Podcasts about cybersecurity

While our team is out on winter break, please enjoy this Special Edition episode. Cybersecurity is no longer confined to the digital world or just a technical challenge, it's a global imperative. The ⁠NightDragon Innovation Summit⁠ convened a group of industry leaders to discuss how public and private entities can work together to address emerging threats and harness the power of AI, cybersecurity, and innovation to strengthen national defense. In this special edition podcast, we capture a glimpse into the knowledge and expertise shared at the NightDragon Innovation Summit. We are joined by ⁠NightDragon⁠ Founder and CEO ⁠Dave DeWalt⁠, ⁠DataBee⁠ CEO ⁠Nicole Bucala⁠, ⁠Liberty Mutual Insurance⁠ EVP and CISO ⁠Katie Jenkins⁠, Sophos CEO ⁠Joe Levy⁠, and ⁠Dataminr⁠ VP of Sales Engineering ⁠Michael Mastrole⁠. Learn more about your ad choices. Visit megaphone.fm/adchoices

Robbie Bach, former president of Microsoft's Entertainment and Devices Division, discusses his transition from technology executive to author of political techno-thrillers, focusing on his latest book, The Blockchain Syndicate. The narrative explores themes of digital identity, misinformation, and the vulnerabilities of modern institutions, emphasizing that technology itself is neutral; it can be used for both beneficial and harmful purposes. Bach highlights the character of Tamika Smith, a military veteran, as a lens through which to examine leadership in a complex landscape of technology and public trust.Bach elaborates on the psychological and technical aspects of his story, particularly the implications of digital identity and authenticity. He notes that the plot involves a blackmail scenario linked to a character presumed dead, raising questions about the authenticity of digital communications. This reflects broader concerns about cybersecurity, where vulnerabilities are often exploited rather than created anew. Bach emphasizes the importance of grounding his narrative in real-world technology and experiences, blending factual research with creative storytelling.The conversation also touches on the governance of technology, critiquing current regulatory approaches that tend to be reactive rather than proactive. Bach argues that effective governance requires forward-thinking leadership capable of anticipating future challenges, particularly in areas like AI and blockchain. He stresses the need for businesses, including small and medium-sized enterprises, to engage with these issues beyond mere compliance, advocating for a broader sense of responsibility that includes stakeholder value.For Managed Service Providers (MSPs) and IT service leaders, Bach's insights underscore the critical role they play in navigating the complexities of technology governance and cybersecurity. By understanding the vulnerabilities inherent in digital systems and advocating for responsible practices, MSPs can better support their clients in mitigating risks associated with misinformation and identity fraud. The episode serves as a reminder of the importance of ethical considerations in technology deployment and the need for proactive engagement in shaping a secure digital future.

(Presented by ThreatLocker (https://threatlocker.com/threebuddyproblem): Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 78: We close out the year with a no-budget, no-permission awards show, spotlighting the cybersecurity stories that actually mattered. Plus, a bizarre polygraph scandal at CISA, Chinese APT research dumps, ransomware pre-notification hiccups, foreign drone bans, and the growing gap between cyber theater and real operational value. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonStop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

New Institutional Economics examines how institutions - such as laws, norms, and organizations - shape economic outcomes by reducing uncertainty and transaction costs. It emphasizes the importance of property rights and governance in development, but faces criticism for being hard to measure and sometimes overlooking issues like inequality.

While our team is out on winter break, please enjoy this episode of Caveat. We've got something special for you this week! We are excited to share our very first Caveat Live event. Host ⁠Ben Yelin⁠ recently headed to the FBI and KU Cybersecurity Conference at the University of Kansas for a live session of Caveat. During the episode, Ben covered the importance of public/private partnerships with ⁠Dr. Perry Alexander⁠. Ben and Professor ⁠John Symons ⁠spoke about the philosophical issues in AI and how those should impact policy decisions. Be sure to tune in for some great conversations. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Please take a moment to fill out an ⁠audience survey⁠! Let us know how we are doing! Links related to our show this week: ⁠FBI and KU Cybersecurity Conference⁠ ⁠Guest Dr. Perry Alexander, University of Kansas⁠ ⁠Guest John Symons, University of Kansas⁠ ⁠Review Essay: Social and Political Aspects of the Ethics of Artificial Intelligence⁠. Journal of Moral Philosophy Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠Caveat Briefing⁠, a weekly newsletter available exclusively to ⁠N2K Pro⁠ members on ⁠N2K CyberWire's⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's Caveat Briefing covers the story of the ⁠firing of the NSA Director⁠. Read about the firing as well as the other moves the administration has made to reduce the federal governments cyber defense programs and capabilities. Curious about the details? Head over to the ⁠Caveat Briefing⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠caveat@thecyberwire.com⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This episode reviews the standout moments in government innovation and leadership from 2025. Key themes include the humanization of technology, the evolution of government contact centers, reimagined leadership in a hybrid world, the integration of AI in procurement, and the future of value creation through digital networks. Discussions highlight the importance of mission-first thinking, leveraging human-first design, embracing networks, and investing in emerging talent.Subscribe on your favorite podcast platform to never miss an episode! For more from ACT-IAC, follow us on LinkedIn or visit http://www.actiac.org.Learn more about membership at https://www.actiac.org/join.Donate to ACT-IAC at https://actiac.org/donate. Intro/Outro Music: See a Brighter Day/Gloria TellsCourtesy of Epidemic Sound(Episodes 1-159: Intro/Outro Music: Focal Point/Young CommunityCourtesy of Epidemic Sound)

As we close out 2025 and prepare for 2026, Dr. Eric Cole breaks down what it truly takes to be a world-class CISO in the year ahead. In this episode of Life of a CISO, Dr. Cole shares hard-earned lessons on leadership, health, resilience, and why taking care of yourself is foundational to protecting your organization. From personal reflection to executive-level strategy, this episode goes far beyond technical controls. Dr. Cole then dives deep into the three forces reshaping cybersecurity in 2026: artificial intelligence, cloud reliability, and ransomware, all centered around one core principle that too many organizations ignore: data protection. You will learn why AI is an augmentation tool, not a replacement for humans, how unrestricted AI use is creating massive new risks, why recent cloud outages are a warning sign for every executive, and how CISOs can regain trust, influence, and a permanent seat at the boardroom table. This episode is essential listening for CISOs, security leaders, executives, and anyone responsible for protecting critical data in an increasingly unstable digital world. Part two of this series continues next week.  

In Episode 167 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Kelley Misata, Ph.D., Chief Trailblazer and Founder at Sightline Security. Together, they discuss how volunteers constitute a critical cybersecurity resource for the Center for Internet Security® (CIS®). Along the way, they explore the nature of volunteerism, the role of volunteers at CIS, and how CIS is looking to mature its engagement with volunteers going forward.Here are some highlights from our episode:01:37. Introductions to Kelley and her experience with cybersecurity volunteers03:09. Kelley's use of research, expertise, and an open mind to check in with CIS volunteers04:50. How volunteers have deepened their passion and dedication with CIS for 25 years06:55. Volunteers as a critical cybersecurity resource for "One CIS" going forward10:51. Commitment, conflict resolution, and openness to formal process in CIS Communities14:39. The use of directionality and accolades to encourage different types of contributors19:43. The importance of flexibility in management to meet volunteers where they are20:30. Leadership, storytelling, and recruitment as opportunities for volunteerism at CIS24:37. The risk of volunteer burnout and how to protect against it26:00. Collaboration with employers to treat volunteerism as a growth experience30:09. A balancing act of making volunteers useful without depleting the mission34:51. Sean's take: volunteer management as the original Large Language Model (LLM)38:32. Other observations and final thoughtsResources25 Years of Creating Confidence in the Connected WorldCIS CommunitiesEpisode 160: Championing SME Security with the CIS ControlsStoryCorpsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

ServiceNow to acquire cybersecurity startup Armis MacSync Stealer adopts quieter installation Nissan customer data stolen in Red Hat raid Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

Question? Text our Studio direct.New Episode

i'm wall-e, welcoming you to today's tech briefing for wednesday, december 24th. dive into today's top tech stories: servicenow acquires armis: servicenow boosts its cybersecurity offerings by acquiring armis for $7.75 billion, enhancing its portfolio amid a challenging ipo environment. aflac data breach: aflac confirms a data breach impacting 22.6 million customers, with federal investigations into potential links with the hacking group scattered spider. amazon expands alexa+: amazon integrates alexa+ with platforms like angi and expedia, aiming to streamline user interactions by 2026. fcc bans new foreign-made drones: a ban on new foreign-made drones, impacting dji, is imposed citing national security concerns aligning with efforts to bolster u.s. industry competitiveness. writers sue ai companies: authors, including john carreyrou, sue major ai firms over claims of unauthorized use of their books for ai training, pushing the debate on creative rights vs. technological advancement. that's all for today. we'll see you back here tomorrow!

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonStop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

De Grote Tech Show en BNR Beurs slaan de handen ineen. Samen met Joe van Burik kijken we wat je als belegger zeker moet onthouden van het jaar 2025. Dat zat natuurlijk weer vol met de woorden 'Artificial' en 'Intelligence'. Je hoort dan ook van Joe of de piek al bereikt is bij bedrijven als Nvidia, hun klanten, én de klanten van hún klanten. Wie is er nu het beste gepositioneerd om de winsten te gaan pakken, en ook écht geld te gaan verdienen aan al die AI-modellen? En als al die bedrijven datacenters uit de grond stampen, hebben we dan straks ook leegstaande datacenterhallen á la Chinese vastgoedcrisis? Daarnaast hebben we het ook nog over twee techbedrijven die geen AI nodig hebben om de liefde van beleggers te winnen. Netflix doet dat gewoon met een smeuïge overnamedeal. En Nintendo heeft een harde kern met fans die genieten van hun nieuwe spelcomputer. We kijken hoe die twee bedrijven het jaar uit gaan. En Joe denkt dat elektrische autobouwer Rivian nog wel eens voor verbazing kan gaan zorgen.See omnystudio.com/listener for privacy information.

Discover how industry veteran Larry Meador, Cavelo's new Channel Chief, is transforming the MSP channel. Cavelo empowers Managed Service Providers with a unified Attack Surface Management and Data Security Posture Management platform—offering automated data discovery, classification, vulnerability management, and compliance-ready solutions. Built for MSPs and MSSPs, Cavelo helps partners reduce cyber risk, streamline operations, and deliver scalable, data-first security services that boost profitability and client trust.   Full Video Podcast Link: https://youtu.be/D6xFmrlUXDY --------------------------------------------------- Connect with us! --------------------------------------------------- MSP Unplugged https://mspunplugged.com/ Paco Lebron from ProdigyTeks:Powered by MSP Owners Group Email: paco@mspunplugged.com Rick Smith from Renactus Technology  Email: rick@mspnplugged.com Justin Gilliam from Bacheler Technologies https://www.linkedin.com/in/justin-gilliam-96288a56

Plus: China's BYD logs another month of strong sales growth in Europe. And the U.S. bans new China-made drones. Julie Chang hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices

Love a hot take?

In this episode of Command Control Power, Andy Espo from Call Andy Mac Consulting joins the discussion once again. The conversation kicks off with humorous banter about appearances and jackets before delving into serious tech talk. Andy shares the complexities of installing and upgrading network infrastructure in high-end residential projects, especially in challenging environments like old houses and concrete structures. He emphasizes the importance of discerning client relationships, meticulous planning, and ensuring proper execution by contractors. Andy also discusses strategies for building trust with clients, effective communication, and the shift towards managed services amid growing cybersecurity concerns. The episode concludes with insights on the importance of networking and building strategic partnerships with clients.   00:00 Introduction and Guest Welcome 00:41 High-End Residential Work 01:55 Challenges in Network Installations 04:47 WiFi Planning and Intuition 09:18 Client Education and Expectations 10:57 Working with Contractors 17:07 Common Wiring Issues 20:35 Ensuring Quality and Client Satisfaction 29:05 The Importance of Redundancy in Wiring 29:27 Challenges with Daisy Chaining and Switches 29:56 The Frustration of Poor Wiring in High-End Homes 31:01 The Impact of Construction Materials on WiFi Performance 32:42 The Shift to Managed Services and Cybersecurity 34:40 The Importance of Cyber Insurance 40:56 Efficiency Loss and Productivity in IT 45:30 The Art of Communicating Value to Clients 50:36 Building Strategic Partnerships 52:42 Conclusion and Final Thoughts

Welcome to another episode of the To the Point Cybersecurity Podcast! This week, hosts Rachael Lyon and Jonathan Knepher are kicking off the holiday season with a fascinating conversation featuring David Saunders, Director of Forcepoint Security Lab and a seasoned cybersecurity professional with more than two decades of experience. The discussion dives into the complex convergence of AI, cyber, and physical security, exploring how the rapid rise of artificial intelligence is reshaping the threat landscape—including emerging trends like attacks on backups, the growing sophistication of phishing campaigns powered by LLMs, and the ongoing challenge of keeping security ahead of attackers' innovation. As the conversation unfolds, listeners will hear candid insights on everything from the future of backup strategies to the evolving tactics used by adversaries—all with actionable takeaways to help organizations and individuals stay a step ahead. So grab your favorite holiday treat and get ready for a timely, thought-provoking look at the forces shaping cybersecurity in 2025 and beyond! For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e364

In the final Scam Rangers episode of 2025, Ayelet Biger-Levin is joined by industry veteran Ken Palla for a deep year-in-review of the global scam prevention landscape.This conversation examines what actually happened in 2025 across regulation, enforcement, and industry action, and why 2026 must move decisively from research and recommendations to urgent execution.From mandatory reimbursement in the UK, to Australia's Scam Prevention Framework, emerging collaboration in Canada, and fragmented efforts in the United States, the episode cuts through policy language to focus on real-world impact.The discussion also outlines concrete actions financial institutions, telcos, and digital platforms can take now to better protect consumers, reduce losses, and treat scams as the organized crime and national security threat they are.This episode closes the year with a clear message. The research is done. The problem is understood. Now the industry must act.Topics Covered What 2025 revealed about the effectiveness of global scam regulation Where reimbursement models succeed and where they fall short Australia, the UK, Canada, and the US, lessons from different approaches Why execution, not new task forces or studies, is the real gap Urgent actions banks can take to prevent scams before money moves The role of telcos and digital platforms in stopping scams upstream Government, law enforcement, and the need for coordinated leadership Why 2026 must be treated as a year of action Guest :Ken PallaFormer cybersecurity executive at MUFG Union Bank, longtime industry advisor, and recipient of the Legends of Fraud Award. Ken has spent decades focused on online security, fraud prevention, and consumer protection, and is a leading voice on scam regulation and industry accountability. You can find Ken on LinkedIn: https://www.linkedin.com/in/ken-palla-09b585/Australian Scam Prevention Framework – Analysis of the November 2025 Treasury Consultancy https://www.gasa.org/post/assessment-of-the-november-2025-australian-treasury-scam-prevention-framework-consultancy

Cybercrime Magazine met with Alex Zoldova, Board Member, Women In Cybersecurity at Microsoft when we were at Black Hat Europe 2025 in London. She spoke with us about the state of women in cybersecurity today, as well as the value of mentoring, the imperative to increase STEM education opportunities for young people, and more. Connect with Alex Zoldova on LinkedIn at https://www.linkedin.com/in/hacker-z-35aa92a7. For more of our media, and more coverage from Black Hat Europe 2025, visit our website at https://CybersecurityVentures.com.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Cybercrime Magazine was a media partner at Black Hat Europe 2025, marking a new chapter for our reporting. Conversations centered around familiar topics – including ransomware, artificial intelligence, and cloud security – but being on location in Europe, there was one unavoidable question: how do today's cybersecurity challenges look from a European perspective? For more of our media, and more coverage from Black Hat Europe 2025, visit our website at https://CybersecurityVentures.com.

A look at how manufacturers are fighting ransomware and supply chain threats with AI-powered defenses, OT-IT collaboration, and new industrial cybersecurity technologies. Access the source documents for this podcast by visiting this podcast on the Automation Word site at https://www.automationworld.com/55338375

Hear from Paul Spain and Ben O'Brien as they unpack the latest tech news including NZ Police's redaction glitch, a new Government Digital Delivery Agency, smart TV privacy concerns, James Powell's transition from Dawn Aerospace and Waymo's outage pause and the future of autonomous vehicles. Plus, Ben O'Brien shares insights from his upcoming book for founders. A must-listen for tech enthusiasts and entrepreneurs!We'd love to get your feedback, please fill in our short survey and go into the draw for some great tech giveaways. Audience Survey - December 2025 - NZ Tech PodcastThanks to our Partners One NZ, Workday, 2degrees, HP, Spark and Gorilla Technology

In this episode, we cover:✅ How Jeremiah went from bootstrapping websites during the dot-com boom to building a global cybersecurity business.✅ Why most cybercrime isn't about “hacking systems,” it's about hacking humans.✅ The emotional tricks scammers use, and how to spot them before you get duped.✅ Real-world stories of cybercrime that cost companies hundreds of thousands of dollars in seconds.✅ The single most important (and shockingly simple) thing you can do to protect yourself today. Jeremiah also shares powerful insights from his keynote, Confessions of a Hacker, including why it's often too late once the money is gone, and how you can take smart, preventative action without expensive software or technical know-how. 

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonStop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

On this week's Ask a CISSP special episode of The Other Side of the Firewall, I talk with Air Force veteran and cybersecurity leader Ahmad Rashaan Austin about his journey from zero computer skills to founder of Cy3 Security, LLC. We explore risk management, responsible AI adoption, leadership communication, and his new book, The Boundaryless Enterprise. If you're building a cyber career or leading tech teams, this episode delivers actionable insights straight from the front lines. Check it out on your favorite podcast platform! Buy Ahmad R. Austin's The Boundaryless Enterprise: Redesigning Oversight for the Age of Intelligent Systems https://a.co/d/dfCToig Please LISTEN

Podcast: Exploited: The Cyber Truth Episode: When Vehicles Aren't Just Machines: Cybersecurity, Autonomy & What's NextPub date: 2025-12-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAs vehicles evolve into always-connected, software-defined systems, cybersecurity decisions increasingly shape privacy, safety, and trust on the road. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joseph M. Saunders and special guest Sean McKeever, Global Product Cybersecurity Lead at Marelli, for a candid discussion on what it really means to secure modern vehicles. Sean brings deep industry experience to unpack how OEMs and suppliers are navigating data stewardship, autonomous testing, vehicle theft, and diverging global regulations. Together, Paul, Joe, and Sean explore: What constant connectivity means for driver privacy and data stewardshipThe risks of beta-testing autonomous systems on public roadsHow car theft has shifted from physical break-ins to software exploitationWhy U.S. and EU cybersecurity regulations take fundamentally different approachesThe importance of collaboration across OEMs, suppliers, and regulators From RF relay attacks to software-defined vehicles with decade-long lifecycles, this episode highlights why cybersecurity is no longer an add-on but a core design decision shaping the future of mobility.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Jaguar Land Rover's 2025 cyber incident triggered a production pause, a £559 million quarterly loss, and a UK government-backed £1.5 billion loan guarantee. Weeks later, payroll data exposure for thousands of employees added a long-tail identity risk dimension. The post Jaguar Land Rover Shutdown Shows How Cyber Incidents Cascade Through UK Supply Chains appeared first on ComplexDiscovery.

DLLs & TLS Callbacks As a follow-up to last week's diary about DLL Entrypoints, Didier is looking at TLS ( Thread Local Storage ) and how it can be abused. https://isc.sans.edu/diary/DLLs%20%26%20TLS%20Callbacks/32580 FreeBSD Remote code execution via ND6 Router Advertisements A critical vulnerability in FreeBSD allows for remote code execution. But an attacker must be on the same network. https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc NIST Time Server Problems The atomic ensemble time scale at the NIST Boulder campus has failed due to a prolonged utility power outage. One impact is that the Boulder Internet Time Services no longer have an accurate time reference. https://tf.nist.gov/tf-cgi/servers.cgi https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I

Interview with Frank Vukovits: Focusing inward: there lie threats also External threats get discussed more than internal threats. There's a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn't infringe on any individual organization's privacy. That's why we hear the industry discuss external threats more, though internally-triggered incidents far outnumber external ones. Internal threats, on the other hand, can get personal. Accidental leaks are embarassing. Malicious insiders are a sensitive topic that internal counsel would erase from company memory if they could. Even when disclosure is required, the lawyers are going to minimize the amount of detail that gets out. I was chief incident handler for 5 years of my enterprise career, and never once had to deal with an external threat. I managed dozens of internal cases over those 5 years though. In this interview, we discuss the need for strong internal controls with Frank Vukovits from Delinea. As systems and users inside and outside organizations become increasingly connected, maintaining strong security controls is essential to protect data and systems from both internal and external threats. In this episode, we will explore the importance of strong internal controls around business application security and how they can best be integrated into a broader security program to ensure true enterprise security. This segment is sponsored by Delinea. Visit https://securityweekly.com/delinea to learn more about them! Topic Segment: Personal Disaster Recovery Many of us depend on service providers for our personal email, file storage, and photo storage. The line between personal accounts and work accounts often blur, particularly when it comes to Apple devices. We're way more dependent on our Microsoft, Apple, Meta, and Google accounts than we used to be. They're necessary to use home voice assistants, to log into other SaaS applications (Log in with Google/Apple/FB), and even manage our wireless plans (e.g. Google Fi). Getting locked out of any of these accounts can bring someone's personal and/or work life to a halt, and there are many cases of this happening. I'm not sure if we make it past sharing stories about what can and has happened. Getting into solutions might have to be a separate discussion (also, we may not have any solutions…) Friend of the show and sometimes emergency co-host Guillaume posted about this recently A romance author got locked out of her books A 79 year old got locked out of her iPad with all her family photos. Sadly, this is one of the most common scenarios. Someone either forgets their pin and locks out the device permanently, or a family member dies and didn't tell anyone their passwords or pins, so the surviving family can't access data, pay the bills, etc. Google example: Claims of CSAM material after father documents toddler at doctor's request https://www.theguardian.com/technology/2022/aug/22/google-csam-account-blocked Dec 2025 Apple example: she tried to redeem a gift card that had been tampered with: https://hey.paris/posts/appleid/ Google example: developer lost all his work, because he was working on preventing revenge porn and other sensitive cases, and was building a better model to detect NSFW images: https://medium.com/@russoatlarge_93541/i-built-a-privacy-app-google-banned-me-over-a-dataset-used-in-ai-research-66bc0dfb2310 My partner's mom's Instagram account got hacked. Meta locked out all of it (Whatsapp, Instagram, Facebook) and she couldn't get it reinstated. They wouldn't even let her open a NEW account. Weekly Enterprise News Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-438

On this episode of The Cybersecurity Defenders Podcast, we revisit the 2025 predictions shared by our guests throughout the year. From attackers and defenders to AI and the broader security industry, these forecasts capture what experts expected was coming next. Rather than judging accuracy - which is still too early to assess -we're examining the predictions themselves: where they aligned, how they clustered, and what those patterns reveal about the industry's mindset as this year came to a close. Free from hindsight bias, this episode explores what remained uncertain as we entered 2026.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Global Cybercrime Crackdowns and Rising Threats This episode of 'Cybersecurity Today' hosted by David Shipley covers significant cybersecurity news. Nigerian police arrested three suspects linked to a Microsoft 365 phishing platform known as Raccoon O365. U.S. prosecutors charged 54 individuals in an ATM malware scheme tied to a Venezuelan criminal organization. Two incident responders pleaded guilty to conducting ransomware attacks while employed to help victims of such attacks. Denmark officially blamed Russia for a cyber attack on a water utility, exacerbating geopolitical tensions. Each segment highlights the intricate and international nature of modern cybercrime and the ongoing challenges in cybersecurity. 00:00 Introduction and Sponsor Message 00:20 Nigerian Police Arrest Phishing Suspects 03:28 US ATM Malware Scheme Uncovered 05:46 Insider Ransomware Attackers Plead Guilty 08:21 Denmark Blames Russia for Cyber Attack 11:08 Conclusion and Holiday Wishes 12:20 Sponsor Message and Closing

It's an all new That Real Blind Tech show as Brian is joined by Dr. Kirk Adams to discuss Kirk's background, the state of accessibility, employment, and Kirk's Cyber security training program.   Brian kicks the interview off getting Kirk's opinion about the state of accessibility as 2025 comes to an end.   We then discuss some of Kirk's career highlights.   This rolls us in to discussing the still staggering unemployment rate of the blind, and raises the question of how important is braille in 2025.   Next we discuss Kirk's consulting business Innovative Impact. Kirk then tells us about the Apex Program.   We then discuss the failure of some blind organizations promoting blind individuals to the executive level.   And finally we dive in to some career advice for those blind students out there and what they may want to think about as far as career paths.   You can reach out to Dr. Kirk Adams on Linkedin.   To contact That Real Blind Tech Show, you can email us at ThatRealBlindTechShow@gmail.com, join our Facebook Group That Real Blind Tech Show, join us on the Twitter @BlindTechShow , or leave us an old school phone message at 929-367-1005.    

Building a cyber security team isn't optional anymore; it's the difference between recovering from ransomware and going out of business. In this episode, Curtis and Prasanna explain why hardening your backup infrastructure is only half the battle. You need professionals who know how to configure XDR systems without drowning you in false positives, blue teams to defend your environment, and red teams to test whether your defenses actually work. They cover the role of MSSPs, incident response planning, cyber insurance requirements, and why attempting ransomware response on your own is like those old TV warnings: "Don't try this at home." If you've been following their series on backup basics and system hardening, this episode ties it all together with the human element that makes or breaks your recovery plan.

Interview with Frank Vukovits: Focusing inward: there lie threats also External threats get discussed more than internal threats. There's a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn't infringe on any individual organization's privacy. That's why we hear the industry discuss external threats more, though internally-triggered incidents far outnumber external ones. Internal threats, on the other hand, can get personal. Accidental leaks are embarassing. Malicious insiders are a sensitive topic that internal counsel would erase from company memory if they could. Even when disclosure is required, the lawyers are going to minimize the amount of detail that gets out. I was chief incident handler for 5 years of my enterprise career, and never once had to deal with an external threat. I managed dozens of internal cases over those 5 years though. In this interview, we discuss the need for strong internal controls with Frank Vukovits from Delinea. As systems and users inside and outside organizations become increasingly connected, maintaining strong security controls is essential to protect data and systems from both internal and external threats. In this episode, we will explore the importance of strong internal controls around business application security and how they can best be integrated into a broader security program to ensure true enterprise security. This segment is sponsored by Delinea. Visit https://securityweekly.com/delinea to learn more about them! Topic Segment: Personal Disaster Recovery Many of us depend on service providers for our personal email, file storage, and photo storage. The line between personal accounts and work accounts often blur, particularly when it comes to Apple devices. We're way more dependent on our Microsoft, Apple, Meta, and Google accounts than we used to be. They're necessary to use home voice assistants, to log into other SaaS applications (Log in with Google/Apple/FB), and even manage our wireless plans (e.g. Google Fi). Getting locked out of any of these accounts can bring someone's personal and/or work life to a halt, and there are many cases of this happening. I'm not sure if we make it past sharing stories about what can and has happened. Getting into solutions might have to be a separate discussion (also, we may not have any solutions…) Friend of the show and sometimes emergency co-host Guillaume posted about this recently A romance author got locked out of her books A 79 year old got locked out of her iPad with all her family photos. Sadly, this is one of the most common scenarios. Someone either forgets their pin and locks out the device permanently, or a family member dies and didn't tell anyone their passwords or pins, so the surviving family can't access data, pay the bills, etc. Google example: Claims of CSAM material after father documents toddler at doctor's request https://www.theguardian.com/technology/2022/aug/22/google-csam-account-blocked Dec 2025 Apple example: she tried to redeem a gift card that had been tampered with: https://hey.paris/posts/appleid/ Google example: developer lost all his work, because he was working on preventing revenge porn and other sensitive cases, and was building a better model to detect NSFW images: https://medium.com/@russoatlarge_93541/i-built-a-privacy-app-google-banned-me-over-a-dataset-used-in-ai-research-66bc0dfb2310 My partner's mom's Instagram account got hacked. Meta locked out all of it (Whatsapp, Instagram, Facebook) and she couldn't get it reinstated. They wouldn't even let her open a NEW account. Weekly Enterprise News Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-438

Ahmad Halabi is the managing director at Resecurity. In this episode, he joins host Scott Schober to discuss brand protection in cybersecurity and why it is important for organizations today, as well as what types of threats can impact brands, look-alike domains, and more. The Power of Threat Intelligence, a Cybercrime Magazine podcast series brought to you by Resecurity, which offers real-time threat monitoring, dark web surveillance, and predictive analytics to identify risks before digital threat actors victimize your company and customers, ensuring your business remains secure. To learn more about our sponsor, visit https://resecurity.com

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

@WomenKnowCyber on X, curated by Cybercrime Magazine Media Coordinator Taylor Fox, is chock full of inspiring stories, people, and resources. In this episode, Fox joins host Amanda Glassner to discuss why it's important to elevate women in cybersecurity, how the daily stories are chosen, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com.

In this episode, Tom Eston discusses the unique challenges in the current cybersecurity job market, emphasizing the importance of networking. Tom provides practical tips on how to enhance networking skills, such as attending conferences, volunteering for open source projects, creating a blog, and seeking mentors. He also addresses misconceptions about the job shortage in cybersecurity and encourages listeners to start building their professional networks early. Tune in for valuable insights to help you advance your cybersecurity career. ** Links mentioned on the show ** Connect with Tom on LinkedIn https://www.linkedin.com/in/tomeston/ ** Watch this episode on YouTube ** https://youtu.be/tC_LqtdW4V0 ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor's gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Why Networking Is Your Secret Weapon in Cybersecurity Job Hunting appeared first on Shared Security Podcast.

A coalition of privacy defenders led by Lex Lumina and the Electronic Frontier Foundation filed a lawsuit on February 11 asking a federal court to stop the U.S. Office of Personnel Management (OPM) from disclosing millions of Americans' private, sensitive information to Elon Musk and his “Department of Government Efficiency” (DOGE). As the federal government is the nation's largest employer, the records held by OPM represent one of the largest collections of sensitive personal data in the country.Is this a big deal? Should we care? Joining Pam today is Stanford Law Professor Mark Lemley, an expert in intellectual property, patent law, trademark law, antitrust, the law of robotics and AI, video game law, and remedies. Lemley is of counsel with the law firm Lex Lumina and closely involved in the DOGE case. In this episode, Lemley overviews urgent privacy concerns that led to this lawsuit, laws such as the Privacy Act, and legal next steps for this case. The conversation shifts to the current political landscape, highlighting the unprecedented influence of Silicon Valley, particularly under the Musk administration. Lemley contrasts the agile, authoritative management style of Silicon Valley billionaires with the traditionally slow-moving federal bureaucracy, raising concerns about legality and procedural adherence. The conversation also touches on the demise of the Chevron doctrine and the possible rise of an imperial presidency, drawing parallels between the Supreme Court's and the executive branch's power grabs—and how Lemley's 2022 paper, "The Imperial Supreme Court," predicted the Court's trend towards consolidating power. This episode offers a compelling examination of how technological and corporate ideologies are influencing American law.Links:Mark Lemley >>> Stanford Law page“The Imperial Supreme Court” >>> Stanford Law publication pageConnect:Episode Transcripts >>> Stanford Legal Podcast WebsiteStanford Legal Podcast >>> LinkedIn PageRich Ford >>>  Twitter/XPam Karlan >>> Stanford Law School PageStanford Law School >>> Twitter/XStanford Lawyer Magazine >>> Twitter/X(00:00:00) The Rise of Executive Power(00:07:22) Concerns About Data Handling and Privacy(00:08:41) The Impact of Silicon Valley's Ethos on Government(00:14:01) The Musk Administration's Approach(00:18:01) The Role of the Supreme Court(00:24:43) Silicon Valley's Influence on Washington Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In incident response, if you wipe systems first and ask questions later, you're deleting the truth.In this episode, host Anthony Hess sits down with Devon Ackerman, Global Head of Digital Forensics and Incident Response at Cybereason, to unpack what serious DFIR looks like when your audience is regulators, legal counsel, and insurance carriers and brokers. A former FBI Supervisory Special Agent and Senior Forensic Examiner, Devon explains why his team approaches every matter as if it could end up in court, and what that changes in practice.He breaks down how to scope an incident from the first call, preserve evidence before “fixing” the environment, and pressure-test tool output instead of blindly trusting it. Anthony and Devon also dig into AI and automation in DFIR, the central role of timelines and logging in telling a credible breach story, and why third- and fourth-party access, zero trust, and contracts are now defining systemic cyber risk for boards and insurers alike.You'll learn:1. Why “defensible truth” is the real product in high-stakes incident response2. How forensic-science DFIR changes scoping, evidence preservation, and decision-making3. Where AI speeds up investigations and where it creates blind spots for junior teams4. Why timelines and logging shape what carriers, regulators, and boards believe happened5. How vendor access and contracts drive third- and fourth-party cyber risk at scale___________Get in touch with Devon Ackerman on LinkedIn: https://www.linkedin.com/in/devonackerman/___________About the host Anthony Hess:Anthony is passionate about cyber insurance. He is the CEO of Asceris, which supports clients to respond to cyber incidents quickly and effectively. Originally from the US, Anthony now lives in Europe with his wife and two children.Get in touch with Anthony on LinkedIn: https://www.linkedin.com/in/anthonyhess/ or email: ahess@asceris.com.___________Thanks to our friends at SAWOO for producing this episode with us!

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonStop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

In this episode of The Other Side of the Firewall podcast, hosts Ryan Williams Sr. and Shannon Tynes discuss the latest cybersecurity news, focusing on North Korea's significant cryptocurrency thefts, the detection of cyber threats through keystroke analysis, and the implications of AI in cybersecurity. They also touch on personal experiences and reflections on the evolving landscape of technology and security. Article: North Korea just had its biggest year ever stealing cryptocurrency https://finance.yahoo.com/news/north-korea-just-had-its-biggest-year-ever-stealing-cryptocurrency-130002485.html Keystroke Ghost: How Amazon's 110ms Delay Exposed a North Korean IT Infiltrator https://www.webpronews.com/keystroke-ghost-how-amazons-110ms-delay-exposed-a-north-korean-it-infiltrator/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExeFNQWGZZSjhSdjBUbnJVTnNydGMGYXBwX2lkEDIyMjAzOTE3ODgyMDA4OTIAAR42Plpw46V61Fak4n0ubUbJaCyah2NbNbHfqqB80TTgjM4-O89CH0K8nIlBYA_aem_1j6DNfdyHXuwi7ByRXEBeQ Avoiding AI Pitfalls in 2026: Lessons Learned from Top 2025 Incidents https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2025/avoiding-ai-pitfalls-in-2026-lessons-learned-from-top-2025-incidents?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExeFNQWGZZSjhSdjBUbnJVTnNydGMGYXBwX2lkEDIyMjAzOTE3ODgyMDA4OTIAAR4cDDWs3bszO8C-146-cBvsjDkO7sqcDBab9sWF8muWCeYu4GW4diRuAjYrvA_aem_aFLSBv4pbCqMCSFMIzzq0w Buy the guide: https://www.theothersideofthefirewall.com/ Please LISTEN

This year brought sweeping changes to how agencies and contractors secure sensitive data, from the rollout of CMMC to tighter restrictions on controlled unclassified information. Townsend Bourne, Partner at Shepherd Mullin, explains why 2025 was a turning point and what it means for risk management going forward.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Gina Yacone — Virtual CISO at Trace3 and Roller Derby Penalty Box VisitorLive from B-Sides Jacksonville, No Password Required welcomes Gina Yacone, Virtual CISO at Trace3. Jack Clabby of Carlton Fields, P.A. and Sarina Gandy, host and producer of the CyberBay Podcast, host a conversation on Gina's unconventional career path, leadership under pressure, and the power of community in cybersecurity. With career stops in private investigation, digital forensics, and executive security, Gina brings a people-first, purpose-driven perspective to complex cyber risk.Gina shares how her early work as a private investigator on high-profile criminal defense cases laid the foundation for her success in cybersecurity. She also reflects on raising her hand for big challenges, the rewards and risks of always saying yes, and how authenticity has guided her. She offers insight on why conference hallway conversations can be just as impactful as keynote sessions.A visible advocate for the cybersecurity community, Gina speaks openly about setting healthy mentorship boundaries and building resilient professional networks.The episode wraps with the Lifestyle Polygraph, where Gina lightens the mood with stories from her roller derby days, dream Amazing Race partners, and why John Wick might just be the ultimate executive assistant.Follow Gina on LinkedIn: https://www.linkedin.com/in/ginayacone/ Chapters:00:00 Introduction to Cybersecurity and B-Sides Jacksonville01:16 Gina Yacone's Unique Journey to Cybersecurity06:22 Navigating Burnout in Cybersecurity08:06 The Importance of Raising Your Hand10:04 Adapting Leadership Styles in Different Roles 14:03 Being a Role Model for Women in Cybersecurity16:34 How to Establish a Good Mentee and Mentor Relationship18:50 Feedback and Constructive Criticism22:55  The Value of Hallway Conversations26:19 The Lifestyle Polygraph: Fun and Insights38:54 Conclusion and Future Connections

Positive trends related to public IP range from the year 2025 Fewer ICS systems, as well as fewer systems with outdated SSL versions, are exposed to the internet than before. The trend isn t quite clean for ISC, but SSL2 and SSL3 systems have been cut down by about half. https://isc.sans.edu/diary/Positive%20trends%20related%20to%20public%20IP%20ranges%20from%20the%20year%202025/32584 Hewlett-Packard Enterprise OneView Software, Remote Code Execution HPs OneView Software allows for unauthenticated code execution https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US#vulnerability-summary-1 Trufflehog Detecting JWTs with Public Keys Trufflehog added the ability to detect JWT tokens and validate them using public keys. https://trufflesecurity.com/blog/trufflehog-now-detects-jwts-with-public-key-signatures-and-verifies-them-for-liveness

This week, defence analyst, Michael Clarke, explains the significance of the MI6 agency's scientific shift. Will it help counter Russia's technological threat? Plus, the University of Glasgow's Naveed Sattar tells us why weight loss medicine could be a silver bullet for global obesity, Ellie Diamant at Bard College on beaky birds during COVID, and the Institute of Astronomy's Matt Bothwell on NASA's new space telescope... Like this podcast? Please help us by supporting the Naked Scientists

Maybe a Little Bit More Interesting React2Shell Exploit Attackers are branching out to attack applications that initial exploits may have missed. The latest wave of attacks is going after less common endpoints and attempting to exploit applications that do not have Next.js exposed. https://isc.sans.edu/diary/Maybe%20a%20Little%20Bit%20More%20Interesting%20React2Shell%20Exploit/32578 UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager Cisco s Security Email Gateway and Secure Email and Web Manager patch an already-exploited vulnerability. https://blog.talosintelligence.com/uat-9686/ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4 SONICWALL SMA1000 APPLIANCE LOCAL PRIVILEGE ESCALATION VULNERABILITY A local privilege escalation vulnerability, which SonicWall patched today, is already being exploited. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019 Google releases vulnerability details Google updated last week s advisory by adding a CVE to the mystery vulnerability and adding a statement that it affects WebGPU. No new patch was released. https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html