Podcasts about CrowdStrike

In this episode of The Segment, host Raghu Nandakumara sits down with Carl Froggett, Chief Information Officer at Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity.With nearly three decades of experience — including over 20 years at Citi leading global infrastructure defense and cybersecurity services — Carl brings a rare, full-circle perspective on how the cyber landscape, leadership, and culture have evolved from the early 2000s to today's AI-driven world.You'll learn:How Carl “accidentally” fell into cybersecurity — and what the early days of firewalls and compliance-driven security looked like What it was like to pioneer one of Citi's first dedicated cyber teams Lessons in leadership from iconic figures like Charles Blauner, Greg Lavender, and John Miller How Citi became an early adopter of technologies like Palo Alto Networks, Splunk, CrowdStrike, and Illumio Why building business alignment and trust matters more than ever for CISOs How to frame security risks in business terms — and where many leaders go wrong The massive shift from machine learning to deep learning in cybersecurity How generative AI and “dark AI” are redefining the threat landscape — and why the next era of defense demands a mindset change Packed with nostalgia, hard-won wisdom, and forward-looking insight, this episode bridges cybersecurity history, human leadership, and the AI-powered future ahead.Stay Connected with our host, Raghu on LinkedInFor more information about Illumio, check out our website at illumio.com 

Patch smarter, not harder.Lieuwe Jan Koning and ON2IT Field CTO Rob Maas break down why “patch everything now” isn't a strategy, but a risk multiplier. In this session, they teach a practical patching strategy: know your assets, patch edge first, stage updates, and use Zero Trust segmentation to choke off exposure so you only patch what truly matters: fast, safely, and without outages.(00:00) - 01:11 - Intro (01:11) - - 02:28 - Reality check #1: Not everything can be patched (02:28) - - 05:02 - Reality check #2: Patches are scary (05:02) - - 08:45 - The solution: Patch in phases (08:45) - - 10:36 - How Zero Trust enables patch management (10:36) - - 11:23 - Prioritization matters (11:23) - - 14:50 - Patching tips and tricks (14:50) - - 16:21 - Guidelines for patching triage (16:21) - - 17:37 - Practical advice (17:37) - - END - Outro Key Topics Covered·       Why “patch everything immediately” fails; availability vs. security·       Staged deployments and rollback safety for crown-jewel services·       Zero Trust segmentation to reduce urgency and shrink attack surface·       Priority signals that matter: asset criticality, exposure, KEV, CVSSRelated ON2IT content & explicitly referenced resources ON2IT Zero Trust: https://on2it.net/zero-trust/ Threat Talks (site): https://threat-talks.com/ CVSS (FIRST): https://www.first.org/cvss/ CISA guidance – Citrix/NetScaler (Citrix Bleed example): https://www.cisa.gov/guidance-addressing-citrix-netscaler-adc-and-gateway-vulnerability-cve-2023-4966-citrix-bleed Crowdstrike episode: https://youtu.be/IRvWVg1lSuo?si=f8Sj6WYG0KNxlkJD Click here to view the episode transcript.

Patreon Stephan: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/Techaktien⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Instagram Stephan: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.instagram.com/techaktien/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Twitter / X Stephan: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://x.com/Techaktien1⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠YouTube Stephan: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/@Techaktien⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Aktien_Max auf X: ⁠⁠⁠⁠https://x.com/aktien_max⁠⁠⁠⁠Max auf X: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://x.com/globalstockflsh⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Instagram Max: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.instagram.com/global.stock.flash/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Telegram Max: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://t.me/+rnYRa1QHgLZiM2Y6⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Juri auf X: ⁠⁠https://x.com/GREYxCAPITAL⁠⁠Podcast Juri: ⁠⁠⁠⁠⁠https://open.spotify.com/show/6sEbxv14ZEGZtzhL2B1iLp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Webseite Juri: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://grey-capital.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Instagram Juri: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.instagram.com/greyxcapital/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠YouTube Juri: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/@GREYxCAPITAL⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠(Werbung)Podcast abonnieren damit AWS nicht wieder abschmiert.Alles nur subjektive Meinung, Unterhaltung und Satire.#Aktien #Techaktien #Aktie #Börse #Finanzen #Geld #ETF #BuyHighSellLow #ETFs #Trading #Aktientipp #Aktientipps #Aktienanalysen #Aktienanalyse #TradeRepublic #Scalable #Podcast #Dividende #Dividenden #Gold #Silber #Amazon #AWS #CRWD #Crwodstrike #EosEnergy #EOSE #Speicher #batterie #Apple #iPhone #PLTR #palantir #Depotcheck #Depotroast #Vaneck #Goldminers #Bitcoin #BTC

Jim Cramer and Scott Wapner discussed what to make of Tesla missing on earnings despite record revenue. The anchors explored everything from Tesla robots to Tesla CEO Elon Musk slamming opponents of his $1 trillion pay package. Big interviews: Southwest Airlines CEO Bob Jordan on the carrier's surprise profit, CrowdStrike CEO George Kurtz discussed AI's impact on cybersecurity, T-Mobile Incoming CEO Srini Gopalan outlined his growth strategy for the wireless carrier. Also in focus: "Trump effect" on the quantum stocks rally, Basketball Hall of Famer Chauncey Billups and Miami Heat player Terry Rozier arrested in federal gambling investigations. Squawk on the Street Disclaimer  Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the Asia Pacific and Japan (APJ) region, a burgeoning set of threat actors is emerging with a different language set, distinct tools, and an ecosystem where they interact with adversaries across the threat landscape. The CrowdStrike 2025 APJ eCrime Landscape Report explores the trends and issues facing organizations operating in this part of the world. For example, criminal groups in APJ are focused on opportunistic big game hunting and primarily target organizations in manufacturing, technology, industrials and engineering, financial services, and professional services. The sale of phishing kits is popular, with some going for up to $1 million. These threat actors prefer phishing, spam campaigns, and remote access toolkits to enable their operations. And they often find them on thriving Chinese-language marketplaces, which enable the sale of illicit services. While Eastern Europe is typically known as a hotbed of eCrime activity, the APJ region is one to watch. Tune in to hear Adam and Cristian discuss the key adversaries operating in the region, the threats that stand out to them, and how defenders can stay safe. Read the report: 2025 APJ eCrime Landscape Report Watch on YouTube: https://youtu.be/97javj3hmAA

Patrick McKenzie (@patio11) shares his remarks to the Bank of England on critical vulnerabilities in financial infrastructure. Drawing from the July 2024 CrowdStrike outage which brought down teller systems at major US banks, Patrick discusses how regulatory guidance inadvertently created dangerous software monocultures. He also examines the stablecoin market, its impressive growth, and the elephant tethered to the room. He also delivers a message from Silicon Valley to other centers of power on the urgent necessity of waking up regarding AI, which almost the entire world currently far underrates.–Full transcript available here: www.complexsystemspodcast.com/talking-to-the-bank-of-england/–Sponsor: MercuryThis episode is brought to you by Mercury, the fintech trusted by 200K+ companies — from first milestones to running complex systems. Mercury offers banking that truly understands startups and scales with them. Start today at Mercury.comMercury is a financial technology company, not a bank. Banking services provided by Choice Financial Group, Column N.A., and Evolve Bank & Trust; Members FDIC.–Links:The Bank of England: https://www.bankofengland.co.uk/ Bits about Money, Why the CrowdStrike bug hit banks hard: https://www.bitsaboutmoney.com/archive/crowdstrike-bug-hit-banks-hard/ Scaling Laws for Neural Language Models" by Kaplan et al: https://arxiv.org/pdf/2001.08361 Stripe Annual Letter 2024: https://stripe.com/annual-updates/2024 –Timestamps:(00:00) Intro(01:48) The importance of implementation-level understanding(03:00) Single points of failure(04:25) Can a 22-year-old engineer close all the banks?(05:18) The CrowdStrike incident: A case study(08:34) The culture of "shut up and shuffle"(09:54) Blameless postmortems(12:25) What actually happened during CrowdStrike(18:01) Five whys: Root cause analysis(19:03) How software monocultures are created(22:54) Understanding endpoint monitoring software(25:25) Distributed systems and the nature of CrowdStrike(31:22) The economics of software monocultures(33:29) Why wasn't there defense in depth?(37:05) Why was recovery so difficult?(40:32) The domino effect across financial institutions(43:36) What went right: Electronic systems remained up(45:10) This was a near miss(49:29) Potential policy responses(54:03) Switching gears: Stablecoins(01:01:37) The elephant in the room: Tether(01:15:32) Who loses if Tether implodes?(01:16:59) AI and the future of trading(01:26:47) AI risks in the trading space(01:30:41) Closing

Alexis Garcia and Ed Carson analyze Thursday's market action and discuss key stocks to watch on Stock Market Today. Learn more about your ad choices. Visit megaphone.fm/adchoices

En la edición de hoy del Radar Empresarial, abordamos la reciente interrupción de Amazon Web Services (AWS) y sus consecuencias a nivel global. La compañía comunicó el lunes por la tarde que los servicios ya habían sido restaurados, luego de un incidente que afectó a miles de empresas en todo el mundo. Este ha sido uno de los mayores fallos tecnológicos desde el incidente de Crowdstrike el año pasado. La caída no solo afectó a plataformas propias de Amazon, sino que se extendió a decenas de servicios que vieron interrumpidas sus operaciones normales, generando un gran caos en distintos sectores. Uno de los sectores más impactados fue el financiero. Muchos terminales de pago dejaron de funcionar, y servicios como Bizum no pudieron operar con normalidad. Frente a esta situación, muchas personas optaron por retirar efectivo, aunque incluso varios cajeros automáticos presentaban errores similares. La frase que se repetía en muchas aplicaciones era: "Request could not be completed". Esta interrupción dejó a muchos usuarios sin acceso a dinero en efectivo, aunque el mayor impacto se registró en los pagos digitales. Según Coinlaw, el 85% de las transacciones en puntos de venta durante 2024 se realizaron sin usar efectivo, lo que agrava aún más la situación durante un fallo de este tipo. Más allá del sector financiero, la caída de AWS también afectó a múltiples plataformas digitales. Servicios populares como Snapchat, Zoom, Reddit, Duolingo, Canva, así como videojuegos como Fortnite y Roblox, se vieron interrumpidos. Incluso herramientas de inteligencia artificial como ChatGPT de OpenAI y Perplexity experimentaron problemas. El costo económico de esta interrupción podría alcanzar cifras enormes. Mehdi Daoudi, CEO de Catch Point, explicó a CNN que las pérdidas podrían ascender a cientos de miles de millones de dólares debido a la inactividad de millones de trabajadores en todo el mundo. Para comprender la magnitud de AWS, basta con observar su participación del 37% en el mercado mundial de servicios en la nube en 2024, según Gartner. La división opera en 38 regiones geográficas. El origen del problema fue localizado en el centro de datos US-EAST-1, ubicado en Virginia del Norte. Allí se produjo una falla en el Sistema de Nombres de Dominio (DNS), responsable de traducir direcciones web en datos legibles para los servidores. Este centro ya había registrado incidentes similares en 2020 y 2021. Todo esto plantea una cuestión crucial: ¿estamos dependiendo demasiado del almacenamiento en la nube?

Amazon Web Services (AWS) suffered a major outage that disrupted thousands of websites and apps worldwide, from banking and travel booking platforms to everyday services like coffee orders and social media. It was one of the most significant global internet disruptions since last year’s CrowdStrike malfunction that grounded flights and crippled hospital systems. While AWS has since restored its systems, the incident raises bigger questions about the fragility of the internet’s infrastructure, the risks of overreliance on a few cloud providers, and what businesses can do to protect themselves the next time something like this happens. So how did this all happen? What are the key lessons we can learn from this? On The Big Story, Hongbin Jeong speaks to Shariff Ahmed, Director, Mind Master Solutions, to find out more. See omnystudio.com/listener for privacy information.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CrowdStrike is tracking a mass exploitation campaign leveraging a previously unknown vulnerability in Oracle E-business suite or EBS. A threat group, tracked as Storm-2603, has been observed using the open source Velociraptor DFIR tool as part of it's post-exploitation toolkit in recent ransomware attacks.North Korean IT workers, operating under state direction, continue to infiltrate international tech companies using false identities and anonymizing infrastructure to secure jobs and route payments in cryptocurrency. Researchers from Anthropic, the UK AI Security Institute, and Alan Turing Institute have released the largest study to date on poisoning attacks during pre-training on large language models or LLMs.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Cybersecurity stocks like CrowdStrike (CRWD) and ZScaler (ZS) showed great returns for investors over the last year. Alex Hamerstone doesn't see the trend slowing down. He explains that companies will need to keep cybersecurity spending on their budgets as risks from A.I. and emerging technologies climb. George Tsilis offers example options trades in CrowdStrike and Palo Alto Networks (PANW).======== Schwab Network ========Empowering every investor and trader, every market day.Options involve risks and are not suitable for all investors. Before trading, read the Options Disclosure Document. http://bit.ly/2v9tH6DSubscribe to the Market Minute newsletter - https://schwabnetwork.com/subscribeDownload the iOS app - https://apps.apple.com/us/app/schwab-network/id1460719185Download the Amazon Fire Tv App - https://www.amazon.com/TD-Ameritrade-Network/dp/B07KRD76C7Watch on Sling - https://watch.sling.com/1/asset/191928615bd8d47686f94682aefaa007/watchWatch on Vizio - https://www.vizio.com/en/watchfreeplus-exploreWatch on DistroTV - https://www.distro.tv/live/schwab-network/Follow us on X – https://twitter.com/schwabnetworkFollow us on Facebook – https://www.facebook.com/schwabnetworkFollow us on LinkedIn - https://www.linkedin.com/company/schwab-network/About Schwab Network - https://schwabnetwork.com/about

In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: FBI intervenes in Scattered Spider Salesforce leaksite Clop loots Oracle E-Biz deployments Plus so much more data extortion.. At least it's not ransomware … we guess? The US still can't decide who's gonna be in charge of NSA & Cybercom Cambodian scam compounds get sanctioned and $15b in crypto is seized NSO gets sold for pocket-lint-grade money Bugs! Redis CVSS 10, Ivanti, Crowdstrike and… Internet Explorer?! zeroday?! In the wild?!!!? This week's episode is sponsored by Stairwell. Founder Mike Wiacek talks about how Stairwell brings VirusTotal-like visibility to private files, and about integrating the insights that brings into your SOC workflow. This episode is also available on Youtube. Show notes FBI takedown banner appears on BreachForums site as Scattered Spider promotes leak | The Record from Recorded Future News Dozens of Oracle customers impacted by Clop data theft for extortion campaign | CyberScoop Well, Well, Well. It's Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882) Clop is a Big Fish, But Not Worth Hunting - Risky Business Media ShinyHunters Wage Broad Corporate Extortion Spree – Krebs on Security The company Discord blamed for its recent breach says it wasn't hacked Qantas confirms cybercriminals released stolen customer data | The Record from Recorded Future News Red Hat confirms breach of GitLab instance, which stored company's consulting data | CyberScoop Risky Bulletin: Microsoft revamps Edge's "IE Mode" after zero-day attacks - Risky Business Media Teenagers arrested in England over cyberattack on nursery chain Kido | The Record from Recorded Future News Acting US Cyber Command, NSA chief won't be nominated for the job, sources say | The Record from Recorded Future News Layoffs, reassignments further deplete CISA | Cybersecurity Dive Trump's scandalous directive to AG Pam Bondi reached the public by accident Feds sanction Cambodian conglomerate over cyber scams, seize $15 billion from chairman | The Record from Recorded Future News US Congress committee investigating Musk-owned Starlink over Myanmar scam centres | Myanmar | The Guardian Satellites Are Leaking the World's Secrets: Calls, Texts, Military and Corporate Data | WIRED Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia | The Record from Recorded Future News Spyware maker NSO Group confirms acquisition by US investors | TechCrunch Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits | WIRED Wiz Finds Critical Redis RCE Vulnerability: CVE‑2025‑49844 | Wiz Blog SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal | CyberScoop SonicWall SSLVPN devices compromised using valid credentials | Cybersecurity Dive Issues Affecting CrowdStrike Falcon Sensor for Windows ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities - SecurityWeek Jaguar Land Rover launches phased restart at factories after cyber-attack | Jaguar Land Rover | The Guardian Windows 10 support ends today — here's who's affected and what you need to do

Have you heard about this AI thing? It's wild. Turns out, attackers are using it for all kinds of things we'd rather not have them doing. Dennis Fisher is joined by two experts from CrowdStrike--Adam Meyers, head of counter adversary operations, and Elia Zaitsev, CTO--to talk about how both defenders and attackers are leveraging AI and where things might be going in the next few years. 

In this episode of IGEL Weekly, Andy Whiteside sits down with Chris Feeney from IGEL's Office of the CTO to explore a critical, often overlooked element of disaster recovery—endpoint resilience. They unpack how IGEL is addressing business continuity challenges with innovative solutions like IGEL Dual Boot and USB Recovery, enabling organizations to recover in minutes rather than days.Chris shares insights into the growing importance of securing endpoints amid rising ransomware threats and operational disruptions like the recent CrowdStrike incident. The conversation dives into:Why most organizations fail to plan for endpoint-level recoveryHow IGEL's dual-boot architecture bridges the gap between prevention and recoveryReal-world examples of minimizing downtime during breaches and outagesThe future of endpoint strategy as SaaS, browsers, and cloud PCs reshape IT infrastructureTune in to learn how IGEL is redefining endpoint continuity and setting a new standard for security and business resilience.

Vous avez été nombreux à nous envoyer vos questions pour Laurent Gaudin, Manager général des Crowdstrike 24 Heures de Spa, et à Jean-Michel Baert, Team Principal de Comtoyou Racing.Endurance-Info a sélectionné plusieurs de ces questions et les a soumises aux deux intéressés en marge de la finale du GT World Challenge Europe à Barcelone. Un échange à retrouver dans le nouveau numéro de notre podcast Track Limit.Hébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.

Parce que… c'est l'épisode 0x645! Shameless plug 12 au 17 octobre 2025 - Objective by the sea v8 4 et 5 novembre 2025 - FAIRCON 2025 8 et 9 novembre 2025 - DEATHcon 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2026 Description Introduction Dans cet épisode technique, Nicolas et Jordan Théodore abordent un changement de paradigme fondamental en cybersécurité d'entreprise. Le navigateur web est devenu l'élément principal du fonctionnement organisationnel, détrônant le desktop traditionnel. Cette évolution nécessite désormais de détecter et d'intervenir sur les navigateurs comme s'il s'agissait d'endpoints à part entière. Le navigateur, nouvelle cible privilégiée Depuis quelques années, les navigateurs web sont devenus une cible de choix pour les cyberattaquants. Cette concentration des attaques s'explique par plusieurs facteurs. La majorité des activités professionnelles transitent maintenant par le navigateur, que ce soit pour les emails, la suite bureautique ou les services en ligne. Cette migration s'est accélérée au cours des dix dernières années avec l'abandon progressif des clients lourds au profit d'applications web, popularisées notamment par Google avec sa suite bureautique entièrement en ligne. Microsoft suit également cette tendance avec la migration de sa propre suite vers le web. Les attaquants exploitent ce vecteur d'attaque pour diffuser des malwares via des sites piégés, mener des campagnes de phishing particulièrement efficaces, et exploiter les vulnérabilités des navigateurs ou des extensions malveillantes. Les navigateurs modernes sont devenus des environnements riches qui stockent des informations sensibles, des mots de passe, des données en cache et même des bases de données locales, constituant ainsi un tremplin très important pour les acteurs malveillants. Les vulnérabilités critiques Jordan illustre la gravité de ces menaces avec des exemples concrets de vulnérabilités récentes. En 2023, des failles critiques dans la librairie libwebp ont été notées 8.8 sur l'échelle CVSS V3, affectant tous les navigateurs basés sur Chromium, notamment Chrome, Edge et Brave, ainsi que parfois Firefox. Ces vulnérabilités exploitent souvent des techniques classiques comme le buffer overflow ou la corruption de stack. L'exemple le plus frappant concerne une faille permettant l'exécution de code arbitraire simplement par le chargement d'une image webp mal formée dans une page HTML. L'utilisateur n'a qu'à visiter une page contenant l'image malveillante pour que son navigateur vulnérable soit compromis, avec un minimum d'interaction. Cette simplicité d'exploitation est particulièrement préoccupante car ces images peuvent être hébergées sur des plateformes légitimes comme OneDrive, Dropbox ou Google Drive, contournant ainsi les filtres de proxy traditionnels qui autorisent généralement ces services d'entreprise. Les défis du déploiement en entreprise Dans les grandes organisations, comme l'exemple donné d'une entreprise du CAC 40 comptant 17 000 employés en France et 130 000 dans le monde, la mise à jour des navigateurs n'est pas aussi simple qu'il y paraît. Le taux de convergence du déploiement peut être considérablement long, particulièrement avec la généralisation du télétravail. Cette fenêtre d'exposition prolongée nécessite des solutions alternatives pour pallier le délai d'application des correctifs. Les solutions de sécurité Face à ces menaces, trois couches de défense principales ont émergé. Les EDR (Endpoint Detection and Response) jouent toujours un rôle crucial en suivant les activités côté poste client et en détectant les comportements suspects. Par exemple, CrowdStrike a récemment ajouté des capacités dédiées pour inventorier les extensions Chrome et Edge, vérifier leurs niveaux de permission et identifier les sources douteuses. Un EDR bien configuré peut détecter des comportements anormaux comme Chrome déclenchant une commande exécutable. Cependant, les EDR sont de plus en plus facilement contournés par des techniques avancées qui patchent les mécanismes de détection. Une nouvelle couche de défense s'est donc développée directement au sein des navigateurs avec les extensions de sécurité. Ces modules additionnels peuvent bloquer activement les contenus malveillants et surveiller les actions utilisateur. On trouve des solutions open source comme Privacy Badger ou NoScript, ainsi que des produits commerciaux comme Capsule Security et Square X offrant de l'isolement à distance. Ces extensions assurent plusieurs fonctions essentielles. Elles filtrent les URL en bloquant l'accès aux pages exploitant des CVE ou hébergeant des malwares. Elles analysent le contenu avant téléchargement en scannant les fichiers HTML, JavaScript et images avant leur exécution complète. Elles bloquent les scripts inconnus, réduisant la surface d'exploitation, et protègent contre les publicités malveillantes, l'injection de code via iframes et le fingerprinting. Elles intègrent également des fonctionnalités DLP pour éviter l'upload de fichiers corporates sur internet, notamment vers des services comme ChatGPT où les employés peuvent involontairement partager des informations sensibles. L'extension développée par Glims, par exemple, vérifie tout contenu téléchargé pour détecter les malwares et contrôle les données uploadées pour prévenir les fuites d'information, incluant le copier-coller vers des sites externes. Ces extensions envoient des signaux au SOC (Security Operations Center) pour une meilleure visibilité et permettent d'intervenir rapidement si nécessaire. Les navigateurs sécurisés Au-delà des extensions, des navigateurs pensés pour la sécurité ont émergé. Brave, lancé il y a six ans, force l'accès HTTPS, filtre le phishing et bloque contenus indésirables, publicités et trackers. Des solutions comme Island et Talon proposent des navigateurs basés sur Chromium avec des contrôles de sécurité et DLP intégrés, bloquant par exemple les impressions d'écran et le copier-coller sur certains sites. Limites et complémentarité Les extensions ne peuvent pas tout faire. Elles ne voient pas ce qui se passe en mémoire et ne détectent pas les exploits de type use-after-free ou corruption mémoire. Elles peuvent être désactivées via JavaScript par click-jacking et ne protègent pas l'OS. D'où l'importance d'une approche complémentaire combinant EDR et extensions de navigateur. Bonnes pratiques en entreprise Pour renforcer la sécurité, les organisations doivent forcer une liste blanche d'extensions via GPO, installer des extensions de sécurité managées pour remonter les informations au SOC, utiliser un bon EDR pour surveiller toutes les extensions, et corréler les logs du navigateur avec ceux des endpoints lors des investigations. Le navigateur doit être considéré comme un petit poste à l'intérieur du grand poste pour tracer efficacement les actions malveillantes. Cette approche représente une nouvelle réalité de la cybersécurité où les attaquants s'adaptent constamment, nécessitant une évolution parallèle des défenses. Collaborateurs Nicolas-Loïc Fortin Jordan Theodore Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

In this episode of AI with Maribel Lopez, Maribel sits down with Ian Bramson, Vice President of Global Industrial Cybersecurity at Black & Veatch, to explore the growing intersection between artificial intelligence and operational technology (OT) security.From power grids and oil refineries to manufacturing plants, critical infrastructure systems are becoming increasingly connected—and therefore more vulnerable. Ian shares how Black & Veatch is helping industrial organizations rethink cybersecurity from the ground up, integrating protection early in the design and build process rather than bolting it on later.Together, Maribel and Ian discuss the evolution of OT threats, the rise of AI in both defense and attack scenarios, and why cybersecurity must be seen as a core business function, not an afterthought.

Justin Nielsen and Alexis Garcia analyze Monday's market action and discuss key stocks to watch on Stock Market Today. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jeremy Au and Jordan Dea-Mattson reconnect to explore how Vernor Vinge's Rainbows End anticipated today's world of accelerating technology, reskilling challenges, and demographic shifts. They examine which predictions came true, which fell short, and how these lessons apply to AI adoption, fragile digital systems, and the need for lifelong learning. Their conversation highlights why individuals must build meta-skills, why policymakers lack playbooks, and how Southeast Asia can prepare for a future shaped by both singularity and depopulation trends. 00:41 Tech change accelerates beyond generations: Vinge showed how skills like programming quickly became obsolete, leaving workers structurally unemployed. 07:27 Reskilling mirrors today's digital divide: Characters were pushed back into classrooms, similar to how older workers struggle with cashless systems and SaaS adoption. 11:56 Rogue AI foreshadowed safety debates: Vinge hinted at AI bargaining to survive, connecting to current AI alignment concerns. 13:58 Belief circles resemble online echo chambers: Communities overlapped with reality, much like radicalization on forums and social platforms today. 18:29 Trust collapses with fragile systems: A single broken security certificate caused global chaos, resembling real-world failures like the CrowdStrike outage. 38:19 Singularity defined as break point: Jordan explains the mathematical roots of singularity as the moment when definitions collapse with exponential change. Watch, listen or read the full insight at https://www.bravesea.com/blog/jordan-dea-mattson-rogue-ai-rising Get transcripts, startup resources & community discussions at www.bravesea.com WhatsApp: https://whatsapp.com/channel/0029VakR55X6BIElUEvkN02e TikTok: https://www.tiktok.com/@jeremyau Instagram: https://www.instagram.com/jeremyauz Twitter: https://twitter.com/jeremyau LinkedIn: https://www.linkedin.com/company/bravesea English: Spotify | YouTube | Apple Podcasts Bahasa Indonesia: Spotify | YouTube | Apple Podcasts Chinese: Spotify | YouTube | Apple Podcasts Vietnamese: Spotify | YouTube | Apple Podcasts

Building Better Defenses: RedTail Observations Defending against attacks like RedTail is more then blocking IoCs, but instead one must focus on the techniques and tactics attackers use. https://isc.sans.edu/diary/Guest+Diary+Building+Better+Defenses+RedTail+Observations+from+a+Honeypot/32312 Sonicwall: It wasn t the user s fault Sonicwall admits to a breach resulting in the loss of user configurations stored in its cloud service https://www.sonicwall.com/support/knowledge-base/mysonicwall-cloud-backup-file-incident/250915160910330 Crowdstrike has Issues Crowdstrike fixes two vulnerabilities in the Windows version of its Falcon sensor. https://www.crowdstrike.com/en-us/security-advisories/issues-affecting-crowdstrike-falcon-sensor-for-windows/ Interrogators: Attack Surface Mapping in an Agentic World A SANS.edu master s degree student research paper by Michael Samson https://isc.sans.edu/researchpapers/pdfs/michael_samson.pdf keywords: ai; agentic; attack surface; crowdstrike; sonicwall; ivanti; zero day; initiative; redline

In the fourth and final installment of this Shoptalk series, host David Carothers and Zane Goldthorp of ProWriters tackle a critical issue facing agents every day: the vast difference between a standalone cyber policy and a simple BOP or package endorsement. They call out the laziness of settling for an endorsement, highlighting the massive coverage gaps it leaves and the E&O exposure it creates for the agent. Zane shares real-world horror stories of agents discovering their client's six-figure loss wasn't covered by their BOP. The conversation provides a clear, strategic path for agents to transition clients to proper coverage and use the inadequacy of endorsements as a powerful competitive wedge against other agents. Key Highlights: Standalone Policy vs. BOP Endorsement: A Massive Chasm The core of the episode is a stark warning: a BOP endorsement for cyber is not real protection. Zane explains that when compared side-by-side, endorsements lack critical coverage, have minuscule sublimits for events like social engineering, and often omit coverage entirely for sophisticated attacks like invoice manipulation, leaving clients dangerously exposed. The E&O Nightmare of "Good Enough" Coverage Zane shares his experience taking calls from frantic agents whose clients have suffered a major loss, only to find their BOP endorsement is useless. These situations not only lead to losing the client but also put the agency's own E&O policy on the line for failing to provide adequate counsel and coverage. Cyber as the Ultimate Competitive Wedge If you're prospecting an account and discover their current agent has them on a BOP endorsement, it's "game over." David and Zane explain how an agent with a standalone offering can easily tear the endorsement apart, create immense doubt in the incumbent, and win not just the cyber business but likely the entire account. Breach vs. Privacy vs. System Failure The conversation clarifies that a cyber claim doesn't always require a security breach. Standalone policies respond to a wider range of events, including privacy breaches (like a lost laptop) and dependent system failures. Using the real-world CrowdStrike outage as an example, they illustrate a massive business interruption scenario that would be covered by a standalone policy but never by a BOP. Connect with: Zane Goldthorp LinkedIn David Carothers LinkedIn Kyle Houck LinkedIn Visit Websites: Power Producer Base Camp ProWriters Killing Commercial Crushing Content Power Producers Podcast Policytee The Dirty 130 The Extra 2 Minutes

Welcome to episode 3 of our special launch series of the Pure Report podcast. In this episode, we dive deep into the critical topic of cyber resilience with Scott Taylor, Director of the Cyber Resilience Field Solutions Architects Team at Pure Storage. We discuss why traditional, siloed security approaches are failing in the face of escalating cyber threats. From there, we explore the real-world impact of cyberattacks, from significant financial costs and reputational damage to the often-overlooked human toll on IT and security teams. Watch and listen as Scott unpacks Pure Storage's innovative approach to cyber resilience, built on principles of Built-in Security, Connected Threat Detection, and Dynamic Response and Recovery. Discover how Pure's "as-a-service" offerings are changing the game, providing optionality and flexibility to react to rapidly changing environments. We delve into our recent launch announcements, including deep integrations with CrowdStrike and Superna, transforming storage from a passive target into an active defender. Plus, get insights into Pure's new Real-Time Malware Scanning directly at the storage layer and the expanded Veeam partnership for simplified backup and recovery delivered as service. This episode is a must-listen for IT and security professionals looking to move from a reactive to a proactive security posture. Scott shares his "hot takes" on overlooked aspects of cyber recovery, essential cultural shifts for IT organizations, and how AI is influencing the ongoing battle between attackers and defenders. Learn how to secure your data, minimize downtime, and build a truly cyber resilient enterprise in the era of the Enterprise Data Cloud.

Accountability has suddenly become selective and the blame war is on. The Comey indictment is already revealing a lot. The veteran guardian of a fragile system. Mining data and crunching numbers. This involves controlling elections. This involves Russian intel and the phone locations of artillery crews. Fancy Bear is code written by Ukrainians at Crowd Strike. John Brennan was the burglar. You financed the Russia hoax. Hacking elections to claim certain software was used. The German servers provided coms. Hunter, his dad, and Obama were all involved. This predates Comey. That whole 911 thing had to be covered up. The FBI awarded contracts involving the DNC server hacks. A cyber security company was at the center of it all. Retroactive code and false cyber evidence. Who's the investigator on this F'g case? Network breeches and valuable data. The RNC was a target too. Who approved the bids? It sounds like a techno-thriller. Full control is usually the only answer. What is Pole Vault 7 again? On paper it makes sense, off paper it makes deals. Thousands of purposeful errors to create illusions. Private partners do all the dirty work. We must all be ready for traitors from within. History proves those are the most dangerous kind.

Ken Shreve and Ed Carson analyze Wednesday's market action and discuss key stocks to watch on Stock Market Today. Learn more about your ad choices. Visit megaphone.fm/adchoices

Josh Liburdi, Principal Engineer of Security Operations at DoorDash, joins Maxime Lamothe-Brassard, LimaCharlie CEO / Founder, to talk about building the Strelka file scanning system.As a security engineer who works in security operations (prevention, detection, and response), Josh has more than a decade of industry experience and has worked at several diverse organizations, including Brex, Target, and CrowdStrike.He also presents at information security conferences (BSides NYC & SF, SANS, fwd:cloudsec), is a published author (Bluenomicon from Splunk, Huntpedia from Sqrrl), and is active in the open source security community with contributions to many projects, including Substation at Brex (creator), Strelka at Target (creator), and the Zeek network analysis framework.Join Defender Fridays, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals. Become part of the LimaCharlie Community. Learn more about LimaCharlie at limacharlie.io.

Kyle McIntyre is the owner and executive recruiter at McIntyre Associates, where he has placed VPs, SVPs, and C-Level executives for companies ranging from Seed Stage through Fortune 100. In this episode, McIntyre joins host Amanda Glassner to discuss open positions in cybersecurity today, as well as the outlook for 2026, what hiring managers should consider, and more. McIntyre Associates has served the cybersecurity startup community for over two decades, partnering with industry leaders such as CrowdStrike, KnowBe4, Cisco, Arbor Networks and others to achieve record-breaking growth and noteworthy exit events. To learn more about our sponsor, visit https://McIntyreAssociates.com.

Noctua News | T08 E3 | Crowdstrike e IA (Noticiario)Pueden contactar con Andromeda Capital EAF:- por email en ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠info@andromedacapitaleaf.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- en la página web ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.andromedacapitaleaf.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- en redes sociales (Twitter (@andromedavalue), Instagram (@andromedavaluecapital), LinkedIn, Facebook) y en el canal de slackNoctua News es una iniciativa de Andromeda Capital EAF (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.andromedacapitaleaf.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠) que tiene como objetivo mantener informado a sus oyentes a través de una selección de las noticias más relevantes del mundo de la tecnología y las finanzas. Andromeda Value Capital es un fondo de inversión que pueden contratar dentro de Renta4 Banco, no tiene compromiso de permanencia, y el importe mínimo es simbólico, de 10 euros.Pueden comentar estas y otras noticias a través del canal de Andromeda Capital EAF en Slack: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://t.co/NIFlSC1qv0?amp=1⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Presentadores:- Flavio Muñoz: LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/flaviomunoz/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: @FlavioMunozM- Juan de Dios Gómez Gómez-Villalva: LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/juandegomezgv⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: @JuandeGomezGVColaboradores: Silvia Lanzarote VargasNoctua News también está disponible en los siguientes canales:- Spotify: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://open.spotify.com/show/2MsYqOVZszLcG5xL2X8Z7K⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- Apple Podcats: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://podcasts.apple.com/es/podcast/noctua/id1459028425⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- iVoox: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.ivoox.com/podcast-noctua_sq_f1702277_1.html⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

This week, Workday hosted their annual user conference, Workday Rising 2025, taking the opportunity to announce a number of new releases and updates. In other news, CrowdStrike and Salesforce announced a new strategic partnership to enhance the security of AI agents and applications built on Agentforce and the Salesforce platform. To round out the week, Qlik announced the general availability of Qlik Open Lakehouse, a fully managed Apache Iceberg service in Qlik Talent Cloud.Connect with us!https://www.erpadvisorsgroup.com866-499-8550LinkedIn:https://www.linkedin.com/company/erp-advisors-groupTwitter:https://twitter.com/erpadvisorsgrpFacebook:https://www.facebook.com/erpadvisorsInstagram:https://www.instagram.com/erpadvisorsgroupPinterest:https://www.pinterest.com/erpadvisorsgroupMedium:https://medium.com/@erpadvisorsgroup

The supply chain attacks on npm continue and this week, Crowdstrike's npm packages fell victim to the “Shai-Hulud” worm. To mitigate the potential of downloading these malicious packages, consider pinning specific package versions in JS projects and using 2FA to publish new package versions to npm.Also this week, WebAssembly Specification (Wasm) released v3.0. This version dramatically expands the memory Wasm apps can use, supports multiple memory usage, and now allows garbage collection.It's been a while since we last covered LLM options for folks who want to run their own models locally or in the browser, so Jack gives a quick rundown of some of the best options out today. There's WebLLM from MLC, MediaPipe from Google, and ONNX from Microsoft, and although none are easily interchangeable with another, if cost, privacy, or working offline are concerns of your LLM-enabled app, these may be good options to explore.Chapter Markers:00:58 - npm supply chain attack16:28 - Wasm 3.023:34 - LLM options in the browser34:41 - Jack's experience at CascadiaJS and a discussion on the value of in-person conferences in 202541:54 - GitHub's new MCP registry43:26 - Microsoft Paint is getting project files46:54 - What's making us happyLinks:Paige - “Shai-Hulud” supply chain attack on npm continues against Crowdstrike npm packages and pnpm 10.16 minimumReleaseAge settingJack - LLM options in the browser: WebLLM, MediaPipe, ONNXTJ - Wasm 3.0GitHub's new MCP registryMicrosoft Paint is getting its own Photoshop-like project filesPaige - Great British Bake Off season 16 is back!Jack - YoyosTJ - phishyurl.comThanks as always to our sponsor, the Blue Collar Coder channel on YouTube. You can join us in our Discord channel, explore our website and reach us via email, or talk to us on X, Bluesky, or YouTube.Front-end Fire websiteBlue Collar Coder on YouTubeBlue Collar Coder on DiscordReach out via emailTweet at us on X @front_end_fireFollow us on Bluesky @front-end-fire.comSubscribe to our YouTube channel @Front-EndFirePodcast

Tiffany, SonicWall, Crowdstrike, SonicWall, Aetna CVS, The Social Security Administration and every financial advisor in Canada and so much more are why we want off this planet this week...

בפרק זה נסקור את ההצלחות הבולטות של חברי הקהילה במסחר סווינג בשנת 2025 – שנה יוצאת דופן עם תשואות חריגות. נעמיק במניית Oklo (OKLO) שטסה ביותר מ־2,000% מאז ההנפקה, ובמניית OKLL הממונפת שצברה נפח מסחר אדיר. בנוסף, נבחן את Nano Nuclear Energy Inc (NNE) שזינקה מעל 50% בעקבות באז סקטוריאלי.נמשיך עם סקטור הקוואנטום, שבו IONQ מובילה עם פוטנציאל ארוך טווח, לצד QBTS, RGTI ו-QUBT שממשיכות למשוך עניין ולסמן עוצמה. מניות הטכנולוגיה הגדולות מציגות מגמות חזקות – Palo Alto Networks, CrowdStrike, Wix ו-Apple ממשיכות לרוץ קדימה.במקביל, Google חוצה את רף ה־3 טריליון דולר ועוקפת את Amazon בשווי שוק, ומחזקת את מעמדה כעוגן מרכזי להשקעות ארוכות טווח. ננתח גם את התפתחויות הריבית והאג"ח בארה"ב, ואת מגמות הנדל"ן בישראל – שם מתחילים לראות ירידות מחירים וקיטון משמעותי בהיקף המשקיעים.

Today we run down another solid session for the US market, with enthusiasm in abundance on the Nvidia investment in Intel, a development we discuss with Saxo Equity Strategist Ruben Dalfovo, together with the surge in ASML and Crowdstrike yesterday. Also, a preview of some names reporting next week, including recent darling Micron, key developments in FX as the US dollar is on the comeback path and the JPY churns post-BoJ. Today's pod hosted by Saxo Global Head of Macro Strategy John J. Hardy. Links discussed on the podcast and our Chart of the Day can be found on the John J. Hardy substack (with a one- to two-hour delay from the time of the podcast release). Read daily in-depth market updates from the Saxo Market Call and the Saxo Strategy Team here. Please reach out to us at marketcall@saxobank.com for feedback and questions. Click here to open an account with Saxo. Intro and outro music by AShamaluevMusic

In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-513

In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Show Notes: https://securityweekly.com/swn-513

In der heutigen Folge sprechen die Finanzjournalisten Daniel Eckert und Philipp Vetter über den ersten Handelstag von Aumovio, einen Kurssprung bei Crowdstrike und Rekorde am laufenden Band. Außerdem geht es um Continental, SAP, Aixtron, Ströer, Salesforce, Microsoft, Semiconductor Manufacturing International Corp (SMIC), ASML Holding Wir freuen uns über Feedback an aaa@welt.de. Noch mehr "Alles auf Aktien" findet Ihr bei WELTplus und Apple Podcasts – inklusive aller Artikel der Hosts und AAA-Newsletter. Hier bei WELT: https://www.welt.de/podcasts/alles-auf-aktien/plus247399208/Boersen-Podcast-AAA-Bonus-Folgen-Jede-Woche-noch-mehr-Antworten-auf-Eure-Boersen-Fragen.html. Der Börsen-Podcast Disclaimer: Die im Podcast besprochenen Aktien und Fonds stellen keine spezifischen Kauf- oder Anlage-Empfehlungen dar. Die Moderatoren und der Verlag haften nicht für etwaige Verluste, die aufgrund der Umsetzung der Gedanken oder Ideen entstehen. Hörtipps: Für alle, die noch mehr wissen wollen: Holger Zschäpitz können Sie jede Woche im Finanz- und Wirtschaftspodcast "Deffner&Zschäpitz" hören. +++ Werbung +++ Du möchtest mehr über unsere Werbepartner erfahren? Hier findest du alle Infos & Rabatte! https://linktr.ee/alles_auf_aktien Impressum: https://www.welt.de/services/article7893735/Impressum.html Datenschutz: https://www.welt.de/services/article157550705/Datenschutzerklaerung-WELT-DIGITAL.html

In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by mandated reporting for critical infrastructure, and the cultural impact of cybercrime on youth. The conversation also touches on the advancements in AI technology, including its applications in healthcare and mainframe modernization, as well as the alarming rise in ransomware tactics and the use of AI by cybercriminals. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-513

Aktien hören ist gut. Aktien kaufen ist noch besser. Unser Partner Scalable Capital ist jetzt eine Bank und bietet euch dadurch jetzt noch bessere Konditionen. Mehr Infos findet ihr unter: scalable.capital/oaws. NVIDIA pusht Intel. Trump freut's. Deutsche Halbleiter auch. Novo Nordisk freuen Abnehmpillen. Roche kauft 89bio. Axon kauft vielleicht auch. Netskope geht an Börse. CrowdStrike ist Optimist. DogeCoin ist Highflyer. Sind Reifen ein geiles Business? Continental (WKN: 543900) denkt ja. Deshalb ist Aumovio (WKN: AUM0V1) raus. BYD (WKN: A0M4W9) fällt und fällt. Ist das eine Buy-The-Dip-Chance? Der Auto-Experte Jürgen Pieper ist skeptisch. Außerdem teilt er seine Einschätzung zu Xiaomi (WKN: A2JNY1) und Xpeng (WKN: A2QBX7). Diesen Podcast vom 19.09.2025, 3:00 Uhr stellt dir die Podstars GmbH (Noah Leidinger) zur Verfügung.

Het zit nog altijd tegen bij Apple, maar het kan nu een klein succesje noteren. De fans stonden ouderwets weer voor de deur van de Applestores om als eerste een van de nieuwe iPhone te bemachtigen. Kan dat de weg terug omhoog inzetten voor het bedrijf? Dat gaan we deze aflevering voor je uitzoeken. Verder hoef je niet meer op Italië te letten als je op zoek bent naar een Europese zondebok. Het land krijgt een upgrade van kredietbeoordelaar Fitch en met een begrotingstekort ver onder het Franse mag Giorgia Meloni trots zijn op haar huishoudboekje. Goed nieuws voor de banken in het land, die volgens Bob Homan van ING Investment Office nog best een ritje te maken hebben. Verder bespreken we de steeds vriendelijker beurswaakhond SEC die deze week meerdere keren de kop op stak. Wat betekent een toezichthouder die met bedrijfsbesturen knuffelt voor beleggers? En waar heb je meer aan: een waakhond, of een schoothondje? En we blikken terug op de week met de Chinese aanval op Nvidia, een teleurgestelde Mario Draghi, en de eerste renteverlaging van het jaar in de VS.See omnystudio.com/listener for privacy information.

On this episode, we're joined by Ben Verhoff and Mina Sarshar-Michael from CrowdStrike. They give students advice on what employers are looking for in a candidate, how to navigate the recruitment process and share why CrowdStrike is a destination for early-talent.

Cybersecurity Worms, Steganography Attacks, Municipal Cyber Incidents and More... In this episode of Cybersecurity Today, host Jim Love delves into multiple cybersecurity threats affecting the tech landscape. He discusses the 'Shai Hulud' worm, which has infiltrated over 187 JavaScript libraries on NPM, exploiting developer tokens for spread, including those maintained by CrowdStrike. Love explains practical but challenging measures to mitigate such threats. He also explores steganography's role in hiding malicious scripts within seemingly benign image files, urging vigilance against embedding hidden commands. Additionally, the episode covers a cyber incident in Yellowknife, causing severe disruptions to municipal services and emphasizing the importance of cyber hygiene and support from higher government levels. Lastly, Jim examines how a Windows 11 patch has created a new vulnerability, stressing the need for enhanced monitoring and quick updates. 00:00 Introduction and Overview 00:21 The Shy Ude Worm: A New Threat 02:19 Steganography: Hiding in Plain Sight 05:30 Cybersecurity Incident in Yellowknife 07:24 Microsoft's Patch Problems 08:27 Conclusion and Contact Information

Breaking Analysis with Dave Vellante

This week's episode arrives as Adam and Cristian are gearing up for Fal.Con, CrowdStrike's annual event taking place next week in Las Vegas. They'll be recording a live episode on some fascinating LLM research presented at the show, so stay tuned for that in a couple of weeks. Amid their prep, they took the time to sit down for a conversation starting with a simple prompt: What are today's security leaders and practitioners talking about? Their discussion sheds light on the industries hardest hit by nation-state and eCrime activity and explores why some sectors, like technology and telecommunications, are seeing a sharp spike in targeted intrusions while others are facing an increase in cybercrime. Tune in to learn about shifts in Chinese cyber activity, what happens when an adversary sees another adversary in a target environment, and whether modern tech innovations will drive changes in cyber espionage.

When Craig Foster talks about artificial intelligence, he begins with scale. Pax8, the enterprise marketplace where he serves as CFO, connects vendors like Microsoft and CrowdStrike with 43,000 managed service providers. Those MSPs, he tells us, serve between 700,000 and 800,000 small and midsize businesses worldwide.Against that backdrop, Foster describes how AI is reshaping both internal operations and external opportunities. Inside Pax8, teams are experimenting across functions—from customer support to accounting—to automate what was once manual. The company, he tells us, has set a target “to do 20% more with 20% less,” relying on AI tools that are already available. Efficiency gains are not hypothetical; they are part of the current planning cycle.Externally, Foster sees what he calls “agentic marketplaces” emerging—ecosystems where AI modules act as labor components. Vendors are already building such agents, and Pax8 is designing its own. “We're a marketplace,” he tells us, “so we need to incorporate those different… AI components and enable our downstream clients for efficiency.” He believes this wave, unlike earlier technology cycles, is reaching SMBs with unusual speed.The finance leader is also watching economics evolve in real time. Data aggregated across Pax8's network shows strong interest, but pricing remains unsettled. Foster compares today's uncertainty to the early days of API marketplaces, when usage-based models became standard. The question now, he tells us, is how to split value between provider and customer—whether by consumption, per interaction, or shared outcomes. “That's probably the biggest challenge in industry right now,” Foster says.

Patrick McKenzie (patio11) is joined by Will Wilson, CEO of Antithesis, to discuss the evolution of software testing from traditional approaches to cutting-edge deterministic simulation. Will explains how his team built technology that creates "time machines" for distributed systems, enabling developers to find and debug complex failures that would be nearly impossible to reproduce in traditional testing environments. They explore how this approach scales from finding novel bugs in Super Mario Brothers to ensuring the reliability of critical financial and infrastructure systems, and discuss the implications for a future where AI writes increasingly more code.–Full transcript available here: www.complexsystemspodcast.com/software-testing-with-will-wilson/–Sponsor: This episode is brought to you by Mercury, the fintech trusted by 200K+ companies — from first milestones to running complex systems. Mercury offers banking that truly understands startups and scales with them. Start today at Mercury.com Mercury is a financial technology company, not a bank. Banking services provided by Choice Financial Group, Column N.A., and Evolve Bank & Trust; Members FDIC.–Recommended in this episode:Antithesis: https://antithesis.com/––Timestamps:(00:00) Intro(01:23) Database scaling and the CAP theorem(08:13) Abstraction layers and hardware reality(15:28) The problem with traditional testing(19:43) Sponsor: Mercury(23:16) The fuzzing revolution(30:35) Deterministic simulation testing(42:36) Real-world testing strategies(47:22) Introducing Antithesis(59:23) The CrowdStrike example(01:01:15) Finding bugs in Mario(01:07:37) Property-based vs conventional testing(01:09:51) The future of AI-assisted development(01:14:51) Wrap

The Justice brothers are back from Labor Day and dive into one of the biggest catalysts of the year: the unemployment report. From “bad news is good news” to “good news is bad news,” they map out all four possible outcomes and how each could impact bonds, equities, and the dollar. They also review RSP, small-caps, and the Dow to see if breadth can keep strengthening the bull case. The discussion then shifts to China's AI surge—Alibaba's blowout growth, a domestic chip launch aimed at Nvidia, and DeepSeek's disruptive “Sputnik moment.” Add in September's seasonal headwinds, a packed “Stock It or Drop It” lineup (Ulta, Snowflake, CrowdStrike, Dick's, Wheaton, Delta, Citi), plus Coaches Corner on covered calls, tariffs, and trading setups—and you've got a can't-miss episode.

Gartner predicts a significant shift in the adoption of artificial intelligence (AI) within enterprise applications, forecasting that by 2026, 40% of these applications will feature task-specific AI agents. This marks a dramatic increase from less than 5% in 2025, with AI expected to drive around 30% of enterprise application software revenue by 2035. Concurrently, AI-enabled personal computers are projected to dominate the global PC market, claiming over 50% by 2026. Despite market challenges such as high costs and security concerns, businesses are increasingly investing in AI technologies, although consumer sentiment remains cautious, with many waiting for price reductions before making purchases.The podcast also discusses the evolving landscape of AI adoption among small to mid-market businesses. A survey by Techaisle reveals that these companies are prioritizing strategic consulting over mere tool acquisition, seeking comprehensive services that encompass the entire lifecycle of AI implementation. This shift indicates a maturation of the AI services market, as organizations focus on responsible AI use and tailored solutions that address their unique operational needs. However, Gene Marks highlights that many small business owners are still in the experimental phase, using AI tools like chatbots for basic tasks rather than fully integrating AI into their operations.Earnings reports from major tech companies such as NVIDIA, Dell, HP, and CrowdStrike reveal a mixed picture regarding AI's impact on their financial performance. NVIDIA reported substantial revenue growth but faced concerns about an AI bubble and geopolitical tensions affecting its market. Dell's earnings exceeded expectations, but its forecast fell short, while HP noted that a quarter of its PC sales were AI-enabled. CrowdStrike, on the other hand, struggled with a disappointing revenue outlook amid ongoing challenges, including litigation related to an IT outage.The episode concludes with a sobering discussion about the darker implications of AI, highlighting a tragic case where a former Yahoo executive, influenced by AI interactions, committed murder and suicide. This incident raises urgent questions about the psychological risks associated with AI, particularly for vulnerable users. The podcast emphasizes the importance of IT providers in establishing guardrails and policies to ensure safe AI adoption, underscoring that the difference between responsible use and dangerous misuse lies in proper training and oversight. Four things to know today 00:00 Enterprises Race Ahead on AI Agents and PCs, While SMBs Struggle With Strategy and ROI 06:14 Big Tech Shouts “AI,” Wall Street Shrugs — What It Means for SMBs and IT Providers 11:19 Rev.io Enters PSA Market With All-in-One MSP Platform, Betting on AI and Billing Expertise 13:30 Chatbot-Linked Killing Highlights Dark Side of AI and Why Providers Must Set Guardrails  This is the Business of Tech.    Supported by:  https://syncromsp.com/  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

How is your website converting potential customers or franchise buyers for your business? When is the last time you checked? Our guest today is Sahil Patel, who is a landing page expert who shares with us the secrets he's learned on how to optimize a landing page. TODAY'S WIN-WIN:Create a great landing page that makes it easy for your customer to understand what you do and then test it.LINKS FROM THE EPISODE:Schedule your free franchise consultation with Big Sky Franchise Team: https://bigskyfranchiseteam.com/. You can visit our guest's website at: https://www.spiralyze.com/Attend our Franchise Sales Training Workshop:  https://bigskyfranchiseteam.com/franchisesalestraining/Connect with our guest on social:https://www.linkedin.com/in/sahilanamipatel/ABOUT OUR GUEST:Meet Sahil Patel, CEO of Spiralyze. He reveals the secrets from optimizing hundreds of landing pages leveraging data from 130k A/B tests, and working with SaaS leaders such as BambooHR, Crowdstrike, Unbounce, and hundreds more.  ABOUT BIG SKY FRANCHISE TEAM:This episode is powered by Big Sky Franchise Team. If you are ready to talk about franchising your business you can schedule your free, no-obligation, franchise consultation online at: https://bigskyfranchiseteam.com/.The information provided in this podcast is for informational and educational purposes only and should not be considered financial, legal, or professional advice. Always consult with a qualified professional before making any business decisions. The views and opinions expressed by guests are their own and do not necessarily reflect those of the host, Big Sky Franchise Team, or our affiliates. Additionally, this podcast may feature sponsors or advertisers, but any mention of products or services does not constitute an endorsement. Please do your own research before making any purchasing or business decisions.

¡Emprendeduros! En este episodio Rodrigo y Alejandro nos dan una actualización de mercado donde hablan del estatus del mercado, de los comentarios de Jerome Powell y de las expectativas de inflacion y de empleo. Nos dan los reportes de ingreso de PinDuoDuo, Crowdstrike, Snowflake, Dollar General y Nvidia. Después hablan de una compra de cafe enorme y de una sociedad cuantica. Finalmente nos dan el análisis de crypto donde hablan de BTC vs ETH y de la moneda estable de Europa. ¡Síguenos en Instagram! Alejandro: https://www.instagram.com/salomondrin Rodrigo: https://www.instagram.com/rodnavarro Emprendeduros: https://www.instagram.com/losemprendeduros

Today features special guest and former Saxonian, Peter Garnry, CEO and Co-founder of Gesda Capital, who takes us through his thoughts on Nvidia after the earnings call yesterday and especially its medium to longer term growth potential versus the current valuation. We also cover Crowdstrike and Snowflake earnings, where Peter looks for investment opportunities when so many pockets of the market are overvalued, thoughts on the geopolitical backdrop and much more. Today's pod hosted by Saxo Global Head of Macro Strategy John J. Hardy. Link to Gesda Capital home page and Peter Garnry's substack. Links discussed on the podcast and our Chart of the Day can be found on the John J. Hardy substack (with a one- to two-hour delay from the time of the podcast release). Read daily in-depth market updates from the Saxo Market Call and the Saxo Strategy Team here. Please reach out to us at marketcall@saxobank.com for feedback and questions. Click here to open an account with Saxo. Intro and outro music by AShamaluevMusic

A cyberattack disrupts state systems in Nevada. A China-linked threat actor targets Southeast Asian diplomats. A new attack method hides malicious prompts inside images processed by AI systems.Experts ponder preventing AI agents from going rogue. A new study finds AI is hitting entry-level jobs hardest. Michigan's Supreme Court upholds limits on cell phone searches. Sen. Wyden accuses the judiciary of cyber negligence. CISA issues an urgent alert on a critical Git vulnerability. Hackers target Maryland's transit services for the disabled. Our guest is Cristian Rodriguez, Field CTO for the Americas from CrowdStrike, examining the escalating three-front war in AI.  A neighborhood crime reporting app gets algorithmically sketchy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Cristian Rodriguez, Field CTO, Americas from CrowdStrike, as he is examining the escalating three-front war in AI. Selected Reading  Cybercrime Government Leadership News News Briefs  Recorded Future Nevada state websites, phone lines knocked offline by cyberattack (The Record) Chinese UNC6384 Hackers Use Valid Code-Signing Certificates to Evade Detection (GB Hackers) New AI attack hides data-theft prompts in downscaled images (Bleeping Computer) How to stop AI agents going rogue (BBC) AI Makes It Harder for Entry-Level Coders to Find Jobs, Study Says (Bloomberg) Fourth Amendment Victory: Michigan Supreme Court Reins in Digital Device Fishing Expeditions (Electronic Frontier Foundation) Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence' (The Record) CISA Alerts on Git Arbitrary File Write Flaw Actively Exploited (GB Hackers) Maryland investigating cyberattack impacting transit service for disabled people (The Record) Citizen Is Using AI to Generate Crime Alerts With No Human Review. It's Making a Lot of Mistakes (404 Media) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices