The protection of computer systems from theft or damage
POPULARITY
Categories
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Oracle E-Business Suite 0-Day CVE-2025-61882 Last week, the Cl0p ransomware gang sent messages to many businesses stating that an Oracle E-Business Suite vulnerability was used to exfiltrate data. Initially, Oracle believed the root cause to be a vulnerability patched in June, but now Oracle released a patch for a new vulnerability. https://www.oracle.com/security-alerts/alert-cve-2025-61882.html Zimbra Exploit Analysis An exploit against a Zimbra system prior to the patch release is analyzed. These exploits take advantage of .ics files to breach vulnerable systems. https://strikeready.com/blog/0day-ics-attack-in-the-wild/ Unity Editor Vulnerability CVE-2025-59489 The Unity game editor suffered from a code execution vulnerablity that would also expose software developed with vulnerable versions https://unity.com/security/sept-2025-01
AI Browsers Turn Rogue, Discord Data Breach, and Surge in Palo Alto Scans In this episode of Cybersecurity Today, host David Shipley discusses several significant cybersecurity concerns. Firstly, researchers at Layer X have uncovered a flaw in the Perplexity Comet AI browser that allows malicious prompts to turn the browser into a data thief with just a single click. Additionally, Discord has disclosed a data breach affecting users' personal information due to a third-party customer service provider compromise. Cybersecurity researchers have also reported a massive surge in scans targeting Palo Alto Network's login portals, suggesting potential reconnaissance for future attacks. Finally, the US Department of Defense has opted to reduce its mandatory cybersecurity training to allow military personnel to focus on their core missions, a move that has raised concerns given the intertwined nature of cyber and kinetic warfare. 00:00 Introduction and Headlines 00:32 AI Browser Security Flaw: Comet Jacking 03:11 Discord Data Breach: What Happened? 05:59 Surge in Scans Targeting Palo Alto Devices 08:07 US Department of Defense Cuts Cybersecurity Training 10:23 Conclusion and Viewer Engagement
Send us a textWe trade last‑minute schedules and kid chaos for a deep dive into how modern phones leak data, why “Ask App Not to Track” isn't enforcement, and what a third platform built for privacy and free speech looks like. Joe shares his Apple-to-Unplugged journey, the Raxxis findings, and practical features that make privacy usable.• zero‑to‑one background from Nomi acquisition to Apple services• motivation for a third platform beyond Apple and Google• Raxxis test revealing 3,400 sessions and 210,000 packets in one hour• third‑party data brokers, pattern‑of‑life risks, Fourth Amendment gaps• layered threat model from passive tracking to seizure and signals• emergency reset, false PIN wipe, and hardware battery cut‑off• first‑party vs third‑party privacy and ecosystem incentives• “Ask App Not to Track” as preference vs permission• Time Away to reduce engagement and regain attention• firewall, USB data blocking, 2G limits, Bluetooth controls• camouflaged VPN and operational noise in repressive networks• app compatibility layer and broader app sourcing without Google• clear business model: hardware and subscriptions, no data salePodMatchPodMatch Automatically Matches Ideal Podcast Guests and Hosts For InterviewsSupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast
In this episode of 'Cybersecurity Today: Our Month in Review,' host Jim welcomes a panel including Tammy Harper from Flair, Laura Payne from White Tuque, and David Shipley, CEO of Beauceron Securities. The discussion kicks off with an overview of their plans for Cybersecurity Month, including reviving the MapleSEC show and the CIO of the Year awards. David shares his experiences at SECTOR, Canada's largest cybersecurity conference, discussing the importance of security awareness training and the risks of irresponsible tech journalism on public perception. The panel also delves into the resurgence of the Clop ransomware group, their shift to data extortion, and their exploitation of vulnerabilities in Oracle EBS applications. Laura highlights a concerning case of insider threats at RBC, emphasizing the importance of process-driven controls. The episode also touches on the human side of cybersecurity, particularly the impact of romance scams and the growing violence in cybercrime. The panelists underscore the need for improved security awareness and the role of AI in identifying scams. Tammy, Laura, and David conclude by discussing the role of insider threats and the ethical boundaries in cybercrime, sharing insights from recent real-world cases. 00:00 Introduction and Panelist Introductions 00:43 Cybersecurity Month Initiatives 02:46 Security Awareness and Phishing Training 04:03 Impact of Irresponsible Tech Journalism 08:27 AI and Cybersecurity: Hype vs. Reality 10:43 Conference Experiences and Networking 18:33 Clop Ransomware and Data Extortion 23:45 Tammy's Insights on Clop's Tactics 24:58 Scattered Lasus and Cyber Warfare 26:32 Media Savvy Cybercriminals 31:36 Human Impact of Cyber Scams 37:17 Insider Threats and Security Awareness 43:21 Physical Security and Cyber Threats 48:33 Cybercrime Targeting Children 50:58 Conclusion and Upcoming Topics
At WHX Tech, cybersecurity expert Dr Leila Taghizade, Group Head of Cyber Risk Management / CISO IberoLatAm at Allianz, breaks down what every individual—and every hospital—should know about protecting themselves in 2025. From the basics of stronger passwords and two-factor authentication to the risks of free apps and third-party tools, she explains in clear terms why “there's no such thing as free lunch” in cybersecurity. Leila also highlights the dangers of phishing, the vulnerability of medical devices, and how AI both helps defenders and lowers the cost of attacks. Show Notes 00:00 – Introduction: why cybersecurity basics matter in 2025 00:30 – Strong passwords, two-factor authentication, limiting app permissions 02:00 – Giving apps only the access they really need 03:00 – Cybersecurity in healthcare: medical devices as weak links 04:30 – Default passwords and firmware updates as major risks 05:30 – Phishing: why reporting is critical for protection 07:00 – Everyday cyber hygiene: logging out, password managers 08:30 – AI's impact on cybersecurity: lowering cost of attacks, improving defense 10:00 – The risks of free apps and third-party tools 11:00 – Data leaks and how AI tools may unintentionally share information 12:30 – AI as a double-edged sword: prevention vs. risk 14:00 – Final advice: caution doesn't mean fear, but informed use www.facesofdigitalhealth.com Newsletter: https://fodh.substack.com/
The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com
In the world of cybersecurity, there are big lies that have been perpetuated about compliance, fixability and communication--and it's time to burn it all down and start over. Many experts see one main cybersecurity truth, especially about AI, SIEM, EDR and related business technology. By examining the intersection of AI, cybersecurity, and compliance, we can gain a deeper understanding of the lies that have been told about the state of cybersecurity and work towards a more secure future. Tune in to this thought-provoking Send us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
More .well-known scans Attackers are using API documentation automatically published in the .well-known directory for reconnaissance. https://isc.sans.edu/diary/More%20.well-known%20Scans/32340 RedHat Patches Openshift AI Services A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example, as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. https://access.redhat.com/security/cve/cve-2025-10725#cve-affected-packages TOTOLINK X6000R Vulnerabilities Paloalto released details regarding three recently patched vulnerabilities in TotalLink-X6000R routers. https://unit42.paloaltonetworks.com/totolink-x6000r-vulnerabilities/ DrayOS Vulnerability Patched Draytek fixed a single memory corruption vulnerability in its Vigor series router. An unauthenticated user may use it to execute arbitrary code. https://www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities
In Episode 385 of Positive Philter, I'm joined by Jeff Raderstrong, a professional ghostwriter who has helped CEOs, political leaders, and community activists bring their stories to life. Jeff shares his journey into ghostwriting, what it means to be part of the creative process while remaining behind the scenes, and valuable advice for aspiring ghostwriters. This episode pulls back the curtain on a unique career path that blends storytelling, collaboration, and purpose. Shout Outs and Plugs Jeff's Website: https://www.raderstrong.com/ Jeff's LinkedIn Profile: https://www.linkedin.com/in/jeff-raderstrong-a2814417/ If you have a question for the podcast call 571-336-6560 or leave a question via this Google Form. Five Minute Journal by Intelligent Change Affiliate Code: https://www.intelligentchange.com/?rfsn=4621464.017186 Tappy Card “Electronic Business Card” Affiliate Code: https://tappycard.com?ref:philip-wilkerson Please leave a rating/review of the Podcast https://lovethepodcast.com/positivephilter Intro music provided by DJ BIGyoks. Check out his Instagram and Soundcloud channel can be found here: https://www.instagram.com/beats.byyoks/ https://soundcloud.com/dj-bigyoks Outro music provided by Ryan Rosemond. Check out his Soundcloud channel here: https://soundcloud.com/brothersrosemond/albums Purchase "Forty Years of Advice" by Philip Wilkerson: https://a.co/d/2qYMlqu Leave Your Feedback by filling out this audience survey: https://forms.gle/ncoNvWxMq2A6Zw2q8 Sign up for Positive Philter Weekly Newsletter: http://eepurl.com/g-LOqL Please follow Positive Philter: Positive Philter Facebook Page Positive Philter Twitter Positive Philter Instagram If you would like to support the podcast, please consider donating to the Positive Philter Patreon page: https://www.patreon.com/positivephilter Positive Philter was selected by FeedSpot as Top 20 Positive Thinking Podcasts on the web. https://blog.feedspot.com/positive_thinking_podcasts/ Jeff's Anti-Hunger Fund The Positive Philter Podcast is dedicated to Jeff Kirsch. A long-time supporter of the show and a major influence on this show's growth. Please support the careers of future advocates by donating to the Jeff Kirsch Fund for Anti-Hunger Advocacy. This fund was named after Jeff Kirsch for his decades of service in fighting hunger and inequality. Link to fund: https://frac.org/kirschfund Pats for Patriots If you are a member of the #MasonNation, please consider sending a Pats for Patriots. Pats for Patriots are a free and easy way to thank, recognize, show appreciation for a Mason colleague or student who has taken the time to do something kind, generous or thoughtful towards others. For more information, visit: https://forms.office.com/r/HRZGvhdJEA We have received more than 2,000 nominations from the Mason community so far. Keep those nominations coming in! Steam Pilots Scholarship Steam Pilots, Inc. is a Virginia-based 501(c)(3) tax-exempt organization. Their goal is to improve the state of STEAM education in America. STEAM stands for Science, Technology, Engineering, Art, and Math. They achieve this through pro bono programs delivered to K-12 students and institutions in the Washington, D.C. metropolitan area. Steam Pilots is hoping to raise funds for STEAM kits, supplies, and modest stipends for the interns who work with me. Currently, they have an urgent need for 3D Printers, Robotics Kits, and Cybersecurity teaching tools. Link to GoFundMe: https://gofund.me/38eeaed2
Perplexity has made a significant move by dropping the price of its AI browser, Comet, from $200 a month to free, igniting what could be an AI browser war. This decision aims to help users navigate the overwhelming amount of low-quality online content by providing tools to summarize web pages and extract key information. A $5 monthly subscription will offer access to content from reputable media outlets, as Perplexity seeks to establish fair revenue-sharing practices with publishers. This shift comes amid ongoing legal challenges regarding content use, but the company emphasizes its commitment to high-quality sources.The recent U.S. government shutdown has led to the expiration of the Cybersecurity and Information Sharing Act of 2015, raising concerns about the future of cybersecurity collaboration. This law provided essential protections for organizations sharing cyber threat intelligence, and its absence is expected to hinder effective incident response. Experts warn that organizations may become more cautious about sharing vital information without the legal protections previously afforded, potentially increasing the risk of cyber attacks as adversaries exploit the disruption.In the tech industry, rumors are circulating about a potential investment deal between Apple and Intel, which raises questions about the future of the chip manufacturer. Apple, having previously transitioned away from Intel chips for its MacBooks, is now considering a collaboration that could see Intel manufacturing chips for Apple's data centers or producing Apple-designed chips. Meanwhile, Apple appears to be stepping back from its Vision Pro headset, which has not gained significant traction in the market, and is instead focusing on developing more affordable smart glasses.Managed service providers (MSPs) are at a critical junction as AI transitions from a luxury to a necessity. A significant portion of organizations lack policies to manage AI adoption effectively, creating both risks and opportunities for service providers. As clients demand faster resolutions and strategic insights, MSPs must modernize their services and establish governance to ensure AI delivers measurable value. The podcast emphasizes the importance of embedding AI capabilities into services rather than selling it as a standalone product, urging providers to focus on delivering outcomes that clients cannot achieve elsewhere.Four things to know today00:00 Perplexity Makes AI Browser Comet Free, Challenging Chrome, Safari, and Edge03:41 U.S. Shutdown Weakens Cyber Defense as Info-Sharing Law Expires, While NIST Races to Build Cyber AI Framework07:09 Apple Rumored to Invest in Intel Amid U.S. Chip Push, While Retreating From Vision Pro in Favor of Smart Glasses10:12 AI Is Becoming the Airline Business: Why MSPs Must Embed Capability, Not Sell Commodity This is the Business of Tech. Supported by: https://mailprotector.com/https://timezest.com/mspradio/ Webinar: https://bit.ly/msprmail All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
⬥GUEST⬥Pieter VanIperen, CISO and CIO of AlphaSense | On Linkedin: https://www.linkedin.com/in/pietervaniperen/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Real-World Principles for Real-World Security: A Conversation with Pieter VanIperenPieter VanIperen, the Chief Information Security and Technology Officer at AlphaSense, joins Sean Martin for a no-nonsense conversation that strips away the noise around cybersecurity leadership. With experience spanning media, fintech, healthcare, and SaaS—including roles at Salesforce, Disney, Fox, and Clear—Pieter brings a rare clarity to what actually works in building and running a security program that serves the business.He shares why being “comfortable being uncomfortable” is an essential trait for today's security leaders—not just reacting to incidents, but thriving in ambiguity. That distinction matters, especially when every new technology trend, vendor pitch, or policy update introduces more complexity than clarity. Pieter encourages CISOs to lead by knowing when to go deep and when to zoom out, especially in areas like compliance, AI, and IT operations where leadership must translate risks into outcomes the business cares about.One of the strongest points he makes is around threat intelligence: it must be contextual. “Generic threat intel is an oxymoron,” he argues, pointing out how the volume of tools and alerts often distracts from actual risks. Instead, Pieter advocates for simplifying based on principles like ownership, real impact, and operational context. If a tool hasn't been turned on for two months and no one noticed, he says, “do you even need it?”The episode also offers frank insight into vendor relationships. Pieter calls out the harm in trying to “tell a CISO what problems they have” rather than listening. He explains why true partnerships are based on trust, humility, and a long-term commitment—not transactional sales quotas. “If you disappear when I need you most, you're not part of the solution,” he says.For CISOs and vendors alike, this episode is packed with perspective you can't Google. Tune in to challenge your assumptions—and maybe your entire security stack.⬥SPONSORS⬥ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast:
From Compliance to Confidence: How to Evolve Cybersecurity Beyond the Checklist Healthcare cybersecurity stands at an inflection point. Traditional compliance frameworks are proving inadequate in the face of sophisticated threats targeting patient data, clinical operations, and connected medical devices. Robert Eikel, CISO at P-n-T Data Corp., brings unique expertise from government service, financial services, and pediatric healthcare to discuss how leading organizations are evolving beyond checklist security. We'll explore the new frontlines of healthcare cyber defense—identity, integrity, and interoperability—while examining how emerging technologies like AI and quantum computing are reshaping the threat landscape. • Moving from periodic compliance to continuous confidence through identity-centric, integrity-focused defense strategies • Protecting clinical workflows and patient safety while maintaining secure interoperability across healthcare ecosystems • Preparing cybersecurity programs for AI-powered threats, quantum risks, and next-generation healthcare technologies • Transforming cybersecurity governance from IT overhead to strategic business enabler Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen/
Cybersecurity Today: Red Hat Breach, CLOP Targets Oracle, and CISA Cuts Critical Support In this episode of Cybersecurity Today, host Jim Love covers a recent breach of Red Hat's consulting GitLab server, highlighting concerns over exposed network maps and tokens. The CLOP extortion gang targets Oracle E-Business Suite clients, demanding ransom for sensitive data. Surveys show Canadian businesses are overconfident in their cyber defenses despite frequent attacks. Finally, CISA has ended a crucial cybersecurity support agreement, impacting state and local governments amidst a federal shutdown. Tune in for detailed analysis and urgent action items. 00:00 Red Hat GitLab Server Breach 02:21 CLOP Gang Targets Oracle E-Business Suite 04:29 Canadian Firms' Overconfidence in Cybersecurity 06:31 CISA Ends Critical Support Amid Shutdown 08:38 Conclusion and Upcoming Month in Review
In this episode of Endo Voices, host Dr. Marcus Johnson sits down with Gary Salman, CEO and Co-Founder of Black Talon Security, to unpack the critical and often overlooked role of cybersecurity in dentistry.From real-world case studies to practical tips, the discussion covers:Current threats including phishing attacks, firewall vulnerabilities, email account takeovers, social engineering, and more.The importance of cyber liability insurance to your overall cyber resilience, in addition to offensive and defensive cyber prevention measures. The need for separation between IT and cybersecurity vendors for unbiased, independent risk assessment.Gary emphasizes that while threats are increasing, nearly all cyber incidents are preventable with the right layers of protection and training. Whether you're running a solo practice or managing multiple locations, this episode offers actionable strategies to secure patient data, safeguard your reputation, and strengthen your practice's future.Episodes of Endo Voices may include opinion, speculation and other statements not verifiable in the scientific method and do not necessarily reflect the views of AAE or the sponsor(s). Listeners should use their best judgment in evaluating the merits of any content.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com
The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform at https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Comparing Honeypot Passwords with HIBP Most passwords used against our honeypots are also found in the Have I been pwn3d list. However, the few percent that are not found tend to be variations of known passwords, extending them to find likely mutations. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Comparing%20Honeypot%20Passwords%20with%20HIBP/32310 Breaking Server SGX via DRAM Inspection By observing read and write operations to memory, it is possible to derive keys stored in SGX and break the security of systems relying on SGX. https://wiretap.fail/files/wiretap.pdf OneLogin OIDC Vulnerability A vulnerability in OneLogin can be used to read secret application keys https://www.clutch.security/blog/onelogin-many-secrets-clutch-uncovers-vulnerability-exposing-client-credentials OpenSSL Patch OpenSSL patched three vulnerabilities. One could lead to remote code execution, but the feature is used infrequently, and the exploit is difficult, according to OpenSSL
No Priors: Artificial Intelligence | Machine Learning | Technology | Startups
Between the future of search, the biggest threats in cybersecurity, and the jobs and platforms of tomorrow, Nikesh Arora sees one common thread connecting and transforming them all—AI. Sarah Guo and Elad Gil sit down with Nikesh Arora, CEO of cybersecurity giant Palo Alto Networks, to talk about a wide array of topics from agentic AI to leadership. Nikesh dives into the future of search, the disruptive potential of AI agents for existing business models, and how AI has both compressed the timeline for cyberattacks as well as fundamentally shifted defense strategies in cybersecurity. Plus, Nikesh shares his leadership philosophy, and why he's so optimistic about AI. Sign up for new podcasts every week. Email feedback to show@no-priors.com Follow us on Twitter: @NoPriorsPod | @Saranormous | @EladGil | @nikesharora | @PaloAltoNtwks Chapters: 00:00 – Nikesh Arora Introduction 00:39 – Nikesh on the Future of Search 04:46 – Shifting to an Agentic Model of Search 08:12 – AI-as-a-Service 16:55 – State of Enterprise Adoption 20:15 – Gen AI and Cybersecurity 27:35 – New Problems in Cybersecurity in the AI Age 29:53 – Deepfakes, Spearfishing, and Other Attacks 32:56 – Expanding Products at Palo Alto 35:49 – AI Agents and Human Replaceability 44:28 – Nikesh's Thoughts on Growth at Scale 46:52 – Nikesh's Leadership Tips 51:14 – Nikesh on Ambition 54:18 – Nikesh's Thoughts on AI 58:21 – Conclusion
Small to medium-sized businesses (SMBs) are significantly increasing their technology budgets, focusing on strategic investments that support long-term growth. According to a study by Forrester Consulting, 88% of SMBs plan to enhance their cloud strategies and cybersecurity through increased spending on third-party services. The study also highlights a growing emphasis on improving customer experience and reducing enterprise risk, with cloud-based disaster recovery solutions and hybrid cloud strategies becoming essential. However, the integration of AI services into the economy is expected to take years, as businesses need time to learn about new AI products and train their employees.The UK government has issued a second Technical Capability Notice requiring Apple to provide access to encrypted data and messages of British users stored on its iCloud service. This directive follows a previous request that raised diplomatic tensions with the US and has led Apple to withdraw its Advanced Data Protection Service in the UK, weakening user privacy. The implications of this move are significant for SMBs that rely on iCloud, as it introduces potential security risks and highlights the need for additional encryption measures.Microsoft is facing pushback as it prepares to end free security updates for Windows 10, which is set to occur on October 14, 2025. A coalition of organizations, including repair shops and advocacy groups, is urging Microsoft to extend these updates, citing concerns that many PCs will be left insecure or unusable. With a significant portion of Windows 10 machines unable to upgrade to Windows 11, businesses are left with difficult choices regarding their operating systems, potentially leading to increased e-waste.In the realm of AI, major companies like Microsoft, Salesforce, and Stripe are launching new tools that integrate AI capabilities into their existing platforms. Microsoft has introduced Microsoft 365 Premium, which combines Office applications with AI features, while Salesforce has launched AgentForce Fibes, a tool that streamlines coding through natural language. Stripe's new instant checkout feature within ChatGPT allows users to purchase products directly from chat interfaces. These developments indicate that AI is becoming an integral part of business infrastructure, and MSPs must focus on helping clients leverage these tools effectively to drive business outcomes.Four things to know today00:00 SMBs Are Increasing Tech Budgets for Cloud, Cybersecurity, and AI, But Forrester Warns True AI Value Will Take Years to Realize04:07 UK Pressures Apple on iCloud Again, Forcing Encryption Rollback That Puts Privacy, Business Security, and Global Precedent at Risk05:39 Windows 10 Sunset Becomes a Flashpoint: Market Share, Hardware Incompatibility, and Sustainability Collide in Microsoft's 2025 Deadline08:23 From Office to Checkout: Microsoft, Salesforce, Stripe, OpenAI, and Google Push AI Into Everyday Work and Consumer Life This is the Business of Tech. Supported by: https://scalepad.com/dave/https://mailprotector.com/ Webinar: https://bit.ly/msprmail All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
In this episode, Kareem Fidel of CGI Federal introduces Zach Whitman, Chief Data Scientist and inaugural Chief AI Officer at GSA, who discusses GSA's AI strategies and initiatives. Whitman elaborates on the practical experimentation and deployment of AI systems, the importance of data hygiene, benchmarks for AI performance, and the challenges and opportunities in AI adoption and acquisition for federal agencies. Key topics include AI in acquisitions, talent readiness for AI, and the fine balance between technological advancement and maintaining accuracy and precision in AI governance. Subscribe on your favorite podcast platform to never miss an episode! For more from ACT-IAC, follow us on LinkedIn or visit http://www.actiac.org.Learn more about membership at https://www.actiac.org/join.Donate to ACT-IAC at https://actiac.org/donate. Intro/Outro Music: See a Brighter Day/Gloria TellsCourtesy of Epidemic Sound(Episodes 1-159: Intro/Outro Music: Focal Point/Young CommunityCourtesy of Epidemic Sound)
The IPO market may be slowing down, but the discipline of operating like a public company has never been more important. In this episode, CJ is joined by Chad Gold, CFO of FullStory and veteran operator with previous stints at G2, SalesLoft, and Rubicon, to discuss how capital markets and financing strategies are shifting in real time. Chad explains why more companies are staying private longer, how the rise of private credit is changing the CFO toolkit, and why building IPO-ready discipline matters even if you never go public. The conversation also dives into one of his specialties—pricing models and sales incentives—covering how seat-based, usage, and blended structures influence rep behavior, comp plans, and long-term revenue quality, as well as how the wrong incentives can quietly derail a business. Finally, Chad reflects on lessons from his early career at Home Depot and how fundamentals from retail operations still inform his instincts in SaaS today.—LINKS: Chad Gold on LinkedIn: https://www.linkedin.com/in/chadgold/Fullstory: https://www.fullstory.com/CJ on X (@cjgustafson222): https://x.com/cjgustafson222 Mostly metrics: https://www.mostlymetrics.comRELATED EPISODES:G2 CFO Chad Gold on Building A Durable Career as a Venture Backed Exec:Big Systems Thinking for Building a Finance Org: Advice From a Zoom Hypergrowth Survivor:—TIMESTAMPS:(02:14) Sponsors – Mercury | RightRev | Tipalti(06:10) What's New at FullStory(09:22) Hypotheses, Data, and Unlocking Use Cases(10:13) Early CFO Career and the Evolution of Data(11:09) From Deterministic Models to Analytics-Driven Forecasting(12:17) Cohorts, Segmentation, and Revenue Quality(13:17) Why Companies Stay Private Longer(15:28) Sponsors – Aleph | Rillet | Fidelity P.S.(19:01) Capital Flows Into Hot Sectors Like AI and Cybersecurity(20:20) More Companies Going Private Than Public(21:41) Costs and Tradeoffs of Being Public(22:46) Secondary Markets and Access to Top Companies(24:14) Staying Private Longer and CFO Planning(25:29) Keeping the Org Exit-Ready(26:10) The Rise of Private Credit(27:37) Banks vs. Venture Debt After SVB(30:47) Pricing Models Across Chad's CFO Roles(35:47) How to Incentivize Sales Reps Across Pricing Models(43:26) Lessons From Home Depot + Lightning Round—SPONSORS:Mercury is business banking built for builders, giving founders and finance pros a financial stack that actually works together. From sending wires to tracking balances and approving payments, Mercury makes it simple to scale without friction. Join the 200,000+ entrepreneurs who trust Mercury and apply online in minutes at https://www.mercury.comRightRev automates the revenue recognition process from end to end, gives you real-time insights, and ensures ASC 606 / IFRS 15 compliance—all while closing books faster. For RevRec that auditors actually trust, visit https://www.rightrev.com and schedule a demo.Tipalti automates the entire payables process—from onboarding suppliers to executing global payouts—helping finance teams save time, eliminate costly errors, and scale confidently across 200+ countries and 120 currencies. More than 5,000 businesses already trust Tipalti to manage payments with built-in security and tax compliance. Visit https://www.tipalti.com/runthenumbers to learn more.Aleph automates 90% of manual, error-prone busywork, so you can focus on the strategic work you were hired to do. Minimize busywork and maximize impact with the power of a web app, the flexibility of spreadsheets, and the magic of AI. Get a personalised demo at https://www.getaleph.com/runRillet is the AI-native ERP modern finance teams are switching to because it's faster, simpler, and 100% built for how teams operate today. See how fast your team can move. Book a demo at https://www.rillet.com/metricsFidelity Private Shares is the all-in-one equity management platform that keeps your cap table clean, your data room organized, and your equity story clear—so you never risk losing a fundraising round over messy records. Schedule a demo at https://www.fidelityprivateshares.com and mention Mostly Metrics to get 20% off.#CFOInsights #SaaSFinance #CapitalMarkets #IPOReady #RevenueStrategy #GrowthStageCFO This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit cjgustafson.substack.com
John Skinner of Vectra AI shares how cyber attackers are democratizing sophisticated attacks using dark web tools, and why AI-powered hybrid defense is now essential for enterprise security.Topics Include:Vectra AI: 13-year-old cybersecurity company founded as "AI native" from day oneBuilt on machine learning assumption while competitors treated AI as afterthoughtGenerative AI represents the latest evolution in their comprehensive AI journeyStarted pairing threat researchers with ML developers to codify attack behaviorsAdded agentic AI in 2018 for correlation across space and timeUses AWS Security Lake, GuardDuty, and recently became AWS Bedrock customerSuccess measured by reducing "dwell time" from initial attack to detectionAchieved 60% faster alerts, 51% faster monitoring, 50% faster investigation timesCustomers should evaluate vendor's data science quality and algorithm training yearsEvolved hybrid defense approach as attacks start anywhere, go everywhereAI handles high-volume correlation while humans focus on analytical decisionsFuture challenge: democratized cyber attacks using readily available dark web toolsParticipants:John Skinner – Vice President Corporate/Business Development, Vectra AIFurther Links:Vectra AI: Website – LinkedIn – AWS Marketplace - YouTubeSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
In this episode of Unspoken Security, host A.J. Nash sits down with Marley Salveter, Director of Marketing at Unspoken Security. They explore how digital privacy and security awareness look different for younger generations who have grown up in a world where sharing personal data is routine, not a choice. Marley shares her perspective on adapting to life online, where building a personal brand and protecting personal information often overlap for today's professionals.Marley explains how her generation views data privacy as an accepted tradeoff, not a conscious decision, and why traditional corporate security training rarely feels relevant. She discusses the real risks of living in public—how threats feel less urgent until they get personal and why the rapid response of tech platforms can mask the lasting impact of breaches. She and A.J. dig into the challenge of communicating security risks to a connected generation that rarely sees tangible consequences.Together, they reflect on how open conversations bridge generational gaps and why storytelling and relatable dialogue help people internalize security lessons. Marley argues that making security personal is key to lasting change—especially for those building their careers and brands in the public eye.Send us a textSupport the show
professorjrod@gmail.comDive deep into the essential building blocks of secure enterprise networks with Professor J. Rod in this comprehensive exploration of network architecture, security appliances, and remote access solutions.What makes a truly secure organizational network? It's more than just firewalls and fancy equipment—it's thoughtful design, strategic implementation, and layered defenses. We break down how enterprise networks function as digital blueprints, explaining everything from switching topologies to routing infrastructure in accessible terms. You'll understand why proper segmentation matters and how VLANs create logical separation between departments sharing physical resources.Security isn't about building one impenetrable wall anymore. Modern protection requires defense-in-depth with multiple control types across various network zones. We examine critical security appliances including next-generation firewalls, intrusion detection systems, web application firewalls, and load balancers—explaining not just what they do but where they belong in your architecture. You'll learn the difference between Layer 4 and Layer 7 inspection, why proper device placement matters, and how to choose between fail-open and fail-close configurations based on your organizational needs.With remote work now standard, we tackle virtual private networks and secure access solutions that keep distributed teams connected safely. From TLS tunneling to IPsec implementation, SSH management to jump servers, you'll gain practical insights into protecting your extended network perimeter. The episode concludes with CompTIA-style practice questions to test your understanding of key concepts. Whether you're studying for certification or managing enterprise infrastructure, this episode provides the knowledge foundation to build truly resilient network architectures. Subscribe for more in-depth technology explorations that bridge theory and practical application.Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod
Jillian DelSignore from Nasdaq highlights cybersecurity ETFs in a fast-changing AI world. “June, July and August were the biggest months” for inflows into some of these vehicles. Jillian views cyber as a “digital utility” and thinks it is less subject to volatility and economic stress. Switching gears, she discusses how dual share class approval could massively change the ETF industry.======== Schwab Network ========Empowering every investor and trader, every market day.Subscribe to the Market Minute newsletter - https://schwabnetwork.com/subscribeDownload the iOS app - https://apps.apple.com/us/app/schwab-network/id1460719185Download the Amazon Fire Tv App - https://www.amazon.com/TD-Ameritrade-Network/dp/B07KRD76C7Watch on Sling - https://watch.sling.com/1/asset/191928615bd8d47686f94682aefaa007/watchWatch on Vizio - https://www.vizio.com/en/watchfreeplus-exploreWatch on DistroTV - https://www.distro.tv/live/schwab-network/Follow us on X – / schwabnetwork Follow us on Facebook – / schwabnetwork Follow us on LinkedIn - / schwab-network About Schwab Network - https://schwabnetwork.com/about
Every October, Cybersecurity Awareness Month brings a wave of tips: update your software, enable MFA, use strong passwords. But what good is any of that if the people behind the defenses are feeling burned out?In this episode of Talos Takes, Hazel sits down with Joe Marshall for a candid, vulnerable conversation about the human cost of cybersecurity. Joe opens up about his experience during the VPNFilter campaign — months of secrecy, long hours, immense pressure, and the trauma it left behind. Hazel shares her own journey with burnout, and together they talk about how to recognise the warning signs.They close with practical steps: building a personal “incident response playbook” that includes boundaries, peer support, and self-care. Because at the end of the day, you can't patch a system if you're burned out.
The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com
Our guest this episode of The Member Engagement Show is Brian Scott, President and CISO of 501CISO, who talks about the increasing prevalence of cybercrime targeting nonprofits and associations. We discuss the industrialization of cybercrime, the unique vulnerabilities of smaller organizations, and the importance of cybersecurity education and training. Topics covered include: Why cybercrime is worse than it's ever been. The global industrialization of cybercrime. How AI is helping cybercriminals be more effective. Why nonprofits and associations are becoming a bigger target. Are Managed Service Providers (MSPs) always reliable protection? Tips for hiring and using MSPs. The impact of being the target of cybercrime. Key things associations should do to protect their security and data. The '501 CISO Big Six' essential protections to implement. Why cybersecurity is not just an “IT problem.” Some Helpful Links: Episode on AI use and data privacy with guest Amanda DeLuke. Explore more resources from Brian Scott & 501CISO: cleartoneconsulting.com/publications/
As artificial intelligence reshapes workplaces and business strategies, firms increasingly depend on AI providers, making AI a tool of geopolitical influence. We'll discuss the impact across industries, as digital currencies affect monetary control and cyber threats challenge operational resilience. Host: William Foster, Senior Vice President, Sovereign Risk Group, Moody's Ratings Guests: Vincent Gusdorf, Associate Managing Director, Digital Finance and AI Analytics, Moody's Ratings; Leroy Terrelonge, Vice President-Analyst, Cyber Credit Risk, Moody's Ratings Related research:Artificial Intelligence – Global – Nations push for AI sovereignty to capture economic, geopolitical gains 30 September 2025 Sovereigns - Global – Digital currency growth, inconsistent regulation amplify countries' financial risks 25 September 2025Artificial Intelligence – Corporates – Pace of AI advances, regional disparities will steer credit trends across industries 23 September 2025 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonAllow what you need, block everything else... Including ransomware. Zero trust Endpoint Protection Platform at https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Sometimes you don t even need to log in Applications using simple, predictable cookies to verify a user s identity are still exploited, and relatively recent vulnerabilities are still due to this very basic mistake. https://isc.sans.edu/diary/%22user%3Dadmin%22.%20Sometimes%20you%20don%27t%20even%20need%20to%20log%20in./32334 Western Digital My Cloud Vulnerability Western Digital patched a critical vulnerability in its MyCloud device. https://nvd.nist.gov/vuln/detail/CVE-2025-30247 sudo vulnerability exploited A recently patched vulnerability in sudo is now being exploited. https://www.sudo.ws/security/advisories/
Send us a textIn this episode of Joey Pinz Discipline Conversations, Joey sits down with Jeff Hill of Stellar Cyber to explore how MSPs can strengthen their security posture, grow their businesses, and simplify operations. Recorded live at the MSP Summit in Orlando, Jeff shares candid insights on what keeps MSPs awake at night—from cybersecurity breaches to staffing challenges and competitive growth pressures.Jeff explains how Stellar Cyber's multi-tenancy, unified platform, and AI-driven automation help MSPs deliver enterprise-grade security without added complexity. He emphasizes the importance of choosing the right MSSP partners, understanding compliance and cyber insurance requirements, and leveraging open platforms that integrate seamlessly with existing tools.The conversation also highlights how MSPs can turn security into a revenue generator, not just a cost center, while positioning themselves for long-term success or acquisition. Jeff's core message is clear: simplify, stay open, and create value that differentiates your business.Tune in to learn how Stellar Cyber is helping MSPs find their “diamonds in the rough” and why now is an exciting time in the cybersecurity landscape.
In this episode of the Global Fresh Series, we sit down with Dave McCary of ZAG Technical Services to explore how cybersecurity and ransomware are reshaping the fresh produce industry. From recent high-profile attacks on produce companies to the hidden vulnerabilities in supply chains, Dave shares why protecting data and operations is just as critical as protecting the crops themselves. We discuss the real costs of downtime, how hackers exploit weaknesses, and the steps growers, shippers, and distributors can take today to safeguard their businesses — and the global food supply — from digital threats.First Class Sponsor: Peak of the Market: https://peakofthemarket.com/ Premium Sponsor: Zag Technological Services, Inc.: https://www.zagtech.com/ Premium Sponsor: Avocados from Colombia: https://avocadoscolombia.com/ Premium Sponsor: The Fruit & Vegetable Dispute Resolution Corporation: https://fvdrc.com/ Global Women Fresh: https://globalwomenfresh.com/
More than four out of ten (41%) Chief Information Officers (CIOs) report cybersecurity as their top concern, yet these same leaders are simultaneously increasing security budgets (77%), expanding cloud infrastructure (68%), and accelerating artificial intelligence (AI) capabilities (67%). According to the new Future Forward: CIO 2025 Outlook report released by Experis, a global leader in IT workforce solutions and part of the ManpowerGroup (NYSE: MAN) family of brands, modern technology leaders are walking a tightrope between protecting their organizations and driving innovation in an era of relentless cyber threats and rapid digital transformation. Amanda Jack, CTO at Manpower Group, joins Business Security Weekly to share the finding, including: 77% of organizations plan to increase cybersecurity budgets in 2025, followed by cloud infrastructure (68%) and AI (67%) 76% of IT employers worldwide report difficulty finding skilled tech talent 52% of tech leaders are embedding AI skills into existing roles rather than creating new positions Relationship with the Chief Operating Officer (COO) is identified as the most important C-suite partnership outside IT 56% of IT leaders say senior leadership lacks sufficient knowledge about the CIO role and its responsibilities Segment Resources: https://www.experis.com/en/cio-outlook In the leadership and communications segment, Is Your Board Too Collegial?, Cybersecurity, AI, and Economic Uncertainty: How Internal Audit Teams Are Managing 2025's Top Risks, Burnout in the corporate middle: when leadership becomes an issue, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-415
The Roundtable Panel: a daily open discussion of issues in the news and beyond. Today's panelists are Philosophy, and Human Rights at Bard College Roger Berkowitz, Joseph Palamountain Jr. Chair in Government at Skidmore College Beau Breslin, Dean of the College of Emergency Preparedness, Homeland Security and Cybersecurity at the University at Albany Robert Griffin, and Executive Director of The Legal Aid Society of Northeastern New York Nic Rangel.
SBOMs were supposed to be the ingredient label for software—bringing transparency, faster response, and stronger trust. But reality shows otherwise. Fewer than 1% of GitHub projects have policy-driven SBOMs. Only 15% of developer SBOM questions get answered. And while 86% of EU firms claim supply chain policies, just 47% actually fund them.So why do SBOMs stall as compliance artifacts instead of risk-reduction tools? And what happens when they do work?In this episode of AppSec Contradictions, Sean Martin examines:Why SBOM adoption is laggingThe cost of static SBOMs for developers, AppSec teams, and business leadersReal-world examples where SBOMs deliver measurable valueHow AISBOMs are extending transparency into AI models and dataCatch the full companion article in the Future of Cybersecurity newsletter for deeper analysis and more research.
Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal speak with Paul Iagnocco, Head of Customer Enablement at our sponsor TrustArc. Apart from catching up, the team speaks with our guest about the development and maintenance of data protection compliance programs, especially in this time where AI is becoming more and more important. Links:Linkedin AI training settingsSRB v EDPS on pseudonymous data (C-413/23) If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Medboard Europe TToo much Incomplete Tech File - Let's explain to you how to do it: https://www.team-nb.org/wp-content/uploads/2025/09/Team-NB-PositionPaper-BPG-IVDR-V2-20250903.pdf 2025/1920 on Master UDI-DI - Not only lenses but also Spectacle frames and Ready-to-wear: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:L_202501920 Borderline manual Update - New products included: https://health.ec.europa.eu/document/download/71a87df8-5ca1-4555-b453-b65bdf8de909_en?filename=md_borderline_manual_en.pdf red blood cell additive solutions containing adenine dual action cream with menthol and capsaicin Lactose tablets for vaginal use microabrasion dental stain removers medical examination table covers Mobile sterile air system EU asks your feedback on EU MDR and IVDR - Enjoy reading some 100 feedbacks: https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/14808-Medical-devices-and-in-vitro-diagnostics-targeted-revision-of-EU-rules_en Switzerland Swissdamed Technical Documentation - XML upload: https://www.swissmedic.ch/swissmedic/en/home/medical-devices/medizinprodukte-datenbank/swissdamed-informationen/swissdamed-technical-documents.html Business Rules Swissdamed: https://www.swissmedic.ch/dam/swissmedic/en/dokumente/medizinprodukte/mep_urr/bw630_40_002e_pu_swissdamed_business_rules.pdf.download.pdf/BW630_40_002e_PU_swissdamed_Business_Rules.pdf UK UK PMS guidance for Report - Template available: https://www.gov.uk/government/publications/medical-devices-post-market-surveillance-requirements/requirements-of-the-manufacturers-pms-system PMSR Template: https://www.gov.uk/government/publications/medical-devices-standardised-format-for-the-post-market-surveillance-report Magazine Issue 1: Sept/Oct 2025 - Next one will come November 2025: https://easymedicaldevice.com/emd-mag/ Events Medtech Conf events - Be listed on the MAP: https://medtechconf.com/events-map-2/ EasyIFU Free trial for eIFU with EASYIFU - Compliant EU 2025/1234: https://easyifu.com ROW US FDA Computer System Assurance - SOP offered on the show notes: https://www.fda.gov/regulatory-information/search-fda-guidance-documents/computer-software-assurance-production-and-quality-system-software-0 Malaysia affiliate member of MDSAP - What does it change?: https://portal.mda.gov.my/index.php/announcement/1636-malaysia-is-now-mdsap-medical-device-single-audit-program-mdsap-member Australia Essential Principles Checklist Update -: Update the templates V1.2: https://www.tga.gov.au/resources/resource/checklists/essential-principles-checklist Egypt guidance to import your devices - Medical Devices, Accessories, IVD: All type of devices: https://edaegypt.gov.eg/media/lafopofx/1-regulatory-guideline-of-issuance-of-import-approvals-of-all-types-of-medical-devices_gd.pdf Medical Equipment and Accessories: https://edaegypt.gov.eg/media/fltnd1qc/4-regulatory-guideline-of-issuing-import-approvals-for-medical-equipment-and-their-accessories_gd.pdf IVD: https://edaegypt.gov.eg/media/e2rf4qg5/2-regulatory-guideline-of-the-procedures-and-rules-of-obtaining-import-approvals-for-iaboratory-and-diagnostic-equipment-gd.pdf Podcast Episode 353: Cybersecurity in Medical Devices: What QA/RA must do Today: https://podcast.easymedicaldevice.com/353-2/ Episode 354: From Surgeon to CEO: Building Neurogyn AG: https://podcast.easymedicaldevice.com/354-2/ Episode 355: Postmarket Surveillance for SaMD and AI: https://podcast.easymedicaldevice.com/355-2/ Easy Medical Device Service Support for Consulting (QA RA projects) Support for Authorized Representative and Market Access Integration to an eQMS Social Media to follow Monir El Azzouzi Linkedin: https://linkedin.com/in/melazzouzi Twitter: https://twitter.com/elazzouzim Pinterest: https://www.pinterest.com/easymedicaldevice Instagram: https://www.instagram.com/easymedicaldevice
Ivana Delevska says there's many companies and industries outside of the chipmakers to benefit from the next wave of A.I. Among them is Constellation Energy (CEG), which she sees as a leader in electricity production for A.I.'s power demand. Ivana also points investor attention to cybersecurity stocks like CrowdStrike (CRWD) and ZScaler (ZS). Tom White turns to the options front through example trades in Constellation Energy and GE Vernova (GEV).======== Schwab Network ========Empowering every investor and trader, every market day.Options involve risks and are not suitable for all investors. Before trading, read the Options Disclosure Document. http://bit.ly/2v9tH6DSubscribe to the Market Minute newsletter - https://schwabnetwork.com/subscribeDownload the iOS app - https://apps.apple.com/us/app/schwab-network/id1460719185Download the Amazon Fire Tv App - https://www.amazon.com/TD-Ameritrade-Network/dp/B07KRD76C7Watch on Sling - https://watch.sling.com/1/asset/191928615bd8d47686f94682aefaa007/watchWatch on Vizio - https://www.vizio.com/en/watchfreeplus-exploreWatch on DistroTV - https://www.distro.tv/live/schwab-network/Follow us on X – https://twitter.com/schwabnetworkFollow us on Facebook – https://www.facebook.com/schwabnetworkFollow us on LinkedIn - https://www.linkedin.com/company/schwab-network/About Schwab Network - https://schwabnetwork.com/about
The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com
Kyle McIntyre is the owner and executive recruiter at McIntyre Associates, where he has placed VPs, SVPs, and C-Level executives for companies ranging from Seed Stage through Fortune 100. In this episode, McIntyre joins host Amanda Glassner to discuss open positions in cybersecurity today, as well as the outlook for 2026, what hiring managers should consider, and more. McIntyre Associates has served the cybersecurity startup community for over two decades, partnering with industry leaders such as CrowdStrike, KnowBe4, Cisco, Arbor Networks and others to achieve record-breaking growth and noteworthy exit events. To learn more about our sponsor, visit https://McIntyreAssociates.com.
More than four out of ten (41%) Chief Information Officers (CIOs) report cybersecurity as their top concern, yet these same leaders are simultaneously increasing security budgets (77%), expanding cloud infrastructure (68%), and accelerating artificial intelligence (AI) capabilities (67%). According to the new Future Forward: CIO 2025 Outlook report released by Experis, a global leader in IT workforce solutions and part of the ManpowerGroup (NYSE: MAN) family of brands, modern technology leaders are walking a tightrope between protecting their organizations and driving innovation in an era of relentless cyber threats and rapid digital transformation. Amanda Jack, CTO at Manpower Group, joins Business Security Weekly to share the finding, including: 77% of organizations plan to increase cybersecurity budgets in 2025, followed by cloud infrastructure (68%) and AI (67%) 76% of IT employers worldwide report difficulty finding skilled tech talent 52% of tech leaders are embedding AI skills into existing roles rather than creating new positions Relationship with the Chief Operating Officer (COO) is identified as the most important C-suite partnership outside IT 56% of IT leaders say senior leadership lacks sufficient knowledge about the CIO role and its responsibilities Segment Resources: https://www.experis.com/en/cio-outlook In the leadership and communications segment, Is Your Board Too Collegial?, Cybersecurity, AI, and Economic Uncertainty: How Internal Audit Teams Are Managing 2025's Top Risks, Burnout in the corporate middle: when leadership becomes an issue, and more! Show Notes: https://securityweekly.com/bsw-415
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Apple Patches Apple released patches for iOS, macOS, and visionOS, fixing a single font parsing vulnerability https://isc.sans.edu/diary/Apple%20Patches%20Single%20Vulnerability%20CVE-2025-43400/32330 Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400). Our honeypots detected an increase in scans for a Palo Alto Global Protect vulnerability. https://isc.sans.edu/diary/Increase%20in%20Scans%20for%20Palo%20Alto%20Global%20Protect%20Vulnerability%20%28CVE-2024-3400%29/32328 Nimbus Manticore / Charming Kitten Malware update Checkpoint released a report with details regarding a new Nimbus Manticore exploit kit. The malware in this case uses valid SSL.com-issued certificates. https://research.checkpoint.com/2025/nimbus-manticore-deploys-new-malware-targeting-europe/
Show Featured Sponsor: Precision Holsters:These guys have a lifetime, no questioned asked 100% guarantee. They are makers of high-quality holsters, belts, and magazine pouches. Visit them at: Precision Holsters and use code “seekAWS” for a discount. In this episode of the American Warrior Show, Rich Brown is joined by Andrew Frisbie (Practical Cyber Defense) to dig into the threats America faces in cyberspace—and how we must respond.
What if the biggest weakness in cybersecurity isn't a missing tool, but a cultural blind spot? That's the perspective of Dan Jones, Senior Security Advisor at Tanium, who joined me on Tech Talks Daily to share why he believes cybersecurity is fundamentally a people problem dressed up as a technology problem. Dan brings nearly three decades of experience in cyber operations, including leading cyber defence strategy for the UK Ministry of Defence. His career has shown him that technology alone doesn't secure organisations—it's the people at the front line, their leadership, and their ability to make the right decisions under pressure. He argues that while new tools flood the market every year, the make-or-break factor remains the same: how teams are led, supported, and empowered. In our conversation, Dan explains why leadership is often the overlooked part of cybersecurity, how culture shapes security outcomes, and why automation should be embraced not as a threat to jobs but as a way to give people time back for higher-value decision making. He shares examples from both military and enterprise contexts, showing how organisations succeed or fail based not on what tools they buy, but on how well they bring their people along for the journey. We also dig into one of today's hottest debates: the role of AI in cybersecurity. While many fear AI will displace jobs, Dan insists those fears are rooted in culture, not reality. He draws parallels to past industrial shifts, making the case that automation and orchestration are stepping stones that prepare teams for an AI-powered future—one where human judgment still sits firmly at the centre. This is a timely reminder for every leader and practitioner that cybersecurity is about more than firewalls and code. It's about trust, training, and people working together with the right tools at the right time. And yes, it's also about taking five minutes to brew a proper cup of tea—a lesson Dan believes says a lot about leadership and reflection. If you've ever wondered whether your organisation is focusing too much on tools and not enough on culture, this episode will make you stop and think. ********* Visit the Sponsor of Tech Talks Network: Land your first job in tech in 6 months as a Software QA Engineering Bootcamp with Careerist https://crst.co/OGCLA
What does the risk environment for Operational Technology (OT) look like in 2025? JJ and Drew review four recent reports on the state of OT security from Dragos, Fortinet, and others. We discuss ransomware impacts, ongoing risks of RDP traffic, directly exposed OT devices, and overall attack trends and the tools and processes that organizations... Read more »
It's been over a year since we've talked about cybersecurity on Manufacturing Happy Hour, and with AI changing the game completely, we're overdue for a refresh. Around 80-85% of the global industry doesn't have basic defense at the edge of their networks; that's a sobering statistic.Felipe Sabino Costa, Senior Product Manager for Networking and Cybersecurity at Moxa, joins the show to break down why Operational Technology (OT) security matters more than ever. Manufacturers need to transmit massive amounts of data for AI and predictive analytics, but they're working with 15–20-year-old infrastructure that wasn't built for this.The good news is, Felipe shares practical frameworks like NIST and IEC 62443 (which he compares to nutrition labels) that help manufacturers build security into their operations. The key takeaway? There's no silver bullet; it's about building layers of defense and finding the right partners.In this episode, find out:Why OT data has shifted from historical logging to real-time predictive powerThe bandwidth issue hitting intelligent transportation systems and semiconductor manufacturingHow AI enables attackers to adapt their attacks in real-timeWhy 80-85% of global industry lacks protectionFelipe's nutrition label analogy for understanding security certificationsThe difference between thinking your air-gapped and actually being air-gappedWhy defense requires multiple layers of securityFelipe's outlook on the future of OT networksEnjoying the show? Please leave us a review here. Even one sentence helps. It's feedback from Manufacturing All-Stars like you that keeps us going!Tweetable Quotes:“We used to be air-gapped or isolated. And many of the companies, they still think that they are, but they are not anymore. To be really air-gapped, I shouldn't have any way to send data.”“Give and take, 80% of the global industry, including the US, does not have these specific layers of defense. They have some defense, but they have nearly zero protection close to the process itself.”“There is no silver bullet. We are seeing this shift right from how we used to do security. A strategy should be way more sophisticated.”Links & mentions:OT Network Security: Investment & Segmentation Strategies, a webinar that addresses the financial and operational risks posed by cyber threats while offering hands-on guidance for OT network security Futureproof Industrial Networks, a website shares how to design and implement a robust, secure, and efficient network infrastructure that can meet the demands of modern industrial environments and optimize operational processesMoxa, delivering the reliable and secure connectivity foundation that advanced analytics and AI depend on, with solutions in edge connectivity, industrial computing, and network infrastructure Make sure to visit http://manufacturinghappyhour.com for detailed show notes and a full list of resources mentioned in this episode. Stay Innovative, Stay Thirsty.
What does the risk environment for Operational Technology (OT) look like in 2025? JJ and Drew review four recent reports on the state of OT security from Dragos, Fortinet, and others. We discuss ransomware impacts, ongoing risks of RDP traffic, directly exposed OT devices, and overall attack trends and the tools and processes that organizations... Read more »
A Chinese state-sponsored group exploited enterprise devices in a global espionage effort. The UK Government guarantees £1.5 billion financing to help Jaguar Land Rover's recovery efforts. A maximum-severity flaw in Fortra's GoAnywhere Managed File Transfer product is under active exploitation. The AI boom faces sustainability questions. Akira ransomware bypasses MFA on SonicWall devices. Dutch teens are arrested for allegedly spying for Russia. Luxury retailer Harrods confirms a data breach. An Interpol crackdown targets African cybercrime rings. We've got our Monday business briefing. Brandon Karpf joins us to discuss the cybersecurity ecosystem in Japan. Cyber crooks offer a BBC journalist an early retirement package. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today our guest is Brandon Karpf, friend of the show, and he joins to discuss the Cybersecurity ecosystem in Japan. Selected Reading Chinese hackers breached critical infrastructure globally using enterprise network gear (CSO Online) UK government bails out Jaguar Land Rover with $2 billion loan (Metacurity) Maximum severity GoAnywhere MFT flaw exploited as zero day (Bleeping Computer) The AI boom is unsustainable unless tech spending goes ‘parabolic,' Deutsche Bank warns: ‘This is highly unlikely' (Fortune) Akira ransomware breaching MFA-protected SonicWall VPN accounts (Bleeping Computer) Dutch teens arrested for trying to spy on Europol for Russia (Bleeping Computer) Harrods: Hackers contact firm after 430,000 customer records stolen (BBC) Africa cybercrime crackdown includes hundreds of arrests, Interpol says (The Record) Cyberbit acquires RangeForce. Terra Security raises $30 million. (N2K Pro) 'You'll never need to work again': Criminals offer reporter money to hack BBC (BBC) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Converting Timestamps in .bash_history Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format. https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324 Cisco ASA/FRD Compromises Exploitation of the vulnerabilities Cisco patched last week may have bone back about a year. Cisco and CISA have released advisories with help identifying affected devices. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices Github Notification Phishing Github notifications are used to impersonate YCombinator and trick victims into installing a crypto drainer. https://www.bleepingcomputer.com/news/security/github-notifications-abused-to-impersonate-y-combinator-for-crypto-theft/