Podcasts about cybersecurity

DLLs & TLS Callbacks As a follow-up to last week's diary about DLL Entrypoints, Didier is looking at TLS ( Thread Local Storage ) and how it can be abused. https://isc.sans.edu/diary/DLLs%20%26%20TLS%20Callbacks/32580 FreeBSD Remote code execution via ND6 Router Advertisements A critical vulnerability in FreeBSD allows for remote code execution. But an attacker must be on the same network. https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc NIST Time Server Problems The atomic ensemble time scale at the NIST Boulder campus has failed due to a prolonged utility power outage. One impact is that the Boulder Internet Time Services no longer have an accurate time reference. https://tf.nist.gov/tf-cgi/servers.cgi https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I

Interview with Frank Vukovits: Focusing inward: there lie threats also External threats get discussed more than internal threats. There's a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn't infringe on any individual organization's privacy. That's why we hear the industry discuss external threats more, though internally-triggered incidents far outnumber external ones. Internal threats, on the other hand, can get personal. Accidental leaks are embarassing. Malicious insiders are a sensitive topic that internal counsel would erase from company memory if they could. Even when disclosure is required, the lawyers are going to minimize the amount of detail that gets out. I was chief incident handler for 5 years of my enterprise career, and never once had to deal with an external threat. I managed dozens of internal cases over those 5 years though. In this interview, we discuss the need for strong internal controls with Frank Vukovits from Delinea. As systems and users inside and outside organizations become increasingly connected, maintaining strong security controls is essential to protect data and systems from both internal and external threats. In this episode, we will explore the importance of strong internal controls around business application security and how they can best be integrated into a broader security program to ensure true enterprise security. This segment is sponsored by Delinea. Visit https://securityweekly.com/delinea to learn more about them! Topic Segment: Personal Disaster Recovery Many of us depend on service providers for our personal email, file storage, and photo storage. The line between personal accounts and work accounts often blur, particularly when it comes to Apple devices. We're way more dependent on our Microsoft, Apple, Meta, and Google accounts than we used to be. They're necessary to use home voice assistants, to log into other SaaS applications (Log in with Google/Apple/FB), and even manage our wireless plans (e.g. Google Fi). Getting locked out of any of these accounts can bring someone's personal and/or work life to a halt, and there are many cases of this happening. I'm not sure if we make it past sharing stories about what can and has happened. Getting into solutions might have to be a separate discussion (also, we may not have any solutions…) Friend of the show and sometimes emergency co-host Guillaume posted about this recently A romance author got locked out of her books A 79 year old got locked out of her iPad with all her family photos. Sadly, this is one of the most common scenarios. Someone either forgets their pin and locks out the device permanently, or a family member dies and didn't tell anyone their passwords or pins, so the surviving family can't access data, pay the bills, etc. Google example: Claims of CSAM material after father documents toddler at doctor's request https://www.theguardian.com/technology/2022/aug/22/google-csam-account-blocked Dec 2025 Apple example: she tried to redeem a gift card that had been tampered with: https://hey.paris/posts/appleid/ Google example: developer lost all his work, because he was working on preventing revenge porn and other sensitive cases, and was building a better model to detect NSFW images: https://medium.com/@russoatlarge_93541/i-built-a-privacy-app-google-banned-me-over-a-dataset-used-in-ai-research-66bc0dfb2310 My partner's mom's Instagram account got hacked. Meta locked out all of it (Whatsapp, Instagram, Facebook) and she couldn't get it reinstated. They wouldn't even let her open a NEW account. Weekly Enterprise News Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-438

Gina Yacone — Virtual CISO at Trace3 and Roller Derby Penalty Box VisitorLive from B-Sides Jacksonville, No Password Required welcomes Gina Yacone, Virtual CISO at Trace3. Jack Clabby of Carlton Fields, P.A. and Sarina Gandy, host and producer of the CyberBay Podcast, host a conversation on Gina's unconventional career path, leadership under pressure, and the power of community in cybersecurity. With career stops in private investigation, digital forensics, and executive security, Gina brings a people-first, purpose-driven perspective to complex cyber risk.Gina shares how her early work as a private investigator on high-profile criminal defense cases laid the foundation for her success in cybersecurity. She also reflects on raising her hand for big challenges, the rewards and risks of always saying yes, and how authenticity has guided her. She offers insight on why conference hallway conversations can be just as impactful as keynote sessions.A visible advocate for the cybersecurity community, Gina speaks openly about setting healthy mentorship boundaries and building resilient professional networks.The episode wraps with the Lifestyle Polygraph, where Gina lightens the mood with stories from her roller derby days, dream Amazing Race partners, and why John Wick might just be the ultimate executive assistant.Follow Gina on LinkedIn: https://www.linkedin.com/in/ginayacone/ Chapters:00:00 Introduction to Cybersecurity and B-Sides Jacksonville01:16 Gina Yacone's Unique Journey to Cybersecurity06:22 Navigating Burnout in Cybersecurity08:06 The Importance of Raising Your Hand10:04 Adapting Leadership Styles in Different Roles 14:03 Being a Role Model for Women in Cybersecurity16:34 How to Establish a Good Mentee and Mentor Relationship18:50 Feedback and Constructive Criticism22:55  The Value of Hallway Conversations26:19 The Lifestyle Polygraph: Fun and Insights38:54 Conclusion and Future Connections

Cybersecurity Today brings you a special year-end episode, featuring noteworthy guests Tammy Harper from Flare, Laura Payne from White Tuque, David Shipley from Beauceron Security, and John Pinard, co-host of Project Synapse. This episode delves into the pivotal cybersecurity stories of 2025, including a detailed discussion on MFA phishing attacks, the effectiveness of cybersecurity training, and the troubling trends in ransomware payments. Also covered are the evolving roles of AI in both defending and perpetrating cyber crimes. The guests share their insights, hopes, and concerns for the industry's future, emphasizing the importance of awareness, empathy, and community. Tune in as they reflect on the past year's challenges and successes, and look forward to more resilient and innovative cybersecurity practices in 2026. 00:00 Introduction and Sponsor Message 00:20 Meet the Panelists 01:30 Reflecting on the Year: Achievements and Goals 02:08 Naughty and Nice: Cybersecurity Challenges 03:44 The Rise of Fake Torrents and Piracy 07:07 Ransomware and Data Extortion Trends 18:00 The Importance of Multi-Factor Authentication (MFA) 26:15 The Persistent Threat of Email Phishing 27:24 AI Vulnerabilities and Security Concerns 28:18 The Role of AI in Social Engineering 29:07 The Impact of AI on Cybersecurity 31:15 The Future of AI and Security Measures 34:40 The Human Element in Cybersecurity 39:49 Hopes and Predictions for the Future 45:33 Final Thoughts and Reflections

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: AI and the Future of Maritime CybersecurityPub date: 2025-12-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Bryson Bort sits down with Gary Kessler, retired cybersecurity professor and co-founder and director of the Maritime Hacking Village. As a maritime cybersecurity researcher, consultant, and practitioner with nearly fifty years of experience, Gary walks us through the ins and outs of cybersecurity at sea, automated identification systems (AIS), and AI's current and future role in maritime operations. What is AIS spoofing, and why is it dangerous? What are the unique challenges posed by cybersecurity at sea? Is the maritime industry ready for artificial intelligence integrations? “AI is going to [present] really incredible opportunities for us moving forward. I think however, it is a tool that is not well understood in general by people who are not specialists. And particularly in the maritime industry, we're going to have to get a lot better at understanding the capabilities and the pitfalls,” Gary said. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Congressman James Walkinshaw represents Virginia's 11th Congressional District. He serves on the House Oversight and Government Reform Committee and its Military and Foreign Affairs Subcommittee, focusing on protecting the nonpartisan civil service, supporting fair pay for federal employees, and holding the Administration accountable. He also serves on the House Homeland Security Committee and both its Subcommittees on Homeland Border Security & Enforcement… and Cybersecurity & Infrastructure Protection. The Congressman joins me for an insightful conversation about the latest developments in the Epstein scandal; embattled HHS Secretary Kristi Noem's controversies; Marjorie Taylor Greene and Trump's MAGA problems; Rob Reiner; and more. Got somethin' to say?! Email us at BackroomAndy@gmail.com Leave us a message: 845-307-7446 Twitter: @AndyOstroy Produced by Andy Ostroy, Matty Rosenberg, and Jennifer Hammoud @ Radio Free Rhiniecliff Design by Cricket Lengyel

Positive trends related to public IP range from the year 2025 Fewer ICS systems, as well as fewer systems with outdated SSL versions, are exposed to the internet than before. The trend isn t quite clean for ISC, but SSL2 and SSL3 systems have been cut down by about half. https://isc.sans.edu/diary/Positive%20trends%20related%20to%20public%20IP%20ranges%20from%20the%20year%202025/32584 Hewlett-Packard Enterprise OneView Software, Remote Code Execution HPs OneView Software allows for unauthenticated code execution https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US#vulnerability-summary-1 Trufflehog Detecting JWTs with Public Keys Trufflehog added the ability to detect JWT tokens and validate them using public keys. https://trufflesecurity.com/blog/trufflehog-now-detects-jwts-with-public-key-signatures-and-verifies-them-for-liveness

This week, defence analyst, Michael Clarke, explains the significance of the MI6 agency's scientific shift. Will it help counter Russia's technological threat? Plus, the University of Glasgow's Naveed Sattar tells us why weight loss medicine could be a silver bullet for global obesity, Ellie Diamant at Bard College on beaky birds during COVID, and the Institute of Astronomy's Matt Bothwell on NASA's new space telescope... Like this podcast? Please help us by supporting the Naked Scientists

Conflicting jobs data indicates a complex economic landscape for IT service providers, as the unemployment rate in the tech sector has risen to 4% with a loss of 134,000 jobs between October and November 2025. Despite a drop in the overall unemployment rate to 4.2% and a projected growth of managed services contributing $608 billion to the B2B technology sector, the mixed signals from economic indicators complicate decision-making for the Federal Reserve and raise concerns about consumer spending. Analysts emphasize that the current job losses reflect a shift in responsibility from internal roles to external managed service providers (MSPs), which may not alleviate underlying risks.The National Institute of Standards and Technology (NIST) has released a draft profile addressing cybersecurity challenges posed by artificial intelligence (AI), highlighting the need for organizations to manage AI-related security risks effectively. This profile outlines how AI can enhance cybersecurity defenses while also detailing the responsibilities that come with its deployment. Recent assessments reveal that while some AI models perform better in security contexts, the lack of clarity around accountability when AI systems make decisions remains a significant concern for MSPs.Private equity activity is accelerating in the managed services sector, exemplified by Broadwing Capital's acquisition of CloudScale365, which aims to create a platform addressing gaps in the fragmented IT-managed services market. This consolidation trend raises questions for MSPs about operational norms and the potential loss of control over their business models. As platforms seek to standardize pricing and decision-making processes, MSPs must consider how these changes will affect their service delivery and customer relationships.For MSPs and IT service leaders, the evolving landscape underscores the importance of understanding where risk is shifting and how to price and govern accordingly. The retreat from AGI hype and the focus on practical AI applications signal a need for clarity in decision-making processes, particularly as automation becomes more prevalent. MSPs that can articulate the limitations of their AI systems and establish clear accountability frameworks will be better positioned to navigate the complexities of the current market. Four things to know today00:00 As Jobs Data Conflicts and Tech Employment Slips, Managed Services Absorb Risk and Responsibility05:46 NIST's AI Security Framework Meets Reality as Model Safety Gaps Expose Accountability Risks08:54 Broadwing Launches MSP Platform to Standardize Scale, Signaling Growing PE Pressure on MSP Operations11:03 AI Rebrands Itself as Open Source Expands, Automation Scales, and Accountability Gets Murkier This is the Business of Tech.    Supported by:  https://saasalerts.com/mspradio/ 

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Kyle “caboose” Waters of Cyber Unicorns enlightens this extended episode! Having a combined passion for people and security, Kyle demonstrates how to effectively educate the masses. Steering away from typical training and using unique approaches, this talk explores how to break through the barriers that create vulnerabilities. Like, subscribe, and share with your network to stay informed about the latest in cybersecurity! We want to hear from you! Reach out at unsecurity@frsecure.com and follow us for more: LinkedIn: https://www.linkedin.com/company/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ Facebook: https://www.facebook.com/frsecure/ BlueSky: https://bsky.app/profile/frsecure.bsky.social About FRSecure: https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Campus Technology Insider Podcast, Editor-in-Chief Rhea Kelly sits down with Sidney Fernandes, CIO, and VP of Digital Experiences at the University of South Florida. They discuss the impact of agentic AI in higher education, focusing on USF's initiatives to make technology and workflows user-friendly. Topics include the formation of the Bellini College of Artificial Intelligence, Cybersecurity and Computing, strategies for integrating AI to improve student and faculty experiences, and the importance of security, compliance, and data governance in AI deployment. In addition, they explore how USF leverages student ambassadors to scale AI literacy and solutions across its campuses. 00:00 Introduction and Guest Welcome 00:30 Sydney Fernandez's Background and Role at USF 01:10 USF's Technology Strategy: Making It Easy 02:44 Digital Experiences at USF 05:33 AI Initiatives and Early Goals 13:32 Scaling AI with Student Ambassadors 23:44 Challenges and Lessons Learned 26:08 Future of AI at USF 29:19 Conclusion and Farewell Resource links: GenAI at USF Bellini College of Artificial Intelligence, Cybersecurity and Computing Music: Mixkit Duration: 30 minutes Transcript (coming soon)

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonStop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

In this timely episode of The Voice of Retail, host Michael LeBlanc is joined by Aamir Lakhani, Global Director of Threat Intelligence and Artificial Intelligence at Fortinet, for a deep and sobering conversation on the evolving cyber threat landscape facing retailers as they close out 2025 and prepare for 2026.Lakhani leads adversarial AI research within FortiGuard Labs, Fortinet's global R&D arm, where his team studies how cybercriminals—ranging from lone actors to state-sponsored groups—exploit technology, human behaviour, and increasingly, artificial intelligence. With Fortinet protecting over half of the world's firewall traffic, Lakhani brings unparalleled visibility into global cybercrime trends.A central theme of the discussion is the explosion of credential-based attacks, where hackers no longer “break in” but simply log in using stolen usernames and passwords. Lakhani explains how years of data breaches have enabled automated attacks across thousands of retail, banking, and corporate systems, often at massive scale. Two-factor authentication, passkeys, and password-less systems are no longer optional—they are table stakes.The conversation then turns to AI-driven fraud, which Lakhani describes as one of the most urgent threats retailers face today. From deepfake voice scams impersonating CEOs to hyper-personalized phishing attacks fueled by social media data, AI has dramatically lowered the cost and increased the sophistication of fraud. On a scale of concern, Lakhani rates AI fraud “off the charts.”LeBlanc and Lakhani also explore deceptive domains, poisoned AI shopping results, and the risks associated with buy-now-pay-later programs, which fraudsters increasingly exploit through urgency-based scams. Importantly, Lakhani emphasizes that cybersecurity is now a shared responsibility across platforms, retailers, and consumers—especially as many small and mid-sized retailers rely heavily on platforms like Shopify.Looking ahead to 2026, Lakhani offers clear guidance for retail leaders: invest in education, embrace AI-powered security tools, and do not shy away from automation. Cybersecurity, he argues, is no longer just an IT issue—it is a brand trust issue, a revenue protection issue, and a core leadership responsibility. Cyberthreats Targeting the 2025 Holiday Season: What CISOs Need to Know and the report Cyber Threat Landscape Overview for the 2025 Holiday Season. The Voice of Retail podcast is presented by Hale, a performance marketing partner trusted by brands like ASICS, Saje, and Orangetheory to scale with focus and impact. Michael LeBlanc is the president and founder of M.E. LeBlanc & Company Inc, a senior retail advisor, keynote speaker and now, media entrepreneur. He has been on the front lines of retail industry change for his entire career. Michael has delivered keynotes, hosted fire-side discussions and participated worldwide in thought leadership panels, most recently on the main stage in Toronto at Retail Council of Canada's Retail Marketing conference with leaders from Walmart & Google. He brings 25+ years of brand/retail/marketing & eCommerce leadership experience with Levi's, Black & Decker, Hudson's Bay, CanWest Media, Pandora Jewellery, The Shopping Channel and Retail Council of Canada to his advisory, speaking and media practice.Michael produces and hosts a network of leading retail trade podcasts, including the award-winning No.1 independent retail industry podcast in America, Remarkable Retail with his partner, Dallas-based best-selling author Steve Dennis; Canada's top retail industry podcast The Voice of Retail and Canada's top food industry and one of the top Canadian-produced management independent podcasts in the country, The Food Professor with Dr. Sylvain Charlebois from Dalhousie University in Halifax.Rethink Retail has recognized Michael as one of the top global retail experts for the fifth year in a row, the National Retail Federation has designated Michael as on their Top Retail Voices for 2025, Thinkers 360 has named him on of the Top 50 global thought leaders in retail, RTIH has named him a top 100 global though leader in retail technology and Coresight Research has named Michael a Retail AI Influencer. If you are a BBQ fan, you can tune into Michael's cooking show, Last Request BBQ, on YouTube, Instagram, X and yes, TikTok.Michael is available for keynote presentations helping retailers, brands and retail industry insiders explaining the current state and future of the retail industry in North America and around the world.

In this episode of Evolutionary Exchanges, David Powell andFreddie Krone discuss the growing importance of cybersecurity, especially in the financial sector. They examine recent cyberattacks, the rise of both state-backed and independent hackers, and the increasing use of AI anddeepfakes. The conversation highlights the need for strong digital defences, ongoing employee training, and a culture of cyber awareness. Practical advice is shared for organisations to stay resilient and prepared for evolving threats.

Cybersecurity teams are facing a double edged sword of challenges and opportunities. On the one hand, AI tools offer a great deal of autonomous working and the promise of automating some of the more laborious tasks that a cybersecurity team has to undertake.On the other hand, attackers are also using AI to launch large scale attacks such as sophisticated phishing campaigns and identity theft. To fight this threat, cybersecurity teams will need to unify data like never before and take advantage of as many new technologies and processes as they can.How can they go about this? And what does a unified cybersecurity strategy really look like in 2026?In this episode, Rory is joined by Mandy Andress, chief information security officer at Elastic, to explore how businesses can evolve their threat detection and security posture, as well as how AI is lowering the barrier to entry for attackers.Read more:In the age of AI threats, the future of security is unifiedAI-generated code is now the cause of one-in-five breaches – but developers and security leaders alike are convinced the technology will come good eventuallyAI-generated code risks: What CISOs need to knowAgentic AI carries huge implications for security teams - here's what leaders should knowThe NCSC touts honeypots and ‘cyber deception' tactics as the key to combating hackers — but they could ‘lead to a false sense of security'

Maybe a Little Bit More Interesting React2Shell Exploit Attackers are branching out to attack applications that initial exploits may have missed. The latest wave of attacks is going after less common endpoints and attempting to exploit applications that do not have Next.js exposed. https://isc.sans.edu/diary/Maybe%20a%20Little%20Bit%20More%20Interesting%20React2Shell%20Exploit/32578 UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager Cisco s Security Email Gateway and Secure Email and Web Manager patch an already-exploited vulnerability. https://blog.talosintelligence.com/uat-9686/ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4 SONICWALL SMA1000 APPLIANCE LOCAL PRIVILEGE ESCALATION VULNERABILITY A local privilege escalation vulnerability, which SonicWall patched today, is already being exploited. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019 Google releases vulnerability details Google updated last week s advisory by adding a CVE to the mystery vulnerability and adding a statement that it affects WebGPU. No new patch was released. https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html

Send Bidemi a Text Message!In this episode, host Bidemi Ologunde spoke with Bruce Johnson of TekStream Solutions to unpack how the Whole of State initiative—with the Louisiana State University, Splunk, and Amazon Web Services—is turning classrooms into 24/7, student-powered SOCs that launch graduates into mid-level roles. With nearly four decades in IT security, Bruce shares how opening the door to any discipline builds stronger teams and real-world readiness. How do these student SOCs keep organizations safe while students learn? What does a typical shift and escalation look like? Can a philosophy or nursing major really become an analyst? How is success measured—placements, detection speed, or something else? Where does AI help without replacing humans? And what changed as the model expanded to New Jersey Institute of Technology and Louisiana Tech University?Support for The Bid Picture Podcast comes from Black Rifle Coffee Company, a veteran-founded coffee brand roasting premium beans for people who love a strong start to the day. From bold blends to convenient ready-to-drink cans, Black Rifle Coffee keeps you fueled for whatever's ahead. Check them out at blackriflecoffee.com.Support for The Bid Picture Podcast comes from GymShark, performance apparel designed for people who take their training seriously. With gym-ready fits that move with you, GymShark helps you stay focused from warm-up to cooldown. Explore their latest drops at gymshark.com.Support for The Bid Picture Podcast comes from Uncommon Goods, an online marketplace filled with unique, independently made gifts. From clever gadgets to handcrafted home goods, Uncommon Goods helps you find something thoughtful for everyone on your list. Learn more at uncommongoods.com.Support the show

Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

Keynote event featuring Dustin Goetz, Acting Chief Information Officer for the US Immigration and Customs Enforcement (ICE). The event covers crucial topics such as modernization strategies, asset inventory, data standardization, and cybersecurity integration. Goetz emphasizes the importance of seamless cybersecurity integration, automating tier one security operations, and preparing for evolving threats, including AI and post-quantum computing. The episode underscores ICE's commitment to modernization and collaboration with industry to enhance cybersecurity capabilities.Subscribe on your favorite podcast platform to never miss an episode! For more from ACT-IAC, follow us on LinkedIn or visit http://www.actiac.org.Learn more about membership at https://www.actiac.org/join.Donate to ACT-IAC at https://actiac.org/donate. Intro/Outro Music: See a Brighter Day/Gloria TellsCourtesy of Epidemic Sound(Episodes 1-159: Intro/Outro Music: Focal Point/Young CommunityCourtesy of Epidemic Sound)

In this episode, I sit down with Rick Yvanovich, CEO and Founder of TRG International, to explore leadership through the lens of mentoring, coaching, and human-centric growth. With more than four decades of global experience across finance, technology, and human capital, Rick shares how coaching leaders, not just implementing systems, is the real driver of sustainable transformation.As a Certified Master Coach, TEDx speaker, and author of Business As UnUsual, Rick discusses how executives can develop self-awareness, resilience, and clarity in an era defined by AI, constant change, and increasing complexity. The conversation dives into mentoring future leaders, building coaching cultures inside organizations, and preparing executives and boards to lead with empathy, accountability, and purpose.This episode is a must-listen for leaders, founders, and executives who want to grow themselves, elevate others, and create lasting impact through intentional mentoring and coaching.

In this episode of Resilient Cyber, I sit down with my friend and the Founder of Return on Security (RoS),

In our annual “Look Back, Look Forward” edition of The Data Chronicles, Scott Loughlin and Eduardo Ustaran, co-leads of Hogan Lovells' Global Data, Privacy and Cybersecurity practice, reflect on the most important developments in privacy, cybersecurity, and data regulation in 2025 and share their outlook for 2026. It has become the most popular episode of the year, drawing strong interest from listeners across regions and sectors.   The conversation covers the global impact of artificial intelligence, evolving regulatory priorities in the UK, EU, and US, and the ongoing balance between innovation and regulation. Topics include potential GDPR reform, biometrics and age verification, geopolitics and data protection, international data transfers, and the growing focus on AI governance and children's data.

Managed IT, cybersecurity, compliance and more—all from one Michigan-based tech companyHear from Nick Roe, Manager of Cybersecurity and Compliance at Brightline Technologies, a Brighton-based IT services firm that delivers comprehensive solutions that optimize infrastructure, strengthens security, ensures compliance and more. In this episode we discuss safe security practices and cybersecurity awareness. Nick also breaks down how Brightline IT is working with the Department of Defense on compliance training and assessments. 

The Philippines is a fast-growing economy, but it lags its peers in the unbanked rate, with more than four in 10 Filipinos unbanked, according to McKinsey. Many Filipinos use nonbank-provided ewallets, but bank penetration is on the rise since 2020, when the central bank approved a new license type for digital banking, helping the Philippines' traditional banks meet the mobile-first needs of Filipinos. In this episode, Russell Hernandez of UnionDigital Bank provides a unique look into the Philippine banking sector. He also discusses how his mobile-first digital bank tackles account takeover attempts and other frauds through layers of mobile-based and biometric authentication.

In this episode of "The Free Lawyer" podcast, host Gary interviews Valentina Flores, CEO of Red Sentry. Valentina shares her journey from law enforcement to leading a proactive cybersecurity company, emphasizing the importance of ethical hacking and prevention for law firms. She offers practical tips—like enabling multi-factor authentication, limiting data access, and preparing response plans—to help lawyers protect sensitive information. Valentina also discusses the collaborative nature of cybersecurity, the human element in defense, and aligning security practices with core values, making cybersecurity accessible and actionable for legal professionals.Valentina Flores is the CEO and Co-Founder of Red Sentry, a proactive cybersecurity company that breaks into your network, so hackers never get the chance. Before protecting companies, she served as a detective on joint federal task forces, tracking cybercriminals through digital back-alleys. Now a public speaker on hacker psychology, a two-time award-winning cybersecurity leader, and a fierce advocate for women in tech, Valentina is redefining what leadership looks like in the industry, championing smarter and more accessible security for all.Transition from Detective to Cybersecurity (00:01:33) What is Penetration Testing? (00:02:56) Success Rate and Client Vulnerabilities (00:03:35)Understanding Hacker Psychology (00:05:30) Why Law Firms Are Targets (00:06:38) Triggers for Law Firms to Seek Help (00:07:46) Compliance vs. Proactive Security (00:09:09) Human Element in Cybersecurity (00:10:16) Making Clients Comfortable with Ethical Hacking (00:11:55) Emerging Threats and the Future of Cybersecurity (00:13:25) Cybersecurity for Small and Medium Businesses (00:14:43) Diversity in Tech and Cognitive Diversity (00:16:37) Awards and People-First Leadership (00:17:27) Leadership in Cybersecurity vs. Traditional Business (00:18:20) Role of Coaching and Mentorship (00:19:28) Annual Testing and Follow-Up (00:20:21) Prioritizing Cybersecurity in Law Firms (00:21:13) Collaboration vs. Competition in Cybersecurity (00:22:17) Top Three Cybersecurity Actions for Lawyers (00:23:29) First Steps for the Unprepared (00:25:39) What is Penetration Testing? (Clarification) (00:26:39) Freedom and Work-Life Balance (00:27:06) Aligning Practice with Values (00:27:51) You can find The Free Lawyer Assessment here- https://www.garymiles.net/the-free-lawyer-assessmentWould you like to learn what it looks like to become a truly Free Lawyer? You can schedule a complimentary call here: https://calendly.com/garymiles-successcoach/one-one-discovery-callWould you like to learn more about Breaking Free or order your copy? https://www.garymiles.net/break-free

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode of Disruption/Interruption, host KJ sits down with Min Kyriannis, a trailblazer in the global security industry and CEO of Amyna Systems. Min shares her journey from immigrant roots to industry leadership, discusses the evolving landscape of network security, and explains how Amyna Systems is revolutionizing device-level protection. The conversation covers the challenges of legacy technology, the importance of proactive security, and Min’s commitment to both technological and humanitarian causes. Four Key Takeaways: The Human Element is the Weakest Link [11:03]Min emphasizes that despite technological advances, human error and lack of education remain the biggest vulnerabilities in network security. Legacy Systems Create Modern Risks [16:00]Integrating old technologies with new networks opens up significant security gaps, as outdated protocols are not designed for today’s threats. Proactive Security Over Reactive Patching [15:01]The industry often relies on patching vulnerabilities as they arise, but Min advocates for addressing root causes to prevent issues before they occur. Amyna Systems’ Revolutionary Approach [25:12]Amyna Systems has developed patented technology that detects and remediates anomalies within seconds, providing a new layer of defense for modern networks. Quote of the Show (24:29):“You have to be constantly learning. You have to be constantly trying to discover something, and it’s always fascinating to see what’s there.” – Min Kyriannis Join our Anti-PR newsletter where we’re keeping a watchful and clever eye on PR trends, PR fails, and interesting news in tech so you don't have to. You're welcome. Want PR that actually matters? Get 30 minutes of expert advice in a fast-paced, zero-nonsense session from Karla Jo Helms, a veteran Crisis PR and Anti-PR Strategist who knows how to tell your story in the best possible light and get the exposure you need to disrupt your industry. Click here to book your call: https://info.jotopr.com/free-anti-pr-eval Ways to connect with Min Kyriannis: LinkedIn: https://www.linkedin.com/in/mkyri Company Website: https://amyna.io/ How to get more Disruption/Interruption: Amazon Music - https://music.amazon.com/podcasts/eccda84d-4d5b-4c52-ba54-7fd8af3cbe87/disruption-interruption Apple Podcast - https://podcasts.apple.com/us/podcast/disruption-interruption/id1581985755 Spotify - https://open.spotify.com/show/6yGSwcSp8J354awJkCmJlDSee omnystudio.com/listener for privacy information.

The stories that matter most to #cybersecurity insiders, analysts, and business leaders. Delivered every day.Check out Barricade Cyber https://barricadecyber.com for #incidentresponse #ransomware and #BEC recovery. Register for BCS webinars!Check out John Strand's Pay What You Can Antisyphon Training:https://simplycyber.io/antisyphonStop ransomware without the hassle. Allow what you need and block the rest with ThreatLocker Zero Trust Platform — simple to deploy, simple to manage: https://threatlocker.com/dailycyberTake control of your data and keep your private life private by signing up for DeleteMe at https://simplycyber.io/deleteme promo SIMPLYCYBER for 20% offRegister for Flare's next training on Aug. 13th on Web App Testing at https://simplycyber.io/flareSimply Cyber Academy - The Place for Cyber Careers: https://academy.simplycyber.ioJoin SC Discord: https://SimplyCyber.io/discordPodcast in stream: https://cisoseries.comFollow SC: https://simplycyber.io/socials

In this episode, Ryan Williams Sr. interviews Reginald J. Davis, a senior cloud solutions architect, podcaster, and mentor in the IT field. They discuss Reginald's journey in IT, the importance of mentorship, overcoming imposter syndrome, and the significance of data readiness and governance in AI implementation. Reginald shares insights on his experiences in the cybersecurity landscape, the Develop Every Mind podcast, and his passion for giving back to the community. The conversation also touches on personal interests, including cigar culture and family life, highlighting the balance between professional and personal commitments. Buy the guide: https://www.theothersideofthefirewall.com/ Please LISTEN

In the third episode of our ‘Cyber Security De-mystified Podcast Series', Steve Ramsden, President Information Security at Intertek meets with guest speaker Irfan Hemani -Deputy Director for UK Cyber Security & Resilience Policy at Department for Science, Innovation and Technology –  DSIT to talk about UK Govt initiatives aiming to strengthen cyber resilience and what this means for UK organisations.Speakers:Steven Ramsden:  President of Information Security at IntertekIrfan Hemani : Deputy Director for UK Cyber Security & Resilience Policy,  DSITFollow us on- Intertek's Assurance In Action || Twitter || LinkedIn.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: AI, Governance & Cybersecurity Culture: Why People and Process Still Matter MostPub date: 2025-12-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybersecurity has evolved from an afterthought to a business-critical responsibility - and AI is accelerating that shift faster than most organizations are ready for. In this episode of Protect It All, host Aaron Crow sits down with Sue McTaggart, a cybersecurity leader with a software development background and more than 15 years of experience driving security transformation. Together, they explore how cybersecurity success today depends less on shiny new tools and more on culture, governance, and fundamentals done right. Sue shares her journey from developer to cybersecurity leader, offering real-world insights into embedding security thinking into everyday work - not bolting it on after something breaks. The conversation tackles the realities of AI adoption, the risks of over-automation, and why human oversight and curiosity remain essential in an increasingly automated world. You'll learn: Why technology alone can't fix cybersecurity problems How to embed a security-first mindset across teams and leadership What AI changes - and what it doesn't - in cybersecurity governance The role of Zero Trust and foundational cyber hygiene Why people, process, and accountability prevent more breaches than tools How generational shifts and curiosity shape the future of cyber careers Whether you're a security leader, technologist, or business decision-maker navigating AI adoption, this episode delivers grounded, practical wisdom for building resilience that lasts. Tune in to learn why strong cybersecurity still starts with people, not platform,s only on Protect It All. Key Moments: 01:12 Cybersecurity Evolution and Insights 03:51 "Cybersecurity Requires Culture Shift" 07:09 "Tech Failures and Curfew Challenges" 10:30 "Prioritizing Security in AI Development" 15:05 Cybersecurity's Role in Everything 19:37 "Everything is Sales" 23:54 Adapting Communication for Audiences 26:26 "Think Ahead, Stay Curious." 28:30 Tinkering and Curiosity Unleashed 31:32 "Gen Z: Redefining Work and Life." 36:17 Governing AI: Benefits and Risks 37:59 AI Needs Human Oversight 42:35 "AI's Role in Cybersecurity." 47:25 "Hackers Exploit Basic Vulnerabilities." About the guest: Sue McTaggart is a passionate educator and cybersecurity professional with a strong background in software development. Her curiosity and desire to raise awareness led her to transition from developing applications primarily in languages like Java in the early 2000s to the field of cybersecurity. Sue is dedicated to empowering others through education and strives to share her knowledge to help others better understand cybersecurity risks and solutions. She is honored and humbled by opportunities to speak about her work and continues to inspire those around her with her commitment to ongoing learning and public awareness. How to connect Sue: https://www.linkedin.com/in/sue-mctaggart-24604158/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Plus: a star witness in FTX founder Sam Bankman-Fried's criminal trial leaves prison early. And the Oscars are going to YouTube. Danny Lewis hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices

Beyond RC4 for Windows authentication Microsoft outlined its transition plan to move away from RC4 for authentication and published guidance and tools to facilitate this change. https://www.microsoft.com/en-us/windows-server/blog/2025/12/03/beyond-rc4-for-windows-authentication FortiCloud SSO Login Vuln Exploited Arctic Wolf observed exploit attempts against vulnerable FortiGate appliances. https://arcticwolf.com/resources/blog/arctic-wolf-observes-malicious-sso-logins-following-disclosure-cve-2025-59718-cve-2025-59719/ FrePBX Vulnerability Horizon3.ai identified three distinct vulnerabilities in FreePBX. In particular, the authentication by-pass issue should be of concern, but default FreePBX installs do not use the vulnerable web authentication feature. https://horizon3.ai/attack-research/the-freepbx-rabbit-hole-cve-2025-66039-and-others/

Send us a textAfrica is not waiting for the future—it's building it. In this inspiring conversation, Joey Pinz sits down with Kwame Numapau, Ghana's Director of Technology & Innovation, to explore how a continent rich in creativity and resilience is shaping its own digital destiny.Kwame shares how AI, cybersecurity, drones, and robotics are transforming daily life across Africa, from crowd safety to agriculture. He discusses why mindset, not money, is Africa's biggest challenge—and how empowering youth to “fix before they call” could spark the next global wave of innovation.From government policy gaps to Starlink-powered connectivity, from curbing corruption to mentoring a new generation of builders, Kwame paints a vivid picture of a region on the rise. His optimism is contagious: within five years, he predicts, the world will turn to Africa for both tech support and inspiration. 

Business Security Weekly is well aware of the cybersecurity hiring challenges. From hiring CISOs to finding the right skills to developing your employees, we cover it weekly in the leadership and communications segment. But this week, our guest interview digs into the global cybersecurity hiring trends. Jim McCoy, CEO at Atlas, joins Business Security Weekly to share his expertise on the global workforce needs in the 160 countries where Atlas provides direct Employer of Record services. From CISO hiring to where to build security teams, Jim will help us navigate the cybersecurity hiring challenges most organizations face. In the leadership and communications segment, CISOs, CIOs and Boards: Bridging the Cybersecurity Confidence Gap, Rethinking the CIO-CISO Dynamic in the Age of AI, Transparent Leadership Beats Servant Leadership, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-426

Cybersecurity is essential for every practice that relies on technology. In this episode, guest Kaitlin Upchurch, Senior Vice President and Cyber & Tech Practice Leader at Lockton, addresses the cybersecurity questions practices are—and are not—thinking about. She explains why cybersecurity risks are often misunderstood, what makes health care a prime target, and why insurance alone is not enough. Tune in to understand your cyber exposure, the biggest threats facing practices today, and the first steps to strengthen your protection beyond buying a policy.  Chapters00:00 Intro00:47 Banter04:25 Guest background10:20 Tell us about Lockton.13:40 Do medical practices need cybersecurity?18:40 What are cybersecurity misconceptions?20:48 What are some cybersecurity threats?25:00 How can medical practices avoid cybersecurity issues?26:37 Access+27:16 Legal Takeaways28:45 OutroWatch full episodes of our podcast on our YouTube channel: https://www.youtube.com/@byrdadatto  Stay connected for the latest business and health care legal updates:WebsiteFacebookInstagramLinkedIn

Join hosts Jeff Steadman and Jim McDonald for a special live episode recorded on location at Identiverse DC! In this interactive session, Jeff and Jim host a game of "Majority Rules," where the audience competes not to answer correctly, but to guess the most popular answer in the room.The game covers a wide range of topics, from the trivial (worst conference swag and the official uniform of an IAM architect) to the technical (securing API keys, the biggest bottlenecks in IGA, and the primary causes of role explosion).Things get intense halfway through with the introduction of the Battle Royale rules, where picking the minority answer sends a player's score back to zero. Watch to see who survives the explosions and takes home the grand prize.Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapter Timestamps00:00 Intro to Identity at the Center Live00:36 Explaining the Rules of Majority Rules04:25 Question 1: The Worst Conference Swag06:00 Question 2: Replying to Access Denied07:05 Question 3: AI in Identity Management08:40 Question 4: Favorite MFA Method10:12 Question 5: Least Favorite Auth Factor11:15 Turning up the Heat: Battle Royale Mode12:10 Question 6: Why RBAC is Difficult at Scale13:30 Question 7: The IAM Architect Uniform14:50 Question 8: Best Place to Hide a Secret16:15 Question 9: Protocols You Secretly Miss17:25 Question 10: Most Hated Specialized Key18:40 Question 11: Conference Responsibilities20:00 Question 12: Securing API Keys21:20 Question 13: Secrets to Surviving Keynotes22:55 Question 14: The Biggest Bottleneck in IGA24:45 Question 15: Causes of Role Explosion25:50 Question 16: What Breaks First After a Schema Update26:40 Final Question: Fastest Way to Confuse a User27:40 Crowning the WinnerKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Identiverse, Identiverse DC, IAM, Identity and Access Management, Cybersecurity, InfoSec Game Show, Live Podcast, Majority Rules, MFA, IGA, API Security, RBAC, Role Explosion, Tech Humor, Cyberrisk Alliance

This week on Simplifying Cyber, Aaron Pritz and Cody Rivers sit down with Jax Scott — combat veteran, podcast host (Two Cyber Chicks), and VP of Cybersecurity at Pearson — for a conversation that's equal parts leadership, risk reality, and “why is everyone still confused about BISOs?”Jax shares her unconventional path into cybersecurity (perfume sales → special operations → NATO cyber strategy → Mandiant → Capital One → consulting → Pearson), then breaks down what BISOs/CISOs do when done right:The “single point of contact” that connects business teams to security outcomesWhy risk management is the glueWhy the best security leaders aren't always the most technical (and how technical instincts can backfire)Then we go headfirst into the AI debate:Where automation helps most in compliance (evidence collection, mapping, reducing manual slog)Where humans stay essential (judgment calls, accountability, trust-building)The uncomfortable truth: if we outsource all thinking to AI, we may literally get worse at thinkingWe wrap with practical guidance on:Handling volatile regulatory changes (like DR/IR requirements) with flexible plans + frequent testingThe reality of CMMC: why it's not “new,” why enforcement matters, and why last-minute scrambles burn everyone outHow to lead teams through chaos with transparency, empathy, and real talkAnd finally: Jax drops a fun fact that honestly explains a lot about her calm energy.Listen now wherever you get your podcasts.Key topics coveredWhat a BISO/VISO is (and how to explain it to non-security leaders)Critical thinking + EQ as security superpowersAI in compliance/GRC: automate the boring, keep the human judgmentIR/DR planning for shifting rules and requirementsCMMC realities for the defense industrial baseLeadership during change fatigue

How is zero-trust security evolving? Michele Leroux Bustamante discusses the challenges CISOs face today in controlling access to infrastructure, authenticating and authorizing users, and managing the ongoing evolution of an organization's dependencies. The conversation digs into the variety of stacks available to address various elements of an organization's security requirements. Michele also talks about the NIST Cybersecurity Framework as a starting point for understanding the security elements your organization needs to focus on and improve—security is a continuum, not a destination!LinksAzure EntraAuth0DuendeKeyCloakNIST Cybersecurity FrameworkOpen Policy AgentPolicy ServerDefender for CloudAzure API ManagementAzure Front DoorRecorded October 29, 2025

In this episode of the Foster Friendly Podcast, host Courtney Williams engages with cybersecurity experts Chad Rychlewski and Kae David to discuss the critical importance of protecting children in the digital age. They explore various topics including digital footprints, the risks associated with social media, and the necessity of open communication between parents and children. The conversation emphasizes the need for parents, especially foster parents, to be proactive in safeguarding their children's online presence and understanding the technology they use. The episode also highlights practical tips and resources for parents to navigate the complexities of digital safety.Checkout their website:www.cybersecurityparents.comTakeawaysUnderstanding digital footprints is crucial for child safety.Parents must teach children about online risks.Open communication is key to building trust with children.Cyber bullying is a significant risk for kids online.Locking children's credit can prevent identity theft.Foster parents can set rules for technology use.Conducting tech audits helps ensure safety.Behavior contracts can clarify expectations around technology.All devices with internet access need to be monitored.Staying updated on technology changes is essential for parents.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

As usual in the final episode of the year, we hand out three awards for what we think are some of the finest pieces of information systems scholarship produced this year. Except that this time, we are live at the International Conference on Information Systems in Nashville, Tennessee, in a room packed with our listeners. While this means the quality of the audio of our recording is not so great, the quality of the papers we honor this year is. And with a room full of laughter celebrating great information systems scholarship, we end the year on a high note. Congratulations to Stefan, Christoph, and Jan for winning the Trailblazing Research Award, John and Prasanna for winning the Elegant Scholarship Award, and Yanzhen, Huaxia and Andrew for winning the Innovative Method Award 2025. References Lowry, M. R. L., Vance, A., & Vance, M. D. (2025). Inexpert Supervision: Field Evidence on Boards' Oversight of Cybersecurity. Management Science, https://doi.org/10.1287/mnsc.2023.04147. Porra, J., Hirschheim, R., Land, F., & Lyytinen, K. (2025). Seventy Years of Information Systems Development Methodologies from Early Business Computing to the Agile Era: A Two-part History. Part 1: From Pre to Early ISD Methodology Era: The Emergence of ISD Methodologies and Their Golden Era (1880–1980). Journal of Information Technology, 40(4), 441-469. Porra, J., Hirschheim, R., Land, F., & Lyytinen, K. (2025). Seventy Years of Information Systems Development Methodologies from Early Business Computing to the Agile Era: A Two-part History. Part 2: Later ISD to Early Post ISD Methodology Era: Adapting to Accelerated Context Expansion (1980–today). Journal of Information Technology, 40(4), 470-498. Abbasi, A., Somanchi, S., & Kelley, K. (2025). The Critical Challenge of using Large-scale Digital Experiment Platforms for Scientific Discovery. MIS Quarterly, 49(1), 1-28. Storey, V. C., Baskerville, R. L., & Kaul, M. (2025). Reliability in Design Science Research. Information Systems Journal, 35(3), 984-1014. Larsen, K. R., Lukyanenko, R., Mueller, R. M., Storey, V. C., Parsons, J., VanderMeer, D. E., & Hovorka, D. S. (2025). Validity in Design Science. MIS Quarterly, 49(4), 1267-1294. Vance, A., Eargle, D., Kirwan, C. B., Anderson, B. B., & Jenkins, J. L. (2025). The Fog of Warnings: How Non-Security-Related Notifications Diminish the Efficacy of Security Warnings. MIS Quarterly, 49(4), 1357–1384. Baiyere, A., Bauer, J. M., Constantiou, I., & Hardt, D. (2025). Fake News and True News Assessment: The Persuasive Effect of Discursive Evidence in Judging Veracity. MIS Quarterly, 49(3), 823-860. Seidel, S., Frick, C. J., & vom Brocke, J. (2025). Regulating Emerging Technologies: Prospective Sensemaking through Abstraction and Elaboration. MIS Quarterly, 49(1), 179-204. Burton-Jones, A., Boh, W., Oborn, E., & Padmanabhan, B. (2021). Advancing Research Transparency at MIS Quarterly: A Pluralistic Approach. MIS Quarterly, 45(2), iii-xviii. Horton, J. J., & Tambe, P. (2025). The Death of a Technical Skill. Information Systems Research, 36(3), 1799-1820. Chen, Y., Rui, H., & Whinston, A. B. (2025). Conversation Analytics: Can Machines Read Between the Lines in Real-Time Strategic Conversations? Information Systems Research, 36(1), 440-455. Grisold, T., Berente, N., & Seidel, S. (2025). Guardrails for Human-AI Ecologies: A Design Theory for Managing Norm-Based Coordination. MIS Quarterly, 49(4), 1239-1266. Clark, A. (2015). Surfing Uncertainty: Prediction, Action, and the Embodied Mind. Oxford University Press. Recker, J. (2021). Scientific Research in Information Systems: A Beginner's Guide (2nd ed.). Springer. Hirschheim, R., & Klein, H. K. (2012). A Glorious and Not-So-Short History of the Information Systems Field. Journal of the Association for Information Systems, 13(4), 188-235.

More React2Shell Exploits CVE-2025-55182 Our honeypots continue to detect numerous React2Shell variants. Some using slightly modified exploits https://isc.sans.edu/diary/More%20React2Shell%20Exploits%20CVE-2025-55182/32572 The Fragile Lock: Novel Bypasses For SAML Authentication SAML is a tricky protocol to implement correctly, in particular if different XML parsers are used that may not always agree on how to parse a specific message https://portswigger.net/research/the-fragile-lock December Updates Causes issues with Microsoft Message Queuing https://learn.microsoft.com/en-us/windows/release-health/status-windows-10-22h2#message-queuing--msmq--might-fail-with-the-december-2025-windows-security-update

Send Bidemi a Text Message!In this episode, host Bidemi Ologunde connects the dots between a sudden Cambodia–Thailand border flare-up and fresh signals of accountability and diplomacy: from an ICC Darfur war-crimes sentence to prisoner releases in Belarus and political fallout in Bulgaria. What do these seemingly separate headlines reveal when you view them through the lens of hybrid warfare? Bidemi closes with a simple, practical security habit you can apply immediately, plus a mental model for spotting the next inflection point before it hits the mainstream.Support for The Bid Picture Podcast comes from Black Rifle Coffee Company, a veteran-founded coffee brand roasting premium beans for people who love a strong start to the day. From bold blends to convenient ready-to-drink cans, Black Rifle Coffee keeps you fueled for whatever's ahead. Check them out at blackriflecoffee.com.Support for The Bid Picture Podcast comes from GymShark, performance apparel designed for people who take their training seriously. With gym-ready fits that move with you, GymShark helps you stay focused from warm-up to cooldown. Explore their latest drops at gymshark.com.Support for The Bid Picture Podcast comes from Uncommon Goods, an online marketplace filled with unique, independently made gifts. From clever gadgets to handcrafted home goods, Uncommon Goods helps you find something thoughtful for everyone on your list. Learn more at uncommongoods.com.Support the show

Our final news roundup for 2025 is a holiday sampler of tasty, chewy (and a few yucky) confections. We look at a years-long exploit campaign that used browser extensions to steal credentials, inject malicious content, and track behavior; tracks ongoing exploits using the React2Shell vulnerability; and debates whether a surveillance camera maker’s pledge to follow... Read more »

Two-time Emmy and Three-time NAACP Image Award-winning, television Executive Producer Rushion McDonald interviewed Sandra Daley. Founder of Destiny Executive Enterprise D Inc., joins Money Making Conversations Masterclass to share insights on entrepreneurship, cybersecurity, and personal growth. As the leader of one of the fastest-growing global IT companies in the USA, she focuses on helping individuals, institutions, and governments elevate their brands.

Two-time Emmy and Three-time NAACP Image Award-winning, television Executive Producer Rushion McDonald interviewed Sandra Daley. Founder of Destiny Executive Enterprise D Inc., joins Money Making Conversations Masterclass to share insights on entrepreneurship, cybersecurity, and personal growth. As the leader of one of the fastest-growing global IT companies in the USA, she focuses on helping individuals, institutions, and governments elevate their brands.