Podcasts about cvss

  • 142PODCASTS
  • 361EPISODES
  • 1h 10mAVG DURATION
  • 1WEEKLY EPISODE
  • Jun 25, 2026LATEST

POPULARITY

20192020202120222023202420252026


Best podcasts about cvss

Show all podcasts related to cvss

Latest podcast episodes about cvss

Paul's Security Weekly
Cloud Visibility, Fortibleed, hacking things the easy way - Sandy Bird - PSW #932

Paul's Security Weekly

Play Episode Listen Later Jun 25, 2026 133:44


First up is Sandy Bird from Sonrai discussing how to protect our cloud infrastructure! This segment is sponsored by Sonrai Security. Visit https://securityweekly.com/sonrai to learn more about them! Next up in the security news: Help, I am Fortibleeding Cisco SD-WAN needs help The secret life of probe requests Help, I am Squidbleeding XSS to RCE and why CVSS isn't the full picture TVs spy on you Foundational security practices Cybersecurity costs money Happy "Its too late to update your KEK key" day You don't have security flaws if no one can report them Rickrolling FIFA Domain takeovers End of life, out of luck The key to Encryption... Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-932

Passwort - der Podcast von heise security
Sinn und Unsinn von CVSS, SSVC, EPSS und Co

Passwort - der Podcast von heise security

Play Episode Listen Later Jun 24, 2026 133:24 Transcription Available


Der Podcast macht mal wieder eine Episode zu einem einzelnen Thema in aller Tiefe und zwar zu Schwachstellen-Scores. Damit werden Sicherheitslücken klassifiziert, am bekanntesten ist das Common Vulnerability Scoring System (CVSS). Allerdings gibt es das CVSS in mehreren Versionen, wovon mindestens zwei praktisch relevant sind, und mit EPSS, SSVC, CWE und CPE kommen noch diverse ergänzende Klassifikationssysteme hinzu. Die Hosts beschreiben, wie die Systeme funktionieren, was sie leisten können, was sie nicht leisten können und als was sie mitunter missverstanden werden.

Energy Talks
#128: What Makes a Cybersecurity Vulnerability Dangerous?

Energy Talks

Play Episode Listen Later Jun 11, 2026 30:36 Transcription Available


In this episode of Energy Talks, OMICRON OT Cybersecurity Consultant Simon Rommer speaks with Benjamin Floriani and Patrick Pongratz, founders of SecCore GmbH, about how penetration testers identify vulnerabilities, develop exploits, and assess real-world cyber risks. They discuss why context matters more than vulnerability scores, the growing role of AI in offensive security, and practical measures, such as network segmentation, least privilege, and regular penetration testing to strengthen cyber resilience.

ALEF SecurityCast
Ep#331 - Lidé je nestíhají opravovat. AI našla 10 000 kritických chyb.

ALEF SecurityCast

Play Episode Listen Later May 26, 2026 8:52


Umělá inteligence možná právě začíná měnit kyberbezpečnost rychleji, než jsme čekali. V nové epizodě CCTV NEWS se podíváme na projekt Glasswing od společnosti Anthropic a AI model Mythos Preview, který měl během několika týdnů objevit více než 10 tisíc kritických zranitelností. Rozebereme také možný únik tisíců interních repozitářů GitHubu, end-to-end šifrování všech voice a video hovorů na Discordu, mezinárodní zásah proti VPN infrastruktuře využívané ransomware gangy nebo novou kritickou zranitelnost v Cisco Secure Workload s CVSS skóre 10 z 10.

Cyber Security Today
AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage

Cyber Security Today

Play Episode Listen Later May 25, 2026 13:14


Is AI about to trigger a cybersecurity vulnerability explosion? In this episode of Cybersecurity Today, David Shipley examines what some researchers are calling the early signs of a "vulnerability apocalypse" as Anthropic's Claude-powered Project Glasswing identifies thousands of potential software flaws at machine speed. The episode breaks down the real numbers behind the hype: over 10,000 candidate vulnerabilities flagged, 1,726 confirmed high or critical findings, 97 patched issues, and the growing concern that AI-driven bug hunting could overwhelm already stretched security teams. One example: a critical WolfSSL certificate forgery vulnerability (CVE-2026-5194, CVSS 9.1). Also in this episode: Canadian authorities arrest Ottawa suspect Jacob Butler, also known as "Dort," allegedly linked to the Kim Wolf botnet operation blamed for nearly 30 terabits-per-second distributed denial-of-service (DDoS) attacks and more than 25,000 incidents. We also cover active exploitation of a Ghost CMS SQL injection vulnerability (CVE-2026-26980), with attackers reportedly compromising hundreds of websites using ClickFix malware lures, including high-profile targets. And finally, an Iran-linked cyber espionage campaign dubbed "Screening Serpents" uses highly personalised fake recruitment approaches to target aerospace, defence, and telecom professionals with new remote access malware. If you work in cybersecurity, infrastructure, or IT leadership, this is one to watch. 00:00 Vunpocalypse Headlines 00:28 AI Finds Vulnerabilities 01:32 False Positives and Costs 02:39 WolfSSL Critical CVE 03:51 Patch Volume Pressure 04:28 Kim Wolf Botnet Arrest 05:13 Botnet Scale and Swatting 06:48 International Takedowns 07:41 Ghost CMS Mass Exploits 09:07 ClickFix Infection Chain 10:25 How to Remediate Ghost 10:39 Iran Spear Phishing Ops 12:51 Closing and Sign Off #Cybersecurity #CyberSecurityToday #AIsecurity #GhostCMS #DDoS #CyberEspionage #Anthropic #ClaudeAI #IranCyberThreat #InfoSec

CISSP Cyber Training Podcast - CISSP Training Program
CCT 349: FOXCONN Hack and Domain 7 CISSP Questions

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later May 14, 2026 28:20 Transcription Available


Send us Fan MailEight terabytes of stolen schematics is not just a scary number, it is a reminder that cyber risk becomes business risk fast. We start with the Wired report on the Foxconn ransomware attack and unpack what a claim like that could mean in the real world: intellectual property exposure, supply chain disruption, customer impact, and the uncomfortable truth that recovery is only one part of the story when data walks out the door.From there, we switch into CISSP Domain 7 Security Operations mode and work through practical exam-style questions with the “how would this hold up at work” mindset. We break down why live forensics imaging can be the right call during an insider threat investigation, using the order of volatility and the kinds of RAM artifacts that disappear the moment you shut a machine down. We also tackle a Patch Tuesday nightmare scenario where a CVSS 9.8 vulnerability is already being exploited but the change advisory board will not meet for ten days, and we explain why an emergency change process plus compensating controls is the mature security operations answer.We also cover a common privileged access failure where a domain admin uses an elevated account for email and browsing, and how least privilege plus a privileged access workstation (PAW) architecture can prevent a single phish from becoming domain compromise. Finally, we sharpen the fundamentals with an RTO/RPO recovery timeline question and a SIEM brute force threshold miss that illustrates false negatives and the need for better tuning and behavioural baselines.Subscribe for weekly CISSP training, share this with a study partner, and leave a review so more security pros can find the show. What topic do you want me to turn into practice questions next?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Autonomous IT
Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32

Autonomous IT

Play Episode Listen Later May 12, 2026 34:17


The May 2026 Microsoft Patch Tuesday release looks quiet on the surface – no actively exploited zero-days, no public disclosures at release, and a CVE count below the four-month average. Don't let that fool you.In this episode, Jason Kikta and Landon Miles break down everything that happened between April and May patch cycles, including Apple's macOS Tahoe 26.5 release with 79 CVEs, the Dirty Frag Linux kernel privilege escalation chain, and two pre-authenticated network remote code execution vulnerabilities in Windows core services that belong at the top of your patch list.They also dig into one of the month's most significant trends: AI-assisted vulnerability research showing up by name in Microsoft, Apple, and Linux acknowledgments in the same patch cycle – including Anthropic researchers credited on a critical Windows graphics component RCE. Ten AI-attributed vulnerability discoveries shipped fixes across all three major operating systems this month.What's covered:CVE-2026-41089: Windows NetLogon RCE (CVSS 9.8) and CVE-2026-41096: Windows DNS Client RCE (CVSS 9.8)CVE-2026-40402: Hyper-V guest-to-host escalation (CVSS 9.3)macOS Tahoe 26.5: Wi-Fi kernel RCE, nine kernel CVEs, 20 WebKit vulnerabilitiesDirty Frag Linux privilege escalation chain and the Copy Fail connectionAI-credited discoveries from Anthropic, calif.io, Theori, and NIST's Center for AI Standards and Innovation- Patch Tuesday Blog- DirtyFrag Blog- What "Mythos Ready" Means

Cloud Security Podcast
How Claude Mythos Changes Vulnerability Management: From CVSS to Exploitability

Cloud Security Podcast

Play Episode Listen Later May 5, 2026 44:38


Is your vulnerability management program ready for something like Claude Mythos? The old days of treating vulnerabilities as temporal events (like Heartbleed or Log4J) and patching them on a leisurely 30, 60, or 90-day cycle are officially over.In this episode, Ashish sits down with Brad Hibbert, COO and Chief Strategy Officer at Brinqa. Brad explains how the release of Anthropic's Claude Mythos, an AI model capable of discovering vulnerabilities at machine speed without human intervention has compressed the time-to-exploit from months down to mere seconds.We discuss why the traditional assumption that "sophisticated attacks require sophisticated attackers" is no longer relevant, and why leaning solely on CVSS scores will drown your remediation teams in noise. We speak about how defenders must pivot from generic patching to focusing on true exploitability within their specific environments. Learn how AI can chain multiple "low severity" vulnerabilities (which were previously ignored 90% of the time) to gain root access, and why siloed AI security tools will lead to an expensive and ineffective game of "Whac-A-Mole".Guest Socials -⁠⁠ ⁠Brad's Linkedin⁠Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Security, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security Podcast⁠Questions asked:(00:00) Introduction(02:30) Brad Hibbert's Background and Role at Brinqa(03:40) Heartbleed vs. Claude Mythos: Temporal vs. Persistent Threats(05:30) AI Weaponization: From Months to Seconds(06:50) Elevating the Threat Model Beyond CVSS(09:30) The Tsunami of Vulnerabilities and the Need for Exploitability(12:10) Bridging the Blind Spots in Exposure Management(15:10) Resolving Friction Between Security and Remediation Teams(21:00) Automating Remediation Without Losing Oversight(28:30) The Problem with Treating Every Vulnerability Individually(30:20) Why We Ignored 90% of Low Severity Vulnerabilities(32:30) Siloed AI and the Costly Game of "Whac-A-Mole"(35:30) Defining "Reasonable Security" in the AI Era(41:10) Quick Wins: Where to Start Uplifting Your ProgramResources spoken about during the episode:Mythos Changes the Offense.5 Things Every CISO Should Do Before the Next MythosThank you to Brinqa for sponsoring this episode

PolySécure Podcast
PME - Retour d'expérience sur la première cohorte du programme UQTR FORCE - Parce que... c'est l'épisode 0x2F1!

PolySécure Podcast

Play Episode Listen Later Apr 29, 2026 27:26


Parce que… c'est l'épisode 0x2F1! Shameless plug 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2026 - SSTIC 2026 24 et 25 juin 2026 - Troopers 26 et 27 juin 2026 - leHACK 19 septembre 2026 - Bsides Montréal 1 au 3 décembre 2026 - Forum INCYBER - Canada 2026 24 et 25 février 2027 - SéQCure 2027 Description Un programme de cybersécurité taillé pour les PME québécoises Dans cet épisode du balado Polysécure, l'animateur Nicolas reçoit Gino Plourde et Dominic Villeneuve pour faire le bilan de la première cohorte du programme Quatre Force, une formation en cybersécurité conçue spécifiquement pour les techniciens et administrateurs des petites et moyennes entreprises (PME). Les résultats sont au-delà des attentes, et l'enthousiasme des deux créateurs est palpable tout au long de la conversation. Une première cohorte prometteuse La première cohorte s'est terminée le 27 février avec 11 participants provenant de six régions administratives différentes du Québec. La diversité des apprenants a été l'une des grandes surprises : on y retrouvait des gens issus de PME manufacturières, de firmes comptables et juridiques, de ministères gouvernementaux, ainsi que des propriétaires de petites entreprises en technologies de l'information. La cohorte s'est conclue par un rassemblement en présentiel où les attestations ont été remises dans une ambiance conviviale. La deuxième cohorte a démarré le 9 mars avec 10 participants, cette fois répartis dans encore plus de régions, incluant la Montérégie, la Vallée-de-l'Outaouais et même la Côte-Nord. Ce dernier participant, géographiquement isolé, a particulièrement apprécié le format asynchrone à distance, qui répond directement aux contraintes des régions éloignées. Fort de ce succès, Gino a ouvert les inscriptions pour une troisième cohorte dès le 13 mars, prévue pour le 14 septembre. Un contenu ancré dans la réalité des entreprises Le programme est structuré en six modules (du module 0 au module 5) sur une durée de 14 semaines, à raison d'environ 10 heures par semaine. Dominic souligne que dès le module zéro — le module de base théorique —, les participants réalisent à quel point leur entreprise est exposée. On y aborde la mentalité des pirates, la doctrine de guerre appliquée à la cybersécurité (notamment l'approche de Sun Tzu), ainsi qu'une introduction au cadre CVSS. Un exercice simple, comme demander un certificat SSL, suffit à illustrer concrètement comment des informations supposément privées deviennent publiquement accessibles. À partir du module 1, les apprenants passent à la pratique avec des laboratoires concrets. Un exemple marquant : les participants apprennent à exploiter la vulnérabilité Print Nightmare dans un environnement contrôlé. Ainsi, lorsqu'ils doivent convaincre leur direction de mettre à jour ou de retirer des serveurs obsolètes, ils peuvent démontrer en temps réel les risques encourus — un argument bien plus percutant qu'un rapport théorique. Le contenu a été délibérément épuré de tout ce qui n'est pas utile aux PME. Chaque heure de formation doit apporter une valeur directe à l'entreprise et à la personne. Les créateurs insistent : ce n'est pas un cours dilué ou facile à survoler comme on en trouve sur des plateformes généralistes. C'est exigeant, mais cette intensité est au service de l'intégration réelle des connaissances. Une formation qui évolue grâce aux retours des apprenants L'équipe a apporté plusieurs ajustements entre la première et la deuxième cohorte, tous basés sur les commentaires des participants. Une semaine supplémentaire a été accordée au module zéro, jugé trop dense à l'origine. Une semaine de relâche a également été introduite à mi-parcours, permettant aux apprenants légèrement en retard de se rattraper, et aux autres de laisser décanter la matière. Quelques laboratoires particulièrement ardus ont aussi été révisés pour mieux correspondre à des défis réalistes, sans sacrifier la rigueur du contenu. Dominic souligne avec humour qu'un laboratoire qu'il complétait lui-même en une heure pouvait prendre jusqu'à huit heures à un apprenant moins expérimenté — un signal clair qu'un ajustement s'imposait. Une communauté de pratique en pleine croissance Au-delà de la formation elle-même, Gino et Dominic ont mis sur pied un groupe privé sur Discord regroupant tous les diplômés des cohortes. Cet espace d'échange permet aux participants de partager des informations sur des attaques récentes, des patterns menaçants ou des solutions concrètes — sans honte ni jugement. Deux semaines après la fin de la première cohorte, un participant a signalé au groupe avoir été victime d'un cryptovirus, détaillant le vecteur d'attaque pour que tout le monde puisse s'en prémunir. Nicolas soulève un point important : cette communauté joue un rôle crucial parce qu'elle est accessible à des gens qui ne se sentent pas encore légitimes pour intégrer les grandes communautés de cybersécurité existantes. Les experts chevronnés peuvent être intimidants pour ceux qui commencent. Ce groupe offre un espace de progression à rythme raisonnable, avec des pairs au niveau comparable. Les échanges y sont aussi agnostiques par rapport aux fournisseurs, ce qui permet des discussions honnêtes sur les produits et solutions disponibles sur le marché. Une vision d'avenir pour le Québec et au-delà En conclusion, Gino et Dominic réaffirment leur ambition : voir ce programme contribuer concrètement à rendre les PME québécoises — et peut-être internationales — plus résilientes face aux cybermenaces. Les inscriptions pour la cohorte d'automne sont ouvertes, des subventions sont disponibles pour les PME et OBNL, et tout professionnel en TI qui souhaite approfondir ses compétences en cybersécurité sans nécessairement être un spécialiste de haut niveau est le bienvenu. La formation est conçue pour les jacks of all trades du numérique — y compris, soulignent-ils avec fierté, les femmes, encore trop peu représentées dans le domaine. Collaborateurs Nicolas-Loïc Fortin Dominic Villeneuve Gino Plourde Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

CISSP Cyber Training Podcast - CISSP Training Program
CCT 342: US Govt and Mythos - CISSP EOL-EOS (Part 1) - Board Translation (Segment 1)

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later Apr 20, 2026 38:29 Transcription Available


Send us Fan MailThe next wave of AI in cybersecurity is not a theory project, it's an operational deadline. I open with a timely look at reporting that the White House wants federal agencies to get access to Anthropic's Claude Mythos, and why that scramble matters for every security team. If Mythos can help uncover vulnerabilities and accelerate exploit development, the same capability that strengthens defense can also supercharge attackers. We talk about why the government wants guardrails, why supply chain risk becomes a bigger deal, and why the gap between AI leaders may be measured in months, not years.From there, I shift into practical CISSP Domain 2.5 fundamentals: appropriate asset retention, end of life, and end of support. We walk through what “end of life” really means, why unsupported systems become high-value targets, and how to build a real end-of-life process with asset inventory, sunsetting plans, data migration, continuity planning, and secure disposal. I also share why documentation isn't busywork, especially when legal hold and chain of custody can block normal modernization efforts, and how retention policies can reduce both compliance exposure and litigation risk.Finally, I kick off a boardroom cybersecurity series built for senior security professionals and aspiring CISOs. The core idea is simple: boards don't make decisions in CVSS scores or alert counts, they make decisions in revenue impact, downtime, safety, and recovery time. I explain how to translate technical risk into business language, what boards actually want to know, and how strong executive communication turns a security leader into a strategic advisor. Subscribe, share this with a teammate, and leave a review so more CISSP and cybersecurity leaders can find the show.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Making Risk Flow | The Future of Insurance
Beyond CVSS: The New Cyber Underwriting Playbook | Jay Wallace of VulnCheck

Making Risk Flow | The Future of Insurance

Play Episode Listen Later Apr 14, 2026 40:33


In this episode of Making Risk Flow: Exploring the Ecosystem, host Jake Harding sits down with Jay Wallace of VulnCheck about how real-time exploit intelligence is reshaping cyber insurance. They unpack why traditional CVSS scoring falls short and how modeling threat actor behaviour offers a clearer picture of risk. Jay explains how carriers can use machine-readable data feeds to automate underwriting and continuously monitor exposure post-binding. The conversation also highlights the value of proactive threat notifications in reducing claims and strengthening client trust. Jay and Jake also explore how AI and automation enhance, not replace, analysts, and why the most successful insurers are shifting from a profit-centric mindset to a partnership-driven approach focused on prevention, resilience, and long-term value creation.Fan Mail: Got a challenge digitizing your intake? Share it with us, and we'll unpack solutions from our experience at Cytora.To receive a custom demo from Cytora, click here and use the code 'Making Risk Flow'.Our previous guests include: Bronek Masojada of PPL, Craig Knightly of Inigo, Andrew Horton of QBE Insurance, Simon McGinn of Allianz, Stephane Flaquet of Hiscox, Matthew Grant of InsTech, Paul Brand of Convex, Paolo Cuomo of Gallagher Re, and Thierry Daucourt of AXA.Check out the three most downloaded episodes:The Five Pillars of Data Analytics Strategy in Insurance | Craig Knightly, Inigo20 Years as CEO of Hiscox: Personal Reflections and the Evolution of PPL | Bronek MasojadaImplementing ESG in the Insurance and Underwriting Space | Simon Tighe, Chaucer, and Paul McCarney, Moody's

ITSPmagazine | Technology. Cybersecurity. Society
You're Still Reading the Advisory. The Attacker Already Left. | Lens Four by Sean Martin | Read by TAPE9

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 14, 2026 15:45


When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room. In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data.

Redefining CyberSecurity
You're Still Reading the Advisory. The Attacker Already Left. | Lens Four by Sean Martin | Read by TAPE9

Redefining CyberSecurity

Play Episode Listen Later Apr 14, 2026 15:45


When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room. In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data.

CISSP Cyber Training Podcast - CISSP Training Program
CCT 338: LinkedIn Monitoring - Support for Patch and Vulnerability Management (Domain 7)

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later Apr 6, 2026 23:55 Transcription Available


Send us Fan MailCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvLinkedIn might be doing more in your browser than you think. We start with a report dubbing it “BrowserGate” a claim that LinkedIn quietly checks for installed Chrome extensions using hidden JavaScript, raising real questions about privacy, browser fingerprinting, and what platforms should disclose to users when collecting device level signals tied to real identities and jobs. From there, we shift into a core CISSP topic that shows up everywhere in real security work: implementing and supporting patch vulnerability management (CISSP Domain 7.8). We talk about why patching is not just maintenance, but a primary security control that shrinks your attack surface across the entire ecosystem, including servers, endpoints, cloud services, mobile devices, and OT/ICS environments where uptime and safety make patching harder. We also cover the uncomfortable reality of unpatchable legacy systems and how compensating controls like micro-segmentation and network isolation help manage risk when a vendor will never ship an update. We ground the conversation with the Apache Struts remote code execution lesson and the Equifax breach, then walk through a practical patch management lifecycle: evaluate applicability, test in non-production when needed, follow change management approvals, deploy with rollback plans, and verify with follow-up scans. You'll also hear clear CISSP-ready distinctions between hotfix vs patch vs update, authenticated vs unauthenticated vulnerability scanning, CVE feeds, CVSS prioritisation, MTTR metrics, and how to respond when a zero-day vulnerability has no patch yet. If this helps your CISSP prep, subscribe, share the episode with a study partner, and leave a review so more security learners can find it. What part of patch and vulnerability management is hardest in your environment right now?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

ITSPmagazine | Technology. Cybersecurity. Society
Closing the Exposure Window: From Vulnerability Management to Remediation Operations | A Brand Highlight at RSAC Conference 2026 with Sunil Gottumukkala, CEO & Co-Founder of Averlon

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 1, 2026 9:07


The cybersecurity industry is good at finding problems. What it has struggled with -- for decades -- is fixing them. Sunil Gottumukkala, CEO and Co-Founder of Averlon, calls this the exposure window: the gap between when a vulnerability is discovered and when it is actually resolved. That gap is where real risk lives, and closing it is the founding mission of Averlon. Speaking on location at RSAC Conference 2026, Gottumukkala draws on his experience as a security executive at Salesforce to explain why even the most well-resourced teams fall behind. More code, more acquisitions, and more attack surface means more findings -- but the capacity to remediate does not scale at the same rate. The answer, he argues, is not more people. It is better systems. Averlon approaches the problem by ingesting findings from across a customer's security stack, applying AI-driven analysis to determine what is actually exploitable in that specific environment, and eliminating noise. From there, rather than generating a ticket, the platform generates a fix -- actual code changes for application vulnerabilities, or compensating controls for situations requiring more time. The goal is not to manage vulnerabilities. It is to eliminate them. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Sunil Gottumukkala, CEO & Co-Founder, Averlonhttps://www.linkedin.com/in/sunilgottumukkala/ RESOURCES Averlon: https://www.averlon.ai Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Sunil Gottumukkala, Averlon, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, vulnerability remediation, remediation operations, exposure window, cloud security, agentic AI, CVSS, vulnerability management, RSAC Conference 2026, RSAC 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Exploit Brokers - Hacking News
Dual CVSS 10.0 Cisco Flaws, AI Malware Assembly Line, Qualcomm Zero-Day & More | HN65

Exploit Brokers - Hacking News

Play Episode Listen Later Mar 26, 2026 23:25


This week on Hacking News, we're covering five stories that all share one theme: the things we trust most are the things being targeted. Cisco disclosed two CVSS 10.0 vulnerabilities in their Secure Firewall Management Center — the centralized brain that manages entire firewall fleets — giving unauthenticated attackers root access. Pakistan-linked APT36 has turned AI coding tools into a malware assembly line, flooding Indian government networks with disposable "vibeware" variants in a strategy Bitdefender calls "Distributed Denial of Detection." Google dropped the largest Android security update in almost eight years — 129 vulnerabilities — including a Qualcomm zero-day already under targeted exploitation across 234 chipsets. A China-linked threat cluster called UAT-9244 is burrowing into South American telecom infrastructure with three brand-new malware families spanning Windows, Linux, and edge devices. And LexisNexis confirmed a cloud breach after a threat actor exploited an unpatched React app and found the database password was... Lexis1234. ⏱️ Timestamps 0:00 — Cold Open: What do you call a hackable firewall manager? 1:21 — Welcome & CTA 2:01 — Story 1: Cisco Secure FMC — Two CVSS 10.0 Vulnerabilities (CVE-2026-20079 & CVE-2026-20131) 5:33 — Story 2: APT36 "Vibeware" — AI-Generated Malware at Industrial Scale 9:13 — Story 3: Google Android March 2026 — 129 Patches + Qualcomm Zero-Day (CVE-2026-21385) 12:34 — Story 4: UAT-9244 / FamousSparrow — China-Linked APT Hits South American Telecoms 16:26 — Story 5: LexisNexis Cloud Breach — React2Shell, Weak Passwords, Gov Data 20:14 — Recap & Key Takeaways 22:40 — Outro

Gestalt IT Rundown
NVIDIA Blackwell & Vera Rubin $1 Trillion Projections | Tech Field Day News Rundown: March 18, 2026

Gestalt IT Rundown

Play Episode Listen Later Mar 18, 2026 31:37


AI's next phase is arriving fast—and it's reshaping everything from cloud performance to cybersecurity. This week, Amazon Web Services and Cerebras unveiled a new approach to dramatically accelerate AI inference by pairing specialized chips through Amazon Bedrock, while Dell, Nutanix, and CrowdStrike rolled out infrastructure and security innovations at GTC 2026 to support the rapid rise of agentic AI across enterprise environments. At the same time, Zscaler expanded data sovereignty controls to meet tightening global regulations, and Cisco rushed to patch a critical CVSS 10.0 SD-WAN vulnerability that could grant attackers full administrative access. Underscoring it all, Nvidia's Jensen Huang projected a staggering $1 trillion in demand for next-gen AI systems by 2027—making one thing clear: the race to power, secure, and scale AI is only just getting started. This and more on the Tech Field Day News Rundown with Tom Hollingsworth and guest host Dave Graham of MLCommons. Time Stamps: 0:00 - Cold Open0:28 - Welcome to the Tech Field Day News Rundown1:13 - AWS and Cerebras Partner to Accelerate AI Inference in the Cloud2:37 - Critical Cisco SD-WAN Authentication Bypass Vulnerability5:38 - Dell Expands AI Infrastructure Portfolio at NVIDIA GTC7:40 - CrowdStrike and NVIDIA Expand AI Security Alliance11:15 - Nutanix Expands AI Platform to Securely Run Enterprise AI Agents13:59 - Zscaler Expands Data Sovereignty Controls for Global Compliance18:26 - NVIDIA CEO Sees $1 Trillion in Orders for Blackwell and Vera Rubin Through 202728:38 - The Weeks Ahead: Upcoming Tech Field Day Events30:29 - Thanks for Watching the Tech Field Day News RundownTune in every Wednesday for the IT news of the week with a variable degree of snarkyness. Guest Host: ⁠Dave Graham, Head of Marketing at MLCommonsFollow our hosts ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Tom Hollingsworth⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Alastair Cooke⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Stephen Foskett⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Follow Tech Field Day ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠on LinkedIn⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠X/Twitter⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Bluesky⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, and on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Mastodon⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Exploit Brokers - Hacking News
Cisco & Dell CVSS 10.0 Exploited for YEARS, Claude AI Jailbroken, ScarCruft Jumps Air Gaps | HN64

Exploit Brokers - Hacking News

Play Episode Listen Later Mar 12, 2026 28:07


Two perfect CVSS 10.0 scores in one news cycle. A state-sponsored actor living inside Cisco's SD-WAN platform since 2023. A brand-new lateral movement technique called "Ghost NICs" that leaves no forensic trace. An AI chatbot jailbroken to steal 195 million government records. A North Korean hacking group bridging air-gapped networks with USB drives and an embedded Ruby runtime. And a phishing platform so sophisticated it makes your multi-factor authentication functionally useless. This is Hacking News Episode 64 from Exploit Brokers by Forgebound Research. Five stories, multiple nation-state actors, and some genuinely novel attack techniques. Let's get into it.

Autonomous IT
Patch [FIX] Tuesday – March 2026 [SMB Is Back and ASLR Gets Shuffled], E29

Autonomous IT

Play Episode Listen Later Mar 10, 2026 21:56


March 2026's Patch Tuesday brings no active exploitations, but don't let that fool you. This month, Ryan Braunstein and Henry Smith break down why medium-severity vulnerabilities deserve your full attention.First up: a Push Message Routing Service memory leak (CVE-2026-24282, CVSS 5.5) that lets attackers scrape session tokens and private keys from heap memory. Then, a pair of GDI bugs (CVE-2026-25181 and CVE-2026-25190) that chain together to defeat ASLR and deliver remote code execution with near-perfect reliability. Henry covers a Windows Accessibility Infrastructure flaw (CVE-2026-24291) hiding in a service most teams never think to harden, plus an SMB authentication bypass (CVE-2026-24294) that echoes EternalBlue and WannaCry.What you'll learn:- How attackers chain medium-severity bugs into full compromise paths- Why the Push Message Routing Service is a target-rich environment for credential theft- How a two-stage GDI exploit defeats ASLR with near-100% reliability- Why accessibility services are blind spots on your hardening checklists- What SMB's history with EternalBlue and WannaCry means for this month's auth bypassPatch your systems. Audit your service accounts. Don't skip the mediums.

Exploit Brokers - Hacking News
600 Firewalls Breached by AI in 5 Weeks — Plus Chrome Zero-Day, CVSS 9.9 RCE & AI-Powered Malware | HN63

Exploit Brokers - Hacking News

Play Episode Listen Later Mar 5, 2026 28:52


AI is reshaping both sides of the cybersecurity battlefield — and fast. In this episode, we break down five stories that prove it: the first Chrome zero-day of 2026 (CVE-2026-2441), a near-perfect CVSS 9.9 in Microsoft's Semantic Kernel SDK (CVE-2026-26030), a supply chain attack on AI coding assistant Cline that silently installed autonomous agents on thousands of developer machines, the first-ever Android malware using Google's Gemini AI at runtime (PromptSpy), and a Russian-speaking threat actor who used commercial AI tools to breach over 600 FortiGate firewalls across 55 countries in just five weeks. Whether you're a developer, security professional, or just someone who uses a browser — this one's worth your time.

Security Now (MP3)
SN 1067: KongTuke's CrashFix - Click, Paste, Pwned

Security Now (MP3)

Play Episode Listen Later Mar 3, 2026 173:08


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

Security Now (MP3)
SN 1067: KongTuke's CrashFix - Click, Paste, Pwned

Security Now (MP3)

Play Episode Listen Later Mar 3, 2026 173:08 Transcription Available


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

All TWiT.tv Shows (MP3)
Security Now 1067: KongTuke's CrashFix

All TWiT.tv Shows (MP3)

Play Episode Listen Later Mar 3, 2026 173:08 Transcription Available


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

Security Now (Video HD)
SN 1067: KongTuke's CrashFix - Click, Paste, Pwned

Security Now (Video HD)

Play Episode Listen Later Mar 3, 2026 160:04 Transcription Available


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

Security Now (Video HI)
SN 1067: KongTuke's CrashFix - Click, Paste, Pwned

Security Now (Video HI)

Play Episode Listen Later Mar 3, 2026 160:04 Transcription Available


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

Radio Leo (Audio)
Security Now 1067: KongTuke's CrashFix

Radio Leo (Audio)

Play Episode Listen Later Mar 3, 2026 173:08 Transcription Available


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

Security Now (Video LO)
SN 1067: KongTuke's CrashFix - Click, Paste, Pwned

Security Now (Video LO)

Play Episode Listen Later Mar 3, 2026 160:04 Transcription Available


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

All TWiT.tv Shows (Video LO)
Security Now 1067: KongTuke's CrashFix

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Mar 3, 2026 160:04 Transcription Available


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

Radio Leo (Video HD)
Security Now 1067: KongTuke's CrashFix

Radio Leo (Video HD)

Play Episode Listen Later Mar 3, 2026 160:04 Transcription Available


A crafty new breed of social engineering attack is tricking users into launching malware straight from their clipboard, exposing a fresh vulnerability in Windows that even tech pros could fall for. Leo Laporte and Steve Gibson break down how the latest ClickFix and CrashFix exploits are outsmarting traditional defenses. The lowdown on last week's "no turn" picture of the week. Is an AI-driven hacking campaign a big deal now. Clause used in multiple Mexican government attacks. Apple continues to be confronted with age restrictions. COPPA needs an exception to allow age collection. Meta swamps law enforcement with AI-slop CSAM reports. Roskomnadzor has been busy blocking VPNs. Guess how many. The UK tries to report their self-scanning success. Remember that hacker who extorted the psychotherapy patients. Scattered Lapsus$ Hunters is actively recruiting women. Cisco lands another breathtakingly rare 10.0 CVSS. VulnCheck's report on 2025 vulnerabilities and exploits. Steve discovers a fabulous $72 Hardware Security Module. A listener shares an interesting AI service discovery. The very potent "ClickFix" exploit evolves Show Notes - https://www.grc.com/sn/SN-1067-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow guardsquare.com threatlocker.com/twit adaptivesecurity.com outsystems.com/twit

Exploit Brokers - Hacking News
6 Zero-Days Exploited NOW, Lazarus Poisons npm, AI-Generated Malware & More | HN62

Exploit Brokers - Hacking News

Play Episode Listen Later Feb 26, 2026 24:18


Microsoft just dropped patches for SIX actively exploited zero-day vulnerabilities — and that's just the beginning. In this week's Hacking News, we break down the February 2026 Patch Tuesday emergency, North Korea's Lazarus Group poisoning npm and PyPI through fake job recruiters, nation-state hackers weaponizing Google's Gemini AI (including malware that writes its own payloads), a massive Dutch telecom breach affecting 6.2 million people, and a U.S. government contractor breach that ballooned from 4 million to potentially tens of millions affected. This is Exploit Brokers by Forgebound Research — cybersecurity news, threat intelligence, and insights. Whether you're a security analyst, developer, or just someone who wants to stay informed, this episode has something for you.

Cyber Security Today
Discord Finds Age Identification May Have Privacy Concerns

Cyber Security Today

Play Episode Listen Later Feb 25, 2026 9:21


Discord Drops Persona Age Verification, SolarWinds Serv-U Critical RCEs, Splunk Windows Priv Esc, and Smart TV Screenshot Surveillance Lawsuits In this episode of Cybersecurity Today, host Jim Love covers Discord ending its age-verification experiment with Persona after user backlash and researcher findings that Persona's front-end code suggested up to 269 verification checks, including watch list screening and risk scoring, amid already-thin trust following an earlier breach that exposed government ID images. The show also highlights SolarWinds Serv-U 15.5.0.4 patches for four critical (CVSS 9.1) remote code execution vulnerabilities (CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, CVE-2025-40541), noting they require high privileges and that self-hosted Windows/Linux instances must be upgraded, with estimates ranging from under 1,200 to over 12,000 internet-exposed servers. Splunk discloses a high-severity Windows privilege escalation flaw (CVE-2025-2386, CVSS 8.0) caused by incorrect install-directory permissions in versions before 10.0.0.2, 9.4.0.6, 9.3.0.8, and 9.2.10, enabling local users to potentially escalate privileges and tamper with logging. Finally, Texas Attorney General Ken Paxton sues Samsung, Sony, LG, Hisense, and TCL, alleging smart TVs use automated content recognition to capture screen content—potentially up to twice per second—and transmit it without meaningful consent, with implications for both home viewing and confidential business use; the episode emphasizes reviewing and disabling ACR settings and accounting for network-connected screens in security models.  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Sponsor Message Meter 00:20 Discord Age Verification Backlash 01:37 Persona Code Raises Alarms 03:08 SolarWinds Serv-U Critical RCEs 04:51 Splunk Windows Priv Esc 06:18 Smart TV Screenshot Surveillance 08:35 Wrap Up and Sponsor Thanks

Exploit Brokers - Hacking News
State Hackers Hit 37 Countries, BeyondTrust CVSS 9.9 RCE, Signal Hijacked & More | HN Ep. 61

Exploit Brokers - Hacking News

Play Episode Listen Later Feb 19, 2026 21:55


A newly uncovered state-backed espionage group has compromised 70 organizations across 37 countries in a single year — and they were scanning infrastructure in 155 more. In this episode of Hacking News, we break down Palo Alto Unit 42's Shadow Campaigns investigation, a CVSS 9.9 pre-authentication RCE in BeyondTrust's remote access tools, a state-sponsored Signal phishing campaign targeting European politicians and military officials without using a single line of malware, CISA's aggressive new directive ordering federal agencies to rip out end-of-life edge devices, and an Everest ransomware claim against Iron Mountain that turned out to be far less than advertised. Whether you're a cybersecurity professional, IT admin, or just someone who wants to stay informed about the threats facing our digital world — this episode has critical takeaways you can act on today.

Cyber Security Today
BeyondTrust Zero-Day Exploited,

Cyber Security Today

Play Episode Listen Later Feb 16, 2026 10:33


This episode covers multiple active threats and security changes. It warns of an actively exploited critical BeyondTrust remote access vulnerability (CVE-2026-1731, CVSS 9.9) enabling pre-authentication remote code execution in Remote Support and Privileged Remote Access, noting SaaS was patched while on-prem deployments require urgent manual updates and may already be compromised. Microsoft details an evolution of the ClickFix social engineering technique where victims are tricked into running NSLookup commands that use attacker-controlled DNS responses as a malware staging channel, leading to payload delivery (including a Python-based RAT) and persistence via startup shortcuts, alongside increased Lumma Stealer activity.  Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst Researchers also report Mac-focused campaigns abusing AI-generated content and malicious search ads to push copy-paste terminal commands that install an info stealer (MaxSync) targeting Keychain, browsers, and crypto wallets. T The show describes fake recruiter campaigns targeting developers with coding tests containing malicious dependencies on repositories like NPM and PyPI, linked to the "Gala" operation and nearly 200 packages. Finally, it reviews NPM's authentication overhaul after a supply-chain worm incident—revoking classic long-lived tokens, moving to short-lived session credentials, encouraging MFA and OIDC trusted publishing—while noting remaining risks such as MFA phishing, non-mandatory MFA for unpublish, and the continued ability to create long-lived tokens. 00:00 Sponsor: Meter + Today's Cybersecurity Headlines 00:48 Urgent Patch: BeyondTrust Remote Access RCE (CVE-2026-1731) Actively Exploited 02:45 ClickFix Evolves: DNS Lookups (nslookup) Used as Malware Staging 04:34 Mac Malware via AI Search Results: Fake Terminal Commands Deliver Info-Stealer 06:08 Fake Recruiters, Real Malware: Coding Tests Poison Dev Environments 07:19 NPM Security Overhaul After Supply-Chain Worm—What's Better, What Still Risks 09:11 Wrap-Up, Thanks, and Sponsor Message

ITSPmagazine | Technology. Cybersecurity. Society
KEVology: How Exploit Scores and Timelines Shape Real Security Decisions | A Brand Highlight Conversation with Tod Beardsley, Vice President of Security Research of runZero

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Feb 13, 2026 8:23


The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Redefining CyberSecurity
KEVology: How Exploit Scores and Timelines Shape Real Security Decisions | A Brand Highlight Conversation with Tod Beardsley, Vice President of Security Research of runZero

Redefining CyberSecurity

Play Episode Listen Later Feb 13, 2026 8:23


The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

CISSP Cyber Training Podcast - CISSP Training Program
CCT 323: Practice CISSP Questions - Generating Reports - Domain 6

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later Feb 12, 2026 27:37 Transcription Available


Send a textAlarms go off, dashboards turn red, and leadership wants everything fixed yesterday—sound familiar? We dig into the real craft of vulnerability management: deciding what truly matters, when to defer safely, and how to protect customers while keeping the business moving. Along the way, we unpack the forces shaping 2025 security: AI-fueled threats, smarter cyber insurance, the edge of quantum risk, stricter privacy laws, and the rising stakes of DevOps security.We share a practical triage framework that goes beyond CVSS. Learn how to validate scanner noise, confirm versions, and use a second tool when the data looks off. When patching collides with uptime or legacy systems, we outline compensating controls that actually reduce exploitability—segmentation, allow-lists, credential tightening, and targeted monitoring—plus the documentation and triggers that prevent “temporary” exceptions from turning permanent. You'll hear how to communicate residual risk with time-bound plans and metrics leaders understand, from blast radius to downtime cost and insurance obligations.Ethical disclosure gets real, too. When a researcher's 30-day clock clashes with a 45-day fix, coordination beats confrontation. We talk through private progress updates, revised timelines, and interim mitigations that put users first. For vendors and open source, we highlight respectful escalation paths, legal prep, and why responsible disclosure typically reduces harm better than full, premature detail drops. In complex multi-cloud setups, we recommend assigning a cross-team coordinator who aligns priorities, patches the most exposed services first, and bakes checks into CI/CD so the next fix is faster.Subscribe for more CISSP-ready breakdowns, share this with a teammate who lives in the patch queue, and leave a review with your toughest triage scenario—we might feature it next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

The Cybersecurity Defenders Podcast
#291 - Intel Chat: OpenClaw saga continues, React Native Community vulnerability, Notepad++ & GTIG targets IPIDEA proxy network

The Cybersecurity Defenders Podcast

Play Episode Listen Later Feb 9, 2026 28:23


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.OpenClaw, an open source AI agent formerly known as MoltBot and ClawdBot, has rapidly become the fastest-growing project on GitHub, amassing over 113,000 stars in under a week.A critical vulnerability in the React Native Community CLI NPM package, tracked as CVE-2025-11953 with a CVSS score of 9.8, has been actively exploited in the wild since late December 2025, according to new findings by VulnCheck. JFrog article.Following the disclosure in the Notepad++ v8.8.9 release announcement, further investigation confirmed a sophisticated supply chain attack that targeted the application's update mechanism.Google, in coordination with multiple partners, has undertaken a large-scale disruption effort targeting the IPIDEA proxy network, which it identifies as one of the largest residential proxy networks globally.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The DevSecOps Talks Podcast
#91 - January security roundup: CVSS 10 in n8n, self-hosted AI scares, and nonstop patching

The DevSecOps Talks Podcast

Play Episode Listen Later Feb 4, 2026 44:01


We kick off with a CVSS 10 in n8n, then look at self-hosted AI assistants with weak defaults and prompt injection risks. Are your API keys, inbox, and drives safe if a bot is open to the web? What should you rotate, patch, and hide behind a VPN?  We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel

CISSP Cyber Training Podcast - CISSP Training Program
CCT 320: OT Attacks And CISSP Domain 6.4 Essentials

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later Feb 2, 2026 41:11 Transcription Available


Send us a textWhat happens when custom malware turns IoT into a springboard for OT, and gas pumps become levers for panic? We open with a timely look at Iranian-linked operations targeting PLCs and use that story to ground a full, practical tour of CISSP Domain 6.4: how to analyze scan output and generate reports that actually drive action.We break down the anatomy of a high-value vulnerability report—clean executive summaries, CVE and CVSS clarity, and the business context that separates theoretical risk from real-world impact. From there, we map a repeatable cadence for internal scans full of misconfigurations, default creds, and end-of-life software, plus a strategy to turn noisy findings into steady wins through prioritization, trend metrics, and small, fast fixes that build momentum.On the perimeter, we focus on external scans across web apps, APIs, cloud edges, and third parties. You'll hear hard-earned tactics for handling M&A exposure, vendor VPNs, misconfigured buckets, and certificate drift without breaking production. We share validation steps that avoid false positives and chaos in prod, then show how to formalize exceptions with risk assessments, compensating controls, and an auditable register that satisfies PCI DSS, HIPAA, SOX, and GDPR expectations.We close with ethical disclosure done right—timelines, ISO/IEC 29147 alignment, and when to coordinate versus publish—so you protect users and your organization without stepping into legal traps. If you're studying for the CISSP or building a vulnerability management program that survives contact with reality, this guide will help you prioritize what matters, communicate clearly, and keep improving.Enjoyed the show? Subscribe, share with a teammate, and leave a quick review so others can find it. Tell us: what metric best proves your remediation progress?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Exploit Brokers - Hacking News
CRITICAL: Office Zero-Day + WordPress Admin Takeover + Chrome Extensions Stealing AI Chats | EP 60

Exploit Brokers - Hacking News

Play Episode Listen Later Jan 29, 2026 24:52


Microsoft just dropped an emergency patch for an Office zero-day being exploited in the wild. A WordPress plugin has a CVSS 10.0 vulnerability — that's the golden goose of hacking. 900,000 Chrome users had their ChatGPT conversations stolen by malicious extensions with Google's Featured badge. And two cybersecurity professionals pleaded guilty to moonlighting as ransomware affiliates. Welcome to 2026. It's gonna be a fun year. In this episode: CVE-2026-21509: Microsoft Office zero-day (security feature bypass) CVE-2026-23550: WordPress Modular DS critical vulnerability Prompt Poaching: Chrome extensions stealing AI conversations Brightspeed breach: Crimson Collective claims 1M+ records Insider threat: Security pros turned BlackCat/ALPHV affiliates Key takeaway: Update your stuff. A patch does you no good if it isn't installed. Subscribe for weekly cybersecurity news, vulnerability breakdowns, and threat intelligence.   https://forgeboundresearch.com/podcasts/

The Cybersecurity Defenders Podcast
#281 - Intel Chat: Ni8mare CVSS 10.0, malicious AI extensions, Venezuela blackout & guilty BlackCat insiders

The Cybersecurity Defenders Podcast

Play Episode Listen Later Jan 14, 2026 31:14


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in the workflow automation platform n8n, tracked as CVE-2026-21858 and rated CVSS 10.0, allows unauthenticated remote attackers to fully compromise exposed instances.Two malicious Chrome extensions impersonating a legitimate product from AITOPIA were found exfiltrating sensitive user data, including full AI chat histories, according to a report from OX Security.The recent U.S. military operation in Venezuela that led to the capture of President Nicolás Maduro may have included cyber operations, but official confirmation of cyber's role remains ambiguous.Two U.S. citizens with professional backgrounds in cybersecurity have pleaded guilty to acting as affiliates of the ALPHV/BlackCat ransomware group, a prominent ransomware-as-a-service (RaaS) operation.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The New CISO
Safety Third: Why Security Shouldn't Be Your Top Priority

The New CISO

Play Episode Listen Later Jan 8, 2026 66:54


In this episode of The New CISO, host Steve Moore speaks with Alex Rice, Founder, CTO, and CISO at HackerOne, about challenging one of cybersecurity's most deeply held beliefs—that security should be the top priority. Drawing from his journey building security programs at Facebook and founding HackerOne, Alex introduces the "safety third" philosophy and explains why accepting that security is never first can actually make you more effective as a leader.Alex shares his unconventional path into cybersecurity, starting as a 14-year-old programmer in rural Florida and eventually leading product security at Facebook during its explosive growth. He reveals how Facebook ran 70+ penetration tests annually with top-tier vendors and still wasn't finding enough vulnerabilities—until they opened the doors to the hacker community and received over 300 valid findings in a single weekend. This experience became the foundation for HackerOne's bug bounty platform.The conversation tackles critical leadership challenges facing modern CISOs, including the toxic tendency toward victim blaming when breaches occur, why security teams struggle with customer-centric design, and how to avoid becoming the team everyone knows only for blocking work and sending phishing tests. Alex argues that security professionals must stop drinking their own Kool-Aid and recognize that usability and business outcomes will always take precedence over security controls.In the episode's second half, Alex addresses AI's role in security operations with refreshing pragmatism. Rather than chasing grandiose AI visions, he advocates for starting with narrow, well-defined tasks where agents can replace security toil—like automated CVSS scoring or vulnerability triage—building trust and expertise before tackling more ambitious projects. He warns against the current trend of AI tools that find more problems when security teams desperately need help fixing the mountain of issues they already know about.Alex also challenges CISOs to stop over-owning problems like asset inventory management that rightfully belong to other executives, emphasizing the importance of cross-functional collaboration over building security-owned solutions that ultimately fail. Throughout the discussion, he champions a philosophy of empathy, customer-centricity, and accepting hard truths about security's actual place in business priorities—a mindset shift that paradoxically makes security leaders far more effective.Key Topics Discussed:Why "safety third" should be every CISO's operating philosophyThe problem with victim blaming in cybersecurity incidentsBuilding customer-centric security programs that enable rather than blockLessons from scaling Facebook's security program with 70 pen tests per yearThe origin story of HackerOne and crowdsourced security testingHow to avoid becoming the security team everyone resentsPractical AI implementation: Starting with toil elimination, not transformationWhy CISOs over-own asset management and other problemsThe importance of process mapping before deploying AI agentsAligning security teams closely with AI and software...

The Cybersecurity Defenders Podcast
#276 - Intel Chat: React2Shell, GeminiJack vulnerability, pro‑Russia hacktivist arrested & Warp Panda

The Cybersecurity Defenders Podcast

Play Episode Listen Later Dec 15, 2025 37:07


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comReact2Shell is the latest high-profile vulnerability in the web application landscape, scoring a critical CVSS 10.0 and drawing immediate comparisons to Log4Shell.Researchers at Noma Labs disclosed a critical vulnerability in Google's Gemini Enterprise AI assistant, dubbed GeminiJack, that allowed attackers to stealthily exfiltrate sensitive enterprise data.U.S. prosecutors have charged Victoria Eduardovna Dubranova, a 33‑year‑old Ukrainian woman, in two separate indictments for her alleged involvement with pro‑Russia hacktivist groups CyberArmyofRussia_Reborn and NoName057(16).A China-aligned threat actor identified as Warp Panda has been linked to recent compromises of VMware vCenter environments at U.S.-based organizations, according to a new report from CrowdStrike. Original CrowdStrike article. CISA BRICKSTORM Backdoor breakdown. Analysis report.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Risky Business
Risky Business #818 -- React2Shell is a fun one

Risky Business

Play Episode Listen Later Dec 10, 2025 58:27


In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: There's a CVSS 10/10 remote code exec in the React javascript server. JS server? U wot mate? China is out popping shells with it Linux adds support for PCIe bus encryption Amnesty International says Intellexa can just TeamViewer into its customers' surveillance systems …and a Belgian murder suspect complains that GrapheneOS's duress wipe feature failed him? This week's episode is sponsored by Kroll Cyber. Simon Onyons is Managing Director at Kroll's Cyber and Data Resilience arm, and he discusses a problem near to many of our hearts. Just how do you explain cyber risk to the board? This episode is also available on Youtube. Show notes Risky Bulletin: APTs go after the React2Shell vulnerability within hours - Risky Business Media Guillermo Rauch on X: "React2Shell" / X React2Shell-CVE-2025-55182-original-poc/README.md at main · lachlan2k/React2Shell-CVE-2025-55182-original-poc · GitHub Hydrogen: Shopify's headless commerce framework Researchers track dozens of organizations affected by React2Shell compromises tied to China's MSS | The Record from Recorded Future News Unveiling WARP PANDA: A New Sophisticated China-Nexus Adversary Three hacking groups, two vulnerabilities and all eyes on China | The Record from Recorded Future News Risky Bulletin: Linux adds PCIe encryption to help secure cloud servers Sean Plankey nomination to lead CISA appears to be over after Thursday vote | CyberScoop

Security Conversations
APTs pounce on React2Shell; BRICKSTORM backdoors; .gov surveillance

Security Conversations

Play Episode Listen Later Dec 6, 2025 101:44


(Presented by ThreatLocker (https://threatlocker.com/threebuddyproblem): Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 75: We dig into a CVSS 10/10 unauthenticated RCE bug causing chaos across the internet and early signs that Chinese APTs are already launching exploits, the cascading patch chaos, and a long tail of malware intrusions to come. Plus, commentary on Chrome's telemetry collection, Microsoft and the "SFI success story," newest BRICKSTORM backdoor intrusions, the US national security strategy, Anthropic's AI popping smart-contract bugs, a secret FBI ransomware-hunting unit getting weird, and a pair of sad stories in the security community. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Cloud Security Podcast by Google
EP254 Escaping 1990s Vulnerability Management: From Unauthenticated Scans to AI-Driven Mitigation

Cloud Security Podcast by Google

Play Episode Listen Later Dec 1, 2025 31:14


Guest: Caleb Hoch, Consulting Manager on Security Transformation Team, Mandiant, Google Cloud Topics: How has vulnerability management (VM) evolved beyond basic scanning and reporting, and what are the biggest gaps between modern practices and what organizations are actually doing? Why are so many organizations stuck with 1990s VM practices? Why mitigation planning is still hard for so many? Why do many organizations, including large ones, still rely on unauthenticated scans despite the known importance of authenticated scanning for accurate results? What constitutes a "gold standard" vulnerability prioritization process in 2025 that moves beyond CVSS scores to incorporate threat intelligence, asset criticality, and other contextual factors? What are the primary human and organizational challenges in vulnerability management, and how can issues like unclear governance, lack of accountability, and fear of system crashes be overcome? How is AI impacting vulnerability management, and does the shift to cloud environments fundamentally change VM practices? Resources: EP109 How Google Does Vulnerability Management: The Not So Secret Secrets! EP246 From Scanners to AI: 25 Years of Vulnerability Management with Qualys CEO Sumedh Thakar EP248 Cloud IR Tabletop Wins: How to Stop Playing Security Theater and Start Practicing How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends Mandiant M Trends 2025 EP204 Beyond PCAST: Phil Venables on the Future of Resilience and Leading Indicators Mandiant Vulnerability Management

Cyber Security Today
Cybersecurity Today: CloudFlare Outage, Microsoft's AI Risk, New Red Team Tool, and More!

Cyber Security Today

Play Episode Listen Later Nov 19, 2025 15:38


In this episode of 'Cybersecurity Today,' host Jim Love covers multiple pressing topics: CloudFlare's major outage affecting services like OpenAI and Discord, Microsoft's new AI feature in Windows 11 and its potential malware risks, a new red team tool that exploits cloud-based EDR systems, and a new tactic using calendar invites as a stealth attack vector. Additionally, a critical SAP vulnerability scoring a perfect 10 on the CVSS scale is discussed alongside a peculiar event where Anthropic's AI mistakenly tried to report a cybercrime to the FBI. The episode wraps up with a mention of the book 'Alyssa, A Tale of Quantum Kisses' and a thank you to Meter for sponsoring the podcast. Tune in for essential cybersecurity insights. 00:00 Introduction and Sponsor Message 00:22 CloudFlare Outage Causes Major Disruptions 02:55 Microsoft's New AI Features and Malware Risks 05:22 Silent but Deadly: New Red Team Tool 07:39 Calendar Invites as a Stealth Attack Vector 10:04 Critical SAP Vulnerability 12:11 Anthropic's AI and the FBI Incident 14:06 Conclusion and Final Thoughts

Security Now (MP3)
SN 1047: RediShell's CVSS 10.0 - The Rise of Mega Botnets

Security Now (MP3)

Play Episode Listen Later Oct 15, 2025 165:35


Texas is on the brink of forcing Apple and Google to overhaul app downloads with strict age verification laws—are tech giants ready, or is your privacy about to get caught in the crossfire? The EU aborted their Chat Control vote knowing it would fail. Salesforce says it's not going to pay; customer data is released. Hackers claim Discord breach netted 70,000 government IDs. Microsoft to move Github to Azure. What could possibly go wrong. New California law allows universal data sharing opt-out. OpenAI reports that it's blocking foreign abuse. Who cares. IE Mode refuses to die, so Microsoft is burying it deeper. The massive mess created by Texas legislation SB2420. The BreachForums website gets a makeover. 100,000 strong global botnet attacking U.S. RDP services. UI experts weigh in on Apple's iOS 26 user-interface. 330,000 publicly exposed REDIS servers are RCE-vulnerable Show Notes - https://www.grc.com/sn/SN-1047-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security expressvpn.com/securitynow vanta.com/SECURITYNOW canary.tools/twit - use code: TWIT bigid.com/securitynow

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Thursday, October 16th, 2025: Clipboard Image Stealer; F5 Compromise; Adobe Updates; SAP Patchday

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Oct 15, 2025 8:40


Clipboard Image Stealer Xavier presents an infostealer in Python that steals images from the clipboard. https://isc.sans.edu/diary/Clipboard%20Pictures%20Exfiltration%20in%20Python%20Infostealer/32372 F5 Compromise F5 announced a wide-ranging compromise today. Source code and information about unpatched vulnerabilities were stolen. https://my.f5.com/manage/s/article/K000157005 https://my.f5.com/manage/s/article/K000156572 https://my.f5.com/manage/s/article/K000154696 Adobe Updates Adobe updated 12 different products yesterday. https://helpx.adobe.com/security.html SAP Patchday Among the critical vulnerabilities patched in SAP s products are two deserialization vulnerabilities with a CVSS score of 10.0 https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html https://onapsis.com/blog/sap-security-patch-day-october-2025/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday, September 10th, 2025: Microsoft Patch Tuesday;

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Sep 10, 2025 8:25


Microsoft Patch Tuesday As part of its September patch Tuesday, Microsoft addressed 177 different vulnerabilities, 86 of which affect Microsoft products. None of the vulnerabilities has been exploited before today. Two of the vulnerabilities were already made public. Microsoft rates 13 of the vulnerabilities are critical. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20September%202025/32270 Adobe Patches Adobe released patches for nine products, including Adobe Commerce, Coldfusion, and Acrobat. https://helpx.adobe.com/security/security-bulletin.html SAP Patches SAP patched vulnerabilities across its product portfolio. Particularly interesting are a few critical vulnerabilities in Netweaver, one of which scored a perfect 10.0 CVSS score. https://onapsis.com/blog/sap-security-notes-september-2025-patch-day/