ SÍGUENOS EN REDES Twitter: https://twitter.com/lrsecreta Instagram: https://www.instagram.com/lareunionsecreta/ Facebook: https://www.facebook.com/LRsecreta REDES SOCIALES DEL EQUIPO | DR. JOSÉ MIGUEL GAONA | - https://twitter.com/doctorgaona | DIRECTOR | - Joan Miquel MJ - https://www.instagram.com/official_joan_miquel_mj/ | PRODUCTORA | - Lourdes Martínez - https://twitter.com/chicadelaradio | AYUDANTE DE DIRECCIÓN | - Olga Ralló - https://twitter.com/olgarallo | AYUDANTE DE PRODUCCIÓN | - Carlos Martínez - https://twitter.com/Carlitos_Tinez _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Over an eight-month period beginning in July of last year, China-backed threat actors carried out a coordinated campaign that included attempts to breach cybersecurity vendor SentinelOne.CISA has added two newly confirmed exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild.OpenAI has banned ChatGPT accounts linked to state-sponsored threat actors, including groups affiliated with governments in China, Russia, North Korea, Iran, and others.A critical vulnerability in Wazuh Server, CVE-2025-24016 (CVSS 9.9), is being actively exploited by threat actors to deliver multiple Mirai botnet variants for distributed denial-of-service (DDoS) operations.
Send us a textWhen automation fails, it fails spectacularly—and at scale. The recent Google Cloud outage that took down over 54 global services for more than seven hours demonstrates this perfectly. A simple error—blank fields in automated policy updates—cascaded into widespread failures affecting millions of users worldwide. This episode dives deep into what went wrong, how it happened, and what it means for cloud resilience in the AI era.We also explore Cisco's dramatic pivot at Cisco Live 2025, where they've committed to refreshing their entire hardware stack and integrating AI throughout their ecosystem. Their new LLM called Deep Network suggests a future where networking infrastructure makes intelligent decisions autonomously. We discuss whether Cisco can deliver on these promises and what the unification of their Meraki and Catalyst lines might mean for customers.The Ultra Ethernet Consortium has finally released their 1.0 specification, establishing a comprehensive standard for high-performance computing environments. This 600+ page document marks a significant milestone in creating viable alternatives to InfiniBand for AI workloads. Meanwhile, Network-as-a-Service pioneer Meter secured $170 million in Series C funding, raising questions about the actual size and sustainability of the NaaS market.On the cybersecurity front, we examine two concerning developments: the mass exodus of leadership from CISA during heightened threat conditions, and a novel zero-click vulnerability in Microsoft 365 Copilot that can expose sensitive data without any user interaction. This "Echo Leak" vulnerability demonstrates how AI systems that automatically scan content create entirely new attack vectors that organizations must defend against.Join us for a fast-paced discussion about these pivotal developments in cloud computing, networking technology, and cybersecurity. What does all this mean for your infrastructure strategy? Listen and find out.Purchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/ Check out the Fortnightly Cloud Networking Newshttps://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/Visit our website and subscribe: https://www.cables2clouds.com/Follow us on BlueSky: https://bsky.app/profile/cables2clouds.comFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatj
A House oversight committee requests DOGE documents from Microsoft. Predatory Sparrow claims a cyberattack on an Iranian bank. Microsoft says data that happens in Europe will stay in Europe. A complex malware campaign is using heavily obfuscated Visual Basic files to deploy RATs. A widely used CMS platform suffers potential RCE bugs. North Korea's Kimsuky targets academic institutions using password-protected research documents. Asus patches a high-severity vulnerability in its Armoury Crate software. CISA's new leader remains in confirmation limbo. Our guest is Brian Downey, VP of Product Management from Barracuda, talking about how security sprawl increases risk. Operation Fluffy Narwhal thinks it's time to rethink adversary naming. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Brian Downey, VP of Product Marketing and Product Management from Barracuda, talking about how security sprawl increases risk. You can find more information about what Brian discussed here. Selected Reading Following Whistleblower Reports, Acting Ranking Member Lynch Demands Microsoft Hand Over Information on DOGE's Misconduct at NLRB | The Committee on Oversight and Accountability Democrats (House Committee on Oversight and Government Reform) Pro-Israel hackers claim breach of Iranian bank amid military escalation (The Record) Microsoft lays out data protection plans for European cloud customers (Reuters) New Sophisticated Multi-Stage Malware Campaign Weaponizes VBS Files to Execute PowerShell Script (Cyber Security News) Chained Flaws in Enterprise CMS Provider Sitecore Could Allow RCE (Infosecurity Magazine) Beware of Weaponized Research Papers That Delivers Malware Via Password-Protected Documents (Cyber Security News) Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers (SecurityWeek) Asus Armoury Crate Vulnerability Leads to Full System Compromise (SecurityWeek) Trump's Pick to Lead CISA is Stuck in Confirmation Limbo (Gov Infosecurity) Call Them What They Are: Time to Fix Cyber Threat Actor Naming (Just Security) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
If you like what you hear, please subscribe, leave us a review and tell a friend!
In this episode of the Defending The Edge Podcast with DefendEdge, we discuss the recent cyber attacks from ConnestWise to Google Calendar. In a recent update, CISA has updated the way of reporting, and the intelligence community is aiming to create a shared threat actor glossary. Deepfake technology is becoming increasingly advanced and alarming. Lastly, Anonymous has been in the headlines for various data dumps. Join us as we discuss all of these topics and more.
International law enforcement takes down a darknet drug marketplace. The Washington Post is investigating a cyberattack targeting several journalists' email accounts. Anubis ransomware adds destructive capabilities. The GrayAlpha threat group uses fake browser update pages to deliver advanced malware. Researchers uncover a stealthy malware campaign that hides a malicious payload in a JPEG image. Tenable patches three high-severity vulnerabilities in Nessus Agent. Attackers can disable Secure Boot on many Windows devices by exploiting a firmware flaw. Lawmakers introduce a bipartisan bill to strengthen coordination between CISA and HHS. Harry Coker reflects on his tenure as National Cyber Director. Maria Varmazis checks in with Brandon Karpf on agentic AI. When online chatbots overshare, it's no laughing Meta. CyberWire Guest Joining us today to discuss Agentic AI and it relates to cybersecurity and space with T-Minus Space Daily host Maria Varmazis is Brandon Karpf, friend of the show, founder of T-Minus Space Daily, and cybersecurity expert. Selected Reading Police seizes Archetyp Market drug marketplace, arrests admin (Bleeping Computer) Washington Post investigating cyberattack on journalists' email accounts, source says (Reuters) Anubis Ransomware Packs a Wiper to Permanently Delete Files (SecurityWeek) GrayAlpha Hacker Group Weaponizes Browser Updates to Deploy PowerNet Loader and NetSupport RAT (Cyber Security News) Malicious Payload Uncovered in JPEG Image Using Steganography and Base64 Obfuscation (Cyber Security News) Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus (Infosecurity Magazine) Microsoft-Signed Firmware Module Bypasses Secure Boot (Gov Infosecurity) Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks (The Record) Coker: We can't have economic prosperity or national security without cybersecurity (The Record) The Meta AI app is a privacy disaster (TechCrunch) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The Trump administration has proposed cutting nearly half a billion dollars from the cybersecurity and infrastructure security agency's budget next year. But Congress also has a say, and the house appropriators are advancing a bill that would lessen the budget blow to CISA federal news networks. Justin Doubleday is reporting.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Cloudflare says yesterday's widespread outage was not caused by a cyberattack. Predator mobile spyware remains highly active. Microsoft is investigating ongoing Microsoft 365 authentication services issues. An account takeover campaign targets Entra ID users by abusing a popular pen testing tool. Palo Alto Networks documents a JavaScript obfuscation method dubbed “JSFireTruck.” Trend Micro and Mitel patch multiple high-severity vulnerabilities. CISA issues multiple advisories. My Hacking Humans cohost Joe Carrigan joins us to discuss linkless recruiting scams. Uncle Sam wants an AI chatbot. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we are joined by Joe Carrigan, one of Dave's Hacking Humans co-hosts, to talk about linkless recruiting scams. You can learn more in this article from The Record: FIN6 cybercriminals pose as job seekers on LinkedIn to hack recruiters. Tune in to Hacking Humans each Thursday on your favorite podcast app to hear the latest on the social engineering scams that are making the headlines from Joe, Dave and their co-host Maria Varmazis. Selected Reading Cloudflare: Outage not caused by security incident, data is safe (Bleeping Computer) Predator Mobile Spyware Remains Consistent with New Design Changes to Evade Detection (Cyber Security News) Microsoft confirms auth issues affecting Microsoft 365 users (Bleeping Computer) TeamFiltration Abused in Entra ID Account Takeover Campaign (SecurityWeek) 270K websites injected with ‘JSF-ck' obfuscated code (SC Media) Palo Alto Networks Patches Series of Vulnerabilities (Infosecurity Magazine) SimpleHelp Vulnerability Exploited Against Utility Billing Software Users (SecurityWeek) Trend Micro fixes critical vulnerabilities in multiple products (Bleeping Computer) Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking (SecurityWeek) CISA Releases Ten Industrial Control Systems Advisories (CISA) Trump team leaks AI plans in public GitHub repository (The Register) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
CISA, Microsoft warn of Windows zero-day used in attack on ‘major' Turkish defense org 40K IoT cameras worldwide stream secrets to anyone with a browser Marks & Spencer begins taking online orders again, out for seven weeks due to cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
OctoSQL & Vulnerability Data OctoSQL is a neat tool to query files in different formats using SQL. This can, for example, be used to query the JSON vulnerability files from CISA or NVD and create interesting joins between different files. https://isc.sans.edu/diary/OctoSQL+Vulnerability+Data/32026 Mirai vs. Wazuh The Mirai botnet has now been observed exploiting a vulnerability in the open-source EDR tool Wazuh. https://www.akamai.com/blog/security-research/botnets-flaw-mirai-spreads-through-wazuh-vulnerability DNS4EU The European Union created its own public recursive resolver to offer a public resolver compliant with European privacy laws. This resolver is currently operated by ENISA, but the intent is to have a commercial entity operate and support it by a commercial entity. https://www.joindns4.eu/ WordPress FAIR Package Manager Recent legal issues around different WordPress-related entities have made it more difficult to maintain diverse sources of WordPress plugins. With WordPress plugins usually being responsible for many of the security issues, the Linux Foundation has come forward to support the FAIR Package Manager, a tool intended to simplify the management of WordPress packages. https://github.com/fairpm
In recent years, the United States has sustained some of the most severe cyber threats in recent history– from the Russian-government directed hack SolarWinds to China's prepositioning in U.S. critical infrastructure for future sabotage attacks through groups like Volt Typhoon. The Cybersecurity Infrastructure Security Agency (CISA) is responsible for responding to, and protecting against these attacks. How do leaders steer through cyber crises, build trust, and chart a path forward? In conversation with Dr. Brianna Rosen, Just Security Senior Fellow and Director of the AI and Emerging Technologies Initiative, Jen Easterly, who just completed a transformative tenure as Director of CISA under the Biden Administration, unpacks the challenges, breakthroughs, and lessons from the front lines of America's cybersecurity efforts. Jen Easterly Just Security's Cybersecurity coverage Empathy Matters: Leadership in Cyber by Jen Easterly ( 2019)
CISA has been championing Secure by Design principles. Many of the principles are universal, like adopting MFA and having opinionated defaults that reduce the need for hardening guides. Matthew Rogers talks about how the approach to Secure by Design has to be tailored for Operational Technology (OT) systems. These systems have strict requirements on safety and many of them rely on protocols that are four (or more!) decades old. He explains how the considerations in this space go far beyond just memory safety concerns. Segment Resources: https://www.cisa.gov/sites/default/files/2025-01/joint-guide-secure-by-demand-priority-considerations-for-ot-owners-and-operators-508c_0.pdf https://www.youtube.com/watch?v=vHSXu1P4ZTo Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-334
CISA has been championing Secure by Design principles. Many of the principles are universal, like adopting MFA and having opinionated defaults that reduce the need for hardening guides. Matthew Rogers talks about how the approach to Secure by Design has to be tailored for Operational Technology (OT) systems. These systems have strict requirements on safety and many of them rely on protocols that are four (or more!) decades old. He explains how the considerations in this space go far beyond just memory safety concerns. Segment Resources: https://www.cisa.gov/sites/default/files/2025-01/joint-guide-secure-by-demand-priority-considerations-for-ot-owners-and-operators-508c_0.pdf https://www.youtube.com/watch?v=vHSXu1P4ZTo Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-334
The Monday Microsegment for the week of June 9th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.A North Korean ransomware campaign is playing for keeps.A rose by any other name smells as sweet. But would malware by a standardized name be as leet?And is CISA's brain drain a crisis in the making?Head to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand
In this conversation, Dr. Chase Cunningham, also known as Dr. Zero Trust, discusses various aspects of cybersecurity, focusing on recent data breaches, the implications for businesses, and the challenges faced by small and medium-sized enterprises (SMBs). He highlights the Victoria's Secret data breach as a case study, examines vulnerabilities in water utilities, and critiques the government's approach to cybersecurity funding and information sharing. The discussion also touches on the market dynamics surrounding cybersecurity firms like CrowdStrike and the implications of workforce changes within the Cybersecurity Infrastructure Agency (CISA).TakeawaysCybersecurity breaches can significantly impact business operations and stock performance.Organizations should proactively assess their connections to compromised entities.The government lacks effective reporting mechanisms for cybersecurity vulnerabilities.Small and medium-sized businesses are often left out of cybersecurity discussions.Congress needs to clarify definitions and incentivize cybersecurity participation among SMBs.Funding cuts to cybersecurity agencies can undermine national security efforts.CrowdStrike's market performance raises questions about accountability in cybersecurity.CISA is facing significant workforce challenges that may affect its effectiveness.Popular Chrome extensions can pose security risks by leaking sensitive data.Proactive measures are essential to mitigate cybersecurity threats.
Register for Free, Live webcasts & summits:https://poweredbybhis.com00:00 - PreShow Banter™ — natural MSG05:31 - Victoria's Secrets are Compromised - Talkin' Bout [infosec] News 2025-06-0206:31 - Story # 1: Authors Are Accidentally Leaving AI Prompts In their Novels08:36 - Story # 1b: This Latest AI Book Debacle Is A Disturbing Part Of A Growing Trend09:41 - Story # 2: Developer Builds Tool That Scrapes YouTube Comments, Uses AI to Predict Where Users Live10:48 - Story # 2b: AI-powered OSINT tool profiles YouTube users, raising privacy concerns15:55 - Story # 2c: Researchers Dump 2 Billion Scraped Discord Messages Online20:28 - Story # 3: Vending-Bench: A Benchmark for Long-Term Coherence of Autonomous Agents21:02 - Story # 3b: An AI Goes Insane, Emails FBI Over $2 (YouTube)26:55 - Story # 4: The UK will totally replace two-thirds of junior civil servants with AI chatbots, says the chatbot27:27 - Story # 4b: Reeves confirms 15% cut to Civil Service running costs29:29 - Story # 5: ConnectWise Breached, ScreenConnect Customers Targeted31:28 - LOLRMM - a curated list of Remote Monitoring and Management (RMM) tools that could potentially be abused by threat actors.35:34 - Story # 6: New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers36:19 - Story # 7: US intelligence employee arrested for alleged double-dealing of classified info40:12 - Story # 8: Victoria's Secret takes down website after security incident45:43 - Story # 9: Microsoft and CrowdStrike partner to link hacking group names46:59 - Story # 10: Zscaler Acquisition of Red Canary49:57 - Story # 11: Most of CISA's senior leaders are leaving the agency51:22 - Story # 12: Telegram announces partnership with Musk's xAI51:32 - Story # 13: Google warns of Vietnam-based hackers using bogus AI video generators to spread malware
This week on Caveat, Ben's got the story of Texas becoming the second—and largest—state to pass a law requiring Apple and Google to verify users' ages on app stores and get parental consent before kids and teens can download apps or make purchases, signaling a broader push toward stricter online age checks. Dave dives into the story of President Trump's 2026 budget proposal, which calls for slashing over 1,000 jobs at CISA and cutting the agency's budget by nearly half a billion dollars, raising bipartisan concerns about the future of federal cybersecurity programs. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. Links to stories: Trump budget proposal would slash more than 1,000 CISA jobs A new Texas law mandates age checks on phones. It may be just the start. Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our Caveat Briefing, a weekly newsletter available exclusively to N2K Pro members on N2K CyberWire's website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's Caveat Briefing is on how a federal judge is weighing less aggressive remedies in the U.S. antitrust case against Google, suggesting limited data sharing and conditional changes to its deals with Apple rather than the sweeping 10-year plan proposed by regulators. The judge also noted that emerging AI tools like ChatGPT could disrupt traditional search, raising questions about how future competitors should factor into the case. Curious about the details? Head over to the Caveat Briefing for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices
Researchers uncover a major privacy violation involving tracking scripts from Meta and Yandex. A compliance automation firm discloses a data breach. PumaBot stalks vulnerable IoT devices. The Ramnit banking trojan gets repurposed for ICS intrusions. The North Face suffers a credential stuffing attack. Kaspersky says the Black Owl team is a cyber threat to Russia. CISA releases ISC advisories. An Indian grocery delivery startup suffers a devastating data wiping attack. The UK welcomes their new Cyber and Electromagnetic (CyberEM) Command. Our guest is Rohan Pinto, CTO of 1Kosmos, discussing the implications of AI deepfakes for biometric security. The cybersecurity sleuths at Sophos unravel a curious caper. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Rohan Pinto, CTO of 1Kosmos, and he is discussing the implications of AI deepfakes for biometric security. Selected Reading Meta and Yandex are de-anonymizing Android users' web browsing identifiers (Ars Technica) Vanta leaks customer data due to product code change (Beyond Machines) New Linux PumaBot Attacking IoT Devices by Brute-Forcing SSH Credentials (Cyber Security News) Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift (SecurityWeek) The North Face warns customers of April credential stuffing attack (Bleeping Computer) Pro-Ukraine hacker group Black Owl poses ‘major threat' to Russia, Kaspersky says (The Record) CISA Releases ICS Advisories Covering Vulnerabilities & Exploits (Cyber Security News) Indian grocery startup KiranaPro was hacked and its servers deleted, CEO confirms (TechCrunch) UK CyberEM Command to spearhead new era of armed conflict (The Register) Widespread Campaign Targets Cybercriminals and Gamers (Infosecurity Magazine) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Send us a textWelcome to another episode of the “Daily Drop,” where Jared breaks down the chaos disguised as a defense budget. We're talking about a $1 trillion spendathon featuring: cutting cybersecurity staff during peak cyber threat season, trying to mass-produce drones in 24 hours with foreign parts we don't make, and senior leaders treating AI like it's witchcraft.You'll also get the inside scoop on how our Space Force is flexing with rapid GPS launches (kind of), why cutting Air Force Academy faculty could kneecap future warfighters, and which senator is still obsessed with moving Space Command for no tactical reason.PLUS:
Microsoft and CrowdStrike partner to link threat actor names Qualcomm sees Adreno bugs under active exploitation New details on proposed CISA cuts Huge thanks to our sponsor, Conveyor Does trying to get the security questionnaire done and back to your customer ever feel like you're herding cats? It's not answering questions - most of you have automation software for that. It's all of the manual back and forth that becomes a slog like communicating between teams, tracking people down to get their review, updating sources and updating systems. Conveyor just launched an AI agent, Sue, to do all of these things and more for you. Learn about Sue at www.conveyor.com.
An international law enforcement operation dismantles AVCheck. Trump's 2026 budget looks to cut over one thousand positions from CISA. Cyber Command's defensive wing gains sub-unified command status. A critical vBulletin vulnerability is actively exploited. Acreed takes over Russian markets as credential theft kingpin. Qualcomm patches three actively exploited zero-days in its Adreno GPU drivers. Researchers unveil details of a Cisco IOS XE Zero-Day. Microsoft warns a memory corruption flaw in the legacy JScript engine is under active exploitation. A closer look at the stealthy Lactrodectus loader. On today's Afternoon Cyber Tea, Ann Johnson speaks with Hugh Thompson, RSAC program committee chair. Decoding AI hallucinations with physics. Complete our annual audience survey before August 31. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we have our Afternoon Cyber Tea segment with Ann Johnson. On today's episode, Ann speaks with Hugh Thompson, RSAC program committee chair, as they discuss what goes into building the RSA Conference. Selected Reading Police takes down AVCheck site used by cybercriminals to scan malware (Bleeping Computer) DHS budget request would cut CISA staff by 1,000 positions (Federal News Network) Cybercom's defensive arm elevated to sub-unified command (DefenseScoop) vBulletin Vulnerability Exploited in the Wild (SecurityWeek) Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown (Infosecurity Magazine) Qualcomm fixes three Adreno GPU zero-days exploited in attacks (Bleeping Computer) Exploit details for max severity Cisco IOS XE flaw now public (Bleeping Computer) Microsoft Scripting Engine flaw exploited in wild, Proof-of-Concept published (Beyond Machines) Latrodectus Malware Analysis: A Deep Dive into the Black Widow of Cyber Threats in 2025 (WardenShield) The Root of AI Hallucinations: Physics Theory Digs Into the 'Attention' Flaw (SecurityWeek) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Artificial intelligence powers many cybersecurity applications, and government agencies are increasingly using AI to augment systems in national security and intelligence capacities. The complexities of AI implementation require careful architectural considerations and robust governance frameworks to ensure safe execution. William MacMillan, former CISO at CISA and current chief product officer at Andesite AI, noted how AI holds tremendous potential to enhance efficiency and accuracy, particularly through "human in the loop" systems that manage vast amounts of data. MacMillan also talks about the critical role of leadership in establishing international AI standards and the necessity of user training and human-AI collaboration for effective implementation.
Drex covers Kettering Health's week-long cyber attack recovery with radiation oncology back online, the mass exodus of CISA leadership amid federal downsizing, and the growing frustration over lack of comprehensive federal cybersecurity strategy for healthcare. Discussion includes regional coordination during cyber incidents and the reality that hospitals are fighting nation-state actors without adequate government support.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer
SentinelOne suffers a global service outage. A major DDoS attack hits a Russian internet provider. U.S. banking groups urge the SEC to scrap cybersecurity disclosure rules. Australia mandates reporting of ransomware payments. Researchers uncover a new Browser-in-the-Middle (BitM) attack targeting Safari users. A Florida health system pays over $800,000 to settle insider breach concerns. CISA issues five urgent ICS advisories. Our guest is Matt Covington, VP of Product at BlackCloak, discussing the emergence of advanced impersonation techniques like deepfakes and the importance of digital executive protection. The feds are putting all our digital data in one basket. CyberWire Guest On our Industry Voices segment, at the 2025 RSA Conference, we were joined by Matt Covington, VP of Product at BlackCloak, discussing the emergence of advanced impersonation techniques like deepfakes and digital executive protection. Listen to Matt's conversation here. Selected Reading Cybersecurity Firm SentinelOne Suffers Major Outage (Bank Infosecurity) DDoS incident disrupts internet for thousands in Moscow (The Record) Banks Want SEC to Rescind Cyberattack Disclosure Requirements (PYMNTS.com) Australian ransomware victims now must tell the government if they pay up (The Record) New BitM Attack Exploits Safari Vulnerability to Steal Login Credentials (Cyber Security News) Florida Health System Pays $800K for Insider Record Snooping (Bank Infosecurity) UTG-Q-015 Hackers Launched Large Scale Brute-Force Attacks Against Govt Web Servers (Cyber Security News) CISA Releases Five ICS Advisories Targeting Vulnerabilities and Exploits (Cyber Security News) Trump Taps Palantir to Compile Data on Americans (The New York Times) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The Czech Republic accuses Chinese state-backed hackers of cyber-espionage. CISA's leaders head for the exits. Cybercriminals are using fake AI video generator websites to spread malware. A stealthy phishing campaign delivers the Remcos RAT via DBatLoader. A fake Bitdefender website spreads malware targeting financial data. Medusa ransomware claims to have breached global real estate firm RE/MAX. An Iranian national faces up to 30 years in prison for ransomware targeting US cities. Our guest is Tony Velleca, CyberProof's CEO, discussing exposure management and a more risk-focused approach to prioritize threats. Mind reading for fun and profit. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, at the 2025 RSA Conference we were joined by Tony Velleca, CyberProof's CEO, who is discussing exposure management and moving towards a more risk-focused approach to prioritize threats. Listen to Tony's interview here. Selected Reading Chinese spies blamed for attempted hack on Czech government network (The Record) CISA loses nearly all top officials as purge continues- (Cybersecurity Dive) Google warns of Vietnam-based hackers using bogus AI video generators to spread malware (The Record) Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities (SecurityWeek) New Phishing Campaign Uses DBatLoader to Drop Remcos RAT: What Analysts Need to Know (Hack Read) Hackers Mimic Popular Antivirus Site to Deliver VenomRAT & Steal Finance Data (Cybersecurity News) RE/MAX deals with alleged 150GB data theft: Medusa ransomware demands $200K (Cyber News) CISA Releases ICS Advisories Covering Vulnerabilities & Exploits (Cybersecurity News) Iranian pleads guilty to launching Baltimore ransomware attack, faces 30 years behind bars (The Record) Neural Privacy Under Threat: The Battle for Neural Data (tsaaro consulting) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this week's edition of Risky Business Dmitri Alperovitch and Adam Boileau join Patrick Gray to talk through the week's news, including: EXCLUSIVE: A Scattered Spider-style crew is hijacking DNS MX entries and compromising enterprises within minutes The SVG format brings the all horrors of HTML+JS to image files, and attackers have noticed Brian Krebs eats a 6.3Tbps DDoS … ‘cause that's how you demo your packet cannon Law enforcement takes out Lumma Stealer, Qakbot, Danabot and some dark web drug traffickers Iranian behind 2019 Baltimore ransomware mysteriously appears in North Carolina and pleads guilty CISA's leadership is fleeing in droves, even though the US needs them more than ever. This week's episode is sponsored by Thinkst Canary. Long time friend of the show Haroon Meer joins and talks through where he feels the industry is at, having just returned home from the AI-fueled hype at this year's RSA conference. This episode is also available on Youtube. Show notes China-linked ‘Silk Typhoon' hackers accessed Commvault cloud environments, person familiar says - Nextgov/FCW Risky Bulletin: SVG use for phishing explodes in 2025 - Risky Business Media KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS – Krebs on Security Midwestern telco Cellcom confirms cyber incident after days of service outages | The Record from Recorded Future News Microsoft leads international takedown of Lumma Stealer | Cybersecurity Dive Who said what? on X: "Message from the administrator of Lumma Stealer on the forums about the recent events
President Trump signs the Take It Down Act into law. A UK grocer logistics firm gets hit by ransomware. Researchers discover trojanized versions of the KeePass password manager. Researchers from CISA and NIST promote a new metric to better predict actively exploited software flaws. A new campaign uses SEO poisoning to deliver Bumblebee malware. A sophisticated phishing campaign is impersonating Zoom meeting invites to steal user credentials. CISA has added six actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. A bipartisan bill aims to strengthen the shrinking federal cybersecurity workforce. Our guest is Chris Novak, Vice President of Global Cybersecurity Solutions at Verizon, sharing insights on their 2025 DBIR. DOGE downsizes, and the UAE recruits. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Chris Novak, Vice President of Global Cybersecurity Solutions at Verizon, sharing insights on their 2025 Data Breach Investigations Report (DBIR).Selected Reading Trump signs the Take It Down Act into law |(The Verge) Supplier to Tesco, Aldi and Lidl hit with ransomware (Computing) Fake KeePass password manager leads to ESXi ransomware attack (Bleeping Computer) Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers (Security Week) Threat Actors Deliver Bumblebee Malware Poisoning Bing SEO (Cybersecurity News) New Phishing Attack Poses as Zoom Meeting Invites to Steal Login Credentials (GB Hackers) CISA Adds Six Known Exploited Vulnerabilities to Catalog (CISA) Federal cyber workforce training institute eyed in bipartisan House bill (CyberScoop) UAE Recruiting US Personnel Displaced by DOGE to Work on AI for its Military (Zetter Sero Day) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
A busy Patch Tuesday. Investigators discover undocumented communications devices inside Chinese-made power inverters. A newly discovered Branch Privilege Injection flaw affects Intel CPUs. A UK retailer may claim up to £100mn from its cyber insurers after a major cyberattack. A Kosovo national has been extradited to the U.S. for allegedly running an illegal online marketplace. CISA will continue alerts on its website following industry backlash. On our Industry Voices segment, Neil Hare-Brown, CEO at STORM Guidance, discusses Cyber Incident Response (CIR) retainer service provision. Shoring up the future of the CVE program. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, we are joined by Neil Hare-Brown, CEO at STORM Guidance, discussing Cyber Incident Response (CIR) retainer service provision. You can learn more here. Selected Reading Microsoft Patch Tuesday security updates for May 2025 fixed 5 actively exploited zero-days (Security Affairs) SAP patches second zero-day flaw exploited in recent attacks (Bleeping Computer) Ivanti fixes EPMM zero-days chained in code execution attacks (Bleeping Computer) Fortinet fixes critical zero-day exploited in FortiVoice attacks (Bleeping Computer) Vulnerabilities Patched by Juniper, VMware and Zoom (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact (SecurityWeek) Adobe Patches Big Batch of Critical-Severity Software Flaws (SecurityWeek) Ghost in the machine? Rogue communication devices found in Chinese inverters (Reuters) New Intel CPU flaws leak sensitive data from privileged memory (Bleeping Computer) M&S cyber insurance payout to be worth up to £100mn (Financial Times) US extradites Kosovo national charged in operating illegal online marketplace (The Record) CISA Planned to Kill .Gov Alerts. Then It Reversed Course. (Data BreachToday) CVE Foundation eyes year-end launch following 11th-hour rescue of MITRE program (CyberScoop) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices