Podcasts about Cyber

The Senate confirms a new national cyber director. A new commission explores the establishment of a separate Cyber Force. Cybercriminals exploit link wrapping to launch sophisticated phishing attacks. AI agents are hijacked, cameras cracked, and devs phished. Gene sequencers and period trackers settle allegations of oversharing personal data and inadequate security. Today we are joined by Tim Starks from CyberScoop discussing how China accuses the US of exploiting Microsoft zero-day in a cyberattack. OpenAI scrambles after a chat leak fiasco. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. You can read Tim's article on the topic here. CyberWire Guest Today we are joined by Tim Starks from CyberScoop discussing how China accuses the US of exploiting Microsoft zero-day in a cyberattack. Selected Reading Sean Cairncross confirmed as national cyber director (The Record) Panel to create roadmap for establishing US Cyber Force (The Record) Microsoft 365: Attackers Weaponize Proofpoint and Intermedia Link Wrapping to Steal Logins (WinBuzzer) When Public Prompts Turn Into Local Shells: ‘CurXecute' – RCE in Cursor via MCP Auto‑Start (Aim Security) LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code (Hackread) Bitdefender Warns Users to Update Dahua Cameras Over Critical Flaws (Hackread) Mozilla warns of phishing attacks targeting add-on developers (Bleeping Computer) Gene Sequencing Giant Illumina Settles for $9.8M Over Product Vulnerabilities (SecurityWeek) Flo settles class action lawsuit alleging improper data sharing (The Record) ChatGPT users shocked to learn their chats were in Google search results (Ars Technica) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Scans for pop3user with guessable password A particular IP assigned to a network that calls itself Unmanaged has been scanning telnet/ssh for a user called pop3user with passwords pop3user or 123456 . I assume they are looking for legacy systems that either currently run pop3 or ran pop3 in the past, and left the user enabled. https://isc.sans.edu/diary/Legacy%20May%20Kill/32166 Possible Sonicwall SSL VPN 0-Day Arcticwolf observed compromised Sonicwall SSL VPN devices used by the Akira group to install ransomware. These devices were fully patched, and credentials were recently rotated. https://arcticwolf.com/resources/blog/arctic-wolf-observes-july-2025-uptick-in-akira-ransomware-activity-targeting-sonicwall-ssl-vpn/ PAM Based Linux Backdoor For over a year, attackers have used a PAM-based Linux backdoor that so far has gotten little attention from anti-malware vendors. PAM-based backdoors can be stealthy, and this one in particular includes various anti-forensics tricks. https://www.nextron-systems.com/2025/08/01/plague-a-newly-discovered-pam-based-backdoor-for-linux/

In this special episode of The Produce Industry Podcast, host Patrick Kelly kicks things off before handing the mic over to Dan and Juanita, reporting live from the show floor at the 2025 IFPA Foodservice Conference!Powered by ZAG Technical Services, this episode highlights the critical role of cybersecurity in keeping the fresh supply chain protected, connected, and efficient.Tune in as Dan and Juanita dive into the energy, insights, and innovation driving this year's event—from fresh product trends to foodservice solutions, and the people shaping the future of produce on the plate. It's boots-on-the-ground coverage you won't want to miss!

Stop leaving yourself vulnerable to data breaches. Go to my sponsor https://aura.com/matt to get a 14-day free trial and see if any of your data has been exposed⁣ ⁣ Get 10% sitewide for a limited time. Just visit https://GhostBed.com/cox and use code COX at checkout.⁣ ⁣ Ricoh Danielson, a cybersecurity incident responder recounts how unsecured devices and vulnerable networks—particularly in hospitals—are easily exploited by organized ransomware gangs that infiltrate systems through credential theft or phishing, often remain undetected for months, and then demand millions in ransom based on the value of stolen data.⁣ ⁣ Ricoh's links ⁣ https://www.ricohd.us/about⁣ https://www.instagram.com/ricoh_danielson_/?hl=en⁣ https://www.youtube.com/user/dricoh22/videos⁣ ⁣ Do you want to be a guest? Fill out the form https://forms.gle/5H7FnhvMHKtUnq7k7⁣ ⁣ Send me an email here: insidetruecrime@gmail.com⁣ ⁣ Do you extra clips and behind the scenes content?⁣ Subscribe to my Patreon: https://patreon.com/InsideTrueCrime ⁣ ⁣ ⁣ Follow me on all socials!⁣ Instagram: https://www.instagram.com/insidetruecrime/⁣ TikTok: https://www.tiktok.com/@matthewcoxtruecrime⁣ ⁣ ⁣ Do you want a custom painting done by me? Check out my Etsy Store: https://www.etsy.com/shop/coxpopart⁣ ⁣ Listen to my True Crime Podcasts anywhere: https://anchor.fm/mattcox ⁣ ⁣ Check out my true crime books! ⁣ Shark in the Housing Pool: https://www.amazon.com/dp/B0851KBYCF⁣ Bent: https://www.amazon.com/dp/B0BV4GC7TM⁣ It's Insanity: https://www.amazon.com/dp/B08KFYXKK8⁣ Devil Exposed: https://www.amazon.com/dp/B08TH1WT5G⁣ Devil Exposed (The Abridgment): https://www.amazon.com/dp/1070682438⁣ The Program: https://www.amazon.com/dp/B0858W4G3K⁣ Bailout: https://www.barnesandnoble.com/w/bailout-matthew-cox/1142275402⁣ Dude, Where's My Hand-Grenade?: https://www.amazon.com/dp/B0BXNFHBDF/ref=tmm_pap_swatch_0?_encoding=UTF8&qid=1678623676&sr=1-1⁣ ⁣ Checkout my disturbingly twisted satiric novel!⁣ Stranger Danger: https://www.amazon.com/dp/B0BSWQP3WX⁣ ⁣ If you would like to support me directly, I accept donations here:⁣ Paypal: https://www.paypal.me/MattCox69⁣ Cashapp: $coxcon69 Learn more about your ad choices. Visit megaphone.fm/adchoices

There has been an update in the GirlsDoPorn story (episode #156 from 2020). In June 2025, Michael James Pratt pleaded guilty to sex trafficking charges. This follows guilty pleas from the rest of the conspirators linked to the site that was shut down by federal authorities in 2019...If you would like to support this podcast and others, consider heading to https://www.patreon.com/unresolvedpod to become a Patron or ProducerBecome a supporter of this podcast: https://www.spreaker.com/podcast/unresolved--3266604/support.

Scattered Spider Related Domain Names A quick demo of our domain feeds and how they can be used to find Scattered Spider related domains https://isc.sans.edu/diary/Scattered+Spider+Related+Domain+Names/32162 Excel External Workbook Links to Blocked File Types Will Be Disabled by Default Excel will discontinue allowing links to dangerous file types starting as early as October. https://support.microsoft.com/en-us/topic/external-workbook-links-to-blocked-file-types-will-be-disabled-by-default-6dd12903-0592-463d-9e68-0741cf62ee58 CISA Releases Thorium CISA announced that it released its malware analysis platform, Thorium, as open-source software. https://www.cisa.gov/news-events/alerts/2025/07/31/thorium-platform-public-availability

Securing Firebase: Lessons Re-Learned from the Tea Breach Inspried by the breach of the Tea app, Brendon Evans recorded a video to inform of Firebase security issues https://isc.sans.edu/diary/Securing%20Firebase%3A%20Lessons%20Re-Learned%20from%20the%20Tea%20Breach/32158 WebKit Vulnerability Exploited before Apple Patch A WebKit vulnerablity patched by Apple yesterday has already been exploited in Google Chrome. Google noted the exploit with its patch for the same vulnerability in Chrome. https://nvd.nist.gov/vuln/detail/CVE-2025-6558 Scattered Spider Update CISA released an update for its report on Scattered Spider, noting that the group also calls helpdesks impersonating users, not just the other way around. https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a

The world's youngest continent is also its most untapped resource. Confidence Staveley, Founder of CyberSafe, makes a powerful case for why Africa's youth are the answer to global cybersecurity and AI innovation… if we're bold enough to invest. In this episode, Ron welcomes back cybersecurity leader and advocate Confidence Staveley for a discussion on purpose-driven innovation, talent development, and AI-powered awareness tools. Confidence shares updates on her nonprofit work, her bold new ventures including AI Cyber Magazine, and how she's helping shape Africa into a tech talent hub. With global budget cuts hitting nonprofits and marginalized communities, Confidence shares how Africa's innovators, who are often excluded from the table, are building their own tables, making their impact impossible to ignore, and shaping cybersecurity's future on their terms.   Impactful Moments 00:00 - Introduction 02:00 - Her Difference Makers Award speech 04:00 - Partnering with SANS for bigger impact 06:01 - Global DEI backlash and ripple effects 10:00 - Why Africa is the future of tech 13:01 - Innovation with limited resources 17:10 - AI Cyber Magazine and its mission 19:00 - Building AI-powered awareness tools 21:00 - The African adage on self-renewal 22:10 - How sharing knowledge builds trust   Links Connect with our guest, Confidence Staveley: https://www.linkedin.com/in/confidencestaveley/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/  

How MUCH should you cyber-snoop a person before a date?!3 Things To Know Today.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Apple Updates Everything: July 2025 Edition Apple released updates for all of its operating systems patching 89 different vulnerabilities. Many vulnerabilities apply to multiple operating systems. https://isc.sans.edu/diary/Apple%20Updates%20Everything%3A%20July%202025/32154 Python Triage A quick python script by Xavier to efficiently search through files, even compressed once, for indicators of compromise. https://isc.sans.edu/diary/Triage+is+Key+Python+to+the+Rescue/32152/ PaperCut Attacks CISA added a 2024 Papercut vulnerability to the known exploited vulnerability list. https://www.cisa.gov/news-events/alerts/2025/07/28/cisa-adds-three-known-exploited-vulnerabilities-catalog

Drex covers three critical cybersecurity threats impacting healthcare and beyond: North Korean operatives using deepfakes and stolen identities to infiltrate US companies as remote workers, the Allianz life insurance breach affecting 1.4 million customers through social engineering attacks, and the TTEA dating app's massive data exposure that compromised women's safety information. Essential insights on vetting remote employees, defending against social engineering, and app security risks.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

Everyone's talking about the rise of AI, but what about AI and sexism?Author and journalist Laura Bates has spent years investigating how technologies like chatbots, deep fakes, sex robots, and the Metaverse are perpetuating a culture of misogyny and violence against women.In this ep, Dee chats to Laura about what the research shows, what toxic dynamics she found in her investigation, and how we can stop this tech being built into our futures.SHOW NOTES:1800 Respect: 1800 737 732Lifeline: 13 11 14Laura Bate's book - The New Age of SexismDM us your thoughts, questions, topics, or to just vent at @triplejthehookup on IG or email us: thehookup@abc.net.auThe Hook Up is an ABC podcast, produced by triple j. It is recorded on the lands of the Wurundjeri people of the Kulin nation. We pay our respects to elders past and present. We acknowledge Aboriginal and Torres Strait Islander peoples as the First Australians and Traditional Custodians of the land where we live, work, and learn.

Welcome to Mastering Cyber with Host Alissa (Dr Jay) Abdullah, PhD, SVP & Deputy CSO at Mastercard, and former White House technology executive. Listen to this weekly one-minute podcast to help you maneuver cybersecurity industry tips, terms, and topics. Buckle up, your 60 seconds of cyber starts now! Sponsored by Mastercard: https://mastercard.us/en-us.html

Erdmann, Kathrin www.deutschlandfunk.de, @mediasres

Parasitic SharePoint Exploits We are seeing attacks against SharePoint itself and attempts to exploit backdoors left behind by attackers. https://isc.sans.edu/diary/Parasitic%20Sharepoint%20Exploits/32148 Cisco ISE Vulnerability Exploited A recently patched vulnerability in Cisco ISE is now being exploited. The Zero Day Initiative has released a blog detailing the exploit chain to obtain code execution as an unauthenticated user. https://www.zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability MyAsus Vulnerablity The MyAsus tool does not store its access tokens correctly, potentially providing an attacker with access to sensitive functions https://www.asus.com/content/security-advisory/

After the biggest demonstrations since the start of Russia's full-scale invasion, Volodymyr Zelensky has largely walked back a controversial overhaul of domestic anti-corruption bodies. But is he still under pressure? Fresh from a reporting trip to Ukraine, we're joined by Lindsey Hilsum, International Editor at Channel 4 News. She discusses the fallout from the protests, the changing nature of warfare, and Donald Trump's latest intervention.Plus - Lucy and Vitaly speak with the BBC's Cyber correspondent, Joe Tidy, about an apparent Ukrainian hack on Russia's Aeroflot airline, and the Kremlin's new surveillance-driven alternative to WhatsApp.Today's episode is presented by Lucy Hockings and Vitaly Shevchenko. The producers were Laurie Kalus, Julia Webster and Polly Hope. The technical producers were Phil Bull and Mike Regaard. The social producer was Joe Wilkinson. The series producer is Tim Walklate. The senior news editor is Sam Bonham. Email Ukrainecast@bbc.co.uk with your questions and comments. Or send us a message or voice note via WhatsApp, Signal or Telegram to +44 330 1239480You can join the Ukrainecast discussion on Newscast's Discord server here: tinyurl.com/ukrainecastdiscord

Today, we're going to go deeper into the world of cyber attacks than we have ever done before. We'll be looking at the insurance claims that they produce as well as the longer-term consequences for their victims Often as journalists covering cyber insurance we focus on the big hacks, the headline numbers, and gloss over the detail of the personal stories and the real hard yards that have to be run to recover from an attack and the potential long-term consequences for a business, its directors, its customers and all other stakeholders. As the immediate damage and business interruption triggers potential regulatory, statutory and other serious third-party consequences, these hard yards often have to be run down multiple different paths simultaneously. The in-depth interviews that follow will deepen your understanding of the more complex and long-tail nature of this peril. I'd like to put you right in the room in the shoes of the Directors of a company as an attack unfolds. We're going behind the scenes to uncover what it's really like when a business becomes the target of a digital assault, from the immediate shock to the long-term repercussions that are often ignored by boards. We're also going to go into detail on how the nature of the cyber threat and the tactics of cyber criminals are evolving. To help me in this task my guests are: Magnus Jelen, (pictured top) Director of Incident Response EMEA for Coveware, a firm that helps victims of cyber extortion recover their data; and three senior executives at Beazley: Raf Sanchez (pictured 2nd from top), Beazley's Head of Cyber Services, Cyber Risks. Melissa Collins, (pictured 2nd from bottom) Head of Third Party Cyber & Tech Claims, and Wayne Imrie, (pictured bottom) Head of London Market Wholesale Executive Risks. Magnus and Raf are right on the front line, dealing with the immediate consequences of a hack. Magnus even deals with the hackers themselves. Melissa deals with the external insurance claims that result and Wayne is a Directors and Officers (D&O) specialist who has a deep understanding of how the D&O and Cyber insurance products interact. LINKS:  As promised, here is the link to Beazley's latest Risk and Resilience Survey Spotlight on Tech Transformation & Cyber Risk 2025: https://www.beazley.com/en-001/news-and-events/spotlight-on-tech-transformation-cyber-risk-2025/

In a special edition of The POWER Podcast, released in collaboration with the McCrary Institute's Cyber Focus podcast, POWER's executive editor, Aaron Larson, and Frank Cilluffo, director of the McCrary Institute for Cyber and Critical Infrastructure Security and Professor of Practice at Auburn University, discuss the evolving power grid and cybersecurity challenges. Specifically, they highlight the shift taking place from centralized power stations to more distributed energy resources, including solar farms and wind turbines. The conversation touches on the importance of a reliable power grid and the need to protect critical infrastructure. “From a national security standpoint, from an economic standpoint, from a public safety standpoint, if you don't have power, all these other systems are somewhat irrelevant,” Cilluffo said. “There's no infrastructure more critical than power.” Cilluffo noted that artificial intelligence (AI) is requiring increasingly more power, which can't be ignored. “If we want to be AI dominant, we can't do that if we're not energy dominant,” said Cilluffo. “The two are in inextricably interwoven—hand in glove. And if you start looking at where the country wants to be technologically, if we want to lead, we really need to continue to double down, triple down, and look at all sorts of sources of energy as well.” While renewables are clearly leading when it comes to new generation being added to the grid today, emerging technologies including small modular reactors, fusion power, deep dry-rock geothermal, and space-based solar power, are on the horizon, promising potentially game-changing energy options. “And not to put a fine point on it, but you mentioned so many different forms of energy, and I'm reminded of the old test, the A, B, C, or D, all of the above. This sounds like it is clearly an all of the above,” Cilluffo proposed. Meanwhile, the enormous energy buildout in China was discussed. China is not just leading, but truly dominating the world in the construction of wind, solar, nuclear, coal, and energy storage projects in 2025, both in terms of capacity and projects under development. This leadership is evident across all five sectors, frequently accounting for the majority, or at least a plurality, of new global construction and installation. “China is a primary focus of a lot of our [Cyber Focus] podcast discussion, but it's a race we cannot afford to lose, whether it's around AI, quantum. And, I think you're spot on; to get there, they recognize the need to really quadruple down on energy,” said Cilluffo. “I still think that we [the U.S.] want to be at the vanguard driving all of this.” And while it's widely known that cybersecurity is critically important to energy systems, it's often not prioritized the way it should be. “Everyone needs to be cyber aware, cyber informed,” Cilluffo said. “These are issues that we have to invest in. It can't be an afterthought. It has to be something that everyone thinks through. And the reality is, don't think it's someone else's problem: a) it's all of our problems, and b) don't think that it can be looked at after the balloon goes up—you need to be thinking all of this well in advance.”

The classic and amazing Buck 110 hunting knife ended up being used by the psycho in Traverse City, MI ... This is not Buck's fault, of course; the Buck 110 is probably the best hunting knife ever designed--it's really that good. And, some apparent "mooslim" cuts loose with a semi-auto in NYC... a bad situation for sure. The "prep of the week" returns, a great item from Amazon that'll do you a lot of good.All this and more! We hope you'll tune in. 

If you like what you hear, please subscribe, leave us a review and tell a friend!

If you like what you hear, please subscribe, leave us a review and tell a friend!

In this episode of Cyber Talks, Greg Crowley and Dwayne Smith delve into the critical role of cybersecurity in mergers and acquisitions (M&A). They discuss how cyber risks can significantly affect company valuations and the challenges that arise during these transactions. Dwayne shares his experiences, highlighting the importance of educating stakeholders about potential security issues that could derail deals. The conversation emphasizes the need for robust security measures, including identity management and threat intelligence, to mitigate risks and ensure successful integrations. Topics discussed include:The impact of security breaches and incidents on M&A valuation and deal termsWhat red flags can derail a merger or acquisition (privacy incidents, regulatory violations, unresolved breaches)The most useful cybersecurity metrics and reports for due diligenceReal-world examples of integrating security tools and policies post-acquisition—and lessons learnedThe role of threat intelligence and dark web monitoring in uncovering hidden riskHow to avoid post-acquisition surprises related to legacy code or unsupported infrastructureTop security investments sellers should make to maximize future valuation--Have a question for us? Reach out: hello@esentire.com---About Cyber TalksFrom ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges.About eSentireeSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Frank Lavin talks with Olaf Groth, the author of “The Great Remobilization” and discusses the six major trends that will drive decisions in our personal lives, government policies, and business decision-making: 1. Covid and CRISPR; 2. Cognitive Technologies; 3. Crypto and distributed power; 4. Cyber security; 5. Climate Change; 6. China. Olaf moves on to discuss how corporations and governments should respond to meet – and perhaps even benefit from – these challenges. Olaf also suggests reading Ezra Klein's “Abundance” and the work of our previous guest, “Apple in China” by Patrick McGee.

Chelsea's trip to Lowe's. Office air conditioning. Cyber safety. Jury duty. How to pack a cooler the right way. Canned foods that were popular 50 years ago. Can you pass our squiz?

Breathing patterns. National days and celebrity birthdays. Democrats potentially leaving Texas to for conversations. Trump's new deadline. Cyber-attack on Russia's airline. Changes coming to Southwest. Chicken wing day. Plus local news and sports.

Linux Namespaces Linux namespaces can be used to control networking features on a process-by-process basis. This is useful when trying to present a different network environment to a process being analysed. https://isc.sans.edu/diary/Sinkholing%20Suspicious%20Scripts%20or%20Executables%20on%20Linux/32144 Coyote in the Wild: First-Ever Malware That Abuses UI Automation Akamai identified malware that takes advantage of Microsoft s UI Automation Framework to programatically interact with the user s system and steal credentials. https://www.akamai.com/blog/security-research/active-exploitation-coyote-malware-first-ui-automation-abuse-in-the-wild Testing REST APIs with Autoswagger The tool Autoswagger can be used to automate the testing of REST APIs following the OpenAPI/Swagger standard. https://github.com/intruder-io/autoswagger/

Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis Breach analysis is one of my favorite topics to dive into and I'm thrilled Dimitri is joining us today to reveal some of the insights he's pulled out of this GitHub Actions incident. It isn't an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments. Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn't get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait. Topic Segment - Should the US Go on the Cyber Offensive? Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes. News Segment Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-417

Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis Breach analysis is one of my favorite topics to dive into and I'm thrilled Dimitri is joining us today to reveal some of the insights he's pulled out of this GitHub Actions incident. It isn't an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments. Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn't get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait. Topic Segment - Should the US Go on the Cyber Offensive? Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes. News Segment Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-417

Melissa Carmichael, head of U.S. cyber, Beazley, discusses rising AI-driven cyberrisks and supply chain challenges, highlighting the critical role insurers play in strengthening cyber readiness and safeguarding businesses against evolving threats.

Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis Breach analysis is one of my favorite topics to dive into and I'm thrilled Dimitri is joining us today to reveal some of the insights he's pulled out of this GitHub Actions incident. It isn't an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments. Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn't get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait. Topic Segment - Should the US Go on the Cyber Offensive? Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes. News Segment Finally, in the enterprise security news, We discuss the latest fundings a few acquisitions a vibe coding campfire story how to hack AI agents zero-days in AI coding apps more AI zero days why Ivanti vulns are still alive and well in Japan how wiper commands made their way into Amazon's AI coding agent it seems like vulnerabilities and AI are pairing up in this week's news stories! All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-417

In the latest Nerd Out, Alec and Dave welcome in Hunter Headapohl to talk about the cyber basics, and why so many threats can be prevented by following appropriate cyber hygiene. Alec and Hunter share their best practices and some of their tools and resources that can be leveraged to mitigate risk.Some of the references from the pod include:Top Cyber Actions for Securing Water Systems - https://www.cisa.gov/resources-tools/resources/top-cyber-actions-securing-water-systemsDefending OT Operations Against Ongoing Pro-Russia Hacktivist Activity - https://www.cisa.gov/resources-tools/resources/defending-ot-operations-against-ongoing-pro-russia-hacktivist-activityIRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including US Water and Wastewater Systems Facilities - https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335aChina Strategically Infiltrates U.S. Critical Infrastructure as Cyberattacks Escalate - https://thesoufancenter.org/intelbrief-2025-january-10/Secure by Design - https://www.cisa.gov/securebydesignCISA Training - https://www.cisa.gov/resources-tools/training

Episode Summary: Spacepower is fundamentally reliant on the cyber domain—it is the backbone of connectivity for constellations on orbit, their ground stations, and connectivity to warfighters. Point blank: every bit of data and every command sent to space systems transits the cyber domain. Tackling the challenges of leading cyber and data efforts of the Space Force falls on the small, but mighty team of the S6. From administrative to mission networks and data repositories, ensuring Guardians have reliable, capable, and secure cyber connectivity underpins our nation's ability to achieve space superiority. Join Heather Penney as she explores this fascinating topic with Col. Nathan “Crazy” Iven, the acting Deputy Chief of Space Operations for Cyber and Data; and Seth Whitworth, the Associate Deputy Chief of Space Operations for Cyber and Data. Credits: Host: Heather "Lucky" Penney, Director of Research, The Mitchell Institute for Aerospace Studies Producer: Shane Thin  Executive Producer: Douglas Birkey Guest: Charles Galbreath, Senior Resident Fellow for Space Studies, The Mitchell Institute Spacepower Advantage Center of Excellence (MI-SPACE) Guest: Jennifer "Boots" Reeves, Senior Resident Fellow for Space Studies, The Mitchell Institute Spacepower Advantage Center of Excellence (MI-SPACE) Guest: Col. Nathan “Crazy” Iven, acting Deputy Chief of Space Operations for Cyber and Data, USSF Guest: Seth Whitworth, Acting Deputy S6 (DCSO for Cyber & Data), USSF Links: Subscribe to our Youtube Channel: https://bit.ly/3GbA5Of Website: https://mitchellaerospacepower.org/ Twitter: https://twitter.com/MitchellStudies Facebook: https://www.facebook.com/Mitchell.Institute.Aerospace LinkedIn: https://bit.ly/3nzBisb Instagram: https://www.instagram.com/mitchellstudies/ #MitchellStudies #AerospaceAdvantage #SpaceForce #Space

In this episode, I sit down with Daniel Bardenstein, CTO & Co-Founder of Manifest Cyber.We discussed the AI supply chain security, including open source risks, AIBOMs, best practices for CISOs, and regulatory approaches in the U.S. and EU.We dove into:What is the same and different between the risks AI introduces across the enterprise compared to open source software, and where and how the two converge.The rise of an “AIBOM” and why it is becoming a critical part of enterprise risk management in the AI EraThe work Daniel and others are doing as part of a Tiger Team defining “SBOM-for-AI-Use Cases”.Why is it so difficult for organizations to gain visibility into their AI models' internals, especially training data, model provenance, and pipeline dependencies?Where CISOs and security teams can get started when it comes to understanding where and how AI is being used and avoiding some mistakes.Gaps among the current waves of AI security startups and how they contrast with the approach Manifest is taking when managing AI supply chain risks.Real-world insights and examples of how organizations operationalize SBOM for risk reduction.Key differences between the U.S. and EU regarding regulatory approaches to AI and supply chain security risks.

In this episode, we sit down with Christian Posta, the Field CTO at Solo.io and an industry author and leader on topics such as Microservices, AI, and IAM.We will explore the rise of Agentic AI and its supporting protocols, such as MCP and A2A, and the broader challenges and considerations of Identity security in the age of LLMs.

New File Integrity Tool: ficheck.py Jim created a new tool, ficheck.py, that can be used to verify file integrity. It is a drop-in replacement for an older tool, fcheck, which was written in Perl and no longer functions well on modern Linux distributions. https://isc.sans.edu/diary/New%20Tool%3A%20ficheck.py/32136 Mitel Vulnerability Mitel released a patch for a vulnerability in its MX-ONE product. The authentication bypass could provide an attacker with user or even admin privileges. https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0009 SonicWall SMA 100 Vulnerability SonicWall fixed an arbitrary file upload issue in its SMA 100 series firewalls. But exploitation will require credentials. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0014

In the compelling finale of this three-part insurance series, host Kirsten Howe and insurance expert Dean Myers tackle the coverage that keeps business owners up at night—cyber insurance. Dean shares fascinating real-world stories, from ransomware attackers offering customer service hotlines to disgruntled employees planting digital "time bombs" in company systems. You'll discover why this isn't just another insurance policy but essential business survival protection that covers everything from system failures to deepfake fraud. Dean reveals the surprising realities about whether companies should pay ransoms, how insurers use "white hat" attacks during applications, and why Silicon Valley startups are outpacing traditional insurance giants. If you think your business is too small to be targeted or that basic IT protection is enough, this episode will be a wake-up call you can't afford to ignore.   Time-stamped Show Notes: 0:00 Introduction 1:12 What is cyber insurance, and why it's the broadest coverage for such esoteric risks? 1:48 The comprehensive scope: system failure, ransomware, business email compromise, business interruption, contingent business interruption, and forensics coverage. 2:15 Why cyber claims require hiring attorneys, CPAs, forensics experts, claims adjusters, and legal counsel, unlike traditional workers' comp claims. 2:45 The two key reasons carriers provide such broad coverage: rapid system restoration at the lowest cost and mandatory industry claim reporting. 3:48 How cyber insurance provides both first-party and third-party coverage, protecting you when you accidentally send infected emails to clients. 4:37 Real-world business email compromise: When hackers send fake invoices to your clients from compromised email accounts. 5:10 Why cyber attacks almost always originate overseas in countries with lax cybersecurity laws and accountability. 5:37 Will cyber insurance pay ransoms, and when is it appropriate? 6:42 Real claim story: How a tired CPA two days before tax season fell for a phishing email with a partner's name containing just one extra letter 8:25 Why paying ransoms creates a "bull's eye on your back" and marks you as a repeat target for extortionists. 11:06 Cyber insurance qualification requirements, why multi-factor authentication is now absolutely mandatory across all carriers. 12:15 "White hat" mock attacks: How insurers test your system vulnerabilities during the application process using the "open parking spot" analogy. 14:41 Insider sabotage case study: Bay Area law firm manager discovers her job posted on LinkedIn, teams up with IT brother-in-law for revenge. 15:53 The emerging deepfake threat, how voice cloning technology is creating new fraud risks for fund transfers. 16:25 Protection strategies: Using "trip questions" with personal knowledge to verify client identity during suspicious calls. 17:12 The AI counterbalance: How artificial intelligence may help prevent cyber claims in the future.

If you like what you hear, please subscribe, leave us a review and tell a friend!

Today new measures as part of the Online Safety Act mean people will need to verify that they are over 18 to access harmful and toxic content online - with the intention of restricting children from accessing material such as pornography, and content referencing self-harm, suicide, hate speech and violence. Cyber security expert Chelsea Jarvie explores whether these ‘age gate' measures go far enough. And in part two, The Standard's Head of Culture, Martin Robinson, joins us ahead of tonight's Oasis gig, as the band return to the capital's Wembley Stadium for the first time since 2009. Hosted on Acast. See acast.com/privacy for more information.

Reversing SharePoint Toolshell Exploits CVE-2025-53770 and CVE-2025-53771 A quick walk-through showing how to decode the payload of recent SharePoint exploits https://isc.sans.edu/diary/Analyzing%20Sharepoint%20Exploits%20%28CVE-2025-53770%2C%20CVE-2025-53771%29/32138 Compromised JavaScript NPM is Package The popular npm package is was compromised by malware. Luckily, the malicious code was found quickly, and it was reversed after about five hours. https://socket.dev/blog/npm-is-package-hijacked-in-expanding-supply-chain-attack Microsoft Quick Machine Recovery Microsoft added a new quick machine recovery feature to Windows 11. If the system is stuck in a reboot loop, it will boot to a rescue partition and attempt to find fixes from Microsoft. https://learn.microsoft.com/en-gb/windows/configuration/quick-machine-recovery/?tabs=intune

More than 100 international aid organisations and human rights groups are warning of mass starvation in Gaza and pressing for governments to take action. Médecins Sans Frontières (MSF), Save the Children and Oxfam are among the signatories of a joint statement that says their colleagues and the people they serve are "wasting away". Israel, which controls the entry of all supplies into the territory, rejected the organisations' statement and accused them of "serving the propaganda of Hamas". Yolande Knell is the BBC's Middle East correspondent in Jerusalem and joined Kylie Pentelow for more on the situation there.Dame Imelda Staunton, of Vera Drake and Harry Potter fame, and her daughter Bessie Carter, of Bridgerton fame, are starring as mother and daughter in Mrs Warren's Profession by George Bernard Shaw, currently in the West End. The play explores the morals of earning money from prostitution. They join Kylie to talk about the relevance of the play today, and tell us what's it like acting on stage together for the first time in their careers.  Yasmin Khan is an award-winning food and travel writer. Her fusion of recipes and reportage combines the cuisines of the Middle East and the Eastern Mediterranean and her new book, Sabzi: Fresh Vegetarian Recipes for Everyday, is her first meat-free cookbook. It was born out of overcoming the struggles of early motherhood and breastfeeding in particular. She tells Kylie about finding solace in the sustenance and soothing properties of the Iranian food she grew up on and adapting it for health and climate-conscious modern living.Cyber flashing is when a stranger sends an unsolicited explicit image or video. When musician Anna Downes was sent naked photos and videos by a man called Ben Gunnery last year, she reported it to the police, who took a statement but were very slow to take it any further. In May, he was found guilty of intentionally sending the images to cause alarm, distress and humiliation and earlier this week Gunnery was given a two-year community order, including 150 hours of unpaid work. If he re-offends he'll be sent to prison. Anna Downes joins Kylie along with Nicola Goodwin from BBC Midlands Investigations team.Producer: Corinna Jones Presenter: Kylie Pentelow

This week on IA on AI, we break down the McDonald's hiring bot fiasco — yes, the one where an AI chatbot exposed data from over 60 million job applicants due to a shockingly simple security lapse. We explore why these matters to internal auditors and what basic control failures like this can teach us about staying vigilant as AI becomes more embedded in business processes.   Plus: An update on the EU AI Act and why U.S.-based organizations should still be paying attention How Google's AI caught a cyberattack in real time — and what this signals for the future of human-in-the-loop systems A $4 trillion milestone for Nvidia and a record-setting $2B seed round for a new AI startup A reality check on AGI: what it is, what it isn't, and why the hype may be outpacing the science Be sure to follow us on our social media accounts on LinkedIn: https://www.linkedin.com/company/the-audit-podcast Instagram: https://www.instagram.com/theauditpodcast TikTok: https://www.tiktok.com/@theauditpodcast?lang=en   Also be sure to sign up for The Audit Podcast newsletter and to check the full video interview on The Audit Podcast YouTube channel.  * This podcast is brought to you by Greenskies Analytics. the services firm that helps auditors leapfrog up the analytics maturity model. Their approach for launching audit analytics programs with a series of proven quick-win analytics will guarantee the results worthy of the analytics hype.   Whether your audit team needs a data strategy, methodology, governance, literacy, or anything else related to audit and analytics, schedule time with Greenskies Analytics.  

In this episode of Unspoken Security, host AJ Nash speaks with Dr. Peter Garraghan, CEO and CTO of Mindgard. They discuss the real-world security risks of artificial intelligence. Peter starts with a simple point: AI is just software, and software is easy to break. He urges businesses using AI to step back and truly understand its vulnerabilities.Peter draws parallels between the current AI boom and past technology cycles like cloud computing. While AI feels revolutionary, the security risks are not new. Threats like data poisoning and prompt injection are modern versions of classic cybersecurity problems. The danger is that AI's human-like interface makes it easy to anthropomorphize, causing users to overlook fundamental security flaws.To manage these risks, Peter advises companies to treat AI like any other software. This means applying the same rigorous security controls, testing protocols, and incident response playbooks. Instead of creating a separate process for AI, organizations should find the gaps in their current security posture and update them. This practical approach helps businesses secure AI systems effectively.Send us a textSupport the show

Israel, long a prime target for cyber attacks, has seen a dramatic increase since the war with Iran last month. The cyber attackers are not just hitting institutional sights, but also going after civilians with sophisticated phishing campaigns, mostly to steal money. Reporter Arieh O’Sullivan spoke with Ori Segal, a co-founder and CEO of Cyvore, an Israeli cybersecurity firm, about the minds of the attackers and cautionary measures everyone should take. (photo: shuttersock) See omnystudio.com/listener for privacy information.

Microsoft Updates SharePoint Vulnerability Guidance CVE-2025-53770 and CVE-2025-53771 Microsoft released its update for SharePoint 2016, completing the updates across all currently supported versions. https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ WinZip MotW Privacy Starting with version 7.10, WinZip introduced an option to no longer include the download URL in zip files as part of the Mark of the Web (MotW). https://isc.sans.edu/diary/WinRAR%20MoTW%20Propagation%20Privacy/32130 Interlock Ransomware Several government agencies collaborated to create an informative and comprehensive overview of the Interlock ransomware. Just like prior writeups, this writeup is very informative, including many technical details useful to detect and block this ransomware. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a Sophos Firewall Updates Sophos patched five different vulnerabilities in its firewalls. Two of them are critical, but these only affect a small percentage of users. https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce

Pete Herron and Madhu Tadikonda of Travelers spoke about the company's acquisition of Corvus, an industry-leading cyber insurance managing general underwriter, and what this partnership means for Travelers agents, brokers and insureds. Watch the original Wednesdays with Woodward® webinar: https://institute.travelers.com/webinar-series/symposia-series/cybersecurity-partnership---Visit the Travelers Institute® website: http://travelersinstitute.org/Join the Travelers Institute® email list: https://travl.rs/488XJZM Subscribe to the Travelers Institute® Podcast newsletter on LinkedIn: https://www.linkedin.com/newsletters/travelers-institute-podcast-7328774828839100417Connect with Travelers Institute® President Joan Woodward on LinkedIn: https://www.linkedin.com/in/joan-kois-woodward/

Microsoft Released Patches for SharePoint Vulnerability CVE-2025-53770 CVE-2025-53771 Microsoft released a patch for the currently exploited SharePoint vulnerability. It also added a second CVE number identifying the authentication bypass vulnerability. https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ How Quickly Are Systems Patched? Jan took Shodan data to check how quickly recent vulnerabilities were patched. The quick answer: Not fast enough. https://isc.sans.edu/diary/How%20quickly%20do%20we%20patch%3F%20A%20quick%20look%20from%20the%20global%20viewpoint/32126 HP Enterprise Instant On Access Points Vulnerability HPE patched two vulnerabilities in its Instant On access points (aka Aruba). One allows for authentication bypass, while the second one enables arbitrary code execution as admin. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04894en_us Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy AppLocker sample policies suffer from a simple bug that may enable some rule bypass, but only if signatures are not enforced. While reviewing Microsoft s suggested configuration, Varonis Threat Labs noticed a subtle but important issue: the MaximumFileVersion field was set to 65355 instead of the expected 65535. https://www.varonis.com/blog/applocker-bypass-risks Ghost Crypt Malware Leverages Zoho WorkDrive The Ghost malware tricks users into downloading by sending links to Zoho WorkDrive locations. https://www.esentire.com/blog/ghost-crypt-powers-purerat-with-hypnosis

SharePoint Servers Exploited via 0-day CVE-2025-53770 Late last week, CodeWhite found a new remote code execution exploit against SharePoint. This vulnerability is now actively exploited. https://isc.sans.edu/diary/Critical+Sharepoint+0Day+Vulnerablity+Exploited+CVE202553770+ToolShell/32122/ Veeam Voicemail Phishing Attackers appear to impersonate VEEAM in recent voicemail-themed phishing attempts. https://isc.sans.edu/diary/Veeam%20Phishing%20via%20Wav%20File/32120 Passkey Phishing Attack A currently active phishing attack takes advantage of the ability to use QR codes to complete the Passkey login procedure https://expel.com/blog/poisonseed-downgrading-fido-key-authentications-to-fetch-user-accounts/

Episode 2598 - Great show today Short signal lapse mid show. Cyber truck is a bust. Did the CIA infiltrate churches? What is Anthromotphism? Catholic refuge church bombed in Gaza ! Is Bibi a mad man? Are schools hopelessly indoctrinated with communism?