Podcasts about cisa

A suspected U.S. exploit kit shows up in global iOS attacks. Facebook goes down briefly worldwide. A critical help-desk flaw enables remote code execution. Juniper PTX routers face a major bug. LastPass warns of phishing. Telegram becomes a cybercrime marketplace. Healthcare groups fight relaxed IT rules. A stolen Gemini API key runs up massive bills. CISA's CIO departs. Our guest is Brian Long, CEO and Co-Founder of Adaptive Security, discussing how AI is reshaping social engineering. The problem of posthumous profiles.  CyberWire Guest Today on our Industry Voices segment we are joined by Brian Long, CEO and Co-Founder of Adaptive Security, discussing how AI is reshaping social engineering. If you want to hear the full conversation, listen to it here. Selected Reading Possible U.S.-developed exploits linked to first known ‘mass' iOS attack (CyberScoop) Facebook accounts unavailable in worldwide outage (Bleeping Computer) Critical FreeScout Vulnerability Leads to Full Server Compromise (SecurityWeek) Juniper PTX Routers at Risk, Critical Takeover Flaw Disclosed (BankInfo Security) LastPass Warns of New Phishing Campaign (SecurityWeek) Telegram Increasingly Used to Sell Access, Malware and Stolen Logs Hackread) Groups Push Back on HHS' Proposed Health IT Rollbacks (BankInfo Security) Dev stunned by $82K Gemini API key bill after theft (The Register) CISA CIO Robert Costello exits agency (CyberScoop) Calls for Global Digital Estate Standard as Posthumous Deepfake Fraud Risk Grows (Infosecurity Magazine) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They cover: The US-Israeli attack on Iran had a whole lot of cyber. It's clearly in the playbook now! The NSA Triangulation / L3 Harris Trenchant iOS exploit kit is on the loose, and being used by Chinese crypto scammers So long Maddhu Gottumukkala, but CISA's annus horribilis continues Adam “humbug” Boileau complains about the Airsnitch wifi attack just being three ethernets in a trenchcoat ASD's Cisco SD-WAN threat hunting guide is clearly borne of … experience This week's episode is sponsored by AI threat hunting platform Nebulock. Sydney Marrone joins to talk about how useful AI models are on the hunt, and her work building out an open source framework and maturity model. It's methodology agnostic, so you can adapt it for your environment, and the github link is in the show notes! This episode is also available on Youtube. Show notes Inside the plan to kill Ali Khamenei Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran | TechCrunch Matthew Prince

The salient point of this podcast episode revolves around critical updates concerning national security and public health advisories. We provide an overview of newly identified vulnerabilities in the CISA Exploited Vulnerabilities catalog, emphasizing the importance of timely patching and mitigation strategies for federal agencies and critical infrastructure operators. Additionally, we discuss the ongoing security posture changes for U.S. personnel in parts of the Middle East, highlighting the ordered departure of non-emergency government employees from the United Arab Emirates due to escalating threats. Furthermore, we address recent water advisories issued in various states, including precautionary measures for local residents to ensure safe consumption. It is imperative to remain informed and vigilant in light of these developments, as they directly impact community safety and operational readiness.Takeaways:* The IWC 2026 conference is crucial for professionals involved in critical communications.* Critical infrastructure operators must prioritize the newly identified vulnerabilities in the KEV catalog.* A travel advisory has been issued for Kuwait due to the ordered departure of personnel.* Residents of Panama City are advised to boil water following a planned water shutoff.* The situation in the Middle East has led to security alerts for non-emergency US personnel.* Clarendon County has issued a boil water advisory due to a water line repair interruption.SponsorIWCE - https://go.emnmedia.com/IWCE2026CISACISA Alert (Mar 3, 2026) — Adds two exploited vulnerabilities to KEV CatalogCISA — Cybersecurity Advisories feed (shows Mar 3, 2026 alert listing)CISA — Known Exploited Vulnerabilities Catalog (reference list)Travel and SecurityU.S. Mission to the UAE — Security Alert (Mar 3, 2026)OSAC — Travel Advisory: Kuwait (updated Mar 3, 2026)StatesFlorida, City of Panama City — Planned water shut-off & precautionary boil-water notice (Mar 3, 2026)Louisiana, Shreveport Water & Sewerage — Alert Center update (latest update timestamped Mar 3, 2026)South Carolina, Clarendon County, SC — Boil Water Advisory (Mar 3, 2026) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe

More than 70 Democrats in the House and Senate are pushing the Department of Homeland Security's inspector general to open a new investigation into the agency's “warrantless purchases of Americans' location data.” In a letter sent Tuesday, the lawmakers tasked IG Joseph Cuffari with investigating whether Immigration and Customs Enforcement is purchasing illegally obtained location data about Americans, how that data has been used, whether audits of employee access to uncover abuse are occurring and the policies governing data usage. “Location data is extremely sensitive, and can reveal someone's religion, their political views, medical conditions, addictions, and with whom they spend time,” the Democrats said. “It is for that reason that ordinarily, the government must obtain a warrant from a judge in order to demand such data from phone or technology companies.” The letter comes nearly three years after an initial IG report found that Customs and Border Protection, the Secret Service and ICE violated federal law through warrantless purchase and use of location data. As part of that 2023 report, the watchdog office said the DHS components did not adhere to established privacy policies, nor did they develop sufficient guardrails before procurement and use. The chief information officer at the Cybersecurity and Infrastructure Security Agency announced his departure Tuesday, ending his nearly five-year run at CISA. Robert Costello, an 18-year veteran of the Department of Homeland Security, posted about the move on LinkedIn.nCostello's tenure had recently grown turbulent, with conflicting accounts of whether the since-departed acting director of CISA, Madhu Gottumukkala, had tried to force him out. Costello last week received transfer orders for possible reassignment to another agency. “Serving as CIO at CISA has been one of the greatest privileges of my career,” he said. “Together, we strengthened our cybersecurity posture, modernized critical systems, and built capabilities that will endure. I am incredibly proud of what we accomplished as a team. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

The high-stakes dispute between Anthropic and the U.S. military led to a sweeping decision Friday by President Donald Trump to remove the AI startup's technology from all federal agencies. Already, several agencies are taking action. The General Services Administration, Department of State, and Department of Health and Human Services immediately indicated in public statements, comments, or internal emails that they were moving to boot Anthropic. The fallout is sure to continue as agencies untangle the Claude maker from their workflows. The clash centered on the Defense Department wanting Anthropic to remove stipulations that limited the military's use of the startup's technology in real-world operations, DefenseScoop previously reported. Anthropic CEO Dario Amodei said in a statement Thursday that the company could not accede to the request “in good conscience. Madhu Gottumukkala is out as acting director of the Cybersecurity and Infrastructure Security Agency, with current agency executive director for cybersecurity Nick Andersen replacing him as the interim leader. News of Gottumukkala's departure breaks one day after CyberScoop reported on widespread dismay with the agency's performance during the first year of the Trump administration, with significant criticism aimed at Gottumukkala's leadership on both sides of the aisle after a number of unflattering stories about his stewardship. “Madhu Gottumukkala has done a remarkable job in a thankless task of helping reform CISA back to its core statutory mission,” a Department of Homeland Security official told CyberScoop Thursday. “He tackled the woke, weaponized, and bloated bureaucracy that existed at CISA, wrangling contracts to save American taxpayer dollars.” Gottumukkala, served as chief information officer under then-South Dakota Gov. Kristi Noem, now secretary of DHS, before he was picked as deputy director of the agency. Sean Plankey's nomination to serve as full-time director of CISA has stalled, leaving Gottumukkala as the acting director in his place. Gottumukkala will take on a new role at DHS, as director of strategic implementation. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

In this week's Security Sprint, Dave and Andy covered the following topics:Open:• Ransomware Reinvented: AI-Powered and Autonomous Attacks — Gate 15 — 26 Feb 2026o Across party lines and industry, the verdict is the same: CISA is in trouble “We're asking states to do a job they're not resourced to do, while weakening the one federal agency designed to help them,” said Errol Weiss, chief security officer at the Health-ISAC, adding that “this is precisely where you do need a strong, centralized federal security function” and that “we already have a national shortage of cybersecurity experts, and you can't just replicate that expertise 50 times over.” Overall, Weiss said industry partners have felt the lack of outreach from the agency and are experiencing “fewer touchpoints, fewer briefings, fewer problem-solving calls,” which contributes to “a growing perception that CISA is being hollowed out where it matters most to industry: stakeholder engagement, collaborative forums, and operational support during incidents.” o Gottumukkala out, Andersen in as acting CISA director o States feel the squeeze of CISA shutdown Main Topics:Operation Epic Fury & Related: • Department of Homeland Security warns of potential attacks amid Iran operation • Peace Through Strength: President Trump Launches Operation Epic Fury to Crush Iranian Regime, End Nuclear Threat The White House• U.S. Forces Launch Operation Epic Fury U.S. Central Command• Israel performs largest cyberattack in history against Iran • X Is Drowning in Disinformation Following US and Israeli Attack on Iran • Potential Iran Nexus: Texas gunman wore "Property of Allah" hoodie during attack, had photos of Iranian leaders at home, sources say Cyber Threat Reports• CrowdStrike 2026 Global Threat Report: The Evasive Adversary Wields AI• Speed Wins When Identity Fails: 2026 Annual Threat Report • Total Ransomware Payments Stagnate for Second Consecutive Year, While Attacks Escalate • Quarterly Threat Report: Fourth Quarter, 2025 • IBM X-Force reports 44% surge in exploitation of public-facing applications as supply chain and identity attacks intensify 2026 Cost of Insider Risks Global Report — DTEX Systems and Ponemon Institute —The 2026 Cost of Insider Risks Global Report from Ponemon Institute and DTEX estimates that insider security incidents now cost organizations an average of 19.5 million United States dollars per year, driven mostly by negligent employees in complex digital environments. The study finds that companies with mature insider risk management programs avoid seven incidents and save about 8.2 million dollars annually, while cutting average time to contain from 86 days in 2023 to 67 days as budgets for insider programs nearly double. Researchers highlight the impact of shadow artificial intelligence, reporting that negligent insiders now account for 10.3 million dollars in average costs and that more than nine out of ten respondents say generative artificial intelligence has changed how staff access and share information, even though only a small share have formally integrated artificial intelligence into business strategies. Quick Hits:• AccuWeather's 2026 Severe Weather Forecast: What Business Leaders Need to Know About Severe Weather Risk

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

Cyberwar shadows the US Israel attack on Iran. Hackers hijack Pakistani news broadcasts. President Trump orders all federal agencies to stop using AI technology from Anthropic. The Health Care Cybersecurity and Resiliency Act clears a hurdle. A new RAT streamlines double extortion attacks against Windows systems. CISA updates warnings on a zero-day targeting Ivanti Connect Secure devices. A North Korea-linked group targets air-gapped systems. Monday business breakdown. On our Afternoon Cyber Tea segment from Microsoft Security, host Ann Johnson speaks with Rob Suárez, Vice President and Chief Information Security Officer at CareFirst BlueCross BlueShield, about cybersecurity in healthcare. Tim Starks from CyberScoop has the latest goings on at CISA. Microsoft says the slop stops here.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Tim Starks from CyberScoop as he is discussing ongoing challenges at CISA. If you are interested in this topic, you can learn more here. Afternoon Cyber Tea On our Afternoon Cyber Tea segment from Microsoft Security, host Ann Johnson speaks with Rob Suárez, Vice President and Chief Information Security Officer at CareFirst BlueCross BlueShield, about cybersecurity in healthcare. You can hear the full conversation here, and catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. Selected Reading US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates (SecurityWeek) Western Cybersecurity Experts Brace for Iranian Reprisal (BankInfo Security) Pakistan's Top News Channels Hacked and Hijacked With Anti-Military Messages (Hackread) Anthropic confirms Claude is down in a worldwide outage (Bleeping Computer) Trump Orders Government to Stop Using Anthropic After Pentagon Standoff (New York Times) OpenAI Will Deploy AI in US Military Classified Networks (GovInfo Security) Senate Health Cyber Bill Clears Committee Hurdle (GovInfo Security) Double whammy: Steaelite RAT bundles data theft, ransomware (The Register) CISA warns that RESURGE malware can be dormant on Ivanti devices (Bleeping Computer) North Korean APT Targets Air-Gapped Systems in Recent Campaign (SecurityWeek) Astelia secures $35 million in combined seed and Series A funding. (N2K Pro Business Briefing) Microsoft gets tired of “Microslop,” bans the word on its Discord, then locks the server after backlash (Windows Latest) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

The acting director of the Cybersecurity and Infrastructure Security Agency for the past 10 months is out. Madhu Gottu-mukkala was transferred to another position at the Department of Homeland Security last week. His departure comes amid deep uncertainty at the cyber defense agency. For more, Federal News Network's Justin Doubleday joins me.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

LLMs can deanonymize internet users based on their comments, CISA gets a new acting director, hackers steal 15 million records from the French Ministry of Health, and Google takes down an ad fraud botnet. Show notes Risky Bulletin: LLMs can deanonymize internet users based on their past comments

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

CISA's acting director exits. Trump's pick to lead the NSA hits Senate headwinds. The Pentagon pressures Anthropic over AI guardrails. A new WiFi attack sidesteps encryption. CISA flags flaws in EV chargers. Juniper patches a critical router bug. ManoMano discloses a massive breach. Europol cracks down on The Com. Greece delivers verdicts in Predatorgate. An alleged carding kingpin lands in U.S. custody. Jeff Williams, Founder of OWASP and Co-Founder/CTO of Contrast Security, shares how NIST is rethinking its role in analyzing software vulnerabilities as EU launches GCVE. Meta's mischievous monocles meet their match.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we have Jeff Williams, Founder of OWASP and Co-Founder/CTO of Contrast Security, sharing how NIST is rethinking its role in analyzing software vulnerabilities as EU launches GCVE. If you enjoyed this conversation, you can hear the full interview over on the Caveat podcast. Selected Reading Gottumukkala out, Andersen in as acting CISA director (CyberScoop) Senator seeks to block Trump's NSA pick, citing civil liberties concerns (The Washington Post) Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline (SecurityWeek) New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises (Ars Technica) Critical Vulnerabilities in SWITCH EV Charging Platform Allow Station Impersonation (Beyond Machines) Juniper Networks PTX Routers Affected by Critical Vulnerability (SecurityWeek) 38 Million Allegedly Impacted by ManoMano Data Breach (SecurityWeek) ‘Project Compass' Cracks Down on ‘The Com': 30 Members Arrested (Infosecurity Magazine) Greek court sentences Predator spyware gang (POLITICO) Chilean Carding Shop Operator Extradited to US (SecurityWeek) This App Warns You if Someone Is Wearing Smart Glasses Nearby  (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The episode's central development is the ongoing dispute between the U.S. Department of Defense and Anthropic regarding Pentagon demands for unrestricted access to Claude, Anthropic's AI model. According to Dave Sobel, the Pentagon has threatened to sever ties or invoke the Defense Production Act if the company does not comply, seeking capabilities that Anthropic argues may be illegal—specifically mass surveillance without warrants and autonomous weapons systems without human control. This move exposes Managed Service Providers (MSPs) serving defense contractors to unpredictable legal, operational, and compliance risks embedded in their AI workflows. The analysis highlights that a commercial AI provider's acceptable use policy now intersects directly with national security policy, and even partial vendor compliance can trigger regulatory or legal instability for dependent organizations. For MSPs, this means that building service offerings on AI infrastructures without clear fallback strategies or documented policy change clauses can lead to unmanageable risk and liability in the event of provider or legal regime shifts. Dave Sobel stresses that failing to address policy volatility as part of a managed service amounts to underwriting geopolitical risk without compensation. Other notable developments include the passage of the Small Business Artificial Intelligence Advancement Act, federal cybersecurity resource contraction as CISA operates with 38% staffing after layoffs, and heightened uncertainty around cloud infrastructure due to Microsoft's Azure Local “air-gapped” offering not wholly mitigating U.S. CLOUD Act exposure. Vendor news covered new AI-powered compliance features from Compliance Scorecard (version 10) and Beachhead Solutions (ComplianceEZ 2.0), Apple's accelerated retirement of Rosetta 2 translation technology, a Microsoft 365 Copilot DLP change, and continued fallout from VMware's acquisition by Broadcom, which has led to ongoing cost and trust challenges for cloud and infrastructure partners. The episode's clear implications for MSPs and IT providers are operational. Service catalogs and statements of work should actively address AI provider liability, dependency exit planning, and degraded federal cybersecurity support. Without scheduled and documented compatibility and risk reviews, MSPs absorb hidden exposure into their margins. Vendor stability can no longer be assumed, and proactive policy, renewal intelligence, and transparent advisory sessions are now required to avoid unplanned liability, budget crises, and damaged client trust. Four things to know today 00:00 Pentagon Threatens Anthropic Over Claude Access, Demands Autonomous Weapons Use 04:31 CISA Cuts, Azure Sovereignty Push Signal End of Federal MSP Safety Net 06:56 AI Compliance Tools Flood Market as MSPs Face Validation Gap 09:54 86% of Firms Cutting VMware Ties as Broadcom Renewal Costs Loom   This is the Business of Tech.    Supported by: Small Biz Thoughts Community

There is a question that sounds almost embarrassingly simple. After a vulnerability is discovered in a piece of widely used software — something like Log4Shell, which shook the security world and left hundreds of thousands of organizations exposed overnight — the question organizations scrambled to answer was this: where is this code, and what does it touch? Most couldn't answer it. Not the Fortune 500 companies. Not the government agencies. Not the critical infrastructure operators. Not the hospitals or the banks or the utilities. They had built and bought mountains of software over years and decades, and when the moment came to understand what was actually inside it, they were effectively blind. That gap is exactly what Daniel Bardenstein set out to close when he co-founded Manifest Cyber in 2023. And in a conversation on ITSPmagazine's Brand Highlight series, he made a case for technology transparency that is hard to argue with — not because it's technically complex, but because the analogy he draws is so strikingly obvious once you hear it. "If you want to buy a house, you get to go inside the house, do the home inspection," he said. "You want to buy food from the grocery store — you can look at the ingredients. Even our clothes tell you what they're made of, how to care for them, and where they're from." But software? The technology running hospital MRI machines, weapon systems, financial infrastructure, water delivery? No transparency required. No ingredient label. No inspection rights. Just trust. That trust, as Log4Shell demonstrated, is a vulnerability in itself. Bardenstein came to this problem with credentials that few founders in the space can claim. Before starting Manifest, he spent four and a half years in the US government leading large-scale cyber programs and serving as technology strategy lead at CISA — the Cybersecurity and Infrastructure Security Agency. He saw firsthand how defenders are perpetually at a disadvantage, operating without the basic visibility they need to do their jobs. His mission became building the tools to change that. The problem, he's quick to point out, has not improved in the years since Log4Shell. Software supply chain attacks have multiplied — XZ Utils, NPM Polyfill, and others following the same pattern: trusted software becomes the attack vector, and it spreads fast. Meanwhile, most security teams are still operating with SCA tools that generate noisy, overwhelming alerts and vendor risk programs built on Excel spreadsheets and questionnaires rather than actual empirical data about the security of what they're buying. "Security teams have a false sense of security," Bardenstein said. The gap between what organizations think they know and what they actually know about their software supply chains remains dangerously wide. Manifest Cyber addresses this across the full lifecycle. For organizations that build software, the platform maps every open source dependency, assesses it for risk, and ensures developers can write more secure code without losing velocity. For organizations that buy software — which is everyone — it finds risks before procurement, then continuously monitors every third party component so that when something breaks, they know the blast radius in seconds, not weeks. The timing matters. Regulation is catching up to the problem. The EU AI Act, the Cyber Resilience Act, and a growing body of global policy are beginning to demand exactly the kind of software supply chain transparency that Manifest is built to provide. Organizations that wait to build this capability will find themselves scrambling to comply — those that build it in now will have it as a competitive advantage. The ingredient label for software has always been missing. Manifest Cyber is writing it. ________________________________________________________________ Marco Ciappelli interviews Daniel Bardenstein, CEO & Co-Founder of Manifest Cyber, for ITSPmagazine's Brand Highlight series. HOST Marco Ciappelli — Co-Founder & CMO, ITSPmagazine | Journalist, Writer & Branding Advisor

How real-time security transforms ERP systems in a cloud-driven world, spotting threats instantly, leveraging AI for proactive defense, and closing common blind spots before breaches escalate. Curious about staying ahead of cyber risks?=====Mohammed Moidheen, SAP security architect at Infosys, unpacks why real-time monitoring is vital amid 2,200 daily cyber attacks costing trillions annually. He highlights blind spots like unmonitored access vulnerabilities, ignored audit logs, unsecured APIs, privileged accounts, insider threats, and poor event correlation in S/4HANA Cloud setups. AI evolves detection with predictive intelligence, automated responses, natural language queries, and cross-system pattern spotting, shifting from reactive to proactive security. Real-world cases show systems halting unusual data downloads and insider data exfiltration in minutes. Advice includes aligning with governance, prioritizing crown jewels, setting baselines, training teams, and correlating data. Infosys aids via assessments and foundational builds.Listen now and rethink what ERP can do for your organization!⁠⁠⁠⁠Download Episode Transcript⁠⁠⁠⁠Useful Links: ⁠SAP Cloud ERP⁠Infosys.comFollow Us on Social Media!SAP S/4HANA Cloud ERP: LinkedIn=====Guest: Mohammed Khan Moidheen, SAP Security Architect at Infosys ConsultingMohammed Khan Moidheen is a Senior SAP Security architect with over 12 years of experience securing and operating large scale SAP landscapes across global enterprises. His expertise spans SAP S/4HANA security, ERP platform services, DevSecOps enablement, and designing audit ready security architectures aligned with frameworks such as ISO 27001, NIST, and GDPR.Mohammed is CISSP and CISA certified and I excel at translating complex security requirements into actionable strategies that are practical , strategically aligned and strengthen organisational resilience.Host 1: Richard Howells, SAPRichard Howells has been working in the Supply Chain Management and Manufacturing space for over 30 years. He is responsible for driving the thought leadership and awareness of SAP's ERP, Finance, and Supply Chain solutions and is an active writer, podcaster, and thought leader on the topics of supply chain, Industry 4.0, digitization, and sustainability.Follow Richard Howell on ⁠⁠⁠⁠LinkedIn⁠⁠⁠⁠ and ⁠⁠⁠⁠X⁠⁠⁠⁠Host 2: Oyku Ilgar, SAPOyku Ilgar is a marketer and thought leader specializing in SAP's digital supply chain and ERP solutions since 2017. As a marketer, blogger, and podcaster, she creates engaging content that highlights innovative SAP technologies and explores key topics including business trends, AI, Industry 4.0, and sustainability.She holds dual bachelor's degrees in Finance & Accounting and English Translation, along with a master's degree in Business Administration and Foreign Trade, specializing in marketing. With her background in digital transformation, Oyku communicates technology trends and industry insights to help professionals navigate the evolving business landscape.Oyku's ⁠LinkedIn⁠ and ⁠SAP Community⁠=====Key Topics: real-time security, ERP monitoring, cloud threats, SAP S/4HANA, access management, audit logs, AI threat detection, insider threats, privileged accounts, predictive intelligence

Today on Joe Oltmann Untamed, we're ripping the lid off the stolen-election machine that never stops running. CISA's own report admitting Georgia's 2020 voting machines and tabulators had serious issues, issues they've known about for years but never fixed. We tie it straight to Tina Peters, who's still rotting in a Colorado prison 505 days later because she dared to demand transparency. Her bond was just denied again, and the system keeps punishing the people who try to protect our votes while the real criminals walk free.We also expose the ugly underbelly of the political class. Kash Patel's off partying in Italy like it's spring break while Patriots like Tina, Mark Cook, and so many others pay the real price for speaking truth. Meanwhile, the left openly plots firings, arrests, and lawsuits the moment they regain power Susan Rice laid it out plain on camera. And the fallout from living under stolen electionsThis show is a gut punch of reality: stolen elections have consequences, whistleblowers get crushed, and the elites keep partying while the rest of us suffer. From cartel chaos trapping Americans in Mexico to the slow bleed of our republic, we're laying it all bare, no filter, no excuses. Tune in for the raw truth and the fight to take our country back before it's gone for good. You won't walk away the same.

SolarWinds patches four critical remote code execution vulnerabilities. A ransomware attack on Conduant puts the data of over 25 million Americans at risk. RoguePilot enables Github repository takeovers. ZeroDayRat targets Android and iOS devices. North Korea's Lazarus group deploy Medusa ransomware against organizations in the U.S. and the Middle East. Attackers' breakout times drop to under half an hour.  CISA maintains its mission despite staffing challenges. Russian satellites draw fresh scrutiny. Two South Korean teenagers are charged with breaching Seoul's public bike service. Krishna Sai, CTO at SolarWinds, discusses why leaders should focus less on speculating about an AI bubble, and more on how to quantify AI's tangible contributions. The Pope pushes prayerful priests past predictable programs.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Krishna Sai, CTO at SolarWinds, discussing why leaders should focus less on speculating about an AI bubble, and more on how to quantify AI's tangible contributions. Selected Reading Critical SolarWinds Serv-U flaws offer root access to servers (Bleeping Computer) Massive Conduent Data Breach Exfiltrates 8 TB Affects Over 25 Million Americans (GB Hackers) GitHub Issues Abused in Copilot Attack Leading to Repository Takeover (SecurityWeek) New ZeroDayRAT Malware Claims Full Monitoring of Android and iOS Devices (Hackread) North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East (The Record) CrowdStrike says attackers are moving through networks in under 30 minutes (CyberScoop) Shutdown at D.H.S. Extends to Cyber Agency, Adding to Setbacks (The New York Times) From Cold War interceptors to Ukraine: how Russia came to park spy satellites next to the West's most sensitive tech in orbit (Meduza) Korean cops charge two teens over Seoul bike hire breach (The Register) Pope tells priests to use their brains, not AI, to write homilies (EWTN News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

NIST is falling behind on vulnerability scoring — and the gap is growing. In this episode, Peter and Steph break down what that means for IT and security teams relying on CVE data to prioritize patching, and how Automox is solving it.We cover:Why NIST's National Vulnerability Database has a growing backlog and what's causing itHow incomplete vulnerability data creates blind spots in your patch management programAutomox's new partnership with VulnCheck to deliver real-time vulnerability intelligenceWhat KEV (Known Exploitable Vulnerabilities) data is and why your leadership team cares about itExpanding from fewer than 10 third-party apps to 70% coverage across 500+ supported applicationsThe rollout plan from third-party apps to macOS, Windows, and LinuxWhether you're running a mature vulnerability management program or just getting started, this episode lays out how the vulnerability data landscape is shifting and what you can do to stay ahead of real-world threats.

In this week's Security Sprint, Dave and Andy covered the following topics:Opening:• Tribal-ISAC and WaterISAC events!• Check out our newest webpage and our new blog post, kicking off this new Gate 15 blog series!• AI Threat Landscape: Fact vs. Fiction As We Start 2026• AI Threats Resilience, a new Gate 15 service page outlines a suite of AI threat informed workshops and tabletop exercises designed to help organizations understand AI driven risks, clarify ownership of AI exposure and rehearse response to AI enabled incidents. • TLP: CLEAR – WaterISAC Top Actions to Enhance Your Utility's Cybersecurity • (TLP:CLEAR) WaterISAC – TOP ACTIONS to Enhance Your Utility's Physical Security • Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) – Cybersecurity and Infrastructure Security Agency – 18 Feb 2026: CISA posted an update stating that due to a lapse in DHS appropriations it may be unable to hold scheduled CIRCIA Town Halls and will not conduct meetings during any lapse in appropriations. Main Topics:Cyber Resilience: An Incident Doesn't Have to Be a Crisis Binary Defense, 19 Feb 2026. This blog reframes security operations around limiting business impact instead of chasing security perfection, noting that incidents are inevitable in complex enterprises and that the true differentiator is whether they escalate into crises. • The ENISA Cybersecurity Exercise Methodology ENISA | 16 Feb 2026 & ENISA publishes Cybersecurity Exercise Methodology to guide and standardize EU cybersecurity exercises) • Information Sharing – U.S. Legal and Regulatory Guidance – Health ISAC – 18 Feb 2026• Businesses urged to ‘lock the door' on cyber criminals as new government campaign launches – UK Government, 19 Feb 2026Violence & Extremism • Man Targets DHS Building With Stolen Ambulance In Attempted Arson Attack Source: The Daily Wire, 19 Feb 2026 • Armed man shot and killed after "unauthorized entry" into Mar-a-Lago perimeter, Secret Service says — CBS News, 22 Feb 2026• Mar-a-Lago Gunman Was Reportedly ‘Fixated' on Epstein Files and Believed There Was a Trump Government Cover-Up • USCP Officers Stop & Arrest Man with Loaded Shotgun Outside the U.S. Capitol — United States Capitol Police — 17 Feb 2026• FBI Albany, in Coordination with Nevada and New York Law Enforcement Partners, Investigating Vehicle Ramming at Electrical Substation in Nevada — FBI, 20 Feb 2026Quick Hits:• Launched: 9th Annual Dragos OT Cybersecurity Year in Review Dragos — 17 Feb 2026 • Significant Rise in Ransomware Attacks Targeting Industrial Organizations)• 3 Threat Groups Started Targeting ICS/OT in 2025: Dragos • CISA: Recently patched RoundCube flaws now exploited in attacks — BleepingComputer, 23 Feb 2026• CISA Adds Two Known Exploited Vulnerabilities to Catalog (RoundCube)• Government of Canada Alerts & Advisories: Roundcube security advisory (AV25-309) - Update 1 • CISA: BeyondTrust RCE flaw now exploited in ransomware attacks — Bleeping Computer, 20 Feb 2026 • 90% of Ransomware Incidents Exploit Firewalls • Ransomware Groups Shift Targets Mid-Sized Businesses Enterprise Defenses Harden, Research Shows • Searchlight Cyber Report: Ransomware Groups Claimed Record Number of Victims in 2025 with 30% Annual Increase — Searchlight Cyber — 17 Feb 2026• Securin 2025 Ransomware Report Finds AI Accelerating, Not Replacing, Human-Led Attacks • Record Number of Ransomware Victims and Groups in 2025 • Arctic Wolf Threat Report Highlights 11x Growth in Data Extortion Incidents and Continued Dominance of Ransomware Arctic Wolf | 17 Feb 2026 • 2026 Unit 42 Global Incident Response Report — Attacks Now 4x Faster Palo Alto Networks | 17 Feb 2026 • Blizzard slams Northeast with heavy snow and powerful winds • East Coast Blizzard Halts Travel, Cancels 8,000 Flights • El Nino is brewing: Here's what it means for U.S. weather in 2026

The Institute of Internal Auditors Presents: All Things Internal Audit    In this episode, Scott Madenburg and Sanjay Vadlamani talk trust; and why it's the defining currency of internal audit. From hyper-growth environments to large, mature organizations, they discuss how audit teams can build credibility, and deliver value without slowing the business down. Through real-world use cases; including AI-assisted code reviews, ERP implementations, and building an internal audit function from scratch, they share practical examples of how trust enables earlier insights, stronger controls, and a true seat at the table.   HOST: Scott Madenburg, CIA, CISA, CRMA Founder and President, ARC Hybrid Corporation   GUEST: Sanjay Vadlamani, CIA, CISA, CISM, CRISC Senior Manager, Internal Controls, PayJoy   KEY POINTS: Defining Trust in Internal Audit [00:01:27 – 00:03:17] Holistic Risk and Connected Controls [00:03:55 – 00:07:01] Bridging the Gap Between Audit and Leadership [00:07:15 – 00:10:18] Small vs. Large Organization Trust Challenges [00:11:45 – 00:13:56] High-Growth Tension: Will Audit Slow Us Down? [00:14:14 – 00:16:51] AI-Assisted Code and "Slow Down to Speed Up" [00:17:01 – 00:18:53] Building Trust from Scratch in a Developing Organization [00:19:09 – 00:23:19] Early Insight Through ERP Implementation [00:23:49 – 00:26:02] Rolling Up Sleeves: Creating SOPs and Process Improvements [00:26:25 – 00:28:35] Where Audit Can Undermine Trust [00:29:28 – 00:33:16] Audit Committee Alignment and Expectation Management [00:33:16 – 00:36:44] The Next 6–12 Months: AI Literacy and Critical Thinking [00:37:00 – 00:40:52]   Visit The IIA's website or YouTube channel for related topics and more.   IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Internal Audit Standards Resources: Governance Course: Building Stakeholder Relationships Course: Effective Communication and Conflict Resolution for Internal Auditors GAM 2026   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer

A senior FBI cyber official warns Salt Typhoon remains an ongoing threat. Data protection authorities issue a joint statement raising serious concerns about AI image creation. A Japanese semiconductor equipment maker confirms a ransomware attack. New number formats seek to reduce AI overhead. A low-skilled Russian-speaking threat actor compromised more than 600 Fortinet FortiGate firewalls. Spanish authorities have arrested four alleged members of Anonymous. CISA tags a pair of Roundcube Webmail flaws. Cybersecurity stocks fell sharply on news of a new security feature in Claude AI. Monday business breakdown. Brandon Karpf, friend of the show discussing sovereignty in space and cyber. Digital disruption drains drumsticks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today Dave sits down with Brandon Karpf, friend of the show, and Maria Varmazis, host of T-Minus, as they are discussing sovereignty in space and cyber. Selected Reading FBI: Threats from Salt Typhoon are ‘still very much ongoing' (CyberScoop) Joint Statement on AI-Generated Imagery and the Protection of Privacy (International Enforcement Cooperation Working Group (IEWG)) Japanese chip-testing toolmaker Advantest suffers ransomware attack (Help Net Security) AI's Math Tricks Don't Work for Scientific Computing (IEEE) Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls (Infosecurity Magazine) Suspected Anonymous members cuffed in Spain over DDoS attack (The Register) CISA: Recently patched RoundCube flaws now exploited in attacks (Bleeping Computer) Anthropic Unveils 'Claude Code Security,' Sending Cyber Stocks Lower (Bloomberg) RSAC Innovation Sandbox finalists secure $5 million each. (N2K Pro Business Briefing) Cyber attack takes major chicken processor Hazeldenes offline leaving businesses without meat (ABC News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Send a textWant a clear path from CISSP to top-tier pay without getting lost in buzzwords? We break down five high-income specialties that pair perfectly with CISSP leadership: modern GRC, cloud security as code, AI ethics and governance, advanced identity, and software supply chain security. Along the way, we unpack how AI reasoning tools like Claude Code Security are reshaping AppSec by cutting false positives and detecting logic flaws scanners miss, and we translate that shift into concrete workflows, better guardrails, and faster delivery.We start with the career pivot many leaders are making—moving from generalist security management to “decision architect.” That means pairing risk fluency with hands-on understanding of Terraform, Kubernetes, and CI/CD gates, then proving value through resilient architectures and evidence-driven dashboards for boards. You'll hear why GRC is exploding under new enforcement trends, how to automate continuous evidence to beat audit fatigue, and where vCISO opportunities command premium rates when strategy meets measurable outcomes.From there, we get practical. We walk through cloud guardrails that stop drift before it hits prod, share how to navigate shared responsibility with AWS and Azure, and outline identity-first zero trust that tames API key sprawl and enables passwordless access. On AI, we go deep on shadow AI containment, prompt-injection red teaming, model transparency, and data loss prevention tuned for embeddings—governance that accelerates, not blocks. Finally, we turn to software supply chain security: SBOM mandates, signed artifacts, dependency risk, and the DevSecOps policies that keep pipelines moving while raising assurance.If you're mapping your next move, we also compare salary bands across roles and highlight bridge certifications—CISM for program leadership, AI governance credentials for compliance depth, and CISA for audit rigor—to level up fast. Subscribe, share this with a teammate plotting their niche, and leave a quick review to tell us which specialty you're pursuing next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Cybersecurity advice is everywhere — frameworks, standards, best practices, expert opinions — enough PDFs to last you the rest of the year. But for small and mid-sized businesses, the real question isn't "What guidance exists?" It's "What should we actually do that lowers our chances of having a really bad cyber day?" If you've ever looked at a massive cybersecurity framework and thought, "This feels like studying for a final exam I didn't sign up for," you're not alone. That's where CISA's updated Cybersecurity Performance Goals (Version 2.0) come in. Designed to be practical, prioritized, and actually usable, this streamlined approach may be the clearest cybersecurity foundation SMBs have seen yet. In this episode, we break down what changed, why it matters, and how to use it. More info at HelpMeWithHIPAA.com/548

CISA Orders Emergency Patch for Actively Exploited Dell Flaw; Texas Sues TP-Link; Massive ID Verification Data Leak; SSA Database Leak Allegations Host Jim Love covers four cybersecurity stories:  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst CISA ordered federal civilian agencies to patch an actively exploited critical Dell RecoverPoint for Virtual Machines vulnerability (CVE-2026-2769) within three days, citing hard-coded credentials that allow unauthenticated root access and links to a China-aligned threat cluster; Texas Attorney General filed suit against TP-Link alleging deceptive security and origin claims and risks tied to Chinese state-linked threats, while TP-Link denies the allegations and says it operates independently, stores U.S. user data on AWS, and bases core operations in the U.S.; researchers found an unsecured MongoDB database tied to AI-powered identity verification provider ID Merit exposing nearly 1 billion records with sensitive personal data, attributed to misconfiguration rather than compromise of the AI systems; and a MarketWatch report describes whistleblower Chuck Borges alleging SSA master data was copied to a cloud environment without oversight, contrasted by the Social Security Commissioner stating the core Numident database remained secure, with Love noting no confirmed public evidence but expressing concern about the implications if such foundational data were compromised. 00:00 Sponsor Message: Meter's Full-Stack Networking 00:19 Headlines: Dell Exploit, TP-Link Lawsuit, Massive Data Leak, SSA Claims 00:45 Urgent Patch Order: Actively Exploited Dell RecoverPoint CVE 02:19 Texas Sues TP-Link Over Router Security & China-Ties Allegations 03:31 AI Identity Verification Leak: Nearly 1 Billion Records Exposed 05:07 Did SSA Data Leak? Whistleblower vs. Official Denial 06:54 Host Take: What If the "Foundational" Database Was Compromised? 07:37 Wrap-Up + Sponsor Thanks and Where to Book a Demo

CISA orders urgent patch of Dell flaw Android malware uses Gemini to navigate infected devices Half of all cyberattacks start in the browser, says Palo Alto Networks Get the full show notes here: https://cisoseries.com/cybersecurity-news-cisas-dell-order-android-ai-malware-browsers-as-weak-link/ Huge thanks to our sponsor, Conveyor Most of what Conveyor automates is boring. Like really boring. Security questionnaires. Customer requests for things like your SOC 2. All of their follow-up questions. Answering tickets from your sales team. You know what's not boring? Alteryx using Conveyor to support over half a billion dollars in enterprise deals with a small 4 person team. All they did was set up an AI trust center and use Conveyor's AI agent to complete questionnaires. Learn more at conveyor.com.  

Starkiller represents a significant escalation in phishing infrastructure. A blockchain lender breach affects nearly a million users. The Kimwolf botnet disrupts a peer-to-peer privacy network. Researchers identifiy vulnerabilities in widely used Visual Studio Code extensions. DEF CON bans three men named in the Epstein files. Texas sues TP-Link over supply chain security. Experts question the impact of cyber versus kinetic damage in Venezuela. African law enforcement arrest hundreds of suspected scammers. Tim Starks from CyberScoop explains CISA's upcoming town hall meetings over ICS reporting rules. Warsaw walls off Wi-Fi-wired wheels.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Tim Starks from CyberScoop discussing “CISA to host industry feedback sessions on cyber incident reporting regulation.” Selected Reading Starkiller: New ‘Commercial-Grade' Phishing Kit Bypasses MFA (Infosecurity Magazine) Nearly 1 Million User Records Compromised in Figure Data Breach (SecurityWeek) Kimwolf Botnet Swamps Anonymity Network I2P (Krebs on Security) Flaws in Popular IDE Extensions Allow Data Exfiltration (Infosecurity Magazine) DEF CON bans three Epstein-linked men from future events (The Register) Texas sues TP-Link over Chinese hacking risks, user deception (Bleeping Computer) The Caracas operation suggests cyber was part of the plan – just not the whole operation (CyberScoop) Police arrests 651 suspects in African cybercrime crackdown (Bleeping Computer) Nigerian man gets eight years in prison for hacking tax firms (Bleeping Computer) Poland bans camera-packing cars made in China from military bases (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A newly uncovered state-backed espionage group has compromised 70 organizations across 37 countries in a single year — and they were scanning infrastructure in 155 more. In this episode of Hacking News, we break down Palo Alto Unit 42's Shadow Campaigns investigation, a CVSS 9.9 pre-authentication RCE in BeyondTrust's remote access tools, a state-sponsored Signal phishing campaign targeting European politicians and military officials without using a single line of malware, CISA's aggressive new directive ordering federal agencies to rip out end-of-life edge devices, and an Everest ransomware claim against Iron Mountain that turned out to be far less than advertised. Whether you're a cybersecurity professional, IT admin, or just someone who wants to stay informed about the threats facing our digital world — this episode has critical takeaways you can act on today.

On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They cover: Palo Alto threat researchers want to attribute to China, but management says shush An increasing proportion of ransomware is data extortion. Is this good? Cambodia says it's going to dismantle scam compounds CISA sufferers through yet another shutdown Google Gemini's training secrets are being systematically harvested to improve other LLMs Academics assess SaaS password managers' resilience against a malicious server This episode is sponsored by SSO-firewall integration vendor Knocknoc. Chief exec Adam Pointon joins to talk about the latest in defences… which is to say Knocknoc for Solaris/Sparc and HPUX on PA-RISC?! Okay also that other little known OS… Windows. This episode is also available on Youtube. Show notes Data-only extortion grows as ransomware gangs seek better profits | Cybersecurity Dive Arctic Wolf Threat Report 2026 Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say Risky Bulletin: Cambodia promises to dismantle scam networks by April - Risky Business Media Age of the ‘scam state': how an illicit, multibillion-dollar industry has taken root in south-east Asia | Cybercrime | The Guardian Critical flaw in BeyondTrust Remote Support sees early signs of exploitation | Cybersecurity Dive CISA Navigates DHS Shutdown With Reduced Staff - SecurityWeek Kimwolf Botnet Swamps Anonymity Network I2P – Krebs on Security BADIIS to the Bone: New Insights to a Global SEO Poisoning Campaign — Elastic Security Labs Over 500,000 VKontakte accounts hijacked through malicious Chrome extensions | The Record from Recorded Future News Password managers' promise that they can't see your vaults isn't always true - Ars Technica Zero Knowledge (About) Encryption: A Comparative Security Analysis of Three Cloud-based Password Managers Google finds state-sponsored hackers use AI at 'all stages' of attack cycle | CyberScoop Google: Gemini hit with 100,000+ prompts in cloning attempt Proofpoint acquires Acuvity to tackle the security risks of agentic AI | CyberScoop Cisco Redefines Security for the Agentic Era with AI Defense Expansion and AI-Aware SASE Sophos Acquires Arco Cyber to Bring CISO-Level, Agentic AI-Powered Expertise to Every Organization Dave Kennedy on X: "Regarding this, there was a couple questions on does the pacemaker continue to advertise - most BLE implantable devices go into a sleep type mode. In this case, we are lucky - it does not. We know based on law enforcement answers that she is using a more modern pacemaker with" / X Clash Report on X: "BIG: Dutch Defence Minister Gijs Tuinman hints that software independence is possible for F-35 jets. He literally said you can “jailbreak” an F-35. When asked if Europe can modify it without US approval: “That's not the point… we'll see whether the Americans will show https://t.co/f11cGvtYsO" / X Dutch police arrest man who refused to delete confidential files shared by mistake | The Record from Recorded Future News

The government shutdown leaves CISA at reduced capacity. Ransomware and misconfigured AI threaten cyber-physical infrastructure. Operation DoppelBrand targets Fortune 500 financial and technology firms. Researchers uncover infostealers targeting OpenClaw AI. Identity-based attacks accounted for nearly two-thirds of initial intrusions last year. Researchers compromise popular cloud-based password managers. Authorities have arrested a man suspected of links to Phobos ransomware. Monday business breakdown. On Threat Vector, host David Moulton talks with Steve Elovitz about the 750 major breaches his team analyzed in a single year. Digital detour delivers a Dutchman to detention. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector On today's Threat Vector segment, David Moulton is joined by Steve Elovitz from Unit 42's North America consulting and incident response practice. After analyzing 750+ major breaches in a single year, he's seen exactly which security investments save companies and which ones fail when attackers strike. You can hear David and Steve's full conversation on Thursday's episode of Threat Vector and listen to new episodes each Thursday on your favorite podcast app. Selected Reading CISA Navigates DHS Shutdown With Reduced Staff (SecurityWeek) Significant Rise in Ransomware Attacks Targeting Industrial Operations (Infosecurity Magazine) A Misconfigured AI Could Trigger Infrastructure Collapse (BankInfo Security) Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft (Infosecurity Magazine) Infostealer malware found stealing OpenClaw secrets for first time (Bleeping Computer) Unit 42: Nearly two-thirds of breaches now start with identity abuse (CyberScoop) Password Managers Vulnerable to Vault Compromise Under Malicious Server (SecurityWeek) Poland arrests suspect linked to Phobos ransomware operation (Bleeping Computer) Vega raises $120 million in a Series B round led by existing investor Accel (N2K Pro Business Briefing) Dutch police arrest man who refused to delete confidential files shared by mistake (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's Security Sprint, Dave and Andy covered the following topics:Opening:• TribalHub 6th Annual Cybersecurity Summit, 17–20 Feb 2026, Jacksonville, Florida• IT-ISAC, Food & Ag ISAC Ransomware Reports!• Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Rulemaking; Town Hall Meetings • What to Know About the Homeland Security Shutdown New York Times 15 Feb 2026Main Topics:South Korea blames Coupang data breach on management failure, not sophisticated attack – Reuters – 10 Feb 2026. “'It's more of a management problem than an advanced attack,' Choi Woo-hyuk, deputy minister for cyber security and network policy, told a press conference, citing lax oversight of authentication systems.” South Korean authorities released findings on a massive Coupang data leak, concluding that a former engineer exploited known authentication weaknesses and a retained signing key to access customer accounts for months, exposing personal data on about 33.7 million users. AI Threats & Mitigation• GTIG AI Threat Tracker: Distillation, Experimentation, and Continued Integration of AI for Adversarial Use — Google Cloud Blog — 12 Feb 2026. Google Threat Intelligence Group describes observed adversary use of AI across multiple phases of the attack lifecycle and highlights rising model extraction and distillation activity. • What CISOs need to know about ClawDBot, I mean MoltBot, I mean OpenClaw CSO Online — 16 Feb 2026. The article outlines enterprise risk considerations around OpenClaw and similar autonomous agent tooling that can execute actions on behalf of users with broad system access. It includes the warning that “The problem with running this is that these tools can do basically anything that a user can do,” says Rich Mogull, chief analyst at Cloud Security Alliance. Awareness of Preoperational Surveillance Tactics Associated With Terrorism Offers Opportunities — Joint Counterterrorism Assessment Team First Responder's Toolbox, ODNI — 13 Feb 2026. CISA's 2025 Year in Review: Driving Security and Resilience Across Critical Infrastructure. Notable highlights include: • Strengthened Collective Defense: Published more than 1,600 products and triaged 30,000+ incidents through CISA's 24/7 Operations Center – keeping critical systems secure. • Blocked Malicious Activity at Scale: Stopped 2.62 billion malicious connections on federal civilian networks and 371 million within critical infrastructure. • Enhanced Preparedness Nationwide: Led 148 cyber and physical security exercises with 10,000+ participants, helping partners refine emergency plans and boost local and national resilience. • Following Executive Order 14305, “Restoring American Airspace Sovereignty,” CISA published the Be Air Aware™ suite of security guides in November to help organization detect, respond to, and safely manage Unmanned Aircraft System Threats. Quick Hits:• Improving your response to vulnerability management — NCSC, 10 Feb 2026• Guidance to Assist Non-Federal Entities to Share Cyber Threat Indicators and Defensive Measures with Federal Entities under the Cybersecurity Information Sharing Act of 2015 – CISA – 03 Feb 2026• CISA Helps Johnny Secure Operational Technology: New Guidance Addresses Cyber Risks from Legacy Protocols. CISA released the guidance Barriers to Secure OT Communication: Why Johnny Can't Authenticate. • Poland energy sector cyber incident highlights OT and ICS security gaps • CISA Updates BRICKSTORM Backdoor Malware Analysis Report• Blended Threats: Axios Future of Cybersecurity – Axios – 10 Feb 2026• A Defector Explains the Remote-Work Scam Helping North Korea Pay for Nukes Wall Street Journal 16 Feb 2026• Hacktivism today: what three years of research reveal about its transformation • Pakistan mosque attack highlights worsening militant threat

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: CISA's Matthew Rogers on Secure OT Protocol CommunicationPub date: 2026-02-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMatthew Rogers, ICS Cybersecurity Lead at the Cybersecurity Infrastructure and Security Agency (CISA) joins the Nexus Podcast to discuss new guidance published by the agency to help manufacturers and asset owners move toward more secure OT communication protocols. Legacy protocols that contain little to no basic security capabilities are still prevalent in OT environments today. Rogers explains the risk and why manufacturers should begin their journey away from proprietary protocols and toward open standards. According to CISA's guidance, operators want authentication and integrity capabilities to protect process data, but need to understand the value and business impact of doing so. Download CISA's guidance here. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Matthew Rogers, ICS Cybersecurity Lead at the Cybersecurity Infrastructure and Security Agency (CISA) joins the Nexus Podcast to discuss new guidance published by the agency to help manufacturers and asset owners move toward more secure OT communication protocols. Legacy protocols that contain little to no basic security capabilities are still prevalent in OT environments today. Rogers explains the risk and why manufacturers should begin their journey away from proprietary protocols and toward open standards. According to CISA's guidance, operators want authentication and integrity capabilities to protect process data, but need to understand the value and business impact of doing so. Download CISA's guidance here. Subscribe and listen to the Nexus Podcast here. 

Global leaders call for collaboration at the Munich Cyber Security Conference. Phishing campaigns exploit fake video conference invitations. Italian authorities say cyber attacks on the Winter Olympics have met overall mitigation. AI reshapes the economics of ransomware attacks. CISA tags a critical Microsoft Configuration Manager vulnerability. Foxveil is a new malware loader targeting legitimate platforms. Researchers examine macOS infostealers. California fines Disney $2.75 million for violating the Consumer Privacy Act. Maria Varmazis, host of T-Minus space daily and CyberWire Producer Liz Stokes preview their coverage of the NATO Cyber Coalition 2025 Cyber Exercise in Tallinn, Estonia. When pull requests get personal. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Maria Varmazis, host of T-Minus space daily and CyberWire Producer Liz Stokes as they share  their coverage of the NATO Cyber Coalition 2025 Cyber Exercise in Tallinn, Estonia. Selected Reading US wants cyber partnerships to send ‘coordinated, strategic message' to adversaries (The Record)  Europe must adapt to ‘permanent' cyber and hybrid threats, Sweden warns (The Record)  Attackers Weaponize Signed RMM Tools via Zoom, Meet, & Teams Lures (Netskope) Winter Olympics 2026: Hacktivism Surges Ahead of Protests and Suspected Sabotage (Intel 471) How AI is and is Not Changing Ransomware (Halcyon) CISA flags critical Microsoft SCCM flaw as exploited in attacks (Bleeping Computer) Foxveil malware loader abuses Discord, Cloudflare, Netlify for staging (SC Media) AMOS infostealer targets macOS through a popular AI app (Bleeping Computer) California fines Disney $2.75 million for data privacy violations (The Record) An AI Agent Published a Hit Piece on Me (The Shamblog) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Hackers abuse Gemini AI for all attack stages, says Google Apple patches decade-old possibly exploited iOS zero-day Acting CISA chief critiques potential DHS funding lapse Get the show notes here: https://cisoseries.com/cybersecurity-news-hackers-abuse-gemini-apple-patches-ancient-bug-cisa-criticizes-shutdown/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

Malicious Chrome extensions pose as AI tools. Google says nation-states are increasingly abusing its Gemini artificial intelligence tool.  Data extortion group World Leaks deploys a new malware tool called RustyRocket. An Atlanta healthcare provider data breach affects over 625,000. Apple patches an iOS zero-day that's been around since version 1.0. A government shutdown would furlough more than half of CISA's staff. Dutch police arrest the alleged seller of the JokerOTP phishing automation service. Our guest is Simon Horswell, Senior Fraud Specialist at Entrust, discussing evolving romance scams for Valentine's Day. Fun with filters provides fuel for phishers.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Simon Horswell, Senior Fraud Specialist at Entrust, discussing evolving romance scams for Valentine's Day. If you enjoyed this conversation, tune into Hacking Humans to hear the full interview. Selected Reading Fake AI Chrome extensions with 300K users steal credentials, emails (Bleeping Computer) Nation-state hackers ramping up use of Gemini for target reconnaissance, malware coding, Google says (The Record) World Leaks Ransomware Adds Custom Malware ‘RustyRocket' to Attacks (Infosecurity Magazine) ApolloMD Data Breach Impacts 626,000 Individuals (SecurityWeek) Apple patches decade-old iOS zero-day exploited in the wild (The Register) CISA: DHS Funding Lapse Would Sideline Federal Cyber Staff (Gov Infosecurity) CISA Shares Lessons Learned from an Incident Response Engagement (CISA.gov) Police arrest seller of JokerOTP MFA passcode capturing tool (Bleeping Computer) What Can the AI Work Caricature Trend Teach Us About the Risks of Shadow AI? (Fortra) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Mid-market organizations are transitioning from pilot projects to operationalizing generative AI and agentic workflows, according to a TechEYE article and Tech Isle survey cited by Dave Sobel. This shift centers on outcome-driven automation but exposes providers to new liability concerns, mainly due to fragmented, unreliable data and shadow AI usage—employees employing unauthorized tools outside official controls. The primary risk is that MSPs may be blamed for incidents where contract boundaries and technical controls do not cover browser-based generative AI use, making forensic evidence and documented enforcement essential for defending accountability. Supporting data from Tech Isle found that over 5,000 companies are pursuing structured approaches to AI-enabled growth, but face persistent issues in data trust, governance, and user fatigue. Additionally, European investment in sovereign cloud infrastructure is projected to triple between 2025 and 2027, driven by regulatory demands and concerns about U.S. data sovereignty. MSPs managing split architectures—sovereign providers for regulated data and hyperscalers for everything else—encounter API mismatches, operational complexity, and margin pressure. The recommendation is to standardize policy enforcement, identity management, and residency mapping while prioritizing audit-ready reporting and exception handling. AI-driven cyberattacks have increased, with reports from Level Blue and Check Point Research highlighting a surge in both attack volume and sophistication. Only 53% of CISOs feel prepared for AI threats, despite 45% expecting to be impacted within a year. Browser-based generative AI use introduces visibility gaps, raising the risk of negligence claims when service providers cannot demonstrate governance or forensic readiness. Reauthorization of the Cybersecurity Information Sharing Act (CISA) underscores that voluntary data sharing is inadequate, with CIRCA now requiring mandatory 72-hour incident reporting for critical infrastructure. The key takeaways for MSPs and IT leaders are to proactively define AI coverage and governance in contracts, enforce acceptable use policies, and instrument monitoring to close visibility gaps. Providers who can deliver forensic-grade telemetry, managed compliance programs, and operational readiness for incident reporting will be better positioned to defend against penalties, retain higher-value accounts, and offer meaningful differentiation. These structural challenges—fragmented control planes, increased compliance costs, and permanent risk friction—necessitate a strategic shift toward governance-led service models.Three things to know today00:00 Midmarket Shifts to Agentic AI as Europe Triples Sovereign Cloud Spending by 202706:08 Most Security Chiefs Say They're Not Ready for AI-Powered Cyberattacks Coming This Year09:46 CISA 2015 Reauthorized Through 2026; CIRCIA Mandates Expose Voluntary Sharing Failure This is the Business of Tech.   Supported by:  TimeZest  IT Service Provider University

From EU fines that never get paid to cyber warfare grounding missiles mid-battle, this week's episode uncovers the untold stories and real-world consequences shaping today's digital defenses. How is the EU's GDPR fine collection going. Western democracies are getting serious about offensive cybercrime. The powerful cyber component of the Midnight Hammer operation. Signs of psychological dependence upon OpenAI's GPT-4o chatbot. CISA orders government agencies to unplug end-of-support devices. How to keep Windows from annoying us after an upgrade. What is OpenClaw, how safe is it to use, what does it mean. Another listener uses AI to completely code an app. Coinbase suffers another insider breach. What can be done Show Notes - https://www.grc.com/sn/SN-1064-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security hoxhunt.com/securitynow trustedtech.team/securitynowCSS guardsquare.com

From EU fines that never get paid to cyber warfare grounding missiles mid-battle, this week's episode uncovers the untold stories and real-world consequences shaping today's digital defenses. How is the EU's GDPR fine collection going. Western democracies are getting serious about offensive cybercrime. The powerful cyber component of the Midnight Hammer operation. Signs of psychological dependence upon OpenAI's GPT-4o chatbot. CISA orders government agencies to unplug end-of-support devices. How to keep Windows from annoying us after an upgrade. What is OpenClaw, how safe is it to use, what does it mean. Another listener uses AI to completely code an app. Coinbase suffers another insider breach. What can be done Show Notes - https://www.grc.com/sn/SN-1064-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security hoxhunt.com/securitynow trustedtech.team/securitynowCSS guardsquare.com

From EU fines that never get paid to cyber warfare grounding missiles mid-battle, this week's episode uncovers the untold stories and real-world consequences shaping today's digital defenses. How is the EU's GDPR fine collection going. Western democracies are getting serious about offensive cybercrime. The powerful cyber component of the Midnight Hammer operation. Signs of psychological dependence upon OpenAI's GPT-4o chatbot. CISA orders government agencies to unplug end-of-support devices. How to keep Windows from annoying us after an upgrade. What is OpenClaw, how safe is it to use, what does it mean. Another listener uses AI to completely code an app. Coinbase suffers another insider breach. What can be done Show Notes - https://www.grc.com/sn/SN-1064-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security hoxhunt.com/securitynow trustedtech.team/securitynowCSS guardsquare.com

From EU fines that never get paid to cyber warfare grounding missiles mid-battle, this week's episode uncovers the untold stories and real-world consequences shaping today's digital defenses. How is the EU's GDPR fine collection going. Western democracies are getting serious about offensive cybercrime. The powerful cyber component of the Midnight Hammer operation. Signs of psychological dependence upon OpenAI's GPT-4o chatbot. CISA orders government agencies to unplug end-of-support devices. How to keep Windows from annoying us after an upgrade. What is OpenClaw, how safe is it to use, what does it mean. Another listener uses AI to completely code an app. Coinbase suffers another insider breach. What can be done Show Notes - https://www.grc.com/sn/SN-1064-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security hoxhunt.com/securitynow trustedtech.team/securitynowCSS guardsquare.com

From EU fines that never get paid to cyber warfare grounding missiles mid-battle, this week's episode uncovers the untold stories and real-world consequences shaping today's digital defenses. How is the EU's GDPR fine collection going. Western democracies are getting serious about offensive cybercrime. The powerful cyber component of the Midnight Hammer operation. Signs of psychological dependence upon OpenAI's GPT-4o chatbot. CISA orders government agencies to unplug end-of-support devices. How to keep Windows from annoying us after an upgrade. What is OpenClaw, how safe is it to use, what does it mean. Another listener uses AI to completely code an app. Coinbase suffers another insider breach. What can be done Show Notes - https://www.grc.com/sn/SN-1064-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security hoxhunt.com/securitynow trustedtech.team/securitynowCSS guardsquare.com

From EU fines that never get paid to cyber warfare grounding missiles mid-battle, this week's episode uncovers the untold stories and real-world consequences shaping today's digital defenses. How is the EU's GDPR fine collection going. Western democracies are getting serious about offensive cybercrime. The powerful cyber component of the Midnight Hammer operation. Signs of psychological dependence upon OpenAI's GPT-4o chatbot. CISA orders government agencies to unplug end-of-support devices. How to keep Windows from annoying us after an upgrade. What is OpenClaw, how safe is it to use, what does it mean. Another listener uses AI to completely code an app. Coinbase suffers another insider breach. What can be done Show Notes - https://www.grc.com/sn/SN-1064-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security hoxhunt.com/securitynow trustedtech.team/securitynowCSS guardsquare.com

U.S. Immigration and Customs Enforcement's top official rejected claims from lawmakers Tuesday that the Department of Homeland Security component is building a database for protesters. The alleged detractor database has been referenced in several reports by think tanks, letters to DHS officials from lawmakers and in interviews with border czar Tom Homan. During Tuesday's House Homeland Security Committee hearing, Rep. Lou Correa, D-Calif., cited a well-circulated clip of an ICE agent in Portland, Maine, telling a person videotaping that she would be added to a “nice little database.” “I can't speak for that individual,” said Todd Lyons, who serves as acting director of ICE. “But I can assure you that there is no database that's tracking United States citizens.” Despite Lyons' pushback on the database claims, skepticism is persistent as stakeholders point to reports to the contrary. FedScoop reached out to DHS for clarification. Tricia McLaughlin, the agency's assistant security for public affairs, reaffirmed that there is no database of domestic terrorists run by DHS. “We do of course monitor and investigate and refer all threats, assaults and obstruction of our officers to the appropriate law enforcement,” McLaughlin said in an email. “Obstructing and assaulting law enforcement is a felony and a federal crime.” A recent attempt at a destructive cyberattack on Poland's power grid has prompted the Cybersecurity and Infrastructure Security Agency to publish a warning for U.S. critical infrastructure owners and operators. Tuesday's alert follows a Jan. 30 report from Poland's Computer Emergency Response Team concluded the December attack overlapped significantly with infrastructure used by a Russian government-linked hacking group, and that it targeted 30 wind and photovoltaic farms, among others. CISA said its warning was meant to “amplify” that Polish report. In particular, CISA said the attack highlighted the threats to operational technology and industrial control systems, most commonly used in the energy and manufacturing sectors. And CISA's alert continues a recent agency focus on securing edge devices like routers or firewalls, after a binding operational directive last week to federal agencies to strip unsupported products from their systems. “The malicious cyber activity highlights the need for critical infrastructure entities with vulnerable edge devices to act now to strengthen their cybersecurity posture against cyber threat activities targeting OT and ICS,” the alert reads. CISA urged owners and operators to review the Polish report, as well as security guidance from other U.S. agencies. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

CISA cracks down on aging edge devices. Congress looks to sure up energy sector security. DHS facial recognition software may fall short. Romania's national oil pipeline operator suffers a cyberattack. The European Commission may fine TikTok for being addictive. DKnife is a China-linked threat actor operating a long-running adversary-in-the-middle framework. Researchers say OpenClaw is being abused at scale. Our guest is Mike Carr, Field CTO at Xona, talking about how Italy should be thinking about protecting the 2026 Winter Olympics. A BASE jumper attempts a daring AI alibi. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Mike Carr, Field CTO at Xona, talking about how Italy should be thinking about protecting the 2026 Winter Olympics. Selected Reading CISA: Remove EOL edge kit before cybercriminals strike (The Register) 5 Bills to Boost Energy Sector Cyber Defenses Clear House Panel (SecurityWeek) ICE and CBP's Face-Recognition App Can't Actually Verify Who People Are (WIRED) Romania's oil pipeline operator confirms cyberattack as hackers claim data theft (The Record)  Flickr discloses potential data breach exposing users' names, emails (Bleeping Computer) 17% of 3rd-Party Add-Ons for OpenClaw Used in Crypto Theft and macOS Malware (Hackread) EU says TikTok faces large fine over "addictive design" (Bleeping Computer) 'DKnife' Implant Used by Chinese Threat Actor for Adversary-in-the-Middle Attacks (SecurityWeek) All gas, no brakes: Time to come to AI church (Talos Intelligence)  Man who videotaped himself BASE jumping in Yosemite arrested, federal officials say. He says it was AI (LA Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The White House preps a major overhaul of U.S. cybersecurity policy. A key Commerce security office loses staff as regulatory guardrails weaken. Lawmakers Press AT&T and Verizon after months of silence on Salt Typhoon. A vulnerability in the React Native Metro development server is under active exploitation. Amaranth Dragon leverages a WinRAR flaw. A coordinated reconnaissance campaign targets Citrix NetScaler infrastructure. CISA warns a SolarWinds Web Help Desk flaw is under active exploitation. Zach Edwards, Senior Threat Researcher at Silent Push, is discussing a hole in the kill chain leaving law enforcement empty-handed. Cops in Northern Ireland get an unwanted data breach encore.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Zach Edwards, Senior Threat Researcher at Silent Push, discussing a hole in the kill chain leaving law enforcement empty-handed. You can read more from Zach's team here. Selected Reading White House Cyber Director Charts New Course for Digital Defense Through Private Sector Partnership (Web Pro News) Another Misstep in U.S.-China Tech Security Policy (Lawfare) Cantwell claims telecoms blocked release of Salt Typhoon report (Cyberscoop) Hackers exploit critical React Native Metro bug to breach dev systems (Bleeping Computer) New Amaranth Dragon cyberespionage group exploits WinRAR flaw (Bleeping Computer) Wave of Citrix NetScaler scans use thousands of residential proxies (Bleeping Computer) Fresh SolarWinds Vulnerability Exploited in Attacks (SecurityWeek) ‘It defies belief': Names of PSNI officers published on court website in new breach (Belfast Telegraph) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices