Podcasts about cybercriminals

If you like what you hear, please subscribe, leave us a review and tell a friend!Cybercriminals are actively targeting multiple sectors, from cryptocurrency and healthcare to major corporations and public infrastructure. Attacks range from data breaches affecting hundreds of thousands of users to sophisticated malware campaigns, ransomware operations, and SEO poisoning campaigns exploiting software downloads. Law enforcement is responding with arrests, while companies raise significant capital amidst these cybersecurity challenges.

Cybercriminals are accelerating their attacks in ways that weren't possible a few years ago. Artificial intelligence is giving them the ability to spin up phishing campaigns, voice clones, and deepfakes in minutes instead of days. As a result, the gap between what's genuine and what's fake is closing fast, making it harder for both individuals and organizations to defend themselves. I'm thrilled to welcome Brett Winterford, Vice President of Okta Threat Intelligence. Brett has had a front row seat to these changes. His team analyzes identity-based attacks and delivers insights to help organizations adapt their defenses. Brett previously served as Okta's Regional CISO for Asia-Pacific and Japan and started his career as a journalist covering information security before moving into leadership roles in banking, government, and technology. In this episode, Brett explains how AI is reshaping the speed and scale of cybercrime, why trusted platforms like email, SMS, and collaboration tools are being targeted, and what practical steps can reduce risk. He highlights the growing importance of phishing-resistant authentication methods like passkeys, the need for clearer communication between service providers and users, and the role of collaboration across industries and law enforcement in pushing back against attackers. Show Notes: [00:00] Brett Winterford introduces himself as Vice President of Okta Threat Intelligence and explains how identity-based threats are monitored. [02:00] He shares his career path from cybersecurity journalist to CISO roles and now to leading threat intelligence. [05:48] Brett compares phishing campaigns of a decade ago with today's AI-driven ability to launch attacks in minutes. [08:00] He notes how reconnaissance and lure creation have become easier with artificial intelligence. [10:40] Brett describes the shift from banking malware to generic infostealers that sell stolen credentials. [12:30] He explains how cryptocurrency changed the targeting of attacks by offering higher payouts. [14:21] We learn about the Poison Seed campaign that used compromised bulk email accounts to spread phishing. [15:26] Brett highlights the rise of SMS and other trusted communication channels as phishing delivery methods. [16:04] He explains how attackers exploit platforms like Microsoft Teams and Slack to bypass traditional defenses. [18:30] Brett details a Slack-based campaign where attackers impersonated a CEO and smuggled phishing links. [22:41] He warns that generative AI has erased many of the old “red flags” that once signaled a scam. [23:01] Brett advises consumers to focus on top-level domains, official apps, and intent of requests to detect phishing. [26:06] He stresses why organizations should adopt passkeys, even though adoption can be challenging. [27:22] Brett points out that passkeys offer faster, more secure logins compared to traditional passwords. [28:31] He explains how attackers increasingly rely on SMS, WhatsApp, and social platforms instead of email. [31:00] Brett discusses voice cloning scams targeting both individuals and corporate staff. [32:30] He warns about deepfake video being used in fraud schemes, including North Korean IT worker scams. [34:59] Brett explains why traditional media-specific red flags are less useful and critical thinking is essential. [37:15] He emphasizes the need for service providers to create trusted communication channels for verification. [39:29] Brett talks about the difficulty of convincing users to reset credentials during real incidents. [41:00] He reflects on how attackers adapt quickly and why organizations must raise the cost of attacks. [44:18] Brett highlights the importance of cross-industry collaboration with groups like Interpol and Europol. [45:24] He directs listeners to Okta's newsroom for resources on threat intelligence and recent campaigns. [47:00] Brett advises consumers to experiment with passkeys and use official apps to reduce risk. [48:00] He closes by stressing the importance of having a trusted, in-app channel for security communications. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Brett Winterford - LinkedIn Brett Winterford - Okta

Jim LaRoe, CEO of Symphion, highlights an often overlooked cybersecurity threat posed by network-connected printers in a hospital setting.  Modern printers are complex devices with numerous features that create vulnerabilities and potential access points to patient and hospital data for cybercriminals, yet they are generally managed outside of the IT security environment. The first step in ensuring printer security is to determine the number of printing devices on the network, their locations, and their configurations. Additionally, it is essential to ask the IT team to demonstrate security hygiene for the entire printer fleet. Jim explains, "We personally were exposed to the print industry in about 2015. And we noticed that the printers are really essential for patient care. They process, store, and transmit the most sensitive data, but they have grown up outside of the information security and supply chain. The security has been left vulnerable. In today's cybercrime growth industry climate, where opportunistic criminals are looking for opportunities to steal data, ransom, or attack patient care, you've got a real recipe for disaster. So really, we're facing a whole lot of issues that relate to the vulnerability of the printer." "They're absolutely very complex business machines, and the manufacturers for the last 40 years or so, from what you're talking about, the analog days, have really enriched them with incredible features beyond the camera, the document sorter, and things like that. They built in incredible web server features, email servers, fax servers, FTP servers, like a Dropbox that we all use for heavy payload communication protocols. They built all those features into the devices, and they built in ways to secure those features, but they haven't been used, and they're not being used on networks."  #Symphion #Hospitals #PrinterSecurity #Cybercrimes #NetworkSecurity symphion.com Download the transcript here

Jim LaRoe, CEO of Symphion, highlights an often overlooked cybersecurity threat posed by network-connected printers in a hospital setting.  Modern printers are complex devices with numerous features that create vulnerabilities and potential access points to patient and hospital data for cybercriminals, yet they are generally managed outside of the IT security environment. The first step in ensuring printer security is to determine the number of printing devices on the network, their locations, and their configurations. Additionally, it is essential to ask the IT team to demonstrate security hygiene for the entire printer fleet. Jim explains, "We personally were exposed to the print industry in about 2015. And we noticed that the printers are really essential for patient care. They process, store, and transmit the most sensitive data, but they have grown up outside of the information security and supply chain. The security has been left vulnerable. In today's cybercrime growth industry climate, where opportunistic criminals are looking for opportunities to steal data, ransom, or attack patient care, you've got a real recipe for disaster. So really, we're facing a whole lot of issues that relate to the vulnerability of the printer." "They're absolutely very complex business machines, and the manufacturers for the last 40 years or so, from what you're talking about, the analog days, have really enriched them with incredible features beyond the camera, the document sorter, and things like that. They built in incredible web server features, email servers, fax servers, FTP servers, like a Dropbox that we all use for heavy payload communication protocols. They built all those features into the devices, and they built in ways to secure those features, but they haven't been used, and they're not being used on networks."  #Symphion #Hospitals #PrinterSecurity #Cybercrimes #NetworkSecurity symphion.com Listen to the podcast here

Send us a textTim and Chris dive into the month's most significant tech developments, exploring antitrust rulings, emerging AI security threats, and the financial sustainability of the AI industry.• Google avoids having to sell Chrome in federal antitrust ruling but is barred from exclusive distribution contracts• Cybercriminals deploy "S1ngularity Attack" using LLM prompts to steal credentials from 2,100 GitHub accounts• Cisco reintroduces dedicated wireless certification track with focus on Wi-Fi 6/7 and Meraki technologies• Google Cloud introduces "agentic IAM" services to manage AI agent identities and improve MCP security• Zscaler CEO creates controversy by suggesting customer logs are used for AI training before company clarification• Avaya offers voluntary exit packages to all employees, suggesting potential acquisition or restructuring• OpenAI increases projected spending through 2029 by $80 billion to $115 billion totalShare this episode on social media and tell a friend about the podcast if you enjoyed it. You can find us on all platforms @Cables2Clouds.Purchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/ Check out the Fortnightly Cloud Networking Newshttps://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/Visit our website and subscribe: https://www.cables2clouds.com/Follow us on BlueSky: https://bsky.app/profile/cables2clouds.comFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatj

Show Notes:Daniëlle began her academic path in psychology, later moving into criminology through her interest in decision making and online behaviour.Her PhD research at NSCR focuses on cybercriminal decision making, using honeypots and experiments in real online environments.Early experiments tested how different rewards affected access attempts on fake accounts.A major focus has been on the impact of Operation Cookie Monster (2023), which disrupted the Genesis Market. Danielle's work examined how this law enforcement operation influenced behaviour and moderation practices on hacker forums.She emphasizes the value of experiments in the field, which allow researchers to test criminological theories with live offender behaviour, while balancing strict ethical and legal safeguards.About our guest:Danielle StibbeNSCR Profile Page: https://nscr.nl/en/medewerker/danielle-stibbe-msc/Google Scholar: https://scholar.google.com/citations?user=1fsHJEgAAAAJ&hl=enLinkedIn: https://www.linkedin.com/in/danielle-stibbe/?originalSubdomain=nlPapers or resources mentioned in this episode:Onaolapo, J., Mariconti, E., & Stringhini, G. (2016). What happens after you are pwnd: Understanding the use of leaked webmail credentials in the wild. Proceedings of the 2016 Internet Measurement Conference. https://doi.org/10.1145/2987443.2987475Europol (2023). Operation Cookie Monster: Genesis Market taken down in coordinated international action.https://www.europol.europa.eu/media-press/newsroom/news/operation-cookie-monster-genesis-market-taken-down-in-coordinated-international-actionOxford Handbook of Criminal Decision Making (2016). Eds. Bruinsma & Weisburd. Oxford University Press.Other:The open science framework https://osf.io 

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly this week! OpenAI is being sued following a teen's suicide, which was blamed on ChatGPT. Detecting and countering the misuse of AI. A review of the Pixel 10 Pro. And Meta has poured $10 billion into rural Louisiana to build an ambitious data center. (Content Warning) Emily talks about a lawsuit that was brought to OpenAI following a teen's suicide after using ChatGPT. Mikah discusses Anthropic's recent threat intelligence report, which examines how bad actors are finding ways to misuse the company's AI models. Allison Johnson of The Verge chats with Mikah about her review of the Pixel 10 Pro phone and how the new feature, Magic Cue, impressed Allison at times. And finally, MIkah shares how Meta has invested $10 billion into a rural part of Louisiana to build a large data center to fuel the company's AI ambitions. (If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country.) Hosts: Mikah Sargent and Emily Forlini Guest: Allison Johnson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: pantheon.io smarty.com/twit threatlocker.com/twit

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly this week! OpenAI is being sued following a teen's suicide, which was blamed on ChatGPT. Detecting and countering the misuse of AI. A review of the Pixel 10 Pro. And Meta has poured $10 billion into rural Louisiana to build an ambitious data center. (Content Warning) Emily talks about a lawsuit that was brought to OpenAI following a teen's suicide after using ChatGPT. Mikah discusses Anthropic's recent threat intelligence report, which examines how bad actors are finding ways to misuse the company's AI models. Allison Johnson of The Verge chats with Mikah about her review of the Pixel 10 Pro phone and how the new feature, Magic Cue, impressed Allison at times. And finally, MIkah shares how Meta has invested $10 billion into a rural part of Louisiana to build a large data center to fuel the company's AI ambitions. (If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country.) Hosts: Mikah Sargent and Emily Forlini Guest: Allison Johnson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: pantheon.io smarty.com/twit threatlocker.com/twit

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly this week! OpenAI is being sued following a teen's suicide, which was blamed on ChatGPT. Detecting and countering the misuse of AI. A review of the Pixel 10 Pro. And Meta has poured $10 billion into rural Louisiana to build an ambitious data center. (Content Warning) Emily talks about a lawsuit that was brought to OpenAI following a teen's suicide after using ChatGPT. Mikah discusses Anthropic's recent threat intelligence report, which examines how bad actors are finding ways to misuse the company's AI models. Allison Johnson of The Verge chats with Mikah about her review of the Pixel 10 Pro phone and how the new feature, Magic Cue, impressed Allison at times. And finally, MIkah shares how Meta has invested $10 billion into a rural part of Louisiana to build a large data center to fuel the company's AI ambitions. (If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country.) Hosts: Mikah Sargent and Emily Forlini Guest: Allison Johnson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: pantheon.io smarty.com/twit threatlocker.com/twit

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly this week! OpenAI is being sued following a teen's suicide, which was blamed on ChatGPT. Detecting and countering the misuse of AI. A review of the Pixel 10 Pro. And Meta has poured $10 billion into rural Louisiana to build an ambitious data center. (Content Warning) Emily talks about a lawsuit that was brought to OpenAI following a teen's suicide after using ChatGPT. Mikah discusses Anthropic's recent threat intelligence report, which examines how bad actors are finding ways to misuse the company's AI models. Allison Johnson of The Verge chats with Mikah about her review of the Pixel 10 Pro phone and how the new feature, Magic Cue, impressed Allison at times. And finally, MIkah shares how Meta has invested $10 billion into a rural part of Louisiana to build a large data center to fuel the company's AI ambitions. (If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country.) Hosts: Mikah Sargent and Emily Forlini Guest: Allison Johnson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: pantheon.io smarty.com/twit threatlocker.com/twit

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly this week! OpenAI is being sued following a teen's suicide, which was blamed on ChatGPT. Detecting and countering the misuse of AI. A review of the Pixel 10 Pro. And Meta has poured $10 billion into rural Louisiana to build an ambitious data center. (Content Warning) Emily talks about a lawsuit that was brought to OpenAI following a teen's suicide after using ChatGPT. Mikah discusses Anthropic's recent threat intelligence report, which examines how bad actors are finding ways to misuse the company's AI models. Allison Johnson of The Verge chats with Mikah about her review of the Pixel 10 Pro phone and how the new feature, Magic Cue, impressed Allison at times. And finally, MIkah shares how Meta has invested $10 billion into a rural part of Louisiana to build a large data center to fuel the company's AI ambitions. (If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country.) Hosts: Mikah Sargent and Emily Forlini Guest: Allison Johnson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: pantheon.io smarty.com/twit threatlocker.com/twit

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly this week! OpenAI is being sued following a teen's suicide, which was blamed on ChatGPT. Detecting and countering the misuse of AI. A review of the Pixel 10 Pro. And Meta has poured $10 billion into rural Louisiana to build an ambitious data center. (Content Warning) Emily talks about a lawsuit that was brought to OpenAI following a teen's suicide after using ChatGPT. Mikah discusses Anthropic's recent threat intelligence report, which examines how bad actors are finding ways to misuse the company's AI models. Allison Johnson of The Verge chats with Mikah about her review of the Pixel 10 Pro phone and how the new feature, Magic Cue, impressed Allison at times. And finally, MIkah shares how Meta has invested $10 billion into a rural part of Louisiana to build a large data center to fuel the company's AI ambitions. (If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country.) Hosts: Mikah Sargent and Emily Forlini Guest: Allison Johnson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: pantheon.io smarty.com/twit threatlocker.com/twit

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly this week! OpenAI is being sued following a teen's suicide, which was blamed on ChatGPT. Detecting and countering the misuse of AI. A review of the Pixel 10 Pro. And Meta has poured $10 billion into rural Louisiana to build an ambitious data center. (Content Warning) Emily talks about a lawsuit that was brought to OpenAI following a teen's suicide after using ChatGPT. Mikah discusses Anthropic's recent threat intelligence report, which examines how bad actors are finding ways to misuse the company's AI models. Allison Johnson of The Verge chats with Mikah about her review of the Pixel 10 Pro phone and how the new feature, Magic Cue, impressed Allison at times. And finally, MIkah shares how Meta has invested $10 billion into a rural part of Louisiana to build a large data center to fuel the company's AI ambitions. (If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country.) Hosts: Mikah Sargent and Emily Forlini Guest: Allison Johnson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: pantheon.io smarty.com/twit threatlocker.com/twit

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly this week! OpenAI is being sued following a teen's suicide, which was blamed on ChatGPT. Detecting and countering the misuse of AI. A review of the Pixel 10 Pro. And Meta has poured $10 billion into rural Louisiana to build an ambitious data center. (Content Warning) Emily talks about a lawsuit that was brought to OpenAI following a teen's suicide after using ChatGPT. Mikah discusses Anthropic's recent threat intelligence report, which examines how bad actors are finding ways to misuse the company's AI models. Allison Johnson of The Verge chats with Mikah about her review of the Pixel 10 Pro phone and how the new feature, Magic Cue, impressed Allison at times. And finally, MIkah shares how Meta has invested $10 billion into a rural part of Louisiana to build a large data center to fuel the company's AI ambitions. (If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country.) Hosts: Mikah Sargent and Emily Forlini Guest: Allison Johnson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: pantheon.io smarty.com/twit threatlocker.com/twit

Dozens of online influencers are using their platform to spread financial literacy, which continues to have a growing impact on younger generations looking to get into investing, saving and making more money.And although cybercriminals have been around for decades, they're capitalizing on social media users with the help of artificial intelligence in the form of deep fakes or fraudulent advertisements to get your money and information. Host Mike Eppel speaks to Tony Anscombe, chief security evangelist at ESET to discuss the signs to look out for, and how to protect yourself and your wallet from being one of the millions of cybercrime victims. We love feedback at The Big Story, as well as suggestions for future episodes. You can find us:Through email at hello@thebigstorypodcast.ca Or @thebigstoryfpn on Twitter

Farmers Insurance discloses a data breach affecting over a million people. Agentic AI tools fall for common scams. A new bill in Congress looks to revive letters of marque for the digital age. Cybercriminals target macOS users with the Shamos infostealer. New Android spyware masquerades as antivirus to target Russian business executives. CISA seeks public comments on SBOM updates. A major third party electronics manufacturer reports a ransomware attack. Salesforce patches multiple vulnerabilities in its Tableau products. Over 370,000 user Grok conversations were accidentally indexed by Google. Ben Yelin examines the UK's decision to drop digital backdoor requirements. WIRED gets duped by an AI author. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies joins to discuss the U.K. dropping ‘back door' demand for Apple user data. Read the article Ben discusses. If you enjoyed this conversation and want to hear more from Ben, check out our Caveat podcast here. Selected Reading Farmers Insurance Data Breach Impacts Over 1 Million People (SecurityWeek) "Scamlexity": When Agentic AI Browsers Get Scammed (Guardio) Bill would give hackers letters of marque against US enemies (The Register) Fake macOS help sites push Shamos infostealer via ClickFix technique (Help Net Security) New Android malware poses as antivirus from Russian intelligence agency (Bleeping Computer) CISA Requests Public Feedback on Updated SBOM Guidance (SecurityWeek) Electronics manufacturer Data I/O reports ransomware attack to SEC (The Record) Salesforce patches multiple flaws in Tableau Server, at least one critical (Beyond Machines) 370,000 Grok AI chats leaked after being indexed on Google (Cyber Daily) How WIRED Got Rolled by an AI Freelancer (WIRED) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsoft releases emergency out-of-band (OOB) Windows updates. Trump targets NSA's leading AI and cyber expert in clearance revocations. A breach may have compromised the privacy of Ohio medical marijuana patients. Cybercriminals exploit an AI website builder to rapidly create phishing sites. Warlock ransomware operators target Microsoft's SharePoint ToolShell vulnerability. Google and Mozilla patch Chrome and Firefox. European officials report two cyber incidents targeting water infrastructure. A federal appeals court has upheld fines against T-Mobile and Sprint for illegally selling customer location data. Authorities dismantle DDoS powerhouse Rapper Bot. On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, speaking about ShinyHunters and the problems with securing Salesforce. Microsoft Copilot gets creative with compliance.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, who is speaking about ShinyHunters and the problems with securing Salesforce. You can hear more from Matt here. Selected Reading Microsoft releases emergency updates to fix Windows recovery (Bleeping Computer) Trump Revokes Security Clearances of 37 Former and Current Officials (The New York Times) Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database (WIRED) AI Website Builder Lovable Abused for Phishing and Malware Scams (Hackread) Warlock Ransomware Hitting Victims Globally Through SharePoint ToolShell Exploit (InfoSecurity Magazine) High-Severity Vulnerabilities Patched in Chrome, Firefox (SecurityWeek) Russia-linked European attacks renew concerns over water cybersecurity (CSO Online) T-Mobile claimed selling location data without consent is legal, judges disagree (Ars Technica) Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator (CyberScoop) Copilot Broke Your Audit Log, but Microsoft Won't Tell You (Pistachio Blog) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

If you like what you hear, please subscribe, leave us a review and tell a friend!

Kurtis Minder knows the dark web better than most—and he's not just watching from the sidelines. As a ransomware negotiator, he's helped victims talk their way out of seemingly impossible situations. This week, we explore how cybercriminals operate, what makes them tick, and what you need to know to avoid becoming their next target. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cybercriminals today operate more like startups than stereotypes—complete with org charts, sprint cycles, and pizza parties to celebrate successful breaches. In this episode of Security Matters, host David Puner talks with former CISO and U.S. Air Force veteran Ian Schneller about the evolving sophistication of threat actors and what it takes to stay ahead.From zero-day vulnerabilities and machine identity risks to AI-powered attacks and insider threats, Ian shares practical strategies drawn from his experience in military intelligence, offensive cyber operations, and corporate security leadership. Learn how to build resilience, translate cyber risk into business outcomes, and lead with mission-driven clarity in a threat landscape that never slows down.

We kick off the show with Carl Rutstein, SVP and Global Head of Consulting & Analytics at Visa, to talk about protecting business from cyberthreats. We'll learn all about its new Cybersecurity Advisory Practice, which provides guidance and support to businesses on managing cyber risksSpeaking protection, Michal Salát, Director of Threat Research at Norton, shares takeaways from the company's Cyber Safety Insights Report – this time on “Connected Kids.” You're not going to want to miss that chat, especially if you have kids, grandkids, or nieces/nephewsI'll also play an interview recorded at AWS re:Invent about ‘Sign Speak.' which provides AI-powered American Sign Language (ASL) tools to enhance communication between Deaf/Hard of Hearing and hearing individuals — built by the community, for the community. I sit down with CEO Yami PayanoThank you to Visa and Sandisk for your support!

The Senate confirms a new national cyber director. A new commission explores the establishment of a separate Cyber Force. Cybercriminals exploit link wrapping to launch sophisticated phishing attacks. AI agents are hijacked, cameras cracked, and devs phished. Gene sequencers and period trackers settle allegations of oversharing personal data and inadequate security. Today we are joined by Tim Starks from CyberScoop discussing how China accuses the US of exploiting Microsoft zero-day in a cyberattack. OpenAI scrambles after a chat leak fiasco. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. You can read Tim's article on the topic here. CyberWire Guest Today we are joined by Tim Starks from CyberScoop discussing how China accuses the US of exploiting Microsoft zero-day in a cyberattack. Selected Reading Sean Cairncross confirmed as national cyber director (The Record) Panel to create roadmap for establishing US Cyber Force (The Record) Microsoft 365: Attackers Weaponize Proofpoint and Intermedia Link Wrapping to Steal Logins (WinBuzzer) When Public Prompts Turn Into Local Shells: ‘CurXecute' – RCE in Cursor via MCP Auto‑Start (Aim Security) LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code (Hackread) Bitdefender Warns Users to Update Dahua Cameras Over Critical Flaws (Hackread) Mozilla warns of phishing attacks targeting add-on developers (Bleeping Computer) Gene Sequencing Giant Illumina Settles for $9.8M Over Product Vulnerabilities (SecurityWeek) Flo settles class action lawsuit alleging improper data sharing (The Record) ChatGPT users shocked to learn their chats were in Google search results (Ars Technica) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A critical vulnerability in SUSE [SOO-suh] Manager allows attackers to run commands with root privilege. A joint CISA and U.S. Coast Guard threat hunt at a critical infrastructure site reveals serious cybersecurity issues. Healthcare providers across the U.S. report recent data breaches. Cybercriminals infiltrate a bank by physically planting a Raspberry Pi on a network switch. Russian state-backed hackers target Moscow diplomats to deploy ApolloShadow malware. Luxembourg investigates a major telecom outage tied to Huawei equipment. China's cyberspace regulator summons Nvidia over alleged security risks linked to its H20 AI chips. A new report examines early indicators of system compromise. Today we are joined by Ryan Whelan, Managing Director and Global Head of Accenture Cyber Intelligence, with their analysis of Scattered Spider. Pwn2Own puts a million dollar bounty on WhatsApp zero-clicks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire GuestOur guest today is Ryan Whelan, Managing Director and Global Head of Accenture Cyber Intelligence, discussing the possibilities of Scattered Spider. Selected Reading Critical flaw in SUSE Manager exposes enterprise deployments to compromise (Beyond Machines) CISA identifies OT configuration flaws during cyber threat hunt at critical infrastructure organization, lists cyber hygiene (Industrial Cyber) CISA Issues ICS Advisories for Rockwell Automation Using VMware, and Güralp Seismic Monitoring Systems (Cyber Security News) Florida Internal Medicine Practices Discloses November 2024 Data Breach (HIPAA Journal) Cybercrooks use Raspberry Pi to steal ATM cash (The Register) Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft (SecurityWeek) Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage (The Record) Nvidia summoned by China's cyberspace watchdog over risks in H20 chips (CGTN) Hackers Regularly Exploit Vulnerabilities Before Public Disclosure (Infosecurity Magazine) Pwn2Own hacking contest pays $1 million for WhatsApp exploit (Bleeping Computer) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In the latest Title Now webinar, Shannon Widman and Tom Cronkright discuss the rising threat of wire fraud in real estate, emphasizing the importance of verifying identities and implementing robust cybersecurity measures. They highlight the dangers of seller impersonation fraud and the need for multi-factor authentication to protect against scams. The conversation also touches on the challenges faced by title agents and law firms, particularly those with multiple offices, in managing unsolicited title order requests. Additionally, they address the limitations of E&O insurance in covering cyber breaches and the need for new pricing models for smaller businesses. The session concludes with a call for increased awareness and proactive measures to combat fraud in the industry.

NordVPN, a leading provider of cybersecurity solutions, has released its latest findings on online threats from the second quarter of 2025. The expert team analysed aggregated data from the NordVPN Threat Protection Pro feature to identify the types of threats users most commonly encounter online. The number of blocked malware threats increased by 6.4% compared to Q1, totalling 95,406 intercepted malicious files. The APC virus leads the list of the most common malicious software. Malware detection reached its peak in May, when 1.2 billion threats were identified and blocked. In contrast, trackers blocked declined slightly (-6.2%). Nevertheless, with up to 58 billion blocked activities in April, tracking remained the most frequently detected online threat in Q2. "Our data shows that online threats are steadily increasing, not only in number but also in complexity. Today, users face a rapidly evolving digital threat landscape. Cybercriminals deliberately exploit users' trust in well-known brands and their everyday online habits to gain access to sensitive data as unnoticed as possible," says Marijus Briedis, CTO of NordVPN. Key findings from the report: APC was the most frequently detected malware in Q2, with a total of 95,406 intercepted files. .exe files remain the main carriers of malware with 181,008 threats, followed by .zip (27,531) and .dll (21,447). Google is the most impersonated brand with over 200K malicious websites. Other frequently faked brands include Yahoo!, Telegram, Steam, and Amazon. The highest malware prevalence is found on the video hosting platforms, streaming services, and content delivery networks. Brand impersonation threat remains high Impersonation of well-known brands remains a widespread tactic among cybercriminals. This increasingly affects internet users in Ireland as well. Notably, Google is the most impersonated brand with over 200K malicious websites. Yahoo!, Telegram, Steam, and Amazon are also regularly imitated. Through convincingly fake phishing websites or manipulated downloads, fraudsters attempt to gain access to sensitive credentials such as passwords or payment information. For users in Ireland, this means that a single click on a fake site can have severe consequences. Malware attacks as a global problem While no region is safe from cyber threats, some countries recorded particularly high numbers of blocked attacks in the second quarter of 2025. The US leads the way by a wide margin with 280 million incidents, followed by Canada with 256 million, the UK with 103 million, and Australia with 42 million. Nigeria was targeted with 38 million malicious files, and Israel with 30 million. The Netherlands recorded over 71 million malware attacks in Q2 2025, making it the second most targeted country in Europe. Increased vigilance needed in everyday digital life NordVPN's insights show that online threats are continuing to rise both in frequency and sophistication. Whether through malware, intrusive ads, or targeted brand impersonations, users face increasingly complex cyber risks. Services like Threat Protection Pro can help detect and fend off such dangers early. However, user vigilance remains a crucial factor in effectively countering online threats. "Only those who are aware of the risks and can recognise cyber dangers can effectively defend themselves against them," says Marijus Briedis. Briedis offers five practical tips to protect against online threats Use strong passwords and MFA: Use a unique password for each account and enable multi-factor authentication. Be wary of "free" offers: Free video hosting sites often contain malware. Be especially vigilant with unknown domains. Check links: Check suspicious links for URLs and spelling first. Verify downloads: Only download files from trusted sources and scan them with tools such as Threat Protection Pro. Keep software up to date: Regularly update operating systems, applications, and security software to close vulnerabilities. For the...

If you like what you hear, please subscribe, leave us a review and tell a friend!

Cybercriminals are increasingly targeting New York small businesses with AI-powered attacks, regulatory compliance challenges, and remote work vulnerabilities creating new security risks that require immediate attention and strategic planning. To learn more, visit: https://fischsolutions.com/top-msp-hudson-valley Fisch Solutions City: New Windsor Address: 3188 Route 9W Website: https://fischsolutions.com Phone: +1 845 237 0000

Clinicians often do not pay attention to cyber security... thats for the owners and managers, right? Wrong! Cyber criminals have become so sophisticated, they can target anyone in the team and not in the way you think they might. Give this episode a listen with Paul Murphy to find out your role in keeping your patients safe and secure in their dental visits! Resources: Blacktalonsecurity.com 

Welcome back to Re-Imagining Cyber! In this episode, Tyler Moffitt, (Senior Security Analyst at OpenText) explores the emerging threat of generative AI in the hands of cyber criminals. Discover how AI models like ChatGPT, WormGPT, and FraudGPT have drastically lowered the skill floor for launching sophisticated attacks. Tyler breaks down the four major use cases: hyper-personalized phishing, real-time social engineering, AI-generated malware, and deep fakes. Learn the impact of this technology on real-world cyber crime and how AI-driven defense strategies are evolving to combat these threats. Tune in for essential insights and stay skeptical!Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Clinicians often do not pay attention to cyber security... thats for the owners and managers, right? Wrong! Cyber criminals have become so sophisticated, they can target anyone in the team and not in the way you think they might. Give this episode a listen with Paul Murphy to find out your role in keeping your patients safe and secure in their dental visits! Resources: Blacktalonsecurity.com 

Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country's banking system. Qantas confirms contact from a “potential cybercriminal” following its recent customer data breach. The XWorm RAT evolves to better evade detection. Cybercriminals ramp up fraudulent domains ahead of Amazon Prime day. Apple sues a former engineer allegedly stealing confidential data. Our guest is Rob Allen, Chief Product Officer at Threat Locker, discussing why 'Default Deny' could be the Antidote to Security Fatigue. AI image editing blurs the evidence.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Rob Allen, Chief Product Officer at Threat Locker, discussing From Noise to Control: Why 'Default Deny' Is the Antidote to Security Fatigue. If you want to hear more from Rob or Threat Locker, you can listen to them here. Selected Reading Ingram Micro outage caused by SafePay ransomware attack (Bleeping Computer) Police dismantles investment fraud ring stealing €10 million (Bleeping Computer) SatanLock Ransomware Ends Operations, Says Stolen Data Will Be Leaked (Hackread) Police in Brazil Arrest a Suspect Over $100M Banking Hack (SecurityWeek) Qantas Contacted by Potential Cybercriminal Following Data Breach (Infosecurity Magazine) Arbor Associates reports data breach exposing patient information (Beyond Machines) XWorm RAT Deploys New Stagers and Loaders to Bypass Defenses (GB Hackers) Amazon Prime Day 2025: Deals Await, But So Do the Cyber Criminals (Check Point) Apple Accuses Ex-Engineer Of Stealing Vision Pro Secrets, Silently Accepting Job At Snap Inc., And Covering His Tracks By Wiping Data From Work Laptop (WCCF TECH) Cops Use ChatGPT to Edit Drugs Bust Photo, Goes Horribly Wrong (PetaPixel) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cybercriminals target financial institutions across Africa using open-source tools. Threat actors are using a technique called Authenticode stuffing to abuse ConnectWise remote access software. A fake version of SonicWall's NetExtender VPN app steals users' credentials. CISA and the NSA publish a guide urging the adoption of Memory Safe Languages. Researchers identify multiple security vulnerabilities affecting Brother printers. Fake AI-themed websites spread malware. Researchers track a sharp rise in signup fraud. A new Common Good Cyber Fund has been launched to support nonprofits that provide essential cybersecurity services. Tim Starks from CyberScoop joins us to discuss calls for a federal cyberinsurance backstop. A Moscow court says ‘nyet' to more jail time for cyber crooks. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are again joined by Tim Starks, Senior Reporter from CyberScoop. Tim discusses his recent piece on “Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends.” Selected Reading Cybercriminals Abuse Open-Source Tools To Target Africa's Financial Sector (Unit 42) Hackers Abuse ConnectWise to Hide Malware (SecurityWeek) Fake SonicWall VPN app steals user credentials (The Register) CISA Publishes Guide to Address Memory Safety Vulnerabilities in Modern Software Development (GB Hackers) New Vulnerabilities Expose Millions of Brother Printers to Hacking (SecurityWeek) Black Hat SEO Poisoning Search Engine Results For AI (ThreatLabz) Half of Customer Signups Are Now Fraudulent  (Infosecurity Magazine) Common Good Cyber Fund Launched to Support Non-Profit Security Efforts (Infosecurity Magazine) Russia releases REvil members after convictions for payment card fraud (The Record) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Why you should listenLearn why SMB clients are now the #1 target for cyberattacks and how attackers operate (with shocking real-world examples).Discover how Microsoft partners can add value and margin with simplified cybersecurity services — even without deep in-house expertise.Find out how to protect your firm and clients from ransomware and liability without adding massive overhead or complexity.If you think your clients are “too small” to be a target—think again. Cybercriminals are shifting focus toward SMBs, and Microsoft partners are on the front lines, whether they know it or not.In this episode, I talk to René-Sylvain Bédard (RS), CEO of Indominus Managed Security, about how Microsoft partners can simplify cybersecurity, reduce risk, and turn this into a value-added service—not just an afterthought. You'll learn the real risks, where partners are exposed, and how to protect both clients and your own firm.About René-Sylvain BedardRené-Sylvain has nearly 30 years of experience as a technical architect, is the founder and CEO of Indominus. His work spans consulting firms, governments, telecommunications, aerospace, and SMEs. As a Microsoft partner for over 20 years, he has built strong relationships and received expert training allowing him to position Indominus as a leader in consulting, AI, and managed security services.In 2024, he was sacred "Highly Commended", the 2nd place in the "Best Technology Speaker" category at the Speaker Awards in London and within a few months, Indominus Managed Security was nominated to "Best Tech Company" by the Canadian SME Magazine.In 2025, Rene-Sylvain already published his new book "Secure by design", through Rethink Press and Indominus Managed Security won "Best Cybersecurity for SME", by the Canadian Business Awards.Under his leadership, Indominus is committed to fighting cybercrime globally, using innovative technologies and approaches to protect organizations and individuals.Driven by a passion for helping others and creating a safer world, René-Sylvain is confident that Indominus' expertise will shape a future free from cybercrime. With unwavering commitment to excellence and determination to eradicate cybercrime, he is ready to lead Indominus and its partners towards a safer future.Resources and LinksIndominus.msRené-Sylvain's LinkedIn profileRené-Sylvain's Business cardBook: Secure by Design: A leader's guide to keeping cybercriminals out of your businessWant to become a partner? Email partners@indominus.msPrevious episode: 617 - How Top Consultants Are Winning in 2025Check out more episodes of the Paul Higgins PodcastSubscribe to our YouTube channel:

Cybercriminals are getting bolder—and smarter. This week, the Security Squawk crew tackles some of the most concerning stories in cyber news: a ransomware gang is now telling victims to call their lawyers, insurers like Aflac are struggling with ongoing ransomware outages, and healthcare data for over 50 million people has been exposed. We each bring a real-world case that highlights just how chaotic—and dangerous—the threat landscape has become. Topics this week: Qilin ransomware's new legal scare tactic Episource breach impacts 5.4 million patients McLaren Health confirms sensitive data exfiltration Aflac & other insurers hit by ransomware, causing major outages Tune in for expert breakdowns, sharp insights, and actionable advice to keep your business secure.

We start with negotiations between European leaders and Iran in Geneva. Cybercriminals have breached insurance giant Aflac. Pro-Palestinian activists broke into Britain's largest air base. President Donald Trump passed on honoring Juneteenth and made this complaint about federal holidays instead. Plus, why smart phone users are disabling news alerts. Learn more about your ad choices. Visit podcastchoices.com/adchoices

In this episode, Dr. Zero Trust discusses a record-breaking data breach involving 16 billion exposed passwords, the implications of cyber warfare in current geopolitical conflicts, and the challenges surrounding digital sovereignty in Europe. The conversation highlights the need for better cybersecurity practices and the evolving nature of warfare in the digital age.Takeaways16 billion passwords exposed in a massive data breach.The data breach raises questions about the accuracy of reported figures.Cybercriminals are shifting tactics, using info stealers and malware.The future of warfare involves cyber operations combined with kinetic actions.Deep fakes and manipulated media are becoming prevalent in conflicts.Cybersecurity measures like MFA and strong passwords are essential.Legislators are often unaware of the complexities of cybersecurity.Digital sovereignty claims in Europe are questionable due to reliance on US companies.The intersection of cyber and traditional warfare is increasingly blurred.Public awareness of cybersecurity threats is crucial for national security.

Chetan Raghuprasad joins Hazel to discuss his threat hunting research into fake AI tool installers, which criminals are using to distribute ransomware, RATS, stealers and other destructive malware. He discusses the attack chain of three different campaigns, including one which even tries to justify its ransom as "humanitarian aid."For the full research, read Chetan's blog at https://blog.talosintelligence.com/fake-ai-tool-installers/

DragonForce has emerged as a significant threat actor in the cybercrime landscape, targeting vulnerabilities in the SimpleHelp remote monitoring and management tool to execute sophisticated ransomware-as-a-service attacks against managed service providers (MSPs). Recent incidents have highlighted how attackers exploited known vulnerabilities, including path traversal and privilege escalation issues, to deploy DragonForce ransomware, which involved exfiltrating sensitive data and employing double extortion tactics. While some clients were protected by endpoint security measures, others suffered significant impacts, underscoring the importance of maintaining IT hygiene and patch management.The rise of DragonForce is indicative of a broader trend where low-key remote monitoring and management vendors become high-risk entry points for cybercriminals. The evolution of DragonForce from disruptive ransomware player to a full-blown ransomware-as-a-service operator executing targeted extortion campaigns raises alarms about the security of tools widely used by small and medium-sized businesses (SMBs). This situation serves as a reminder that disclosed vulnerabilities can become weaponized if organizations fail to prioritize patching and security measures.In another concerning development, ConnectWise's ScreenConnect has been identified as the most abused legitimate remote access tool in cyberattacks, accounting for a significant percentage of active threat reports. Cybercriminals are hijacking these tools, typically used by IT professionals, to infiltrate systems and deliver malicious software. The increasing popularity of ScreenConnect has raised vendor trust concerns among IT service providers, prompting discussions about the implications of using such tools in an environment where they can be misused, even without technical exploits.Microsoft is also making waves in the patch management landscape by introducing a Windows Update Orchestration platform that allows app developers to integrate their update processes into the Windows 11 framework. This initiative aims to create a unified system for managing updates across devices, addressing user concerns about fragmented experiences. The implications of this change are profound, as it positions Microsoft as a central authority in the software update lifecycle, potentially reshaping how managed service providers and security teams approach patching and update management in the future.  Four things to know today00:00 DragonForce Targets SimpleHelp Vulnerabilities in MSP-Focused Ransomware Campaign03:30 ConnectWise ScreenConnect Now the Most Abused Remote Access Tool in 2025 Cyberattacks, Report Finds05:56 Unified Patch Control: Microsoft's Update Orchestration Platform Threatens RMM Value Propositions08:55 Actionable AI: Governance Framework and MCP Protocol Deliver Real-World Benefits Amid Hype  This is the Business of Tech.     Supported by:  https://syncromsp.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Tom Uren and Patrick Gray talk about Russian DanaBot malware developers making a tailored variant of their malware specifically for espionage. This fills in some of the blanks on the exact relationship between Russian criminals and the country's intelligence services. They also discuss a US Director of National Intelligence initiative to centralise the purchase of commercially acquired information. Although this information can be used maliciously, having a one-stop-shop should make it easier to check that it is being used responsibly. This episode is also available on Youtube. Show notes

Ireland ranks 117th out of 253 countries, with over 57 million leaked cookies - 4.7 million of which are still active and tied to real user activity. According to the latest research by cybersecurity company NordVPN, Ireland has landed a troubling spot on the global leaderboard for leaked cookies, ranking 117th out of 253 countries. Over 57 million cookies linked to Irish users have been found on the dark web. Although cookies are commonly seen as helpful for improving online experiences, many don't realise that hackers can exploit them to steal personal data and access secure systems. "Cookies may seem harmless, but in the wrong hands, they're digital keys to our most private information," says Adrianus Warmenhoven, cybersecurity expert at NordVPN. "What was designed to enhance convenience is now a growing vulnerability exploited by cybercriminals worldwide." The hidden risk behind everyday browsing Cookies are small text files that websites store on a user's browser to remember preferences, login details, and browsing behaviour. They play a vital role in making online experiences smoother, helping websites load faster, keeping shopping carts full, and allowing users to stay logged in across sessions. Without cookies, the convenience and personalisation of the modern web would be severely limited. However, as the digital landscape evolves, so does the misuse of these tools. Cybercriminals have learned to harvest cookies to hijack sessions, steal identities, and bypass security measures. "Most people don't realise that a stolen cookie can be just as dangerous as a password," says Warmenhoven. "Once intercepted, a cookie can give hackers direct access to accounts and sensitive data, no login required." Millions of pieces of personal data exposed NordVPN's research reveals a massive malware operation that stole almost 94 billion cookies - a dramatic jump from 54 billion just a year ago, marking a 74% increase. Even more concerning, 20.55% of these cookies are still active, posing an ongoing risk to users' online privacy. Most stolen cookies came from major platforms, including Google (4.5 billion), YouTube (1.33 billion), and over 1 billion each from Microsoft and Bing. The growth is just as alarming when comparing personal data exposure over the past few years. In 2024, NordVPN identified 10.5 billion assigned IDs, 739 million session IDs, 154 million authentication tokens, and 37 million login credentials. In 2025, those numbers rose sharply, with 18 billion assigned IDs and 1.2 billion session IDs now exposed. These data types are critical for identifying users and securing their online accounts, making them highly valuable to cybercriminals. The stolen information often included full names, email addresses, cities, passwords, and physical addresses - key personal data that can be used for identity theft, fraud, and unauthorised account access. The data was harvested using 38 different types of malware, more than triple the 12 types identified last year. The most active strains were Redline (41.6 billion cookies), Vidar (10 billion), and LummaC2 (9 billion). These malware families are known for stealing login details, passwords, and other sensitive data. Redline is a powerful infostealer that extracts saved passwords, cookies, and autofill data from browsers, giving hackers direct access to personal accounts. Vidar works similarly but also downloads additional malware, making it a gateway to more complex attacks. LummaC2 is particularly evasive, frequently updating its tactics to slip past antivirus tools and spread across systems undetected. In addition to these known threats, researchers discovered 26 new types of malware not seen in 2024 - a sign of how quickly the cybercrime landscape is evolving. New entries like RisePro, Stealc, Nexus, and Rhadamanthys are especially dangerous. RisePro and Stealc are built to rapidly steal browser credentials and session data, while Nexus targets banking information using mobile emul...

The Czech Republic accuses Chinese state-backed hackers of cyber-espionage. CISA's leaders head for the exits. Cybercriminals are using fake AI video generator websites to spread malware. A stealthy phishing campaign delivers the Remcos RAT via DBatLoader. A fake Bitdefender website spreads malware targeting financial data. Medusa ransomware claims to have breached global real estate firm RE/MAX. An Iranian national faces up to 30 years in prison for ransomware targeting US cities. Our guest is Tony Velleca, CyberProof's CEO,  discussing exposure management and a more risk-focused approach to prioritize threats. Mind reading for fun and profit.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, at the 2025 RSA Conference we were joined by Tony Velleca, CyberProof's CEO, who is discussing exposure management and moving towards a more risk-focused approach to prioritize threats. Listen to Tony's interview here. Selected Reading Chinese spies blamed for attempted hack on Czech government network (The Record) CISA loses nearly all top officials as purge continues- (Cybersecurity Dive) Google warns of Vietnam-based hackers using bogus AI video generators to spread malware (The Record) Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities (SecurityWeek) New Phishing Campaign Uses DBatLoader to Drop Remcos RAT: What Analysts Need to Know (Hack Read) Hackers Mimic Popular Antivirus Site to Deliver VenomRAT & Steal Finance Data (Cybersecurity News) RE/MAX deals with alleged 150GB data theft: Medusa ransomware demands $200K (Cyber News) CISA Releases ICS Advisories Covering Vulnerabilities & Exploits (Cybersecurity News) Iranian pleads guilty to launching Baltimore ransomware attack, faces 30 years behind bars (The Record) Neural Privacy Under Threat: The Battle for Neural Data  (tsaaro consulting) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Ross Lazer is the Co-Founder and CEO of Mirage Security, a company using AI to simulate realistic spear-phishing attacks, including voice-based simulations using deepfakes, to train employees to recognize and resist social engineering tactics. In this episode, KJ and Ross uncover the evolving landscape of cybersecurity where attackers are increasingly targeting human weaknesses using sophisticated AI techniques. Ross reveals how Mirage Security is utilizing AI to simulate realistic phishing attacks, including voice and video deepfakes, to train employees and outsmart potential threats. They discuss the rapid advancements in social engineering tactics, the importance of contrarian thinking in innovation, and the future of cybersecurity training. Key Takeaways: 05:41 Evolution of Cybersecurity Threats 08:14 Modern Phishing and Social Engineering Tactics 10:32 Deepfake and Advanced Cyber Attacks 19:50 AI in Cybercrime: The Nigerian Email Scam 26:19 Future of Cybersecurity: AI vs. Human Quote of the Show (16:00): “In cybersecurity, the real challenge isn't just the technology; it's transforming the human side from our greatest vulnerability into our strongest defense." – Ross Lazer Join our Anti-PR newsletter where we’re keeping a watchful and clever eye on PR trends, PR fails, and interesting news in tech so you don't have to. You're welcome. Want PR that actually matters? Get 30 minutes of expert advice in a fast-paced, zero-nonsense session from Karla Jo Helms, a veteran Crisis PR and Anti-PR Strategist who knows how to tell your story in the best possible light and get the exposure you need to disrupt your industry. Click here to book your call: https://info.jotopr.com/free-anti-pr-eval Ways to connect with Ross Lazer: LinkedIn: https://www.linkedin.com/in/rosslazer/ Company LinkedIn: https://www.linkedin.com/company/miragesecurity/ How to get more Disruption/Interruption: Amazon Music - https://music.amazon.com/podcasts/eccda84d-4d5b-4c52-ba54-7fd8af3cbe87/disruption-interruption Apple Podcast - https://podcasts.apple.com/us/podcast/disruption-interruption/id1581985755 Spotify - https://open.spotify.com/show/6yGSwcSp8J354awJkCmJlDSee omnystudio.com/listener for privacy information.

Cybercriminals are using AI to weaponize human psychology—and your company could be next. In this power-packed Get Yourself Optimized episode, cybersecurity expert Leia Shilobod shares how to transform your organization's culture into your strongest defense. Leia breaks down:

What if the biggest threat to your privacy wasn't some hacker in a hoodie—but a spy trained to infiltrate your life? Former FBI operative Eric O'Neill, the man who took down spy Robert Hanssen, explains how digital spies target us, offering along the way real-world tips to protect ourselves in a world where everyone's a potential target. Learn more about your ad choices. Visit megaphone.fm/adchoices

What's the best thing small businesses can do to improve their security posture?

Shoot us a Text.Episode #1025: We cover Nissan's plan to hold vehicle prices through early June and increase U.S. production in response to tariffs. Plus we examine Tesla's strategic repositioning of the Cybertruck and how cybercriminals are creating a realistic-looking phishing campaign using Google's own tools.Show Notes with links:Nissan is staying steady on pricing through June 2 and looking to its underused U.S. factories to soften the blow of auto tariffs. The strategy focuses on affordability and domestic production leverage.Nissan has a 3-month supply of tariff-free vehicles and won't raise prices yet.The company plans to boost output at Smyrna, TN and Canton, MS plants, all of which operated at half their capacity in 2024.Rogue production will jump by 54% over the next year, adding 60,000 units, while price cuts of $1K on 2025 Rogue and Pathfinder aim to drive demand.Nissan is incentivizing retailers with its April and May dealer volume bonus program, which pays extra cash to stores that meet sales targets.“We count all the cars [toward the sales target], but we only pay on the U.S.-made cars because we want to give [them a] tailwind,” said Nissan Americas Chair Christian MeunierTesla is quietly shifting the Cybertruck's identity from status symbol to workhorse after early hype faded, trucks stockpiled, and political ties turned divisive. The new approach aims to resonate with a more traditional truck-buying audience.Cybertruck deliveries remain under 50,000; demand has sharply declined with sales dropping 50% in Q1.Tesla updated the product page with rugged, utilitarian imagery, aligning with Ford's F-150 ads.Sales teams report it's harder to sell the truck to actual truck buyers; its novelty isn't enough."They need to advertise durability. It needs to be used and abused, and all of the capabilities that make it a work truck need to be on full display," said Edmunds' Ivan Drury.Cybercriminals are exploiting Google's own “Sites” app to run a phishing campaign that convincingly mimics law enforcement subpoenas and bypasses email authentication safeguards.Emails appear from “no-reply@google.com” and claim law enforcement access to your account.Attackers use Google Sites to create convincing portals that evade DKIM checks.DomainKeys Identified Mail (DKIM) authentication is passed since the emails originate from Google's own infrastructure.Google has acknowledged the issue and is deploying mitigations while encouraging 2FA and passkeys.Join Paul J Daly and Kyle Mountsier every morning for the Automotive State of the Union podcast as they connect the dots across car dealerships, retail trends, emerging tech like AI, and cultural shifts—bringing clarity, speed, and people-first insight to automotive leaders navigating a rapidly changing industry.Get the Daily Push Back email at https://www.asotu.com/ JOIN the conversation on LinkedIn at: https://www.linkedin.com/company/asotu/

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Oracle quietly cops to being hacked, but immediately pivots into pretending it didn't matter NSA and CyberCom leaders fired for not being MAGA enough US Treasury had some dusty corners it hadn't found China in yet, looked, found China in them …which is a great time to discuss slashing CISA's staffing Ransomware crews and bullet proof hosting providers are getting rekt, and we love it And Microsoft patches yet another logging 0-day being used in the wild. This episode is sponsored by Yubico, makers of Yubikey hardware authentication tokens. Yubico's Vice President of Solutions Architecture and Alliances Derek Hanson joins to discuss how the consumer-centric passkey ecosystem has become a real challenge for enterprises. One that Yubico is actually ideally positioned to solve. This episode is also available on Youtube. Show notes Oracle privately confirms Cloud breach to customers Oracle have finally issued a written notification to customers about their cybersecurity incident. Head of NSA and US Cyber Command reportedly fired | Cybersecurity Dive Trump fires numerous National Security Council staff - The Washington Post Trump administration under scrutiny as it puts major round of CISA cuts on the table | Cybersecurity Dive Hackers Spied on US Bank Regulators' Emails for Over a Year - Bloomberg This is how Jeffrey Goldberg got added to the Signal chat Cybercriminals are trying to loot Australian pension accounts in new campaign | The Record from Recorded Future News $500,000 stolen in Australian super fund data breach | Superannuation | The Guardian Australian regulator pulls licenses of 95 companies in effort to crack down on investment scams | The Record from Recorded Future News Everest ransomware group's darknet site offline following defacement | The Record from Recorded Future News On March 28, 2025, a threat actor leaked internal data from Medialand, a major bulletproof hosting (BPH) provider long linked to Yalishanda (LARVA-34). There's a ransomware group named DragonForce going around hacking its rivals. After Mamona and BlackLock, the group has now hacked RansomHub The DragonForce ransomware group hacked two rivals this month CISA, experts warn of Crush file transfer attacks as ransomware gang makes threats | The Record from Recorded Future News Kill Security Campaign Targets CrushFTP Servers National Vulnerability Database | NIST Microsoft patches zero-day actively exploited in string of ransomware attacks | CyberScoop Exploitation of CLFS zero-day leads to ransomware activity | Microsoft Security Blog Is The Sofistication In The Room With Us? - X-Forwarded-For and Ivanti Connect Secure (CVE-2025-22457)

QR codes are being weaponised by scammers — so maybe think twice before scanning that parking meter. And in a blunder so dumb it makes autocorrect look smart, the White House explains how it leaked war plans on Signal because an iPhone mistook a journalist for a government insider.Plus! Don't miss our featured interview with Josh Donelson of Material, about detection and response in today's AI-driven world.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic.Here Are the Attack Plans That Trump's Advisers Shared on Signal - The Atlantic.How the Atlantic's Jeffrey Goldberg got added to the White House Signal group chat - The Guardian.From convenience to compromise: The rising threat of quishing scams - Fast Company.Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware - Hacker News.QR Code Statistics 2024: Trends & Use Cases - QR Code.Honey Garlic Scallop Kabobs - Heinz.With QR Code Redemption Set to Surge to 5.3 Billion in 2025, Cybercriminals will Increase Their Quishing Attacks - Wealth & Finance International.Chess Masters: The End Game - BBC iPlayer.Cribbage Classic - iOS app store.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Material - Email security that covers the full threat landscape – stopping new flavors of phishing and pretexting attacks in their tracks, while also protecting accounts and data from exploit or exposure.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!1Password Extended Access Management – Secure every sign-in for every app on every device.SUPPORT THE SHOW:Tell...

UK court blocks government's attempt to keep Apple encryption case secret. Port of Seattle says last year's breach affected 90,000 people. Verizon Call Filter App flaw exposes millions' call records. Hackers hit Australian pension funds. A global threat hiding in plain sight. Cybercriminals are yelling CAPTCH-ya! Meta retires U.S. fact-checking program. Our guest today is Rob Boyce from Accenture and he's discussing Advanced Persistent Teenagers (APTeens). And Google's AI Goes Under the Sea. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Rob Boyce, Global Lead for Cyber Resilience at Accenture, joins to discuss Advanced Persistent Teenagers (APTeens). Advanced Persistent Teenagers (APTeens) have rapidly become a significant enterprise risk by demonstrating capabilities once limited to organized ransomware groups, the threat from juvenile, homegrown threat-actors has risen steadily.  Selected Reading UK Effort to Keep Apple Encryption Fight Secret Blocked in Court (Bloomberg) Port of Seattle says ransomware breach impacts 90,000 people (BleepingComputer) Call Records of Millions Exposed by Verizon App Vulnerability (SecurityWeek) Cybercriminals are trying to loot Australian pension accounts in new campaign (The Record) NEPTUNE RAT Attacking Windows Users to Exfiltrate Passwords from 270+ Apps (Cyber Security News) Threat Actors Using Fake CAPTCHAs and CloudFlare Turnstile to Deliver LegionLoader (Cyber Security News)  Meta ends its fact-checking program in the US later today, replaces it with Community Notes (Techspot) Suspected Scattered Spider Hacker Pleads Guilty (SecurityWeek) This Alphabet Spin-off Brings “Fishal Recognition” to Aquaculture (IEEE Spectrum)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

An Apache Tomcat vulnerability is under active exploitation. CISA rehires workers ousted by DOGE. Lawmakers look to protect rural water systems from cyber threats. Western Alliance Bank notifies 22,000 individuals of a data breach. A new cyberattack method called BitM allows hackers to bypass multi-factor authentication.  A Chinese cyberespionage group targets Central European diplomats. A new cyberattack uses ChatGPT infrastructure to target the financial sector and U.S. government agencies. Australia sues a major securities firm over inadequate protection of customer data. Our Threat Vector segment examines how unifying security capabilities strengthens cyber resilience. Cybercriminals say, “Get me Edward Snowden on the line!” Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment Security platformization is transforming the way organizations defend against cyber threats. In this episode of Threat Vector, host David Moulton speaks with Carlos Rivera, Senior Analyst at Forrester, about how unifying security capabilities strengthens cyber resilience. To listen to the full discussion, please check out the episode here or on your favorite podcast app, and tune in to new episodes of Threat Vector by Palo Alto Networks every Thursday.  Selected Reading Critical Apache Tomcat RCE Vulnerability Exploited in Just 30hrs of Public Exploit (Cyber Security News) CISA Rehires Fired Employees, Immediately Puts Them on Leave (GovInfo Security) Western Alliance Bank Discloses Data Breach Linked to Cleo Hack (SecurityWeek) New BitM Attack Lets Hackers Steal User Sessions Within Seconds (Cyber Security News) US Lawmakers Reintroduce Bill to Boost Rural Water Cybersecurity  (SecurityWeek) Chinese Hackers Target European Diplomats with Malware (GovInfo Security) Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week (Hackread) Australia Sues FIIG Investment Firm in Cyber 'Wake-Up Call' (GovInfo Security) Extortion crew threatened to inform Edward Snowden (?!) if victim didn't pay up (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices