Podcasts about cisa

DarkSword targets iPhones for indiscriminate exploitation. Cybercrime and the Iran war. The FBI confirms purchasing commercially available location data. The DHS secretary nominee gets grilled on CISA funding. A Zimbra Collaboration Suite vulnerability is being used in targeted espionage. A new Android malware targets sensitive data stored in user notes. AWS warns of ongoing Interlock ransomware activity. Tracking pixels grab more than they should. Perry Carpenter and Mason Amadeus from The FAIK Files podcast speak with Hany Farid about the real-world harms of synthetic media. Do Boomers balance breaches better?  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Perry Carpenter and Mason Amadeus, hosts of The FAIK Files podcast, speaking with Hany Farid about the real-world harms of synthetic media. Last week, the FAIK Files team sat down with Hany Farid -- digital forensics expert, professor at UC Berkeley, and co-founder of Get Real Security ( getrealsecurity.com ) -- to discuss deepfakes, authenticity metadata (C2PA), and forensic deepfake detection approaches. And here's a link to the youtube video:  https://www.youtube.com/watch?v=RSpmRb2O7Xc Selected Reading Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild (WIRED) Cybercrime has skyrocketed 245% since the start of the Iran war (The Register) CISA official says agency has not seen uptick in cyber threats amid Iran war (The Record) FBI is buying data that can be used to track people, Patel says (POLITICO) DHS nominee Mullin pressed on restoring CISA staffing (The Record) CISA Adds Exploited Zimbra Collaboration Suite Flaw to Warning List (GB Hackers) Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency (The Record) New ‘Perseus' Android malware checks user notes for secrets (Bleeping Computer) AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January (Infosecurity Magazine) The Collection of Commercial Intelligence: TikTok & Meta Ad Pixels (Jscrambler) Forget Millennials: why those over 65 are the real cyber security pros (The Senior) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The salient point of this morning's briefing revolves around the critical updates related to cybersecurity vulnerabilities that necessitate immediate attention from emergency managers. Specifically, the recently released CISA's Kev Catalog highlights two newly listed exploited vulnerabilities: Microsoft SharePoint CVE 2263, with a remediation deadline of March 20, and Zimbra Collaboration Suite CVE 22566376, due by April 1. It is imperative that organizations actively monitor these additions, prioritize patch mitigation for Internet-facing collaboration platforms, and validate compensating controls in situations where patching may be delayed. Additionally, we address the security alert issued by the US embassy for Iran, urging organizations with personnel in the region to ensure their communication plans are up-to-date. Lastly, updates from various states include ongoing wildfire responses in Nebraska and a public health advisory regarding a measles outbreak in Nevada, emphasizing the necessity for vaccination and infection control measures.Takeaways:* On March 18, 2026, CISA released updates regarding newly identified vulnerabilities requiring immediate remediation.* Emergency managers must prioritize patching of collaboration platforms to enhance cybersecurity measures effectively.* Organizations with personnel in Iran should maintain updated communication plans and ensure travel safety measures are in place.* The Nebraska Governor's Office is actively addressing the impacts of wildfires through community engagement and assessments.* A public health advisory in Nevada emphasizes the importance of vigilance regarding measles outbreaks and vaccination efforts.* All other states reported no significant updates, indicating a period of relative stability in emergency management activities.SourcesCISA / KEVCISA KEV data (released 2026-03-18) — SharePoint CVE-2026-20963 & Zimbra CVE-2025-66376 added; due dates listedTravel / SecurityU.S. Embassy Iran — Security Alert: Iran (March 18, 2026 update)NebraskaNebraska Governor — March 18 update: Tour Cottonwood Fire & visit Brady community (acreage/containment noted)AP — Nebraska wildfire fight continues; scale/containment contextNevadaSouthern Nevada Health District — Public Health Advisory 03/18/2026: Measles outbreaks update (vigilance & vaccination) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe

Meta quietly ditches encryption for Instagram chats while TikTok also backpedals on privacy, shaking up assumptions about how much big tech really values your secrets. Meanwhile, Steve Gibson reveals why CISA's free government security scans are an absolute must for businesses—plus what he learned when GRC took the plunge. The Security Now "Caption That Photo" contest. A mega social media company says "no" to strong encryption. WhatsApp to give parents more control, Consumer bandwidth proxying is becoming a big deal. Meta buys the Moltbook duo. The EU gives up and settles upon the status quo. When a ransomware negotiation is not what it seems. CISA compels federal agencies to submit their logs. Is that a VPN in your pocket or something more malicious. Be careful what you download, thinking it's AI. A super-clever and super-simple A/V scanner bypass. Will AI write code for me? Another listener discovers the Joy of AI. Steve's CISA Internet scanning experience Show Notes - https://www.grc.com/sn/SN-1070-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT material.security canary.tools/twit - use code: TWIT adaptivesecurity.com meter.com/securitynow

Iran's cyber ops stay resilient. U.S. lawmakers press Big Tech on EU rules. Researchers expose a Fancy Bear server. Japan moves toward offensive cyber. CISA calls for cross-agency teamwork. New malware targets network infrastructure. AI fooled by font-based attacks. Schneider Electric warns of critical flaws. Quantum cryptography earns top honors. Guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. Smart glasses on the witness stand. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, guest Bradon Rogers, Chief Customer Officer at Island, discusses making AI browsers safe for enterprises. You can dig into the details of what Bradon discussed in Gartner's “Cybersecurity Must Block AI Browsers for Now.” You can hear the full interview here. Selected Reading U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued (Forbes) US committee demands Big Tech share private comms with EU officials (POLITICO) FancyBear Exposed: Major OPSEC Blunder Inside Russian Espionage Ops (Ctrl-Alt-Intel) Japan to allow ‘proactive cyber-defense' from October 1st (The Register) CISA official advises agencies not to get too hung up on who takes lead in critical infrastructure sectors (CyberScoop) New Malware Highlights Increased Systematic Targeting of Network Infrastructure (Eclypsium) Poisoned Typeface: How Simple Font Rendering Poisons Every AI Assistant, And Only Microsoft Cares (LayerX) Schneider Electric Patches Critical RCE Vulnerability in SCADAPack RTUs (Beyond Machines) Turing Award Goes to Inventors of Quantum Cryptography (The New York Times) Witness Caught Using Smartglasses in Court Blames it all on ChatGPT (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The primary focus of this podcast episode pertains to the ongoing wildfire incidents in Nebraska, specifically the Cottonwood Fire and Morrell Fire, which are currently 40% and 18% contained, respectively. As we delve into the details, we examine the operational challenges posed by red flag warnings and strong winds, which are anticipated to exacerbate the fire activity and hinder aerial firefighting efforts. Additionally, we discuss the federal assistance being mobilized through FEMA for both the Nebraska and Texas fires, highlighting the critical role of governmental response in managing such disasters. Furthermore, we address the precautionary boil water notice issued in Marion County, Florida, due to a water main break, underscoring the importance of public health communications during emergencies. This episode serves as an essential update on the current state of emergency management efforts and the implications for affected communities.Takeaways:* The Cottonwood Fire has consumed 131,259 acres and is currently 40% contained as of March 17.* The Morrell Fire's extent has reached 572,084 acres with only 18% containment reported on the same date.* A red flag warning has been issued due to forecasted winds reaching approximately 50 miles per hour.* Federal Fire Assistance is being mobilized for the Morrill Cottonwood Fire under FEMA's declaration processes.* A precautionary boil water notice has been enacted in Marion County, Florida, following a water main break.* CISA has updated its catalog of known exploited vulnerabilities, emphasizing active threats for federal agencies.SourcesCISACISA alert — adds one Known Exploited Vulnerability to KEV (published Mar 16, 2026)Known Exploited Vulnerabilities (KEV) Catalog — reference listFEMAFEMA disaster page — Texas Corner Pocket Fire (FM-5625-TX) (posted/updated within last 24h)FEMA disaster page — Nebraska Morrill-cottonwood Fire (FM-5623-NE) (posted/updated within last 24h)FEMA declarations listing — includes Texas Corner Pocket Fire (FM-5625-TX)Nebraska - NEMA — Cottonwood and Morrill Fires Update (March 17, 2026)Florida, Marion County, FL — Precautionary Boil Water Notice for Spruce Creek area (posted Mar 17, 2026 8:46 PM) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe

On this episode host Tom Testa sits down with Nitin Natarajan, former Deputy Director of CISA and current principal at NN Global. Nitin share insights on cybersecurity threats to healthcare systems, particularly nation-state attacks and AI-driven vulnerabilities. He emphasized how healthcare organizations, especially rural hospitals, need to build resilience against sophisticated cyber threats. To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

Europol dismantles the SocksEscort proxy service. Cyber operations highlight imbalance in the war in Iran. Google rushes Chrome zero-day patches. Veeam fixes critical backup flaws. A former incident responder faces ransomware charges. Thomson Reuters staff push back on an ICE contract. Attackers abuse backup tools for data theft. CISA flags a critical n8n vulnerability. Maria Varmazis is joined by Jack R. Bialik, engineer and author, to discuss the hidden risks of a fully-digital society, and talk about his book "In Lost in Time: Our Forgotten and Vanishing Knowledge." A Phony photo fuels a phantom flight fiasco. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest N2K CyberWire's Maria Varmazis is joined by Jack R. Bialik, engineer and author, to discuss the hidden risks of a fully-digital society, and talk about his book "In Lost in Time: Our Forgotten and Vanishing Knowledge." Selected Reading Europol and international partners disrupt ‘SocksEscort' proxy service - Joint operation targeted malicious proxy service exploiting residential routers worldwide (Europol) War in Iran – asymmetry in cyberspace (IISS) Google fixes two new Chrome zero-days exploited in attacks (Bleeping Computer)  Veeam warns of critical flaws exposing backup servers to RCE attacks (Bleeping Computer) Former Employee of Cybersecurity Companies Charged in ALPHV (BlackCat) Ransomware Extortion Case (TechNadu) They Don't Want Their Company's Surveillance Tool Used by ICE (The New York Times) Data Exfiltration and Threat Actor Infrastructure Exposed (Huntress) CISA adds n8n RCE flaw to list of known exploited vulnerabilities (SC Media) Cyber National Mission Force to get new commander amid broader leadership turnover (The Record) AI Used to Promote Non-Existent Evacuation Flights From the Middle East (Bellingcat) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Independent investigative journalism, broadcasting, trouble-making and muckraking with Brad Friedman of BradBlog.com

Independent investigative journalism, broadcasting, trouble-making and muckraking with Brad Friedman of BradBlog.com

Authorities take down a residential proxy service, Iranian hackers wipe the network of a US medical device maker, Apple patches unsupported iOS against Coruna, and CISA asks for Cisco SD-WAN device logs. Show notes Risky Bulletin: Another residential proxy provider falls as authorities continue crackdowns

Iran threatens tech firms as hackers strike Stryker. The EU advances efforts toward digital sovereignty. A foreign hacker stumbles upon the FBI's Epstein files. DOGE used ChatGPT to cull humanities grants. Meta claims increased efforts against scams. A Wisconsin ambulance provider discloses a data breach. CISA shortens the patch deadline for a critical SolarWinds vulnerability. We preview this year's RSAC 2026 Innovation Sandbox with Cecilia Marinier and Paul Kocher. Dangerous digital diets miss the mark.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we share a RSAC 2026 Conference innovation preview with Cecilia Marinier and Innovation Sandbox judge Paul Kocher talking about this year's Top 10 Finalists. Selected Reading Iran-linked hackers claim responsibility for attack on US medical device maker Stryker (Reuters) 'Legitimate targets': Iran issues warning to US tech firms including Google, Amazon, Microsoft, Nvidia (The Times of India) Iranian trolls are flooding social media with pro-Tehran, anti-war propaganda (MS Now) Commission announces €75 million EURO-3C Project to build a federated Telco-Edge-Cloud infrastructure for digital sovereignty (European Commission) Hacker broke into FBI and compromised Epstein files, report says (TechCrunch) When DOGE Unleashed ChatGPT on the Humanities (The New York Times) Meta says it culled millions of scam ads amid accusations that it profits from them (The Record) Bell Ambulance Ransomware Attack Impacts Over 237,000 Individuals (Beyond Machines) CISA Mandates Emergency Patching for SolarWinds Web Help Desk Vulnerabilities (Beyond Machines) AI Chatbots Are Giving Teens Absolutely Terrible Diet Advice, Study Warns (Gizmodo) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Tara breaks down South Carolina's baffling budget increase of 8.75% despite only 1.5% population growth—funding everything from lesbian podcasts to lewd art exhibits, climate research, and corporate subsidies. She also covers the viral pressure on Senator John Thune over the SAFE Act, highlighting how social media activism is exposing lies and holding politicians accountable. From taxpayer-funded pet projects to cyber threats from China and Iran, this episode dives into the chaos in both state and national politics—and why your voice matters. Summary South Carolina Budget Blowout Spending vs. Population: State legislature plans an 8.75% budget increase despite just 1.5% population growth. Taxpayer-Funded Pet Projects: Grants for lesbian podcasts, lewd art exhibits, drag shows, and “inflation-busting” tuition mitigation. Lobbyists on Payroll: Taxpayers fund lobbyists to push agencies for more money every year. Committee Control: Key budget subcommittees for arts, commerce, and healthcare are chaired by Democrats, even under a Republican supermajority, leading to controversial allocations. Freedom Caucus Oversight: Only 17 conservative legislators actively research, amend, and vote against wasteful spending. John Thune & the SAFE Act Viral Accountability: Millions of social media users are exposing Thune's false claims that the SAFE Act lacks sufficient votes. 51 Votes Secured: Despite Thune claiming 60 are needed, at least 51 senators publicly support the bill, enough to pass with the vice president as tie-breaker. Media Debunking: Figures like Dave Rubin are calling out Thune's lies online, reaching audiences larger than the combined mainstream media. Public Pressure Works: Repeated viral posts on X show how grassroots activism forces transparency and accountability in real time. Additional National Issues Pentagon Spending Myths: Viral claims about wasteful spending on lobster and steak for troops are debunked, revealing partisan media misinformation. Cybersecurity Threats: Iran and China pose ongoing cyber threats, while DHS and CISA remain underfunded, hampering national defense and early-warning systems. Tara emphasizes: know where your money goes, hold politicians accountable, and stay vigilant as both state and national politics become increasingly transparent thanks to social media. Key Topics SC state budget & overspending Taxpayer-funded arts, LGBTQ projects, and corporate subsidies Freedom Caucus vs. establishment Republicans John Thune & SAFE Act misrepresentations Viral social media activism & political accountability Pentagon spending myths debunked Cybersecurity threats from China & Iran Social Media Post

Cyberhelden 65 - Luisteraarsvraag: Hoe blijf ik veilig? Je hoeft niet onkwetsbaar te zijn. Je hoeft alleen niet het makkelijkste doelwit te zijn. In deze aflevering gaan Ronald, Marco en Jelle terug naar de basis: wat werkt er écht als je jezelf thuis wil beschermen? Aanleiding is de vraag van een luisteraar én het gratis F-Secure abonnement dat Odido uitdeelde na hun grote datalek. Van wachtwoordmanagers en MFA tot routers, phishing-checks en VPN-mythes: een overzicht van wat de moeite waard is, wat niet, en waarom je Windows Defender waarschijnlijk al genoeg is. Nieuwtjes - ZeroDayClock — exploitatietijdlijn: van 2,3 jaar in 2018 naar 1,6 dag in 2026: https://www.zerodayclock.com - China's Cybercrime Prevention and Control Law (VPN-verbod, realname-registratie, zero-day nationalisering): https://jamestown.org/program/chinas-draft-cyber-crime-prevention-and-control-law/ - VS cyberstrategie 2026: hacking back, AI-agents los, CISA uitgekleed: https://www.whitehouse.gov/national-security/cybersecurity/ Updates en lifecycle •⁠ ⁠Microsoft: Windows 10 end of support (oktober 2025): https://www.microsoft.com/en-us/windows/end-of-support •⁠ ⁠Veiliginternetten.nl — basismaatregelen voor consumenten: https://www.veiliginternetten.nl Wachtwoordmanagers •⁠ ⁠Bitwarden (open source): https://bitwarden.com •⁠ ⁠1Password: https://1password.com •⁠ ⁠Proton Pass (Zwitsers): https://proton.me/pass MFA en hardware tokens •⁠ ⁠YubiKey: https://www.yubico.com •⁠ ⁠Google Advanced Protection Program: https://landing.google.com/advancedprotection/ •⁠ ⁠Ente Auth (open source authenticator): https://ente.io/auth/ •⁠ ⁠2FAS (open source authenticator): https://2fas.com Antivirus •⁠ ⁠Microsoft Defender (ingebouwd in Windows): https://www.microsoft.com/en-us/windows/comprehensive-security •⁠ ⁠Bitdefender (Roemenië): https://www.bitdefender.com •⁠ ⁠ESET (Slowakije): https://www.eset.com •⁠ ⁠G DATA (Duitsland): https://www.gdata.de •⁠ ⁠AV-TEST — onafhankelijke antivirus benchmarks: https://www.av-test.org Phishing herkennen •⁠ ⁠NCSC: "Herken phishing": https://www.ncsc.nl/onderwerpen/phishing •⁠ ⁠HaveIBeenPwned — check of je e-mailadres in een datalek zit: https://haveibeenpwned.com DNS-filtering •⁠ ⁠Quad9 (Zwitserland, geblokkeerde malwaredomeinen): https://www.quad9.net — IP: 9.9.9.9 •⁠ ⁠AdGuard DNS: https://adguard-dns.io •⁠ ⁠NextDNS: https://nextdns.io VPN •⁠ ⁠Proton VPN (Zwitserland, met NetShield): https://protonvpn.com •⁠ ⁠Mullvad VPN (Zweden): https://mullvad.net Browser •⁠ ⁠Vivaldi (Noors, Chromium-gebaseerd): https://vivaldi.com

On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They cover: The Coruna exploits were L3 Harris, but it seems Triangulation… was not! Iran's cyber HQ hit by Israeli (kinetic) strikes Trump's cyber “strategy” is … well, all we've got is jokes cause there's no serious content NSA and CyberCom finally get a leader after Lt Gen Joshua Rudd gets Senate nod DOGE (remember them?!) employee walked a social security database out on a USB stick This episode is sponsored by open source cloud security scanner Prowler. Creator and CEO Toni de la Fuente talks to Pat about some of the enterprise features Prowler is growing, while remaining true to its open source roots. This episode is also available on Youtube. Show notes Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript GitHub - matteyeux/coruna: deobfuscated JS and blobs US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine APT36: A Nightmare of Vibeware State-linked actors targeted US networks in lead-up to Iran war Iranian cyber warfare HQ allegedly hit by Israel Last 2 names of 6 US soldiers who died in Kuwait attack identified by the Pentagon Signal, WhatsApp users face Russian phishing push, Dutch warn Samuel Bendett on X: "Russian military told it couldn't use Telegram messaging app" FBI investigating ‘suspicious' cyber activities on critical surveillance network Risky Bulletin: New White House EO prioritizes fight against scams and cybercrime President Trump's CYBER STRATEGY for America Fact Sheet: President Donald J. Trump Combats Cybercrime, Fraud, and Predatory Schemes Against American Citizens UK plans to shift fraud fight onto telecoms, tech companies Trump to hit Anthropic with executive order to remove "woke" AI Claude Anthropic launches code review tool to check flood of AI-generated code CrowdStrike reports record quarter amid investor concerns about AI impact Critical defect in Java security engine poses serious downstream security risks Gen. Joshua Rudd confirmed as NSA, Cyber Command head Plankey's nomination as CISA director now in jeopardy DOGE employee stole Social Security data and put it on a thumb drive, report says Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel Cel mai mare exportator român de carne, deținătorul brandului Cocorico, a intrat în restructurări, alături de Casa de Insolvență Transilvania

The primary focus of this morning's briefing is the recent advisory issued by CISA concerning vulnerabilities within Honeywell IQ 4X Building Management System Controllers, necessitating prompt action from emergency managers and facility operators to mitigate potential risks. Additionally, the episode discusses a minor seismic event, specifically a magnitude 2.3 earthquake near Sleepy Hollow, New York, which, although not anticipated to cause significant disruption, has nonetheless prompted public inquiries and necessitated an effective communication strategy. We further examine FEMA's recent expansion of public assistance eligibility in Tennessee following the impacts of Winter Storm Fern, highlighting the operational significance for local governments and relevant stakeholders. Our discourse aims to ensure that all involved parties remain informed and equipped to respond adequately to current developments. As we delve into these critical updates, we emphasize the importance of situational awareness and the coordination of public information dissemination.Takeaways:* The CISA has issued an advisory regarding vulnerabilities in Honeywell IQ 4X Building Management System Controllers, necessitating immediate attention from operational technology teams.* Recent seismic activity has been recorded in Sleepy Hollow, New York, prompting public inquiries despite the minor magnitude of the earthquake.* Tennessee's Emergency Management Agency has confirmed that FEMA has expanded public assistance eligibility due to impacts from Winter Storm Fern, affecting numerous counties.* Public information coordination is essential for responding to seismic events, even those with minimal expected impact on infrastructure.* The upcoming IWCE 2026 conference in Las Vegas will focus on critical communications, featuring advancements in LMR and broadband technologies.* It is imperative for local governments to align documentation with FEMA's public assistance requirements following disaster declarations.SponsorICWE https://go.emnmedia.com/IWCE2026SourcesCISA, ICSA-26-069-03 — Honeywell IQ4x BMS Controller (ICS advisory; release date March 10, 2026)USGS Earthquakes USGS event page — M 2.3, 0 km W of Sleepy Hollow, New York (reviewed; March 10, 2026)Tennessee EMA — FEMA expands Public Assistance eligibility for additional counties following Winter Storm Fern (March 10, 2026)New York / Regional context (journalistic, for situational awareness only)ABC News — 2.3 magnitude earthquake recorded near Sleepy Hollow, New York (March 10, 2026) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe

From FBI secret files and political surveillance to Iran's nuclear threat, DHS shutdowns, and the surprising effects of digital media on youth identity—today's America is facing multiple crises at once. We break down what's happening, why it matters, and what you need to know. SUMMARY 1. FBI “Prohibited Access” Files & Political Surveillance Whistleblowers revealed the FBI has been keeping secret files on hundreds of Trump associates, journalists, and political figures with no evidence of crime. Kash Patel discovered a 25-year-old “prohibited access” system hiding these records from oversight, even showing false negatives to congressional inquiries. Targets included Susie Wiles (Trump's chief of staff), Charlie Kirk's organization, campaign advisors, lawyers, and more. Over 1,200 people were surveilled under “special circumstances” between 2018–2024. Legal analysts warn this represents a severe breach of constitutional rights, likened to a domestic secret police system. 2. Iran & Middle East Conflict Iran is reportedly activating sleeper cells abroad, including in the U.S., prompting law enforcement alerts. President Trump confirmed monitoring of these cells is ongoing, but Democrat-led DHS shutdowns are impeding action. U.S. military maintains near-total air superiority over Iran, relying on precision strikes rather than ground troop deployments. Operation “Midnight Hammer” targeted Iranian nuclear facilities, preventing potential nuclear strikes on Israel and U.S. forces. Iran's nuclear ambitions and missile programs were advancing rapidly, requiring decisive action to prevent catastrophic consequences. 3. DHS Shutdown & Domestic Security House Republicans repeatedly passed DHS funding; Democrats blocked it over ICE policy disputes. The shutdown affects TSA, Coast Guard, Secret Service, FEMA, and CISA, creating risks at airports and other critical infrastructure. Criminals, including sex offenders, are slipping through due to bureaucratic gridlock, illustrating the real-life consequences of political impasse. 4. Cultural & Digital Identity Shifts Research shows a dramatic rise in LGBTQ+ identification among Americans aged 18–24, peaking under Joe Biden at ~20%. “Report on Digital Sexuality” links frequent porn consumption to higher rates of bisexual identification: A few times per week: ~19.7% bi Daily: ~23% bi Several times daily: ~27.4% bi Early exposure to porn (average age 11) and social media platforms like X contribute to identity formation, potentially via social contagion effects. These trends raise questions about youth development, brain pathways, and the long-term cultural impact of digital media. 5. Implications Across Society America faces simultaneous crises: foreign threats (Iran), domestic security gaps (DHS shutdown), and cultural shifts (digital media effects). Political gridlock exacerbates vulnerabilities, risking national security and public safety. Military technology and precision operations demonstrate that modern warfare can be conducted effectively with minimal casualties—but timing and strategy are critical. Cultural trends among youth highlight the powerful influence of technology and media on identity, underscoring a need for awareness and dialogue. This episode ties together national security threats, constitutional concerns, military strategy, and societal change—showing how America navigates unprecedented challenges both abroad and at home. SOCIAL MEDIA POST Title: Secret Police, Iran Threats & Youth Digital Identity Crisis Description: FBI files, Iran sleeper cells, DHS shutdowns, and the surprising ways porn and social media are reshaping youth identity—America faces threats on every front. Message: From secret FBI surveillance to Iran's nuclear ambitions, DHS shutdowns, and a digital media-driven identity shift among young Americans, the stakes have never been higher. National security, political gridlock, and cultural upheaval collide in today's Americ ...

From sleeper cell alerts to illegal DHS shutdowns and the latest research linking porn and social media to sexual identity shifts—America is facing threats abroad, bureaucratic failures at home, and cultural upheaval among its youth. We break down the danger, the data, and the debate. SUMMARY 1. Iran & Sleeper Cell Threats Reports indicate Iran is activating sleeper cells abroad, including in the U.S. President Trump confirms authorities are monitoring these threats closely but warns Democrat-led shutdowns of the Department of Homeland Security are hindering operations. Homeland security services affected include TSA, Coast Guard, Secret Service, and CISA, all essential to protecting Americans. Lawmakers, including Hakim Jeffries, are blocking DHS funding over ICE policy disputes, further complicating national security. 2. DHS Shutdown and Domestic Security Risks The shutdown has slowed airport operations, critical infrastructure protection, and law enforcement response. Republicans have passed funding bills repeatedly, yet the impasse continues. Meanwhile, ICE operations against illegal sex offenders have been hampered, allowing dangerous individuals to remain at large. High-profile cases, like Jose Martel Arria in North Carolina, highlight the real-world dangers of bureaucratic gridlock. 3. Military Operations in Iran U.S. military maintains near-total air superiority; special ops forces are favored over large-scale troop deployments. Operation “Midnight Hammer” targeted Iran's nuclear facilities, preventing potential nuclear strikes and protecting Israel and U.S. forces abroad. Advanced tech, including missile defense systems and lasers, plays a critical role in neutralizing threats. The focus remains on dismantling the Iranian military and IRGC capabilities without unnecessary ground troop involvement. 4. Digital Identity & LGBTQ+ Shifts Studies reveal a dramatic rise in LGBTQ+ identification among young Americans aged 18–24, with a peak under Joe Biden's administration reaching ~20%. The “Report on Digital Sexuality” study links higher porn consumption to increased bisexual identification: Few times per week: ~19.7% bi Daily: ~23% bi Multiple times daily: ~27.4% bi Early exposure to porn, starting at age 11 on average, may affect brain development and sexual preferences. Social media platforms, particularly X, amplify identity trends through social contagion, influencing how young Americans explore and identify sexually. 5. Implications Across Society America faces simultaneous challenges: foreign threats, compromised domestic security, and cultural shifts among youth. DHS shutdowns illustrate political gridlock endangering public safety. Military strategy demonstrates reliance on tech and precision to minimize casualties. Digital media may have unforeseen effects on identity formation, raising societal and psychological questions. This episode connects the dots between national security, political dysfunction, and cultural upheaval—revealing how external and internal pressures intersect in shaping modern America. SOCIAL MEDIA POST Title: Sleeper Cells, DHS Shutdown & Porn's Impact on Gen Z Description: From Iran threats to U.S. bureaucratic failures and a rise in youth bisexuality linked to digital exposure, America faces crises at every level. Message: Iran is reportedly activating sleeper cells in the U.S., but DHS shutdowns are leaving the homeland vulnerable. Meanwhile, new studies show early porn exposure and social media influence are reshaping sexual identity among young Americans. Security, politics, and culture collide—how safe and stable is the country? #NationalSecurity #DHSShutdown #IranThreats #DigitalIdentity #PornResearch #LGBTQTrends #GenZ #SocialContagion #ElonMuskX #YouthCulture #HomelandSafety HASHTAGS FOR FIRST COMMENT #SleeperCells #HomelandSecurity #DHSCrisis #OperationMidnightHammer #MilitaryStrategy #AirSuperiority #YouthLGBTQ #PornImpact #EarlyExposure #Ide ...

Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Tube Stations, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-562

In this episode, I am pulling back the curtain on America's cybersecurity strategies. Too often, these strategies are just warm words that never translate into real action. I'm here to reveal why our current cyber policies are more talk than walk, and what needs to change before the next big breach hits. Whether you're a small business owner, government professional, or cybersecurity enthusiast, you'll want to hear the behind-the-scenes truth about why our lofty plans often fall flat in execution—and exactly what it takes to finally bring these policies to life.Join me as I dive into President Trump's recent cybersecurity strategy and expose the gaps between lofty goals and real-world results. You'll discover why repeated national frameworks like Zero Trust and post-quantum cryptography are just bureaucratic RSVPs if they lack enforcement. I'll break down the complex web of federal agencies—like CISA, NSA, and the National Cyber Director—and explain why fragmentation and legal limitations prevent any one agency from truly commanding the nation's cyber defense. Spoiler: there's no centralized authority, no unified command, and no teeth to enforce policies at scale.I'll also break down the six key pillars of America's cyber strategy—shaping adversary behavior, streamlining regulation, modernizing federal networks, securing critical infrastructure, protecting innovation, and building talent—and reveal why, despite their good intentions, most are recycled talking points lacking real follow-through. You'll learn why current federal initiatives are already years behind schedule, and what it really takes to turn strategy into execution—not just more memos, but actual authority, funding, and accountability.This episode underscores a harsh truth: without clear leadership, enforceable standards, and consequences for inaction, America's cyber defenses remain a patchwork of good ideas but poor results. If you're tired of empty policy paper promises and want to understand what must happen for real progress, this is essential listening. Navigate the truth behind the headlines with me and learn how we can finally move from planning to protection—before the next cyber crisis hits.Why listen? Because cybersecurity isn't just a tech issue—it's a national security challenge that depends on authority, accountability, and action. Whether you're a business owner or a policy wonk, get the inside scoop on why much of what's been promised is just talk, and what it really takes to secure the digital frontier.

Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Tube Stations, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-562

If you like what you hear, please subscribe, leave us a review and tell a friend!

Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Tube Stations, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-562

Threat intelligence too often arrives as a steady stream of alerts that don't translate into clear, timely decisions. This episode explores how public-sector intel flows today through channels like CISA, MS-ISAC, and CIS—and why changes in funding and distribution can reshape what organizations actually receive and when. We also imagine an all-in state approach, where states take a bigger role in getting actionable cyber intel to local businesses and organizations. From a higher-ed security leadership lens, we connect student data privacy and regulatory realities to the broader public–private challenge—and highlight community-driven efforts like the Redwood Project that strengthen trust-based, peer-to-peer intelligence sharing. This segment is sponsored by Arctic Wolf. Visit https://cisostoriespodcast.com/arcticwolf to learn more about them! Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-222

Cybersecurity Today Month in Review: Iran Conflict Cyber Spillover, IoT Cameras, AI Hacking Tools, and Resilience Planning In this weekend month-in-review episode, host Jim Love and panelists David Shipley, Laura Payne, Neil Bisson, and Chris "CJ" Johnson discuss cyber and infrastructure impacts tied to the US/Israel–Iran conflict, including reported compromise of traffic camera networks for targeting, Iran's defensive internet shutdown, propaganda via a hacked prayer app, and GPS/AIS spoofing that misdirected ships in the Strait of Hormuz, raising oil and helium supply-chain concerns. They warn of potential Iranian retaliation via DDoS, ransomware, and critical infrastructure attacks (especially water/OT), amplified by insecure IoT and camera vulnerabilities (e.g., Hikvision). The group critiques weakened government cyber capabilities (including CISA turmoil and CVE program risk), highlights AI-enabled attack automation (CyberStrike AI) shrinking time-to-exploit, and stresses practical resilience planning, including protecting AI API keys after an $82,000 billing incident and noting a law-enforcement takedown of LeakBase. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Sponsor Message Meter 00:18 Meet the Panel 01:41 MSPs and Security Assumptions 03:36 War and Cyber Spillover 06:52 Iran Internet Shutdown Explained 08:27 GPS Spoofing in Strait 10:32 Retaliation Risks to West 17:02 IoT Cameras as Targets 18:56 What IT Providers Should Do 22:03 Who Should Worry Most 26:18 Regulation and IoT Standards 28:58 Supply Chain and State Actors 31:36 CISA and CVE Turmoil 35:53 Ring Backlash and Big Tech 37:43 OpenAI Alerts and Privacy 39:25 AI Cultural Blind Spots 40:05 Therapy Duty to Report 41:17 Licensing AI Advice 42:16 Data Centers Under Fire 43:59 Continuity Without Claude 45:05 Power Grid Reality Check 46:47 MSPs and AI Dependence 49:58 Hype Versus Security Markets 51:02 CyberStrike AI Tooling 56:37 Nation State Plausible Deniability 59:58 Exploit Speed and Software Debt 01:03:37 Practical Tips and Wrap Up

Iran's MuddyWater breaches multiple U.S. organizations. The FBI probes a breach of wiretap management systems. A China-linked threat actor targets South American telecoms. Cisco patches critical firewall flaws. CISA flags actively exploited bugs in Hikvision cameras and Rockwell industrial systems. A House committee advances the controversial KIDS online safety bill. The FBI arrests a suspect accused of stealing millions in seized crypto from the U.S. Marshals Service. Ben Yelin and Ethan Cook unpack the dispute between Anthropic and the Pentagon. Wikimedia worm wreaks widespread wiki woes.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we're bringing you a featured conversation from our Caveat podcast, where Ben Yelin sits down with N2K Lead Analyst Ethan Cook to unpack the fallout between the Pentagon and Anthropic, what led to the deal unraveling, and what it means as the government pivots to a similar AI contracting agreement with OpenAI. You can listen to their full conversation here and catch new episodes of Caveat featuring Dave and Ben every Thursday with special appearances by Ethan. Selected Reading Iranian APT Hacked US Airport, Bank, Software Company (SecurityWeek) Tech Giants, Washington Rally for Anthropic in Pentagon Feud (GovInfo Security) FBI investigates breach of surveillance and wiretap systems (Bleeping Computer) Chinese state hackers target telcos with new malware toolkit (Bleeping Computer) Cisco Patches 48 Firewall Vulnerabilities with Two CVSS 10 Flaws (Hackread) CISA Flags Hikvision Camera & Rockwell Logix Vulnerabilities as Actively Exploited (SOCRadar) House panel marks up kids digital safety act amid Democrat backlash (The Record) US contractor's son arrested over alleged $46M crypto theft (The Register) Wikipedia hit by self-propagating JavaScript worm that vandalized pages (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

If you like what you hear, please subscribe, leave us a review and tell a friend!

In this special episode of The Gate 15 Interview, Andy Jabbour speaks with experts from the Information Sharing and Analysis Center (ISAC) community on the ongoing war with Iran, implications for critical infrastructure and how the community is responding, and related conversation. Leaders and experts include:Denise Anderson, President and CEO, Health-ISAC and Chairwoman of the National Council of ISACs (NCI)Michael Ball, CEO, E-ISAC, and SVP NERCJonathan Braley, Director of Threat Intelligence, IT-ISACChuck Egli, Director of Security and Resilience Operations, WaterISACAnna Mentzer-Hernández, Cyber Threat Intelligence Senior Analyst, ONE-ISACIn the discussion the panel covers:What has been happening in information sharing, security and resilience since Operation Epic Fury beganCritical infrastructure resilienceWhat the ISACs have been doing, with members, cross-sectorally, and with government and other partnersWhat we're seeing, not seeing, and would like to see from the U.S. Government and CISA at this timePlaying guitar, baking bread and staying sane and not burning out during crisis and incident responseAnd more, including some encouraging closing thoughtsSelected links:National Council of ISACsE-ISACHealth-ISACIT-ISACONE-ISACWaterISAC

Chris and Hector discuss an AI assisted hacking campaign that compromised more than 600 Fortinet firewalls and what it reveals about persistent security failures. They also cover cyber operations tied to geopolitical conflict, leadership turmoil at CISA, and new research showing how AI can expose supposedly anonymous online identities Join our Patreon for weekly bonus episodes: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

We have had some extremely distinguished guests over the last 6 years, but we haven't secured one who combines, a Rhodes Scholar, US Army Colonel, Counter terrorism expert, leading the US's cyber intelligence defence agency, and a lecturer at Oxford and beyond, whilst also having worked at Morgan Stanley, and now CEO at RSAC. Jen plots a journey from Oxford to Westpoint, from Colonel of the US's first Cyber Battalion to the Whitehouse, working under Condoleezza Rice and then chosen by President Biden to create CISA, The US's first cyber defense agency.In a whirlwind, world-wide tour, Jen plots the risks, defines the adversaries, reflects on intelligence, cooperation, and the real and present cyber risks to industries.She offers advice to boards, the existential risks for businesses who think this is just a “technology issue” and leaves us with a stark observation. If the cost of annual cybercrimes were aggregated into one number, it would be equivalent in GDP terms to being the third largest economy in the world! The Money Maze Podcast is kindly sponsored by Schroders, IFM Investors, World Gold Council and LSEG.Sign up to our Newsletter | Follow us on LinkedIn | Watch on YouTube 

The episode elucidates the ongoing river flood warnings across various regions of the Ohio Valley, as issued by the National Weather Service on March 4, 2026. It is imperative that individuals exercise caution by avoiding travel through inundated roadways to mitigate risks associated with minor to moderate flooding. Additionally, the episode highlights pertinent updates from the Cybersecurity and Infrastructure Security Agency regarding known exploited vulnerabilities, emphasizing the necessity for organizations to prioritize patch mitigation efforts as outlined in a federal update. Furthermore, recent travel advisory revisions from the U.S. State Department are discussed, particularly regarding embassy operations and security conditions in the Middle Eastern and Eastern Mediterranean regions, which may significantly impact mission planning and travel logistics. We conclude with a reminder of the importance of staying informed and prepared during such critical situations.Takeaways:* The National Weather Service has issued several flood warnings in the Ohio Valley, indicating potential minor to moderate flooding.* Recent updates from the CISA highlight the importance of patch mitigation for known vulnerabilities that remain operationally relevant.* The US State Department has provided travel advisories concerning security conditions in the Middle East and Eastern Mediterranean.* Emergency management professionals should remain cognizant of regional flood warnings impacting infrastructure and travel plans.* Indiana and Kentucky have issued flood warnings, with advisories for motorists to avoid flooded roadways and areas.* The discontinuation of boil water advisories indicates improvements in local water systems, particularly in Seminole County.SourcesCISA, CISA adds vulnerabilities to KEV catalog — federal remediation prioritization update (Mar 3, 2026)Travel advisoriesCyprus Travel Advisory — Level 3 / embassy operations & security context (Mar 3, 2026)Bahrain Travel Advisory — updated embassy operations context (Mar 2, 2026)Kuwait Travel Advisory — updated embassy operations context (Mar 2, 2026)Florida - Seminole County Utilities — precautionary boil water advisory discontinued (Mar 4, 2026)Indiana - NWS Indianapolis — warning text product (Flood Warnings; issued Mar 4, 2026)Kentucky - NWS Louisville — Flood Warning text product (issued Mar 4, 2026) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe

A suspected U.S. exploit kit shows up in global iOS attacks. Facebook goes down briefly worldwide. A critical help-desk flaw enables remote code execution. Juniper PTX routers face a major bug. LastPass warns of phishing. Telegram becomes a cybercrime marketplace. Healthcare groups fight relaxed IT rules. A stolen Gemini API key runs up massive bills. CISA's CIO departs. Our guest is Brian Long, CEO and Co-Founder of Adaptive Security, discussing how AI is reshaping social engineering. The problem of posthumous profiles.  CyberWire Guest Today on our Industry Voices segment we are joined by Brian Long, CEO and Co-Founder of Adaptive Security, discussing how AI is reshaping social engineering. If you want to hear the full conversation, listen to it here. Selected Reading Possible U.S.-developed exploits linked to first known ‘mass' iOS attack (CyberScoop) Facebook accounts unavailable in worldwide outage (Bleeping Computer) Critical FreeScout Vulnerability Leads to Full Server Compromise (SecurityWeek) Juniper PTX Routers at Risk, Critical Takeover Flaw Disclosed (BankInfo Security) LastPass Warns of New Phishing Campaign (SecurityWeek) Telegram Increasingly Used to Sell Access, Malware and Stolen Logs Hackread) Groups Push Back on HHS' Proposed Health IT Rollbacks (BankInfo Security) Dev stunned by $82K Gemini API key bill after theft (The Register) CISA CIO Robert Costello exits agency (CyberScoop) Calls for Global Digital Estate Standard as Posthumous Deepfake Fraud Risk Grows (Infosecurity Magazine) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They cover: The US-Israeli attack on Iran had a whole lot of cyber. It's clearly in the playbook now! The NSA Triangulation / L3 Harris Trenchant iOS exploit kit is on the loose, and being used by Chinese crypto scammers So long Maddhu Gottumukkala, but CISA's annus horribilis continues Adam “humbug” Boileau complains about the Airsnitch wifi attack just being three ethernets in a trenchcoat ASD's Cisco SD-WAN threat hunting guide is clearly borne of … experience This week's episode is sponsored by AI threat hunting platform Nebulock. Sydney Marrone joins to talk about how useful AI models are on the hunt, and her work building out an open source framework and maturity model. It's methodology agnostic, so you can adapt it for your environment, and the github link is in the show notes! This episode is also available on Youtube. Show notes Inside the plan to kill Ali Khamenei Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran | TechCrunch Matthew Prince

The MSP market is undergoing a critical shift toward risk management as the central value proposition, with operational accountability now defined by the ability to produce defensible documentation and deliver rapid incident response. According to Dave Sobel, MSPs are no longer primarily offering stack management, but are increasingly brokering risk through cyber warranties, insurance underwriting, incident retainers, and AI governance frameworks. Those unable to support their claims with evidence and formal processes risk becoming mere facilitators for third-party terms and losing control over their margins. Recent developments reinforce this shift. A Splunk report finds that nearly all CISOs now view AI governance and risk management as their responsibility, citing threat actor sophistication as a primary driver. AI is assisting with event triage and data correlation, but verification—especially around AI-generated content—is unreliable, with detection tools struggling against advanced fakes. Insurance mechanisms are becoming productized with prioritized incident response, and legal intelligence is being embedded into MSP workflows. Vendors like N-able, Monjur, SentinelOne, and DocuSign are directly integrating financial, legal, and governance functions into their offerings, fundamentally altering client and vendor relationships. Adjacent stories illustrate volatility in traditional safeguards and the operational reality of adaptive threats. CISA leadership changes indicate instability in public response institutions. AI-powered malware exemplifies the challenge: ESET's PromptSpy uses Gemini to continuously adapt its persistence, outpacing static detection models. Insurance underwriters are increasingly demanding machine-verifiable evidence of controls, using detailed questionnaires to distinguish autonomous AI from marketing claims. The risk is no longer just technical; it is structural. For MSPs and IT leaders, operational posture is now shaped by an ecosystem of embedded warranties, legal terms, governance requirements, and adaptive threats. The ability to document, defend, and productize risk controls becomes a baseline for credibility and insurance eligibility. Failure to build evidence pipelines and clarify vendor-imposed liabilities exposes service providers to compounded risk. The practical implication is a necessity for MSPs to treat governance and detection as measurable, documented capabilities—not assumptions or routine paperwork. Three things to know today: 00:00 CISOs Own Governance, Detectors Lag Fakes, Response Gets Contracted — Accountability Follows 03:14 N-able, SentinelOne, DocuSign Move Risk Management Into the Stack — MSP Terms Follow 05:10 CISOs Want Agentic AI, But Insurers and Adaptive Malware Are Forcing the Timeline 07:32 Why Do We Care?  Supported by:  CometBackUpSmall Biz Thoughts Community

The salient point of this podcast episode revolves around critical updates concerning national security and public health advisories. We provide an overview of newly identified vulnerabilities in the CISA Exploited Vulnerabilities catalog, emphasizing the importance of timely patching and mitigation strategies for federal agencies and critical infrastructure operators. Additionally, we discuss the ongoing security posture changes for U.S. personnel in parts of the Middle East, highlighting the ordered departure of non-emergency government employees from the United Arab Emirates due to escalating threats. Furthermore, we address recent water advisories issued in various states, including precautionary measures for local residents to ensure safe consumption. It is imperative to remain informed and vigilant in light of these developments, as they directly impact community safety and operational readiness.Takeaways:* The IWC 2026 conference is crucial for professionals involved in critical communications.* Critical infrastructure operators must prioritize the newly identified vulnerabilities in the KEV catalog.* A travel advisory has been issued for Kuwait due to the ordered departure of personnel.* Residents of Panama City are advised to boil water following a planned water shutoff.* The situation in the Middle East has led to security alerts for non-emergency US personnel.* Clarendon County has issued a boil water advisory due to a water line repair interruption.SponsorIWCE - https://go.emnmedia.com/IWCE2026CISACISA Alert (Mar 3, 2026) — Adds two exploited vulnerabilities to KEV CatalogCISA — Cybersecurity Advisories feed (shows Mar 3, 2026 alert listing)CISA — Known Exploited Vulnerabilities Catalog (reference list)Travel and SecurityU.S. Mission to the UAE — Security Alert (Mar 3, 2026)OSAC — Travel Advisory: Kuwait (updated Mar 3, 2026)StatesFlorida, City of Panama City — Planned water shut-off & precautionary boil-water notice (Mar 3, 2026)Louisiana, Shreveport Water & Sewerage — Alert Center update (latest update timestamped Mar 3, 2026)South Carolina, Clarendon County, SC — Boil Water Advisory (Mar 3, 2026) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe

More than 70 Democrats in the House and Senate are pushing the Department of Homeland Security's inspector general to open a new investigation into the agency's “warrantless purchases of Americans' location data.” In a letter sent Tuesday, the lawmakers tasked IG Joseph Cuffari with investigating whether Immigration and Customs Enforcement is purchasing illegally obtained location data about Americans, how that data has been used, whether audits of employee access to uncover abuse are occurring and the policies governing data usage. “Location data is extremely sensitive, and can reveal someone's religion, their political views, medical conditions, addictions, and with whom they spend time,” the Democrats said. “It is for that reason that ordinarily, the government must obtain a warrant from a judge in order to demand such data from phone or technology companies.” The letter comes nearly three years after an initial IG report found that Customs and Border Protection, the Secret Service and ICE violated federal law through warrantless purchase and use of location data. As part of that 2023 report, the watchdog office said the DHS components did not adhere to established privacy policies, nor did they develop sufficient guardrails before procurement and use. The chief information officer at the Cybersecurity and Infrastructure Security Agency announced his departure Tuesday, ending his nearly five-year run at CISA. Robert Costello, an 18-year veteran of the Department of Homeland Security, posted about the move on LinkedIn.nCostello's tenure had recently grown turbulent, with conflicting accounts of whether the since-departed acting director of CISA, Madhu Gottumukkala, had tried to force him out. Costello last week received transfer orders for possible reassignment to another agency. “Serving as CIO at CISA has been one of the greatest privileges of my career,” he said. “Together, we strengthened our cybersecurity posture, modernized critical systems, and built capabilities that will endure. I am incredibly proud of what we accomplished as a team. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

The high-stakes dispute between Anthropic and the U.S. military led to a sweeping decision Friday by President Donald Trump to remove the AI startup's technology from all federal agencies. Already, several agencies are taking action. The General Services Administration, Department of State, and Department of Health and Human Services immediately indicated in public statements, comments, or internal emails that they were moving to boot Anthropic. The fallout is sure to continue as agencies untangle the Claude maker from their workflows. The clash centered on the Defense Department wanting Anthropic to remove stipulations that limited the military's use of the startup's technology in real-world operations, DefenseScoop previously reported. Anthropic CEO Dario Amodei said in a statement Thursday that the company could not accede to the request “in good conscience. Madhu Gottumukkala is out as acting director of the Cybersecurity and Infrastructure Security Agency, with current agency executive director for cybersecurity Nick Andersen replacing him as the interim leader. News of Gottumukkala's departure breaks one day after CyberScoop reported on widespread dismay with the agency's performance during the first year of the Trump administration, with significant criticism aimed at Gottumukkala's leadership on both sides of the aisle after a number of unflattering stories about his stewardship. “Madhu Gottumukkala has done a remarkable job in a thankless task of helping reform CISA back to its core statutory mission,” a Department of Homeland Security official told CyberScoop Thursday. “He tackled the woke, weaponized, and bloated bureaucracy that existed at CISA, wrangling contracts to save American taxpayer dollars.” Gottumukkala, served as chief information officer under then-South Dakota Gov. Kristi Noem, now secretary of DHS, before he was picked as deputy director of the agency. Sean Plankey's nomination to serve as full-time director of CISA has stalled, leaving Gottumukkala as the acting director in his place. Gottumukkala will take on a new role at DHS, as director of strategic implementation. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

"I can't think about cybersecurity this week; I'm thinking about 1099s."You're not alone. Many SMBs see the NIST Cybersecurity Framework (CSF) as an overwhelming manual for government contractors, not a local shop or startup. Jen Stone sits down with Daniel Eliot, NIST's lead for small business engagement. We break down the new NIST CSF 2.0 Small Business Quick Start Guide —a "small-chunk" resource designed for under-resourced organizations to move from chaos to a structured program. In this episode:Why having "everyone" responsible means "nobody" is.How to build a "reasonable" security program while managing payroll and daily operations.Why taking security seriously helps you win bigger contracts and scale safely.The exact steps (MFA, patching, backups, and more) that even large orgs get wrong.NIST ResourcesNIST (National Institute of Standards and Technology): https://www.nist.gov/Small Business Cybersecurity Corner: https://www.nist.gov/itl/smallbusinesscyberNIST CSF 2.0 (Cybersecurity Framework): https://www.nist.gov/cyberframeworkSmall Business Quick Start Guide: https://www.nist.gov/publications/nist-cybersecurity-framework-20-small-business-quick-start-guideContact Daniel and his team: smallbizsecurity@nist.govKey Term DefinitionsThe 6 Functions: Govern, Identify, Protect, Detect, Respond, and RecoverMFA: Multi-Factor Authentication—essential for account access. Patching: Updating software to fix security "holes." MSP/MSSP: Local experts you can hire to manage IT security. Timestamps00:00 – Many hats of small business owners00:26 – Daniel Eliot and NIST's Mission02:25 – Exploring the Small Business Cybersecurity Corner03:20 – What is the NIST CSF?04:26 – The Small Business Quick Start Guide for CSF 2.006:52 – How to Identify Your Most Critical Assets09:56 – When to Seek Help: Engaging MSPs and Local Resources10:52 – Defining a "Successful" Cybersecurity Program13:21 – Essential Fundamentals: MFA, Patching, and Backups15:35 – How to Engage Directly with NIST Jen Stone (MCIS, CISSP, CISA, QSA) is a Principal Security Analyst at SecurityMetrics. With 25+ years in IT and 100+ high-level assessments, Jen specializes in making complex compliance actionable for businesses of all sizes. Outside of security, she is an aerial arts enthusiast and motorcycle rider. Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide Get FREE security and compliance training ► https://academy.securitymetrics.com/ Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

In this week's Security Sprint, Dave and Andy covered the following topics:Open:• Ransomware Reinvented: AI-Powered and Autonomous Attacks — Gate 15 — 26 Feb 2026o Across party lines and industry, the verdict is the same: CISA is in trouble “We're asking states to do a job they're not resourced to do, while weakening the one federal agency designed to help them,” said Errol Weiss, chief security officer at the Health-ISAC, adding that “this is precisely where you do need a strong, centralized federal security function” and that “we already have a national shortage of cybersecurity experts, and you can't just replicate that expertise 50 times over.” Overall, Weiss said industry partners have felt the lack of outreach from the agency and are experiencing “fewer touchpoints, fewer briefings, fewer problem-solving calls,” which contributes to “a growing perception that CISA is being hollowed out where it matters most to industry: stakeholder engagement, collaborative forums, and operational support during incidents.” o Gottumukkala out, Andersen in as acting CISA director o States feel the squeeze of CISA shutdown Main Topics:Operation Epic Fury & Related: • Department of Homeland Security warns of potential attacks amid Iran operation • Peace Through Strength: President Trump Launches Operation Epic Fury to Crush Iranian Regime, End Nuclear Threat The White House• U.S. Forces Launch Operation Epic Fury U.S. Central Command• Israel performs largest cyberattack in history against Iran • X Is Drowning in Disinformation Following US and Israeli Attack on Iran • Potential Iran Nexus: Texas gunman wore "Property of Allah" hoodie during attack, had photos of Iranian leaders at home, sources say Cyber Threat Reports• CrowdStrike 2026 Global Threat Report: The Evasive Adversary Wields AI• Speed Wins When Identity Fails: 2026 Annual Threat Report • Total Ransomware Payments Stagnate for Second Consecutive Year, While Attacks Escalate • Quarterly Threat Report: Fourth Quarter, 2025 • IBM X-Force reports 44% surge in exploitation of public-facing applications as supply chain and identity attacks intensify 2026 Cost of Insider Risks Global Report — DTEX Systems and Ponemon Institute —The 2026 Cost of Insider Risks Global Report from Ponemon Institute and DTEX estimates that insider security incidents now cost organizations an average of 19.5 million United States dollars per year, driven mostly by negligent employees in complex digital environments. The study finds that companies with mature insider risk management programs avoid seven incidents and save about 8.2 million dollars annually, while cutting average time to contain from 86 days in 2023 to 67 days as budgets for insider programs nearly double. Researchers highlight the impact of shadow artificial intelligence, reporting that negligent insiders now account for 10.3 million dollars in average costs and that more than nine out of ten respondents say generative artificial intelligence has changed how staff access and share information, even though only a small share have formally integrated artificial intelligence into business strategies. Quick Hits:• AccuWeather's 2026 Severe Weather Forecast: What Business Leaders Need to Know About Severe Weather Risk

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

Cyberwar shadows the US Israel attack on Iran. Hackers hijack Pakistani news broadcasts. President Trump orders all federal agencies to stop using AI technology from Anthropic. The Health Care Cybersecurity and Resiliency Act clears a hurdle. A new RAT streamlines double extortion attacks against Windows systems. CISA updates warnings on a zero-day targeting Ivanti Connect Secure devices. A North Korea-linked group targets air-gapped systems. Monday business breakdown. On our Afternoon Cyber Tea segment from Microsoft Security, host Ann Johnson speaks with Rob Suárez, Vice President and Chief Information Security Officer at CareFirst BlueCross BlueShield, about cybersecurity in healthcare. Tim Starks from CyberScoop has the latest goings on at CISA. Microsoft says the slop stops here.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Tim Starks from CyberScoop as he is discussing ongoing challenges at CISA. If you are interested in this topic, you can learn more here. Afternoon Cyber Tea On our Afternoon Cyber Tea segment from Microsoft Security, host Ann Johnson speaks with Rob Suárez, Vice President and Chief Information Security Officer at CareFirst BlueCross BlueShield, about cybersecurity in healthcare. You can hear the full conversation here, and catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app. Selected Reading US-Israel and Iran Trade Cyberattacks: Pro-West Hacks Cause Disruption as Tehran Retaliates (SecurityWeek) Western Cybersecurity Experts Brace for Iranian Reprisal (BankInfo Security) Pakistan's Top News Channels Hacked and Hijacked With Anti-Military Messages (Hackread) Anthropic confirms Claude is down in a worldwide outage (Bleeping Computer) Trump Orders Government to Stop Using Anthropic After Pentagon Standoff (New York Times) OpenAI Will Deploy AI in US Military Classified Networks (GovInfo Security) Senate Health Cyber Bill Clears Committee Hurdle (GovInfo Security) Double whammy: Steaelite RAT bundles data theft, ransomware (The Register) CISA warns that RESURGE malware can be dormant on Ivanti devices (Bleeping Computer) North Korean APT Targets Air-Gapped Systems in Recent Campaign (SecurityWeek) Astelia secures $35 million in combined seed and Series A funding. (N2K Pro Business Briefing) Microsoft gets tired of “Microslop,” bans the word on its Discord, then locks the server after backlash (Windows Latest) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

OpenClaw AI Agent Hijack, CISA Leadership Shakeup, Iran Cyber Campaign, Air-Gap Malware, and Robot Vacuum Flaw Jim Love covers multiple cybersecurity stories: Oasis Security revealed "ClawJacked," a high-severity OpenClaw AI agent framework flaw caused by missing rate limiting on the local gateway, enabling malicious web pages to brute-force passwords via WebSockets, register a trusted device, and take over agents; OpenClaw patched it within 24 hours and users are urged to update to version 2020 6.2 0.25 and tighten governance for non-human identities. CISA sees a leadership change as acting director Madhu Gottumukkala steps down amid criticism and reports he uploaded sensitive contracting documents to public ChatGPT and canceled key security tool contracts; Nick Anderson becomes acting director. The episode also discusses a coordinated cyber campaign alongside US/Israeli operations against Iran and risks of Iranian retaliation against exposed US critical infrastructure, North Korea's Scarcruft using "Ruby Jumper" to bridge air-gapped networks via USB, and a DJI Romo robot vacuum MQTT flaw that exposed control and camera access across 7,000 devices before being patched. 00:00 Sponsor Message Meter 00:19 Headlines And Intro 00:46 Claw Jacked AI Agents 02:21 CISA Leadership Shakeup 06:02 Cyber Front In Iran War 08:48 North Korea Air Gap Breach 10:06 Robot Vacuum Takeover 13:04 Wrap Up And Thanks

Anthropic's clash with the Pentagon pits tech ethics against government demands, raising explosive questions about AI's role in surveillance and weaponry. If you care about who controls the future of artificial intelligence, this episode is a must-listen. Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight The whole thing was a scam OpenAI allows NSA to use GPT for surveilling Americans Anthropic's Claude hits No. 1 on Apple's top free apps list after Pentagon rejection Layoffs at Block Crypto exchange Gemini plans to lay off up to 200 staff, exit Europe, and Australia Netflix Backs Out of Bid for Warner Bros., Paving Way for Paramount Takeover An update on our model deprecation commitments for Claude Opus 3 Anthropic Keep Android Open Colorado moves age checks from websites to operating systems | Biometric Update Open source calculator firmware DB48X forbids CA/CO use due to age verification New Apple product launch starts Monday, Tim Cook confirms Everything announced at Samsung Unpacked: The Galaxy S26 Ultra, Galaxy Buds 4 and more Here's how the new Samsung Galaxy S26 compares with last year's S25 Hacked Prayer App Sends 'Surrender' Messages to Iranians Amid Israeli and US Strikes The Big One: The cyberattack scenarios that keep officials up at night CISA replaces acting director after a bumbling year on the job New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises Victory! Tenth Circuit Finds Fourth Amendment Doesn't Support Broad Search of Protesters' Devices and Digital Data Enthusiasts used their home computers to search for ET—scientists are homing in on 100 signals they found Americans now listen to podcasts more often than talk radio, study shows | TechCrunch Burger King Will Use AI To Check If Employees Say 'Please' and 'Thank You' Uber Previews Its Dubai Air Taxi Service - Slashdot Rob Grant, creator of Red Dwarf, has died Dan Simmons, author of Hyperion, Song of Kali, dead at 77 Host: Leo Laporte Guests: Molly White, Owen Thomas, and Harry McCracken Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit expressvpn.com/twit canary.tools/twit - use code: TWIT ZipRecruiter.com/twit helixsleep.com/twit

CISA's acting director exits. Trump's pick to lead the NSA hits Senate headwinds. The Pentagon pressures Anthropic over AI guardrails. A new WiFi attack sidesteps encryption. CISA flags flaws in EV chargers. Juniper patches a critical router bug. ManoMano discloses a massive breach. Europol cracks down on The Com. Greece delivers verdicts in Predatorgate. An alleged carding kingpin lands in U.S. custody. Jeff Williams, Founder of OWASP and Co-Founder/CTO of Contrast Security, shares how NIST is rethinking its role in analyzing software vulnerabilities as EU launches GCVE. Meta's mischievous monocles meet their match.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we have Jeff Williams, Founder of OWASP and Co-Founder/CTO of Contrast Security, sharing how NIST is rethinking its role in analyzing software vulnerabilities as EU launches GCVE. If you enjoyed this conversation, you can hear the full interview over on the Caveat podcast. Selected Reading Gottumukkala out, Andersen in as acting CISA director (CyberScoop) Senator seeks to block Trump's NSA pick, citing civil liberties concerns (The Washington Post) Anthropic Refuses to Bend to Pentagon on AI Safeguards as Dispute Nears Deadline (SecurityWeek) New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises (Ars Technica) Critical Vulnerabilities in SWITCH EV Charging Platform Allow Station Impersonation (Beyond Machines) Juniper Networks PTX Routers Affected by Critical Vulnerability (SecurityWeek) 38 Million Allegedly Impacted by ManoMano Data Breach (SecurityWeek) ‘Project Compass' Cracks Down on ‘The Com': 30 Members Arrested (Infosecurity Magazine) Greek court sentences Predator spyware gang (POLITICO) Chilean Carding Shop Operator Extradited to US (SecurityWeek) This App Warns You if Someone Is Wearing Smart Glasses Nearby  (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The episode's central development is the ongoing dispute between the U.S. Department of Defense and Anthropic regarding Pentagon demands for unrestricted access to Claude, Anthropic's AI model. According to Dave Sobel, the Pentagon has threatened to sever ties or invoke the Defense Production Act if the company does not comply, seeking capabilities that Anthropic argues may be illegal—specifically mass surveillance without warrants and autonomous weapons systems without human control. This move exposes Managed Service Providers (MSPs) serving defense contractors to unpredictable legal, operational, and compliance risks embedded in their AI workflows. The analysis highlights that a commercial AI provider's acceptable use policy now intersects directly with national security policy, and even partial vendor compliance can trigger regulatory or legal instability for dependent organizations. For MSPs, this means that building service offerings on AI infrastructures without clear fallback strategies or documented policy change clauses can lead to unmanageable risk and liability in the event of provider or legal regime shifts. Dave Sobel stresses that failing to address policy volatility as part of a managed service amounts to underwriting geopolitical risk without compensation. Other notable developments include the passage of the Small Business Artificial Intelligence Advancement Act, federal cybersecurity resource contraction as CISA operates with 38% staffing after layoffs, and heightened uncertainty around cloud infrastructure due to Microsoft's Azure Local “air-gapped” offering not wholly mitigating U.S. CLOUD Act exposure. Vendor news covered new AI-powered compliance features from Compliance Scorecard (version 10) and Beachhead Solutions (ComplianceEZ 2.0), Apple's accelerated retirement of Rosetta 2 translation technology, a Microsoft 365 Copilot DLP change, and continued fallout from VMware's acquisition by Broadcom, which has led to ongoing cost and trust challenges for cloud and infrastructure partners. The episode's clear implications for MSPs and IT providers are operational. Service catalogs and statements of work should actively address AI provider liability, dependency exit planning, and degraded federal cybersecurity support. Without scheduled and documented compatibility and risk reviews, MSPs absorb hidden exposure into their margins. Vendor stability can no longer be assumed, and proactive policy, renewal intelligence, and transparent advisory sessions are now required to avoid unplanned liability, budget crises, and damaged client trust. Four things to know today 00:00 Pentagon Threatens Anthropic Over Claude Access, Demands Autonomous Weapons Use 04:31 CISA Cuts, Azure Sovereignty Push Signal End of Federal MSP Safety Net 06:56 AI Compliance Tools Flood Market as MSPs Face Validation Gap 09:54 86% of Firms Cutting VMware Ties as Broadcom Renewal Costs Loom   This is the Business of Tech.    Supported by: Small Biz Thoughts Community

Today on Joe Oltmann Untamed, we're ripping the lid off the stolen-election machine that never stops running. CISA's own report admitting Georgia's 2020 voting machines and tabulators had serious issues, issues they've known about for years but never fixed. We tie it straight to Tina Peters, who's still rotting in a Colorado prison 505 days later because she dared to demand transparency. Her bond was just denied again, and the system keeps punishing the people who try to protect our votes while the real criminals walk free.We also expose the ugly underbelly of the political class. Kash Patel's off partying in Italy like it's spring break while Patriots like Tina, Mark Cook, and so many others pay the real price for speaking truth. Meanwhile, the left openly plots firings, arrests, and lawsuits the moment they regain power Susan Rice laid it out plain on camera. And the fallout from living under stolen electionsThis show is a gut punch of reality: stolen elections have consequences, whistleblowers get crushed, and the elites keep partying while the rest of us suffer. From cartel chaos trapping Americans in Mexico to the slow bleed of our republic, we're laying it all bare, no filter, no excuses. Tune in for the raw truth and the fight to take our country back before it's gone for good. You won't walk away the same.

SolarWinds patches four critical remote code execution vulnerabilities. A ransomware attack on Conduant puts the data of over 25 million Americans at risk. RoguePilot enables Github repository takeovers. ZeroDayRat targets Android and iOS devices. North Korea's Lazarus group deploy Medusa ransomware against organizations in the U.S. and the Middle East. Attackers' breakout times drop to under half an hour.  CISA maintains its mission despite staffing challenges. Russian satellites draw fresh scrutiny. Two South Korean teenagers are charged with breaching Seoul's public bike service. Krishna Sai, CTO at SolarWinds, discusses why leaders should focus less on speculating about an AI bubble, and more on how to quantify AI's tangible contributions. The Pope pushes prayerful priests past predictable programs.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Krishna Sai, CTO at SolarWinds, discussing why leaders should focus less on speculating about an AI bubble, and more on how to quantify AI's tangible contributions. Selected Reading Critical SolarWinds Serv-U flaws offer root access to servers (Bleeping Computer) Massive Conduent Data Breach Exfiltrates 8 TB Affects Over 25 Million Americans (GB Hackers) GitHub Issues Abused in Copilot Attack Leading to Repository Takeover (SecurityWeek) New ZeroDayRAT Malware Claims Full Monitoring of Android and iOS Devices (Hackread) North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East (The Record) CrowdStrike says attackers are moving through networks in under 30 minutes (CyberScoop) Shutdown at D.H.S. Extends to Cyber Agency, Adding to Setbacks (The New York Times) From Cold War interceptors to Ukraine: how Russia came to park spy satellites next to the West's most sensitive tech in orbit (Meduza) Korean cops charge two teens over Seoul bike hire breach (The Register) Pope tells priests to use their brains, not AI, to write homilies (EWTN News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.  Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A senior FBI cyber official warns Salt Typhoon remains an ongoing threat. Data protection authorities issue a joint statement raising serious concerns about AI image creation. A Japanese semiconductor equipment maker confirms a ransomware attack. New number formats seek to reduce AI overhead. A low-skilled Russian-speaking threat actor compromised more than 600 Fortinet FortiGate firewalls. Spanish authorities have arrested four alleged members of Anonymous. CISA tags a pair of Roundcube Webmail flaws. Cybersecurity stocks fell sharply on news of a new security feature in Claude AI. Monday business breakdown. Brandon Karpf, friend of the show discussing sovereignty in space and cyber. Digital disruption drains drumsticks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today Dave sits down with Brandon Karpf, friend of the show, and Maria Varmazis, host of T-Minus, as they are discussing sovereignty in space and cyber. Selected Reading FBI: Threats from Salt Typhoon are ‘still very much ongoing' (CyberScoop) Joint Statement on AI-Generated Imagery and the Protection of Privacy (International Enforcement Cooperation Working Group (IEWG)) Japanese chip-testing toolmaker Advantest suffers ransomware attack (Help Net Security) AI's Math Tricks Don't Work for Scientific Computing (IEEE) Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls (Infosecurity Magazine) Suspected Anonymous members cuffed in Spain over DDoS attack (The Register) CISA: Recently patched RoundCube flaws now exploited in attacks (Bleeping Computer) Anthropic Unveils 'Claude Code Security,' Sending Cyber Stocks Lower (Bloomberg) RSAC Innovation Sandbox finalists secure $5 million each. (N2K Pro Business Briefing) Cyber attack takes major chicken processor Hazeldenes offline leaving businesses without meat (ABC News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices