Attack on a computer system
POPULARITY
Categories
Cybercriminals are sliding into Microsoft Teams chats—and they're not who they say they are. In this episode of Darnley's Cyber Cafe, we uncover a clever new attack targeting businesses from the inside out. From fake IT support to sneaky malware that hides in plain sight, this is one you don't want to ignore. Grab a coffee and learn how to spot the warning signs, protect your systems, and stay one step ahead.
In this episode of Cybersecurity Today, host David Shipley covers a range of cyber threats including the Venom Spider malware targeting HR professionals, the emergence of the Noodlofile info stealer disguised as an AI video generator, and misinformation campaigns amid the India-Pakistan conflict. Additionally, the episode discusses warnings from U.S. agencies about cyberattacks on the oil and gas sector, and highlights a recent interview with whistleblower Daniel Brules about security lapses at the National Labor Relations Board. 00:00 Introduction and Overview 00:33 Venom Spider Targets HR Professionals 02:12 Fake AI Video Generators and Noodlofile Malware 03:41 Misinformation Amid India-Pakistan Conflict 05:40 US Oil and Gas Infrastructure Under Threat 07:22 Conclusion and Final Thoughts
“Bad actors are weaponizing AI faster than governments and enterprises are using AI to combat it.” New data shows that more than half of all internet traffic comes from bots, and a third of those bots have malicious intent. Koat.ai co-founder Connor Ross joins to discuss the impact of the disinformation and defamation campaigns these bots run, how governments and enterprises are unprepared for this AI-driven explosion, and why the social networks are doing nothing to stop it. The BetaKit Podcast is presented by OVHcloud, the global cloud provider trusted by innovators worldwide. OVHcloud offers transparent, sovereign cloud solutions designed to help you build on your own terms—without vendor lock-in or hidden fees. With over 80 services available, you can build and scale your infrastructure confidently, knowing your data is hosted in Canada and supported by 44 data centres globally. Visit ovhcloud.com to get started with trusted cloud built for scale. Related links: 2025 bad bot report Cyber Threats to Canada's Democratic Process: 2025 Update
According to officials, the Defense Department's Cybersecurity Maturity Model Certification (CMMC) program is a national secutity imperative to protect intellectual property and maintain an American competitive advantage in defense technology. At AFCEA TechNet 2025 in Baltimore, Katie Arrington, performing the duties of the DOD CIO, says CMMC needs to adapt dynamically to evolving cyber threats. With evolving tech like AI and quantum, acquisition rules need to adjust to evolving technologies while maintaining security standards. Arrington says that the Defense Department needs to continue to streamline cyber requirements through required standards, guidance and executive orders. She also discusses the need for a cultural shift towards continuous cybersecurity, the new Software Fast Track Initiative and baking cybersecurity into all DOD functions.
In the second instalment in our Expert Insights series on cyber threats and security for 2025, we are joined once again by Obika Gellineau, of Fujitsu Caribbean. During this conversation, Obika shares his thoughts on, among other things: * the changes in the threat landscape that have occurred since our last conversation in 2024; * the cybersecurity job market and the expertise that is being demanded; * the link between digital sovereignty and cybersecurity; and * three things organisations should be doing in 2025 to improve their network/IT security. The episode, show notes and links to some of the things mentioned during the episode can be found on the ICT Pulse Podcast Page (www.ict-pulse.com/category/podcast/) Enjoyed the episode? Do rate the show and leave us a review! Also, connect with us on: Facebook – https://www.facebook.com/ICTPulse/ Instagram – https://www.instagram.com/ictpulse/ Twitter – https://twitter.com/ICTPulse LinkedIn – https://www.linkedin.com/company/3745954/admin/ Join our mailing list: http://eepurl.com/qnUtj Music credit: The Last Word (Oui Ma Chérie), by Andy Narrell Podcast editing support: Mayra Bonilla Lopez ----------------
Forecast = Cloudy with a chance of zero-days-watch for Spellbinder storms and scattered Git leaks! On this episode of Storm⚡️Watch, the crew dives into the fast-moving world of vulnerability tracking and threat intelligence, spotlighting how defenders are moving beyond the traditional CVE system to keep pace with real-world attacks. The show kicks off with a look at the latest listener poll, always a source of lively debate, before jumping into some of the most pressing cybersecurity stories of the week. A major focus of this episode is the recent revelation that a China-aligned APT group, dubbed TheWizards, is using a tool called Spellbinder to abuse IPv6 SLAAC for adversary-in-the-middle attacks. This technique lets attackers move laterally through networks by hijacking software update mechanisms-specifically targeting popular Chinese applications like Sogou Pinyin and Tencent QQ-to deliver malicious payloads such as the modular WizardNet backdoor. The crew unpacks how this approach leverages IPv6's stateless address autoconfiguration to intercept and redirect legitimate traffic, underscoring the evolving sophistication of lateral movement techniques in targeted campaigns. The episode then turns to Google's 2024 zero-day exploitation analysis, which reports a drop in the total number of zero-days exploited compared to last year but highlights a worrying shift: attackers are increasingly targeting enterprise products and infrastructure. Microsoft, Ivanti, Palo Alto Networks, and Cisco are among the most targeted vendors, with nearly half of all zero-day exploits now aimed at enterprise systems and network appliances. The discussion covers how attackers are chaining vulnerabilities for more impactful breaches and why defenders need to be vigilant as threat actors pivot to harder-to-monitor enterprise environments. Censys is in the spotlight for its recent research and tooling, including a new Ports & Protocols Dashboard that gives organizations granular visibility into their attack surface across all ports and protocols. This helps teams quickly spot risky exposures and misconfigurations, making it easier to prioritize remediation efforts and automate alerting for high-risk assets. The crew also highlights Censys's collaborative work on botnet hunting and their ongoing push to retire stale threat indicators, all of which are reshaping proactive defense strategies. runZero's latest insights emphasize the importance of prioritizing risks at the asset stack level, not just by CVE. The crew explains how misconfigurations, outdated software, and weak network segmentation can create stacked risks that traditional scanners might miss, urging listeners to adopt a more holistic approach to asset management and vulnerability prioritization. Rounding out the episode, GreyNoise shares new research on a dramatic spike in scanning for Ivanti Connect Secure VPNs and a surge in crawling activity targeting Git configuration files. These trends highlight the persistent risk of codebase exposure and the critical need to secure developer infrastructure, as exposed Git configs can lead to the leak of sensitive credentials and even entire codebases. As always, the show wraps up with some final thoughts and goodbyes, leaving listeners with actionable insights and a reminder to stay vigilant in the face of rapidly evolving cyber threats. If you have questions or want to hear more about any of these topics, let us know-what's on your mind this week? Storm Watch Homepage >> Learn more about GreyNoise >>
We're going to dive deep today into today's episode: Everyday Cyber Threats to Nuclear Attacks | Episode 277From your smart toothbrush spying on you, to ransomware gangs filing lawsuits (yes, really), to the terrifying possibility of digital warfare going nuclear—this episode dives into the chaos of our connected world. Tune in as we unpack cyber threats lurking in everyday gadgets, explore real-life attack stories (including hacked casinos and cupcake terrorism), and share tips from Tina Ginn's hilarious yet practical guide From Hacked Cars to Cyber Attacks.If you think your coffee machine is just brewing lattes—you're not paranoid enough.
In this episode of Security Matters, host David Puner, dives into the world of evolving cyberthreats with Bryan Murphy, Senior Director of CyberArk's Incident Response Team. Imagine a scenario where an attacker uses AI-generated deepfakes to impersonate your company's VP of finance, gaining unauthorized access to your environment. Bryan Murphy shares insights on how these sophisticated attacks are turning identity into the attack surface and why your first line of defense might be as simple as a video call. Learn about the latest trends in social engineering, credential tiering and the importance of visual verification in incident response. Don't miss this eye-opening discussion on how to protect your organization from the ever-evolving threat landscape.
Fluent Fiction - Swedish: Spring Showdown: Triumph Over Cyber Threats in Stockholm Startup Find the full episode transcript, vocabulary words, and more:fluentfiction.com/sv/episode/2025-04-29-22-34-02-sv Story Transcript:Sv: Det var en livlig vårdag på startup-inkubatorn i Stockholm.En: It was a lively spring day at the startup incubator in Stockholm.Sv: Solen sken genom de stora fönstren och fyllde lokalen med ljus.En: The sun shone through the large windows, filling the space with light.Sv: Man kunde nästan känna doften av blommande körsbärsträd från den närliggande parken, där folk började förbereda sig för Valborgsmässoafton.En: You could almost smell the blooming cherry trees from the nearby park, where people were starting to prepare for Valborgsmässoafton.Sv: Inne i inkubatorn satt Emil framför sin laptop.En: Inside the incubator, Emil sat in front of his laptop.Sv: Han såg på sin skärm med bekymrad min.En: He looked at his screen with a worried expression.Sv: "Kanske denna gång," mumlade han för sig själv.En: "Maybe this time," he muttered to himself.Sv: Hans produktlansering närmade sig snabbt och han visste att investerarna skulle vara där.En: His product launch was approaching quickly, and he knew the investors would be there.Sv: Han behövde detta att gå smidigt.En: He needed everything to go smoothly.Sv: Bredvid i samma kontorslandskap arbetade Karin, inkubatorns säkerhetsexpert.En: Nearby, in the same office landscape, Karin, the incubator's security expert, was working.Sv: Hon hade lagt märke till de oregelbundna dataintrången.En: She had noticed the irregular data breaches.Sv: "Emil," sa hon och gick fram till hans skrivbord.En: "Emil," she said, approaching his desk.Sv: "Din startup har flera säkerhetsproblem.En: "Your startup has several security issues.Sv: Vi måste lösa det."En: We need to solve them."Sv: Emil suckade.En: Emil sighed.Sv: Han ville inte ha hjälp.En: He didn't want help.Sv: Men situationen blev värre.En: But the situation was worsening.Sv: Andra startups hade börjat få problem, och det skapades en känsla av stress och misstro.En: Other startups had started to experience problems, creating a sense of stress and mistrust.Sv: "Okej, vad kan vi göra?"En: "Okay, what can we do?"Sv: frågade han till slut.En: he finally asked.Sv: Karin visade Emil hur de kunde förstärka skyddet.En: Karin showed Emil how they could strengthen the protection.Sv: Men mitt i allt fann hon något underligt.En: But in the middle of everything, she found something strange.Sv: En dold enhet bland sladdarna under bordet.En: A hidden device among the cords under the desk.Sv: "Den här orsakar attackerna," sa hon skyggt men bestämt.En: "This is causing the attacks," she said shyly but firmly.Sv: Emil och Karin visste att de hade begränsad tid.En: Emil and Karin knew they had limited time.Sv: Valborgsnatten närmade sig och alla väntade sig att produkterna skulle visas.En: Valborg night was approaching, and everyone expected the products to be showcased.Sv: De arbetade snabbt för att stänga ner enheten innan den kunde göra mer skada.En: They worked quickly to shut down the device before it could cause more damage.Sv: Svetten pärlade på deras pannor.En: Sweat beaded on their foreheads.Sv: Till slut, precis när elden från Valborg firandet började tändas utanför, lyckades de.En: Finally, just as the fires from the Valborg celebration were being lit outside, they succeeded.Sv: "Vi klarade det!"En: "We did it!"Sv: ropade Emil glatt och kände en stor lättnad skölja över sig.En: Emil shouted joyfully, feeling a huge relief wash over him.Sv: Nästa dag gick hans produktlansering som planerat.En: The next day, his product launch went as planned.Sv: Investorerna var imponerade.En: The investors were impressed.Sv: Emil vände sig till Karin och sa, "Tack, jag kunde inte ha gjort det utan dig."En: Emil turned to Karin and said, "Thank you, I couldn't have done it without you."Sv: Karin log.En: Karin smiled.Sv: Inkubatorn erkände nu hennes värdefulla arbete.En: The incubator now recognized her valuable work.Sv: Hon kände sig både uppskattad och säker i sin roll.En: She felt both appreciated and secure in her role.Sv: Emil hade lärt sig en ovärderlig lärdom om samarbete och Karin om sin egen styrka.En: Emil had learned an invaluable lesson about collaboration and Karin about her own strength.Sv: Inkubatorn återhämtade sig snabbt från attackerna och livet där fortsatte, fyllt av nya möjligheter och vårens skaparglädje.En: The incubator quickly recovered from the attacks, and life there continued, filled with new opportunities and the creative joy of spring. Vocabulary Words:lively: livligincubator: inkubatorblooming: blommandeworried: bekymradexpression: minapproaching: närmade sigirregular: oregelbundnabreaches: dataintrångensecurity: säkerhetissues: problemstrengthen: förstärkaprotection: skyddetdevice: enhetcords: sladdarnasituation: situationworsening: blev värrecollaboration: samarbetevaluable: värdefullaappreciated: uppskattadunexpected: oväntadjoy: glädjeprepared: förbereda siglaunch: lanseringinvestors: investeraresmoothly: smidigtmistrust: misstroshy: skyggtfirmly: bestämtlimited: begränsadrelief: lättnad
Michael Riemer, the senior vice president of the network security group and field CISO at Ivanti, said ‘secure by design' is more important than ever.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Dive deep into the world of cybersecurity with Dr. John Reese, founder and CEO, and Michael Avari, CIO of Titanium Secure. Learn why quantum-resistant encryption has become crucial in an era of Chinese cyber threats and big tech data harvesting. Key Topics: 1) The birth of Titanium Secure: Discover how Reese's unique path from dentistry to cybersecurity led to his founding a secure communications platform 2) Why Parler's deplatforming in 2020 signaled a need for independent secure communications 3) The Chinese threat: Recent telecom infiltrations and infrastructure targeting 4) Quantum computing explained: Why current encryption is vulnerable and how Titanium Secure is resistant 5) Beyond Big Tech: Why free services like WhatsApp and Telegram come with hidden costs 6) Real-world uses: From real estate transactions to sensitive government communications Titanium Secure is available across all major platforms including Windows, Mac, Android, iOS, and Linux, and can be accessed through its website or downloaded from Apple and Google Play app stores. Pricing starts at $6/month for individuals, with enterprise and temporary subscription options. Guest Bios: Dr. John Reese: Former dentist turned tech entrepreneur who founded Titanium Secure after identifying critical gaps in conservative communication security Michael Avari: Former CISO with deep tech background, now CIO of Titanium Secure, bringing expertise in quantum-resistant encryption Resources: Visit https://www.TitaniumSecure.io for more information Download from the Apple or Google Play app stores The Daily Signal cannot continue to tell stories, like this one, without the support of our viewers: https://secured.dailysignal.com/ Learn more about your ad choices. Visit megaphone.fm/adchoices
Co-hosts Kat Garbis and Sean Rabbitt are joined by Suraj Mohandas (Vice President of Product Strategy), Emily McRoberts-Froese (Sr. Education Leadership Executive), and John Wetter (Director of Technology & Information Services Hopkins Public Schools) to discuss the current landscape for admins supporting K-12 . Meet John Wetter, an IT Professional, Jamf customer, and public speaker out of Minneapolis, joins the Jamf team to discuss the current changes and evolution of supporting K-12, including security, privacy, budget, AI initiatives and more. The team leans on Wetter's experience to understand how they are navigating cyber and physical threats in K-12 schools, best practices in identity, if AI has a place in education, and advice to other IT professionals in the K-12 space.
Podcast: Industrial Cybersecurity InsiderEpisode: Cyber Threats, China, and the Global Wake-Up CallPub date: 2025-04-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino and Craig address the recent acknowledgment by China of their role in U.S. infrastructure hacks. They explore the urgent cybersecurity challenges facing industrial environments. With rising geopolitical tensions, tariffs, the push to bring more manufacturing back to the U.S. and increasing attacks on critical infrastructure, the stakes have never been higher. From end-of-life PLCs still running core operations, to the disconnect between IT and OT leadership, this conversation identifies the systemic gaps leaving industrial operations exposed. They outline the pressing need for visibility, actionable incident response plans, and a cultural shift toward collaboration across the stack, from plant floor to the boardroom. Whether you're a CISO or an operations lead, this episode offers real-world insights, battle-tested perspectives, and one clear takeaway: in cybersecurity, doing nothing is no longer an option.Chapters:00:00:00 - Kicking Off: Why IT-OT Unity Isn't Optional Anymore00:01:17 - Cyber Threats, China, and the Global Wake-Up Call00:02:16 - CISA's New Role: From Background Player to OT Ally00:05:32 - Still Separate, Still Vulnerable: Why IT & OT Must Sync Up00:09:48 - Blind Spots Kill: Why Visibility Is the Real MVP00:10:43 - Remote Access Realities and the Myth of the Air Gap00:20:29 - Crisis Mode: Are You Ready for the Worst?00:23:50 - Dino & Craig's Parting Shot: Do Something - NowLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Zendesk has made a significant shift in its pricing model by moving away from traditional seat licenses to an outcome-based pricing structure. This change, articulated by CEO Tom Eggemeier, means that customers will only pay when an AI agent successfully resolves a business problem. This approach aligns with a broader industry trend towards consumption-based pricing, where costs are directly linked to the value delivered rather than the number of licenses or usage. As organizations increasingly adopt AI technologies, this model could reshape the software landscape, pushing providers to rethink their value propositions and focus on delivering tangible business outcomes.The Cybersecurity and Infrastructure Security Agency (CISA) is facing challenges as two high-ranking officials resign amid budget cuts that threaten to reduce its workforce by nearly 40%. The agency's Secure by Design initiative, aimed at enhancing software security, may be impacted by these changes, raising concerns about the future of national cybersecurity efforts. Additionally, CISA has halted the use of certain threat-hunting tools, which could further hinder its ability to address cyber threats effectively. The situation highlights the critical need for managed service providers (MSPs) to adapt their business models to incorporate security measures that align with evolving regulatory and customer demands.Kaseya and other companies are introducing AI-driven tools designed to enhance IT management and cybersecurity for managed service providers. Kaseya's Spring 2025 release includes features that automate workflows and improve user experience, while Cork Protection has launched a tool to help MSPs quickly assess cyber insurance policies. These innovations reflect a growing trend in the industry to leverage AI for operational efficiency and improved service delivery. As MSPs adopt these technologies, they can better position themselves to meet client needs and navigate the complexities of cybersecurity.OpenAI has partnered with The Washington Post to enable ChatGPT to summarize and link to the newspaper's reporting, marking a significant development in the relationship between AI and journalism. This collaboration aims to enhance the quality of information provided to users while raising questions about copyright and the reliability of AI-generated content. Despite OpenAI's advancements in research capabilities, concerns remain about the accuracy of AI in complex tasks. The partnership underscores the ongoing tension between the demand for high-quality information and the challenges of integrating AI into content creation and dissemination. Four things to know today 00:00 Zendesk Drops Per-User Pricing—Now It's Pay When AI Gets the Job Done03:56 Cyber Shakeup: CISA Faces Staff Exodus and Tool Loss While Pentagon Tightens Software Security Standards06:52 From Cyber Orchestration to Frontline AI: New Releases Highlight MSP-Centric Innovation Across the Ecosystem10:35 As OpenAI Partners with Major Newsrooms, Benchmark Reveals Deep Research Still Struggles with Accuracy Supported by: https://timezest.com/mspradio/ https://www.huntress.com/mspradio/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
042225 2nd HR Key Addition To 1st HR and Cyber Threats Who Is Really Behind Them WOW by Kate Dalley
Forecast = Prepare for scattered CVEs, rising bot storms, and real-time threat lightning. Keep your digital umbrellas handy! On this episode of Storm⚡️Watch, we're breaking down the latest shifts in the vulnerability tracking landscape, starting with the ongoing turbulence in the CVE program. As the MITRE-run CVE system faces funding uncertainty and a potential transition to nonprofit status, the global security community is rapidly adapting. New standards and databases are emerging to fill the gaps—Europe's ENISA is rolling out the EU Vulnerability Database to ensure regional control, while China continues to operate its own state-mandated systems. Meanwhile, the CVE ecosystem's chronic delays and the NVD's new “Deferred” status for tens of thousands of older vulnerabilities are pushing teams to look elsewhere for timely, enriched vulnerability data. Open-source projects like OSV.dev and commercial players such as VulnCheck and Snyk are stepping up, offering real-time enrichment, exploit intelligence, and predictive scoring to help organizations prioritize what matters most. The result is a fragmented but innovative patchwork of regional, decentralized, open-source, and commercial solutions, with hybrid approaches quickly becoming the norm for defenders worldwide. We're also diving into Imperva's 2024 Bad Bot Report, which reveals that nearly a third of all internet traffic last year came from malicious bots. These bots are getting more sophisticated—using residential proxies, mimicking human behavior, and bypassing traditional defenses. The report highlights a surge in account takeover attacks and shows that industries like entertainment and retail are especially hard hit, with bot traffic now outpacing human visitors in some sectors. The rise of simple bots, fueled by easy-to-use AI tools, is reshaping the threat landscape, while advanced and evasive bots continue to challenge even the best detection systems. On the threat intelligence front, GreyNoise has just launched its Global Observation Grid—now the largest deception sensor network in the world, with thousands of sensors in over 80 countries. This expansion enables real-time, verifiable intelligence on internet scanning and exploitation, helping defenders cut through the noise and focus on the threats that matter. GreyNoise's latest research shows attackers are exploiting vulnerabilities within hours of disclosure, with a significant portion of attacks targeting legacy flaws from years past. Their data-driven insights are empowering security teams to prioritize patching and response based on what's actually being exploited in the wild, not just theoretical risk. We're also spotlighting Censys and its tools for tracking botnets and advanced threats, including collaborative projects with GreyNoise and CursorAI. Their automated infrastructure mapping and pivoting capabilities are helping researchers quickly identify related malicious hosts and uncover the infrastructure behind large-scale attacks. Finally, VulnCheck continues to bridge the gap during the CVE program's uncertainty, offering autonomous enrichment, real-time exploit tracking, and comprehensive coverage—including for CVEs that NVD has deprioritized. Their Known Exploited Vulnerabilities catalog and enhanced NVD++ service are giving defenders a broader, faster view of the threat landscape, often surfacing critical exploitation activity weeks before it's reflected in official government feeds. As the vulnerability management ecosystem splinters and evolves, organizations are being forced to rethink their strategies—embracing a mix of regional, open-source, and commercial intelligence to maintain visibility and stay ahead of attackers. The days of relying on a single source of truth for vulnerability data are over, and the future is all about agility, automation, and real-time insight. Storm Watch Homepage >> Learn more about GreyNoise >>
AI and cloud-based tools are transforming the modern workplace, but they also introduce new cybersecurity risks—from AI-powered phishing scams to the complexities of securing third-party AI services. In this episode of TechTalk, we speak with Vincent Garnier-Salvi, Cybersecurity Senior Manager at PwC Luxembourg, and Aleksandrina Kovacheva, an IT specialist with over nine years of experience in the public and private sectors. Together, we explore the key security risks of AI-driven workplace solutions—and how organisations can protect their data, prevent cyber threats, and navigate evolving regulations.
LevelBlue's latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they're accelerating. In this episode of ITSPmagazine's Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.Phishing as a Service and the Surge in Email CompromisesOne of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.Malware Is Smarter, Simpler—and It's Spreading FastMalware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.Ransomware: Faster and More Automated Than EverThe speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.Why This Report MattersRather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue's next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/ResourcesDownload the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdpLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
In this episode, Mark Ledlow and Chuck Andrews discuss various topics including the economic growth in Texas, cultural differences across states, and the significance of diversifying business portfolios. The conversation touches on Chuck's experiences in law enforcement and the security industry, the evolving work ethic in younger generations, and the importance of mental toughness. They also discuss the challenges of organizing large events like Texas Night during hurricane season, the increase in school shootings versus domestic terrorism, and strategies for staying informed and proactive in an ever-changing business landscape. Tune in to gain insights from industry leaders and to understand what it takes to remain fearless amid adversity.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSEconomic Growth in Texas: Discussion on the migration of financial and tech companies to Texas, contributing to its growing economy.Cultural Differences: Exploration of cultural contrasts between Texas and other states like California and New York.Relocating and Adapting: Emphasis on the importance of embracing new cultures and adapting to different environmentsWork Ethic: Reflection on the changing work ethic among younger generations compared to older ones.Diverse Experiences: Value of having diverse experiences, from law enforcement to business, in shaping a well-rounded career.School Safety and Behavior: Importance of focusing on the behavioral aspects of students to prevent school shootings, rather than just increasing security hardware.AI and Information Verification: Necessity of verifying sources in the age of AI to avoid being misled.QUOTES"Texas does remain the friendliest state in the United States.""Business is simple. Humans are simple. You just gotta take your time getting to know people.""Focus on the kids in terms of that. Invest in counseling and literally having the kids involve themselves.""With AI, you're gonna be fooled in a very big way. Big decisions are gonna be made and you'll have no idea what's going on.""Treat life in a more meaningful way; build trust and all that good stuff comes. Just gotta be patient. Play the long game."Get to know more about Charles "CHUCK" Andrews through the link below. https://www.linkedin.com/in/charlesandrewscpp/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.
Explore actionable strategies for building a robust cyber resilience posture in this insightful episode. From strengthening defenses to improving recovery agility and anticipating future cybersecurity trends, this conversation delivers practical insights to help you stay a step ahead in protecting your digital landscape.
Forecast = Scattered exploits, Mirai storms brewing, and rogue drones dropping malware over Russia. Keep your firewalls up—a vulnerability front is rolling in fast! On this episode of Storm⚡️Watch, we're bringing you a packed episode that covers the latest in cyber threat intelligence, industry news, and a few stories you won't want to miss. We kick things off with our usual round of introductions and a quick look at the cyber weather, setting the stage for what's happening across the threat landscape. In our first segment, Tod shares his wrap-up from VulnCon 2025, highlighting the key takeaways and emerging trends from this year's conference. From new vulnerability research to the latest in exploit techniques, Tod breaks down what security professionals need to know and what's likely to shape the industry in the coming months. Next up, we sit down with Tracy Z. Maleeff, better known as InfosecSherpa, for an interview that traces her journey from librarian to cybersecurity professional. Tracy shares insights on career pivots, the importance of information literacy in security, and her ongoing work to make the field more accessible. Her story is a must-listen for anyone considering a move into cyber or looking for inspiration from someone who's successfully navigated the transition. We then turn our attention to a headline-grabbing story out of Ukraine, where reports indicate that drones sent into Russian territory are not just for surveillance or kinetic impact—they're also carrying malware designed to infect military systems if captured. This blend of physical and cyber warfare is a stark reminder of how modern conflicts are increasingly fought on multiple fronts, with digital payloads now as critical as traditional munitions. If we need to fill a little extra time, we'll explore some of the more bizarre aspects of hybrid warfare, including reports of weaponized consumer goods—think exploding sex toys and cosmetics—being used as part of psychological and disruption campaigns targeting the West. It's a strange new world where almost anything can be turned into a tool of conflict. We also spotlight recent research from Censys on the Salt Typhoon attacks, which underscore the need for advanced defenses as attackers continue to exploit edge devices and cloud infrastructure. Their findings highlight the importance of proactive monitoring and rapid response to emerging threats. On the GreyNoise front, we've observed a threefold surge in exploitation attempts targeting TVT DVRs, likely linked to Mirai botnet activity. This uptick is a clear signal that attackers are constantly scanning for vulnerable devices to conscript into their botnets, and it's a reminder for defenders to stay vigilant and patch exposed systems. As always, we wrap up with a round of goodbyes and a reminder to subscribe for more insights, interviews, and real-time threat intelligence. Thanks for tuning in to Storm⚡️Watch—where we keep you ahead of the cyber storms. Storm Watch Homepage >> Learn more about GreyNoise >>
summaryIn this episode of No Password Required, host Jack Clabby and guest Trevor Hillegas discuss various aspects of cybersecurity, including the transition from military service to the private sector, the importance of leadership in tech, and the misconceptions surrounding cyber threats. Trevor shares insights from his career, emphasizing the need for a proactive approach to cybersecurity and the value of empowering teams to innovate and learn from failures. In this engaging conversation, the speakers delve into memorable experiences in cybersecurity, including impactful interactions and the importance of sharing knowledge. They explore personal preferences through a fun lifestyle polygraph segment, discussing walk-up songs, breakfast favorites, and nerd culture. The conversation also touches on the lighter side of cybersecurity with prank calls and the dynamics of building an escape room team. The episode concludes with contact information and an invitation to connect further.takeawaysTrevor emphasizes the importance of metaphors in understanding cybersecurity.The public often fears sophisticated threats while ignoring more common dangers.Leadership in cybersecurity should focus on empowering teams rather than micromanaging.A proactive approach in cybersecurity can prevent victimization before it occurs.Technical leaders should understand core concepts to effectively guide their teams.Misconceptions about cyber criminals often stem from Hollywood portrayals.The military experience can significantly shape leadership styles in tech.Daily life in cybersecurity involves constant learning and adaptation.Sophistication in cyber threats does not always correlate with success.Cybersecurity is about both fighting threats and fortifying defenses. Memorable interactions can lead to impactful collaborations in cybersecurity.Sharing knowledge can help mitigate cyber threats effectively.Personal preferences can reveal a lot about an individual's character.Walk-up songs can reflect one's personality and professional identity.Breakfast choices can be a blend of cultural influences and personal tastes.Building a team for an escape room requires diverse skills and personalities.Nerd culture can foster connections and shared interests among individuals.Prank calls can be a humorous way to engage with public figures.Culinary competitions highlight the absurdity of turning survival into entertainment.Networking in cybersecurity can lead to unexpected opportunities.titlesCybersecurity Connections: Memorable MomentsThe Lifestyle Polygraph: Fun and InsightsWalk-Up Songs: A Reflection of IdentityBreakfast Favorites: A Culinary JourneySound Bites"Tell them what needs to get done.""Empower your people to fail.""We can stop that identity theft.""I was in Europe giving a talk.""I sent him everything that we had.""I would get Jack Sparrow.""I love Star Wars.""I would call Gordon Ramsey."Chapters00:00 Introduction to Cybersecurity Insights02:54 Career Path and Unexpected Experiences05:55 Transitioning from Military to Cybersecurity09:07 Daily Life at Spy Cloud12:12 Leadership Philosophy and Management Style14:53 The Nature of Cyber Threats17:50 Technical Skills in Leadership20:52 Misconceptions About Cyber Criminals25:32 Memorable Cybersecurity Interactions28:12 Lifestyle Polygraph Introduction28:35 Walk-Up Songs and Personal Preferences32:07 Breakfast Favorites and Culinary Influences34:40 Building the Ultimate Escape Room Team37:36 Nerd Culture and Personal Interests39:02 Prank Calls and Culinary Competitions41:20 Closing Thoughts and Contact Information
In a stunning revelation reported by The Wall Street Journal, Chinese officials allegedly admitted in a secret meeting to years of cyberattacks on critical U.S. infrastructure — from ports and airports to nuclear facilities. Tied to tensions over Taiwan, the confession paints a chilling picture of strategic digital warfare. As Trump ramps up tariffs and boots out compromised officials, new questions emerge: Is the Biden administration turning a blind eye? And just how deep does China's influence in Washington really go?
Forecast: Patchy with a 32% backlog surge, CVE squalls causing auth bypass showers, and Lazarus fronts looming—keep your threat umbrellas handy!"
In this episode, we discussed leadership tips for managing cyber threats in business with John D. Marvin, the President and CEO of Texas State Optical. With over two decades of experience growing TSO into a top 10 retail optical organization in the U.S. John shared invaluable insights on risk management, cybersecurity, and building a successful franchise network. He delved into the importance of customer-centric leadership, robust cybersecurity protocols, and the risks of operational vulnerabilities like website integrations and data breaches. If you're a Chief Risk Officer, business leader, or interested in sustainability and cybersecurity, this episode is packed with actionable strategies to protect your business assets. John also emphasized the role of ongoing training, compliance with federal privacy laws, and the need for proactive measures to prevent ransomware threats. If you want to be our guest or suggest a guest, send your email to info@globalriskconsult.com with the subject line "Podcast Guest Inquiry." Stay tuned for more expert discussions on risk management and cybersecurity.
From the integrities of the human workforce embracing enhancing soft skills over hard skills in the enterprise tech space to the adoption of artificial intelligence (AI) agents in customer service, this conversation covers it all. In this episode of the Tech Transformed podcast, Shubhangi Dua speaks with Nikhil Nandagopal, co-founder and CPO of Appsmith, about the metamorphological impact of AI agents in the workplace. He particularly emphasises the need for organisations to hone in on the advancing capabilities of agentic AI while still maintaining a focus on human collaboration and security. TakeawaysAI agents are autonomous entities designed to achieve specific goals.The centralisation of data through AI agents simplifies workflows.Conversational interfaces are becoming the norm for accessing information.Humans remain integral to AI workflows, acting as moderators.Job roles will evolve, requiring new skills and adaptability.Critical thinking is essential when interacting with AI outputs.Cybersecurity is a major concern with centralised AI systems.Self-hosting AI solutions can mitigate cybersecurity risks.The future of work will reward soft skills over hard skillsChapters00:00 Introduction to AI Agents and Their Impact03:34 The Shift Towards Conversational Interfaces05:07 Assisted Workflows and Human-AI Collaboration10:05 Job Market Evolution in the Age of AI13:23 Critical Thinking in the Age of AI15:29 Cybersecurity Concerns with AI20:31 Preparing for Cyber Threats in AI Systems22:51 The Future of AI Agents in the Workplace
In this episode, Mark Ledlow and Chuck Andrews, a renowned figure in the security industry known for his extensive global network and profound insights. Chuck shares his journey of building qualitative relationships, his strategies for managing a substantial LinkedIn following, and his future endeavors including a book tour across Europe. The discussion also delves into the challenges and opportunities in the security business, emphasizing the importance of trust and consistent relationship maintenance. Moreover, Chuck touches on issues like the impact of AI on business, geopolitical concerns, and the future of private equity in the industry. The episode is a rich blend of professional advice, personal anecdotes, and strategic insights pivotal for anyone looking to thrive in the security and business landscape.Learn about all this and more in this episode of The Fearless Mindset Podcast.KEY TAKEAWAYSAdversity Management: Insights into how business leaders handle challenges and adversity.Business Optimism: There's a noticeable sense of optimism in the business community, particularly in Texas.Quality vs. Quantity in Networking: The importance of building quality relationships rather than focusing on the number of connections.Trust and Relationships: Trust is the cornerstone of effective business relationships and must be maintained through consistency and integrity.Importance of Adaptability: The need to adapt business strategies in response to changing environments and tech advancements.Upcoming Events: Details on Chuck's book tour and the impactful events he is organizing, including a cruise focused on networking.QUOTES"You ain't seen nothing yet. The next four years is gonna be a Yee-haw version to the 10th power, you watch!""Maintenance of relationships...that's where the work begins.""It's better not to own boats, planes, and trains, but it's better to have friends who have boats, planes, and trains.""Get shit done. Everybody likes to get shit done.""Trust is earned in this business. People are watching you, they're vetting you, even when they're not talking to you.""AI is going to be the biggest investment space.""You will not be able to discern the difference between fact and fiction, right and wrong...that's how dangerous artificial intelligence can be."Get to know more about Charles "CHUCK" Andrews through the link below.https://www.linkedin.com/in/charlesandrewscpp/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google Podcasts, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.
➡️ Like The Podcast? Leave A Rating: https://ratethispodcast.com/successstory In this "Lessons" episode, Theresa Payton, former White House CIO, shares how predictable human behavior creates vulnerabilities in cybersecurity and why conventional defenses often fall short. Learn why routine security measures are exploited by sophisticated social engineering and how designing innovative, personalized protocols can disrupt attackers and strengthen digital defenses. ➡️ Show Linkshttps://successstorypodcast.com YouTube: https://youtu.be/bH8DwhGUg0cApple: https://podcasts.apple.com/us/podcast/theresa-payton-cybersecurity-expert-author-former-white/id1484783544Spotify: https://open.spotify.com/episode/5DLZKqN89CTRVXW2Hi3Pq5➡️ Watch the Podcast on YouTubehttps://www.youtube.com/c/scottdclary
Today, we're going over your questions. You guys had some follow-ups about my stalker, Timothy C., and I'll be giving you a few more details on that situation. We're also unpacking the RFK Jr. sex scandal—what's real, what's spin, and what it all means. Plus, the government's leaked text messages have been making waves, and I'll be breaking down what they reveal and why you should (and shouldn't) care.—https://policecoffee.com/?gad_source=1&gbraid=0AAAAACG7qmI1dmMkruwgp8vA8w0oECKla&gclid=Cj0KCQjwtJ6_BhDWARIsAGanmKfdkRQ1M1sighZQ-PGpEpsCjrZ8fCigidnvH55bfBUNMa56-yoy_A8aAv34EALw_wcB—https://open.spotify.com/episode/7CcmZWvQEaLTQAQRAFy2BQ?si=FgeO4b9QSi-5eB2cqX2XHw
Roman Arutyunov is the Co-founder and SVP of Products at Xage Security, a Series B startup focused on protecting critical infrastructure—including energy systems—from cyber threats. Xage is backed by investors like Chevron Technology Ventures, Aramco, Piva Capital, Valor Equity Partners, and Overture.Cybersecurity is a growing concern as our energy systems become more distributed, electrified, and digitally connected. We spoke with Roman about the vulnerabilities in today's infrastructure, the motivations behind cyberattacks, and how the rise of AI is changing the cybersecurity landscape.In this episode, we cover: [2:11] Introduction to Xage Security[3:12] Cybersecurity 101: Ransomware, nation-state threats, and attacker motivations[7:10] Operational tech (OT) vs. information tech (IT)[13:29] Xage's Zero Trust security approach[15:45] Customer segments and differing security challenges[20:47] Navigating regulations vs. fast deployment timelines[23:40] How AI is shaping both threats and defenses[28:00] When multifactor authentication becomes a vulnerability[31:59] Real-world cyberattacks on energy systems[34:10] Xage's funding history and growth trajectoryEpisode recorded on Feb 20, 2025 (Published on Mar 26, 2025) Enjoyed this episode? Please leave us a review! Share feedback or suggest future topics and guests at info@mcj.vc.Connect with MCJ:Cody Simms on LinkedInVisit mcj.vcSubscribe to the MCJ Newsletter*Editing and post-production work for this episode was provided by The Podcast Consultant
The European Union Agency for Cybersecurity (ENISA) has released a new report on the threat landscape in space. Sateliot has received a €13.8 million investment from the Spanish Society for Technological Transformation. Sierra Space and Yuri have signed an agreement for a new space-based medical research mission, and more. Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow T-Minus on LinkedIn and Instagram. Selected Reading ENISA Space Threat Landscape 2025 Spanish government invests €13.8M in Sateliot 8 Spire-built satellites launch with OroraTech infrared cameras for wildfire detection from space Sierra Space Strengthens Partnership with Yuri to Advance Space-Based Medical Research HYLENR and TakeMe2Space to test LENR Powered Compute Modules Isar Aerospace X Update Ready for Orbit: BlueHalo Announces Breakthrough in Long-Haul Laser Communication Capabilities Airbus says it is in defence and space talks amid spending surge- Reuters NASA Statement on Nomination of Greg Autry for Agency CFO ‘Perfect space crop': Australian company to attempt to grow first mushrooms in orbit NASA's Curiosity Rover Detects Largest Organic Molecules Found on Mars T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It'll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Forecast: Cloudy with a chance of SSRF attacks. OpenAI's skies clear, but third-party wrappers bring storms. This week's episode kicks off with a poll asking listeners which virtual assistant they use—Alexa, Siri, Google Assistant, or none at all due to privacy concerns. The results give us a snapshot of how people feel about these ubiquitous technologies and their trust levels in them. We then tackle the headlines surrounding OpenAI and the alleged "attack" on its systems. While media outlets are buzzing with claims of vulnerabilities in ChatGPT, the reality is less dramatic. A third-party wrapper using OpenAI's API introduced an SSRF vulnerability that's being actively exploited. This issue highlights the risks of insecure third-party implementations rather than flaws in OpenAI's core infrastructure. It's a reminder that integrations can be a weak link in the cybersecurity chain, and we explore how this misunderstanding has fueled sensationalized reporting. Next up is a discussion on cybersecurity labeling for consumer IoT devices that have reached their End-of-Life (EOL) or End-of-Service (EOS). The idea is to inform users when their devices will no longer receive updates, but the execution is fraught with challenges. From complex software stacks to secondary markets breaking communication chains between vendors and consumers, we unpack why this labeling initiative is easier said than done. With home networks increasingly tied to employer networks, outdated IoT devices could become major security risks, especially in remote work setups. Privacy concerns take center stage as we examine Amazon's controversial decision to eliminate the "Do Not Send Voice Recordings" feature on Echo devices starting March 28, 2025. This change means all voice data will be processed in Amazon's cloud as part of its Alexa+ upgrade, which promises advanced generative AI capabilities. Critics argue this move erodes user privacy by removing local processing options entirely, raising questions about data retention and misuse. For privacy-conscious users, this might signal the end of their relationship with Echo devices. We also cover two critical vulnerabilities making waves in the cybersecurity world. First is CVE-2025-23120, a post-authentication Remote Code Execution flaw in Veeam Backup & Replication software. Exploitable by any domain user due to weak authentication measures and unsafe deserialization practices, this vulnerability underscores why blacklist-based approaches are insufficient for robust security. Then there's CVE-2025-24813, a remote code execution vulnerability affecting Apache Tomcat servers that can be exploited with just one PUT request. This attack leverages session persistence mechanisms and deserialization processes to gain full remote access without authentication—a stark reminder of how seemingly benign requests can lead to catastrophic breaches. Finally, we touch on updates from our benevolent overlords, including insights into ServiceNow vulnerabilities and upcoming events like NoiseFest at RSAC 2025. These resources continue to provide valuable intelligence for staying ahead of emerging threats in the cybersecurity landscape. Storm Watch Homepage >> Learn more about GreyNoise >>
In our latest podcast episode, we discuss the evolving landscape of cybersecurity threats, uncovering how sophisticated attacks are impacting various sectors and how organizations are responding. We begin by examining the recent Oracle Cloud breach, which has potentially exposed 6 million records, affecting over 140,000 businesses. This incident underscores the critical need for robust cloud security measures. Next, we discuss Microsoft's initiative to bolster Teams' security against phishing and cyber attacks. These enhancements aim to support overwhelmed security teams by integrating advanced protective features into the widely used collaboration platform. We also explore the shift in cyberattack readiness responsibilities to state and local governments, following an executive order from President Trump. This policy change raises questions about the preparedness of local entities to handle sophisticated cyber threats. Additionally, we highlight the increasing targeting of Mac users by hackers through sophisticated Apple ID phishing scams. This trend challenges the perception of Macs being inherently more secure and emphasizes the need for vigilance among all users. We then analyze PowerSchool's 'Trust The Hackers' response to a recent cyber incident, critiquing the approach and discussing the importance of transparency and trust in cybersecurity practices. Furthermore, we address the cyberattack on DHR Health in Texas, which has raised concerns over the security of healthcare information systems and the protection of patient data.
Today, I'm sharing something deeply personal and serious—my stalker story. For over a year, Timothy C. (we can share his full name soon if need be) has been physically stalking me, and his digital harassment goes back even further. Law enforcement is now involved, but I wanted to update you all in case anything happens to me—so there's no question about who did it. This episode isn't just about my experience; it's also about the reality of stalking, the dangers of obsession, and the importance of taking threats seriously. Stay aware, stay safe, and let's talk about it all, shall we?—https://noblegoldinvestments.com
The Escalating Cyber Threats Against K-12 Schools: Insights and Solutions In this episode of 'Cybersecurity Today,' host Jim Love discusses the rising trends and severe impacts of cyber attacks on K-12 schools with Randy Rose, VP of Security Operations and Intelligence at the Center for Internet Security (CIS). They scrutinize recent studies showing a surge in cyber threats targeting educational institutions, emphasizing the vulnerability of schools and the motives behind these attacks. The discussion covers how cyber criminals exploit budgetary information and schedules to maximize impact, the profound repercussions of ransomware attacks on school communities, and the critical need for better cybersecurity practices and support. Randy Rose shares insights from the 2025 CIS MS-ISAC K-12 Cybersecurity Report and offers practical advice on elevating security standards and fostering community resilience to protect sensitive school data from cyber threats. 00:00 Introduction to Cybersecurity in Schools 00:02 Iconic Hacking Movies and Real-Life Cyber Threats 00:41 The Seriousness of School Cybersecurity 01:10 Interview with Randy Rose: Introduction and CIS Overview 01:40 CIS's Role and Randy's Journey 03:27 Supporting Various Organizations 04:26 Challenges Faced by Schools and Local Governments 06:21 Cybersecurity Threats and Attack Patterns 09:11 Impact of Cyber Attacks on Schools 13:22 Detailed Findings from the CIS Report 19:16 Human Factor in Cybersecurity 19:29 Supply Chain and Data Security 27:13 The Role of AI in Cybersecurity 30:49 Ransomware and Its Devastating Effects 32:27 Recommendations for Improving School Cybersecurity 34:01 Conclusion and Final Thoughts
Paul Tyler and Bruno Caron welcome Deloitte's Insurance Practice leader Dan McCoach to discuss how technology is reshaping the life and annuity industry. The conversation explores four practical applications of AI delivering immediate value: automating developer workflows, enhancing back-office efficiency, streamlining document processing, and drafting complex communications. McCoach offers a fascinating perspective on how AI tools are rescuing legacy systems just as subject matter experts reach retirement age. Looking ahead, McCoach discusses DeepSeek's disruptive impact on AI economics and warns that quantum computing's arrival within 5-8 years could compromise current encryption standards. Whether you're an industry insider or technology enthusiast, this episode delivers essential insights on the digital revolution transforming insurance.
Cybersecurity for businesses is more critical than ever, with cyber threats evolving daily. In this episode, we sit down with Dylan Evans, a leading expert in cybersecurity, to break down what businesses need to know about securing their operations from internet crime, fraud, and data breaches. Whether you're a small business owner, a CEO, or an IT professional, this episode provides practical solutions to strengthen your security defenses.
According to the 2025 Cyber Incidents Insights Report, manufacturing continues to be a highly targeted sector for cybersecurity crimes. The report shows that attacks specific to manufacturing rose from 115 to 420 in 2024. Stay vigilant by learning about the rise and fragmentation of threat actors. Get tips on how to stay ahead with an impactful cybersecurity system and strategy, according to our guest, Steve Ross, director of Cybersecurity at S-RM.Sponsored By:
March 19, 2025: Troy Ament, Industry Leader for Healthcare at Palo Alto Networks Joins Drex for the News. The conversation delves into the importance of establishing relationships with law enforcement before a crisis occurs and why including them in tabletop exercises is crucial. Troy examines why threat actors deliberately target healthcare systems during weekend hours when staffing is minimal. From DDoS attacks serving as distractions to threat actors contacting board members directly, this episode provides an insider's view of today's cybersecurity landscape.Key Points:03:03 The FBI and Cyber Threats07:36 Ransomware Attack Patterns12:31 Distributed Denial of Service (DDoS) Attacks15:52 Personal and Organizational CybersecurityNews Articles:This is the FBI, open up. China's Volt Typhoon is on your networkInvestigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcementX suffered a DDoS attack. Its CEO and security researchers can't agree on who did it.Subscribe: This Week HealthTwitter: This Week HealthLinkedIn: This Week HealthDonate: Alex's Lemonade Stand: Foundation for Childhood Cancer
Kim Chandler McDonald, co-founder and CEO of 3 Steps Data and Global VP of CyAN, discusses her diverse career journey from theater to tech, emphasizing her advocacy for democratizing technology and combating technology-facilitated domestic violence. She highlights the importance of end-to-end encryption for data security and privacy. Kim shares her experiences, including interviewing global leaders and becoming an emergency forest firefighter. She advocates for proactive compliance and robust risk strategies to protect vulnerable users. SHOW NOTES 00:23 Career Journey 06:59 Advocacy and End-to-End Encryption 12:58 Technology-Facilitated Domestic Violence 26:11 CyAN's Role in Cybersecurity 28:48 Future Innovations and Recommendations
Podcast: Bites & Bytes PodcastEpisode: Cybersecurity Shouldn't Suck: Fixing the Real Problems with Tom SegoPub date: 2025-03-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhat happens when cyber threats hit critical infrastructure? In this episode of the Bites and Bytes Podcast, host Kristin Demoranville sits down with Tom Sego, a cybersecurity leader with a fascinating background from chemical engineering to Apple to professional poker, now focused on making security simpler and more effective for critical infrastructure as CEO at Blastwave. Cyber risks in critical industries are real, but so are the solutions. Kristin and Tom discuss why current security models create more problems than they solve, how the human element is often overlooked, and what needs to change to make security actually work for the people keeping our systems running.
Cybersecurity in Italy: ITASEC 2025 Recap & Future Outlook with Professor Alessandro ArmandoCybersecurity is no longer a niche topic—it's a fundamental pillar of modern society. And in Italy, ITASEC has become the go-to event for bringing together researchers, government officials, and industry leaders to tackle the biggest security challenges of our time.Although we weren't there in person this year, we're diving into everything that happened at ITASEC 2025 in this special On Location recap with Professor Alessandro Armando. As Deputy Director of the Cybersecurity National Laboratory at CINI and Chairman of the Scientific Committee of the SERICS Foundation, Alessandro has a front-row seat to the evolution of cybersecurity in Italy.This year's event, held in Bologna, showcased the growing maturity of Italy's cybersecurity landscape, featuring keynotes, technical sessions, and even hands-on experiences for the next generation of security professionals. From government regulations like DORA (Digital Operational Resilience Act) to the challenges of AI security, ITASEC 2025 covered a vast range of topics shaping the future of digital defense.One major theme? Cybersecurity as an investment, not just a cost. Italian companies are increasingly recognizing security as a competitive advantage—something that enhances trust and reputation rather than just a compliance checkbox.We also discuss the critical role of education in cybersecurity, from university initiatives to national competitions that are training the next wave of security experts. With programs like Cyber Challenge.IT, Italy is making significant strides in developing a strong cybersecurity workforce, ensuring that organizations are prepared for the evolving threat landscape.And of course, Alessandro shares a big reveal: ITASEC 2026 is heading to Sardinia! A stunning location for what promises to be another exciting edition of the conference.Join us for this insightful discussion as we reflect on where cybersecurity in Italy is today, where it's headed, and why events like ITASEC matter now more than ever.
This week, Dominic Bowen welcomes Kailyn Johnson to The International Risk Podcast for an insightful discussion on the evolving landscape of cyber threats and their impact on businesses worldwide. Together, they explore the evolving role of cyber crimes, and the risks businesses face when they neglect their software supply chain security. They also explore how cybercriminal organizations are becoming more sophisticated, the implications of democratized access to dark web tools, and why businesses must integrate geopolitical and technological awareness into their risk management frameworks.Kailyn Johnson is the Cyber Intelligence and Geopolitical Risk Lead at Sibylline, where she specializes in analyzing cyber threats within a geopolitical context. Her expertise lies in cyber risk forecasting, corporate espionage, and the intersection of cyber operations with global security. With a background in cyber threat intelligence consulting and security investigations, she has advised major corporations on mitigating risks from evolving cybercriminal tactics. Kailyn has also presented at leading cybersecurity conferences worldwide, sharing insights on the increasing accessibility of cyber tools and the challenges this poses for organizations.The International Risk Podcast is a must-listen for senior executives, board members, and risk advisors. This weekly podcast dives deep into international relations, emerging risks, and strategic opportunities. Hosted by Dominic Bowen, Head of Strategic Advisory at one of Europe's top risk consulting firms, the podcast brings together global experts to share insights and actionable strategies.Dominic's 20+ years of experience managing complex operations in high-risk environments, combined with his role as a public speaker and university lecturer, make him uniquely positioned to guide these conversations. From conflict zones to corporate boardrooms, he explores the risks shaping our world and how organisations can navigate them.The International Risk Podcast – Reducing risk by increasing knowledge. Follow us on LinkedIn for all our great updates.Tell us what you liked!
Cybersecurity Madness: Halting Operations, Google Gemini, and Fake Captchas In this episode, host Jim Love delves into controversial cybersecurity decisions and the latest trends. The US government's directive to halt offensive cyber operations against Russia sparks debate about national security. Google Gemini's new personalized services interface with users' search histories, raising privacy concerns. Additionally, there's a discussion on rising fake Captcha scams designed to install malware on users' systems. Jim also shares a real-world hacking incident involving a small utility company compromised by a Chinese state-sponsored hacking group. Tune in to explore these pressing issues and more in the world of cybersecurity. 00:00 Introduction: Has the US Government Lost Its Mind? 00:44 Controversial Cybersecurity Decisions 01:12 Expert Opinions on Cybersecurity 03:02 Google Gemini: Personalized AI Assistant 04:59 Cyber Threats to Utilities 06:53 The Rise of Fake Captchas 08:57 Conclusion and Upcoming Content
Are you aware of the three biggest cyber threats to your business? And how to safeguard against them? Our guest today is Nathan Whittacre, who is a cyber security expert and he shares with us some of the current trends with technology including some of the good trends and some of the bad trends.EPISODE SPONSOR:Go to https://porkbun.com/MultiplyYourSuccess to get a .PRO domain for only $1 for the first year at Porkbun!TODAY'S WIN-WIN:Technology is designed to be additive to your business and to your life.LINKS FROM THE EPISODE:You can visit our guest's website at: https://www.StimulusTech.comGet a copy of our guest's book here: https://www.amazon.com/CEOs-Digital-Survival-Guide-Navigating/dp/1642256307Attend our Franchise Sales Training Workshop: https://bigskyfranchiseteam.com/franchisesalestraining/If you are ready to franchise your business or take it to the next level: CLICK HERE.Connect with our guest on social:https://www.linkedin.com/in/nathanwhittacre/https://www.facebook.com/nwhittacrehttps://www.facebook.com/StimulusTechhttps://www.linkedin.com/company/stimulus-technologiesABOUT OUR GUEST:Nathan Whittacre, CEO of Stimulus Technologies, is not your typical tech enthusiast—he's a visionary leader who has spent his life at the forefront of technological innovation and entrepreneurship. With a career spanning over three decades, Nathan has established himself as a trusted advisor, mentor, and thought leader in the technology field. Driven to bring technology success to all businesses, he authored, “The CEO's Digital Survival Guide: A Practical Handbook to Navigating the Future.” As he does with his clients, Nathan guides the readers through technology solutions by telling relatable stories from both his personal and business life. When Nathan isn't working with his clients, he enjoys spending time with his wife and 5 kids, everything outdoors, racing in triathlons and marathons, and flying his airplane. ABOUT BIG SKY FRANCHISE TEAM:This episode is powered by Big Sky Franchise Team. If you are ready to talk about franchising your business you can schedule your free, no-obligation, franchise consultation online at: https://bigskyfranchiseteam.com/.The information provided in this podcast is for informational and educational purposes only and should not be considered financial, legal, or professional advice. Always consult with a qualified professional before making any business decisions. The views and opinions expressed by guests are their own and do not necessarily reflect those of the host, Big Sky Franchise Team, or our affiliates. Additionally, this podcast may feature sponsors or advertisers, but any mention of products or services does not constitute an endorsement. Please do your own research before making any purchasing or business decisions.
March 10, 2025: Our three former CIOs Sarah Richardson, Drex DeFord, and Bill Russell discuss the news from the floor of HIMSS 2025 in Vegas. What's the difference between robotic process automation and emerging agentic AI systems that adapt to changing conditions? As cybersecurity threats evolve with AI assistance, how can health systems make security training engaging rather than tedious? The conversation shifts to concerns about upcoming telemedicine reimbursement changes and their potential impact on vulnerable populations. Looking three to five years ahead, what happens when AI assistants begin supporting patients in their daily health decisions? Join as Sarah, Drex, and Bill contemplate a future where personalized health agents might fundamentally reshape where and how patients receive care.Key Points:02:32 AI in Healthcare: Current Views08:28 AI Cyberthreats12:45 Telemedicine and Policy Changes17:37 Future of Personalized HealthcareSubscribe: This Week HealthTwitter: This Week HealthLinkedIn: This Week HealthDonate: Alex's Lemonade Stand: Foundation for Childhood Cancer
In an era where personal and professional lives are increasingly intertwined in the digital realm, the security of high-profile individuals extends far beyond corporate firewalls. Executives, board members, and high-net-worth individuals face growing threats not just to their businesses but also to their families and personal lives. The convergence of cybersecurity and physical security has never been more evident, and BlackCloak is at the forefront of addressing this modern challenge.In this episode of ITSPmagazine's Brand Story series, hosts Marco Ciappelli and Sean Martin sit down with Dr. Chris Pierson, CEO and Founder of BlackCloak, to explore the increasing risks posed by cybercriminals, data brokers, and even nation-state actors, all of whom exploit publicly available information to orchestrate real-world threats. With the rise of doxing, swatting, and targeted attacks on corporate leadership, it is clear that safeguarding digital identities is no longer optional—it is essential.Dr. Pierson shares insights on how BlackCloak's concierge approach blends cutting-edge technology with a personalized human touch, ensuring that executives and their families can navigate the digital world securely. From removing personal information from data broker websites to mitigating deep web threats, BlackCloak's unique approach focuses on proactive protection rather than reactive crisis management. The conversation also touches on recent high-profile security breaches and their implications, highlighting the urgent need for businesses to extend cybersecurity measures beyond the enterprise network.As digital and physical threats continue to merge, organizations must rethink their approach to executive security. This episode is a wake-up call for leaders who may underestimate the exposure they and their families face. Tune in to learn why digital executive protection is no longer a luxury but a necessity, and how BlackCloak is setting the standard for safeguarding the modern executive.For those looking to take control of their digital privacy and security, visit BlackCloak.io and connect with Dr. Chris Pierson on LinkedIn. The intersection of cybersecurity and personal safety is here—how prepared are you?Learn more about BlackCloak: https://itspm.ag/itspbcwebNote: This story contains promotional content. Learn more. Guest: Chris Pierson, Founder and CEO of BlackCloak | On Linkedin: https://www.linkedin.com/in/drchristopherpierson/ResourcesDownload the Whitepaper | Executive Protection at Home is the Major Gap in Cybersecurity: https://itspm.ag/blackcue74Learn more and catch more stories from BlackCloak: https://www.itspmagazine.com/directory/blackcloakAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
In today's episode of The Daily Wind Up, we have Former DoD Cyber Crime Director Jeff Stutzman who talks about the importance of cybersecurity for small businesses. He highlights the various risks that businesses face and the standard architecture used to combat these risks. Jeff emphasizes the need to have firewalls and endpoints, training, email protection, and incident response capabilities to safeguard businesses. He goes on to discuss how small businesses can have affordable cybersecurity solutions. One of his suggestions is using next-generation firewalls with a lot of functionality built-in, such as cloud functionality, DNS filtering, and anti-malware. Jeff explains that these firewalls have a total cost of ownership that is really good and that small businesses can obtain them for roughly $2,000. Listen to this episode now to learn how you can keep your business safe and secured!