Podcasts about ddos

A prolonged and very disruptive series of DDoS attacks have struck Final Fantasy XIV the past few weeks, with no clear end in sight. We discuss the issues people have been facing and how, if ever, it can be stopped. We also discuss the upcoming Moogle Treasure Trove - The Hunt For Revelation - and all the new items you can earn from the new moogle tomestones. Patch 7.38 also hit FFXIV the past week, so we naturally go through the patch notes of this tiny patch. We also read your MogMail - from which we once again discuss Azyz Lla and our favorite in-game spots. Welcome!MogMail: https://speakersxiv.com/mogmail/► Patreon: https://www.patreon.com/SpeakersXIV ► Become a Speakers YT Member: https://www.youtube.com/channel/UC2BQVHKP5x3Cs62MB0DF5EQ/join ► Merchandise: https://shop.speakersXIV.com► Follow us on Bluesky: https://bsky.app/profile/speakersxiv.bsky.social ► Catch us LIVE on Twitch: http://www.twitch.tv/SpeakersXIV ► Speakers Discord: https://discord.gg/ATBUccS

Mardi 18 novembre, un peu après midi, Internet a toussé… puis s'est effondré par intermittence. En quelques minutes, Cloudflare, l'un des piliers de l'infrastructure du Web mondial, a entraîné dans sa chute une avalanche de services : ChatGPT, X/Twitter, Canva, Clubic et des milliers d'autres plateformes. L'hypothèse d'une cyberattaque massive a d'abord dominé. En réalité, la vérité est plus banale — et beaucoup plus inquiétante.Tout commence à 12h05, lorsque Cloudflare déploie une mise à jour sur un cluster de bases de données ClickHouse. Une modification censée renforcer la sécurité en rendant explicites les permissions d'accès. Un ajustement mineur, en apparence. Sauf que ce changement provoque un bug imprévu : chaque colonne de données se duplique dans les métadonnées. Une anomalie invisible pour l'utilisateur… mais catastrophique pour un composant clé : le fichier utilisé par le système Bot Management, chargé d'analyser le trafic pour distinguer humains et robots.Habituellement, ce fichier contient une soixantaine d'empreintes. Avec les doublons, il en compte plus de 200. Le problème ? Le logiciel censé le traiter est conçu pour refuser tout fichier dépassant 200 entrées, afin d'éviter une surcharge mémoire. Résultat : lorsque ce fichier corrompu se propage aux milliers de serveurs mondiaux, les machines plantent en série et renvoient des erreurs 500 aux internautes du monde entier. Le cauchemar se complique encore. Le fichier est régénéré toutes les cinq minutes. Selon que le serveur tombe sur une version saine ou défectueuse, Cloudflare oscille entre fonctionnement normal et blackout. Diagnostiquer la panne devient un casse-tête. Matthew Prince, le PDG, parle même d'une possible “démonstration de force” d'un réseau de bots, après les gigantesques attaques DDoS de juin.Ce n'est qu'à 14h04 qu'une piste interne apparaît. À 14h37, les équipes identifient enfin le coupable : le fichier Bot Management. À 15h24, sa génération automatique est stoppée. À 15h30, Internet redémarre. Enfin… presque. Le tableau de bord tombe à son tour, écrasé par le flot de connexions en attente. Il faudra attendre 18h06 pour un retour complet. Dans un mea culpa inhabituellement frontal, Matthew Prince avoue : « Une panne comme celle-ci est inacceptable. » Cloudflare promet des coupe-circuits plus rapides, une validation plus stricte des fichiers internes, et des limites pour ses outils de débogage, eux-mêmes responsables d'un ralentissement massif. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Welcome to AI Unraveled (November 19, 2025): Your daily strategic briefing on the business impact of AI.Today's Highlights: Google CEO warns no firm is immune if the AI bubble bursts. Peter Thiel and SoftBankliquidated their entire Nvidia stakes. Google unveiled Gemini 3 Pro, immediately outperforming GPT-5.1 on key benchmarks. And Jeff Bezos revealed Project Prometheus, a $6.2 billion launch into physical AI manufacturing.Listen at https://podcasts.apple.com/us/podcast/ai-daily-news-rundown-gemini-3-0-pro-vs-gpt-5-1-benchmark/id1684415169?i=1000737352861Strategic Pillars & Topics:

Azure hit by DDoS using 500K IPs Kenyan government websites back online EVALUSION emerges  Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything — and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filter—it's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523.

If you like what you hear, please subscribe, leave us a review and tell a friend!

X, ChatGPT, Canva e Cloudflare têm instabilidade na manhã desta terça, entenda o que aconteceu! Tim O Governo Federal pode revogar a cobrança do Imposto de Importação de 20% sobre as compras internacionais. , a famosa "taxa das blusinhas"; Uber e iFood se unem; Tim Cook sai da Apple em 2026; Pix comemora 5 anos com mais de R$ 70 trilhões em movimentações e Microsoft confirma ataque DDoS de quase 16 Tbps contra Azure.

This week, Lois Houston and Nikita Abraham are joined by Principal OCI Instructor Orlando Gentil to explore what truly keeps data safe, and what puts it at risk.   They discuss the CIA triad, dive into hashing and encryption, and shed light on how cyber threats like malware, phishing, and ransomware try to sneak past defenses.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. ------------------------------------------ Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services. Nikita: Hey everyone! Last week, we discussed how you can keep your data safe with authentication and authorization. Today, we'll talk about various security risks that could threaten your systems. 00:48 Lois: And to help us understand this better, we have Orlando Gentil, Principal OCI Instructor, back with us. Orlando, welcome back! Let's start with the big picture—why is security such a crucial part of our digital world today? Orlando: Whether you are dealing with files stored on a server or data flying across the internet, one thing is always true—security matters. In today's digital world, it's critical to ensure that data stays private, accurate, and accessible only to the right people.  01:20 Nikita: And how do we keep data private, secure, and unaltered? Is there a security framework that we can use to make sense of different security practices? Orlando: The CIA triad defines three core goals of information security.  CIA stands for confidentiality. It's about keeping data private. Only authorized users should be able to access sensitive information. This is where encryption plays a huge role. Integrity means ensuring that the data hasn't been altered, whether accidentally or maliciously. That's where hashing helps. You can compare a stored hash of data to a new hash to make sure nothing's changed. Availability ensures that data is accessible when it's needed. This includes protections like system redundancy, backups, and anti-DDoS mechanisms. Encryption and hashing directly support confidentiality and integrity. And they indirectly support availability by helping keep systems secure and resilient. 02:31 Lois: Let's rewind a bit. You spoke about something called hashing. What does that mean? Orlando: Hashing is a one-way transformation. You feed in data and it produces a unique fixed length string called a hash. The important part is the same input always gives the same output, but you cannot go backward and recover the original data from the hash. It's commonly used for verifying integrity. For example, to check if a file has changed or a message was altered in transit. Hashing is also used in password storage. Systems don't store actual passwords, just their hashes. When you log in, the system hashes what you type it and compare the stored hash. If they match, you're in. But your actual password was never stored or revealed. So hashing isn't about hiding data, it's about providing it hasn't changed. So, while hashing is all about protecting integrity, encryption is the tool we use to ensure confidentiality. 03:42 Nikita: Right, the C in CIA. And how does it do that? Orlando: Encryption takes readable data, also known as plaintext, and turns it into something unreadable called ciphertext using a key. To get the original data back, you need to decrypt it using the right key. This is especially useful when you are storing sensitive files or sending data across networks. If someone intercepts the data, all they will see is gibberish, unless they have the correct key to decrypt it. Unlike hashing, encryption is reversible as long as you have the right key. 04:23 Lois: And are there different types of encryption that serve different purposes? Orlando: Symmetric and asymmetric encryption. With symmetric encryption, the same key is used to both encrypt and decrypt the data. It's fast and great for securing large volumes of data, but the challenge lies in safely sharing the key. Asymmetric encryption solves that problem. It uses a pair of keys: public key that anyone can use to encrypt data, and a private key that only the recipient holds to decrypt it. This method is more secure for communications, but also slower and more resource-intensive. In practice, systems often use both asymmetric encryption to exchange a secure symmetric key and then symmetric encryption for the actual data transfer. 05:21 Nikita: Orlando, where is encryption typically used in day-to-day activities? Orlando: Data can exist in two primary states: at rest and in transit. Data at rest refers to data stored on disk, in databases, backups, or object storage. It needs protection from unauthorized access, especially if a device is stolen or compromised. This is where things like full disk encryption or encrypted storage volumes come in. Data in transit is data being sent from one place to another, like a user logging into a website or an API sending information between services. To protect it from interception, we use protocols like TLS, SSL, VPNs, and encrypted communication channels. Both forms data need encryption, but the strategies and threats can differ. 06:19 Lois: Can you do a quick comparison between hashing and encryption? Orlando: Hashing is one way. It's used to confirm that data hasn't changed. Once data is hashed, it cannot be reversed. It's perfect for use cases like password storage or checking the integrity of files. Encryption, on the other hand, it's two-way. It's designed to protect data from unauthorized access. You encrypt the data so only someone with the right key can decrypt and read it. That's what makes it ideal for keeping files, messages, or network traffic confidential. Both are essential for different reasons. Hashing for trust and encryption for privacy. 07:11 Adopting a multicloud strategy is a big step towards future-proofing your business and we're here to help you navigate this complex landscape. With our suite of courses, you'll gain insights into network connectivity, security protocols, and the considerations of working across different cloud platforms. Start your journey to multicloud today by visiting mylearn.oracle.com.  07:39 Nikita: Welcome back! When we talk about cybersecurity, we hear a lot about threats and vulnerabilities. But what do those terms really mean? Orlando: In cybersecurity, a threat is a potential danger and a vulnerability is a weakness an asset possess that a threat can exploit. When a threat and a vulnerability align, it creates a risk of harm. A threat actor then performs an exploit to leverage that vulnerability, leading to undesirable impact, such as data loss or downtime. After an impact, the focus shifts to response and recovery to mitigate damage and restore operations.  08:23 Lois: Ok, let's zero in on vulnerabilities. What counts as a vulnerability, and what categories do attackers usually target first?  Orlando: Software and hardware bugs are simply unintended flaws in a system's core programming or design. Misconfigurations arise when systems aren't set up securely, leaving gaps. Weak passwords and authentication provide easy entry points for attackers. A lack of encryption means sensitive data is openly exposed. Human error involves mistakes made by people that unintentionally create security risks. Understanding these common vulnerability types is the first step in building more resilient and secure systems as they represent the critical entry points attackers leverage to compromise systems and data. By addressing these, we can significantly reduce our attack surface and enhance overall security.  09:28 Nikita: Can we get more specific here? What are the most common cybersecurity threats that go after vulnerabilities in our systems and data? Orlando: Malware is a broad category, including viruses, worms, Trojans, and spyware. Its goal is to disrupt or damage systems. Ransomware has been on the rise, targeting everything from hospitals to government agencies. It lock your files and demands a ransom, usually in cryptocurrency. Phishing relies on deception. Attackers impersonate legitimate contacts to trick users into clicking malicious links or giving up credentials. Insider threats are particularly dangerous because they come within employees, contractors, or even former staff with lingering access. Lastly, DDoS attacks aim to make online services unavailable by overwhelming them with traffic, often using a botnet—a network of compromised devices. 10:34 Lois: Orlando, can you walk us through how each of these common cybersecurity threats work? Orlando: Malware, short for malicious software, is one of the oldest and most pervasive types of threats. It comes in many forms, each with unique methods and objectives. A virus typically attaches itself to executable files and documents and spreads when those are shared or opened. Worms are even more dangerous in networked environments as they self-replicate and spread without any user action. Trojans deceive users by posing as harmless or helpful applications. Once inside, they can steal data or open backdoors for remote access. Spyware runs silently in the background, collecting sensitive information like keystrokes or login credentials. Adware might seem like just an annoyance, but it can also track your activity and compromise privacy. Finally, rootkits are among the most dangerous because they operate at a low system level, often evading detection tools and allowing attackers long-term access. In practice, malware can be a combination of these types. Attackers often bundle different techniques to maximize damage.  12:03 Nikita: And what about ransomware? Why it is such a serious threat? Orlando: Ransomware has become one of the most disruptive and costly types of cyber attacks in recent years. Its goal is simple but devastating, to encrypt your data and demand payment in exchange for access. It usually enters through phishing emails, insecure remote desktop protocol ports or known vulnerabilities. Once inside, it often spreads laterally across the network before activating, ensuring maximum impact. There are two common main forms. Crypto ransomware encrypts user files, making them inaccessible. Locker ransomware goes a step further, locking the entire system interface, preventing any use at all. Victims are then presented with a ransom note, typically requesting cryptocurrency payments in exchange for the decryption key. What makes ransomware so dangerous is not just the encryption itself, but the pressure it creates. Healthcare institutions, for instance, can't afford the downtime, making them prime targets.  13:18 Lois: Wow. Thanks, Orlando, for joining us today.  Nikita: Yeah, thanks Orlando. We'll be back next week with more on how you use security models to tackle these threats head-on. And if you want to learn about the topics we covered today, go to mylearn.oracle.com and search for the Cloud Tech Jumpstart  course. Until next time, this is Nikita Abraham… Lois: And Lois Houston, signing off! 13:42 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Deixe o Like

Chalked Cast and chill with Rizzo and the Chalked Squad - Support this podcast: https://podcasters.spotify.com/pod/show/chalked-cast/supportTimestamps:0:00 - Intro0:43 - Rizzo revives OG G2 with JKnaps and Chicago3:42 - What's Rizzo been up to, how far Rizzo will make it in RLCS?14:31 - Fairy Peak, Kaydop and Chausette running it back, RLCS Beginning, Copenhagen LAN Breakdown23:51 - The bot and DDOS problem in Rocket League30:17 - Rizzo's thoughts on NRG becoming World Champions35:47 - Top 25 GOAT list discussion, Who is Rizzo's GOAT?1:14:07 - Patreon Questions

Sua solução já travou quando mais precisava estar disponível? Neste episódio, Marcos Paulo Souza Miranda, Arquiteto de Soluções na dti digital, explora como o balanceamento de carga ou load balancers distribuem eficientemente o tráfego entre múltiplos servidores, garantindo que as aplicações permaneçam responsivas mesmo sob alta demanda. Desde estratégias de escalabilidade horizontal até algoritmos de distribuição inteligente, você descobrirá como essa tecnologia pode ser o diferencial entre uma experiência de usuário fluida ou frustrante. Dê o play e ouça agora! Assuntos abordados: Fundamentos de load balancers; Escalabilidade horizontal em aplicações; Load balancers L4 vs L7; Mitigação de ataques DDoS; Técnicas de proteção e segurança; Soluções para alta demanda; Balanceadores em ambientes industriais; Planejamento de escalabilidade; Configurações para alta disponibilidade; Load balancing em soluções de IA. Links importantes: Vagas disponíveis Newsletter Dúvidas? Nos mande pelo Linkedin Contato:  entrechaves@dtidigital.com.br O Entre Chaves é uma iniciativa da dti digital, uma empresa WPP

“Availability is resilience. If you can't see it, you can't secure it.” — Roland Dobbins, Principal Engineer, NETSCOUT ASERT Team In this Technology Reseller News podcast, Doug Green, Publisher of TR Publications, speaks with Roland Dobbins, Principal Engineer on NETSCOUT's ASERT (Arbor Security Engineering & Response Team), about the growing risk of outbound DDoS attacks—and why service providers and enterprises must defend against threats moving in every direction. NETSCOUT, a global leader in network visibility and DDoS defense, has been monitoring an alarming surge in outbound and cross-network (east-west) attack traffic driven by new “Turbo Mirai” botnets, particularly the Aisuru variant. These attacks can exceed 20 terabits per second and 6 gigapackets per second, overwhelming even the largest operators. Dobbins explains that while most organizations focus on protecting against incoming DDoS traffic, outbound attack streams can be just as damaging, clogging peering links and taking down critical infrastructure. “We're seeing broadband networks unintentionally launching massive attacks, sometimes over a terabit per second, because of compromised IoT and connected devices,” Dobbins said. “It's not just about defending the target — it's about protecting your own network from being part of the problem.” NETSCOUT's ASERT team, which observes 40,000–50,000 DDoS attacks daily across 60% of the world's IPv4 space, provides continuous research and live mitigation guidance to customers worldwide. Dobbins emphasized that effective DDoS defense requires edge-to-edge visibility, sub-second detection, and suppression of both inbound and outbound traffic. “You can't secure what you can't see,” he added. “Operators need full visibility across their networks, with active mitigation built into daily operations.” Learn more about NETSCOUT's global threat research and DDoS defense solutions at netscout.com. Software Mind Telco Days 2025: On-demand online conference Engaging Customers, Harnessing Data

The end of October was punctuated with a series of major cloud outages, first at AWS and then at Microsoft, bringing a wide range of websites and business applications offline.In the previous episode, we spoke about this in a reactive sense – the immediate customers impacted and the likely causes.But it's also important to break the problem down at a strategic and technical level. Just how do outages at this scale occur – and what's it like as an insider, fighting to bring services back online?In this episode Rory speaks to James Kretchmar, SVP & CTO of the cloud technology division at Akamai Technologies, to get an insider's perspective on cloud outages and how businesses can navigate these incidents.Read more:Amazon Web Services outage live: Hundreds of apps including Slack, mobile carriers, banking services downThe AWS outage brought much of the web to its knees: Here's how it happened, who it affected, and how much it might costThe Microsoft Azure outage explained: What happened, who was impacted, and what can we learn from it?Australia internet banking outage blamed on DDoS mitigation serviceWhy the CrowdStrike outage was a wakeup call for developer teams

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The UK Information Commissioner's Office (ICO) recently released a comprehensive 136-page report detailing the BlackBasta ransomware attack on Capita in March 2023.Kaspersky researchers have detailed two active campaigns from North Korean APT group BlueNoroff, which continue the group's long-running SnatchCrypto operation targeting individuals in financial and tech sectors.The exploitation of the first Chrome zero-day of 2025 has been attributed to a state-sponsored threat actor involved in Operation ForumTroll, a cyber-espionage campaign targeting Russian entities across sectors like education, finance, media, and government.Netscout has identified a newly emerging Internet of Things (IoT) botnet, Aisuru, which has already launched distributed denial-of-service (DDoS) attacks exceeding 20 Tbps, placing it among the most powerful botnets observed to date.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Een nieuw #Nerdland maandoverzicht! Met deze maand: ChatGPT in Minecraft! Dolfijnenmode! Sora-2! Stoute stofzuigers! 3I/Atlas! De elektrische fiets van de wandelschoen! En veel meer... Shownotes: https://podcast.nerdland.be/nerdland-maandoverzicht-november-2025/ Gepresenteerd door Lieven Scheire met Peter Berx, Marian Verhelst, Kurt Beheydt en Jonas Geirnaert. Opname, montage en mastering door Jens Paeyeneers. (00:00:00) Intro (00:02:10) Hoe is het nog met 3I Atlas? (00:16:10) Spaceshuttle Disocvery wordt mogelijk in stukken gezaagd (00:19:21) Functionele GPT gebouwd in Minecraft? (00:24:03) Youtuber stapt naar het einde van Minecraft (00:29:12) We kunnen eindelijk de geheime Herculaneumrollen lezen (00:37:08) Ozempic helpt ook tegen alcoholmisbruik (00:42:10) Mogelijk eerste kantelpunt klimaatopwarming (00:55:00) Nieuwe zeezoogdierrage: dolfijnen met pruiken van spons (01:00:29) The Real Housewives Of Silicon Valley (01:00:46) Sora2 gelanceerd: een social media kanaal met enkel AI gegenereerde filmpjes (01:03:59) Agentic webbrowsers: werken ze eigenlijk al? (01:16:27) ChatGPT nu beschikbaar voor adult content (01:17:48) Amazon Web Service panne zet internet op stelten (01:24:31) Slimme stofzuiger zendt kaart van je huis uit (01:30:01) Man lanceert DDoS attack op Waymo (01:32:25) Succesvolle lanceertest StarShip (01:36:40) Mark Zuckerberg springt ook op de nieuwste rage: Metabot (01:41:55) Figure 03 robot voorgesteld (01:47:12) Musk spreekt vaag over eigen robotleger, en wordt mogelijk eerste biljonair ter wereld (01:51:38) Agentic AI: langetermijnsgeheugen ontbreekt (01:55:06) Alweer wordt de AI bubble voorspeld, wegens muzikale pak met geld (02:00:27) Jane Goodall overleden (02:09:36) Nike lanceert de elektrische fiets van de wandelschoenen (02:10:50) Moon space race: Chinese raket crasht op aarde (02:20:36) Lancering NASA mars satelliet met New Glenn 9 november (02:21:38) Laatste fort gevallen, nu ook muggen in IJsland (02:24:10) Native Americans waren mogelijk 8000 eerder in Amerika, vanuit Azie (02:32:33) Recall: LIGO is niet volledig gedefunded (02:33:03) PXL UHasselt Makerspace organiseert opnieuw een Maker Day, op 23/11 (02:35:58) Aankondigingen! Nerdland Voor Kleine Nerds (02:36:42) Hetty speelt Missie 25 (02:37:23) Oproep talks en vrijwilligers Nerdland Festival (02:38:40) Koop Nerdland merchandise! (02:39:16) Lieven op tour in UK (02:40:07) Jonas regisseerde How To Kill Your Sister (02:42:19) Binnenkort: Ons DNA 2 (02:43:52) Sponsor: Fairy Positron

Happy Halloween from the team at N2K Networks! We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video ⁠here⁠. Lyrics I was coding in the lab late one night when my eyes beheld an eerie sight  for my malware threat score began to rise  and suddenly to my surprise... It did the Mash  It did the Malware Mash  The Malware Mash  It was a botnet smash  It did the Mash  It caught on 'cause of Flash  The Malware Mash  It did the Malware Mash From the Stuxnet worm squirming toward the near east  to the dark web souqs where the script kiddies feast  the APTs left their humble abodes  to get installed from rootkit payloads.  They did the Mash  They did the Malware Mash  The Malware Mash  It was an adware smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They did the Malware Mash The botnets were having fun  The DDoS had just begun  The viruses hit the darknet,  with ransomware yet to come.  The keys were logging, phishing emails abound,  Snowden on chains, backed by his Russian hounds.  The Shadow Brokers were about to arrive  with their vocal group, "The NotPetya Five." They did the Mash  They played the Malware Mash The Malware Mash  It was a botnet smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They played the Malware Mash Somewhere in Moscow Vlad's voice did ring  Seems he was troubled by just one thing.  He opened a shell then shook his fist  and said, "Whatever happened to my Turla Trojan twist."  It's now the Mash  It's now the Malware Mash  The Malware Mash  And it's a botnet smash  It's now the Mash  It caught on 'cause of Flash  The Malware Mash  It's now the Malware Mash Now everything's cool, Vlad's a part of the band  And the Malware Mash is the hit of the land.  For you, defenders, this mash was meant to  when you get to my door, tell them Creeper sent you. Then you can Mash  Then you can Malware Mash  The Malware Mash  And be a botnet smash  It is the Mash  Don't you dare download Flash  The Malware Mash  Just do the Malware Mash Learn more about your ad choices. Visit megaphone.fm/adchoices

Send us a textWe mark 200 episodes by celebrating the work, not the metrics, and sharing what kept us going even when the show felt like a grind. From a documentary-style DDOS episode to deep dives that stand the test of time, we look back at our proudest moments and things we'd do differently.Looking forward to our next episode: If you have any questions about Apple Podcasts, any tips, have you been featured, anything like that? Go ahead and send it in!Contact Buzzcast Send us a text message Tweet us at @buzzcastpodcast, @albanbrooke, @kfinn, and @JordanPods Thanks for listening and Keep Podcasting!

Happy Halloween from the team at N2K Networks! We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video ⁠here⁠. Lyrics I was coding in the lab late one night when my eyes beheld an eerie sight  for my malware threat score began to rise  and suddenly to my surprise... It did the Mash  It did the Malware Mash  The Malware Mash  It was a botnet smash  It did the Mash  It caught on 'cause of Flash  The Malware Mash  It did the Malware Mash From the Stuxnet worm squirming toward the near east  to the dark web souqs where the script kiddies feast  the APTs left their humble abodes  to get installed from rootkit payloads.  They did the Mash  They did the Malware Mash  The Malware Mash  It was an adware smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They did the Malware Mash The botnets were having fun  The DDoS had just begun  The viruses hit the darknet,  with ransomware yet to come.  The keys were logging, phishing emails abound,  Snowden on chains, backed by his Russian hounds.  The Shadow Brokers were about to arrive  with their vocal group, "The NotPetya Five." They did the Mash  They played the Malware Mash The Malware Mash  It was a botnet smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They played the Malware Mash Somewhere in Moscow Vlad's voice did ring  Seems he was troubled by just one thing.  He opened a shell then shook his fist  and said, "Whatever happened to my Turla Trojan twist."  It's now the Mash  It's now the Malware Mash  The Malware Mash  And it's a botnet smash  It's now the Mash  It caught on 'cause of Flash  The Malware Mash  It's now the Malware Mash Now everything's cool, Vlad's a part of the band  And the Malware Mash is the hit of the land.  For you, defenders, this mash was meant to  when you get to my door, tell them Creeper sent you. Then you can Mash  Then you can Malware Mash  The Malware Mash  And be a botnet smash  It is the Mash  Don't you dare download Flash  The Malware Mash  Just do the Malware Mash

Send us a textUptime. It's the lifeblood of manufacturing and the precise target of industrial sector hackers. By knocking systems offline, stealing credentials, holding data for ransom, or crippling supply chains, the bad guys know their ultimate goals of disruption or extortion will be realized.And as we've discussed numerous times here on Security Breach, keeping these bad actors out has become more and more difficult as new technology, connectivity and endpoints are added to the OT landscape.Hackers are getting smarter and more complex, but the good news is so are the tools and strategies for the good guys. Here to offer some perspective on dealing with the leading threats targeting the people, systems and data of the industrial sector is a collection of experts focused on minimizing disruptions and preparing you to react and respond to cyberattacks.Watch/listen as:Max Clausen, senior VP of Network Connectivity at Zayo dives into the factors and strategies driving DDoS or distributed denial of service attacks.John Carse, Field CISO at SquareX discusses the ongoing impact of developing and legacy vulnerabilities, as well as some of the novel strategies hackers are using to introduce new strands of highly disruptive malware.Amit Hammer, CEO of Salvador Tech talks about lessons learned from the recent Jaguar Land Rover attack and how response strategies will continue to play a key role in minimizing attack-related downtime.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifyTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Explosions rock a shuttered Myanmar cybercrime hub. The Aisuru botnet shifts from DDoS to residential proxies. Dentsu confirms data theft at Merkle. Boston bans biometrics. Proton restores journalists' email accounts after backlash. Memento labs admits Dante spyware is theirs. Australia accuses Microsoft of improperly forcing users into AI upgrades. CISA warns of active exploitation targeting manufacturing management software. A covert cyberattack during Trump's first term disabled Venezuela's intelligence network. Our guest is Ben Seri, Co-Founder and CTO of Zafran, discussing the trend of AI native attacks. New glasses deliver fashionable paranoia. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest is Ben Seri, Co-Founder and CTO of Zafran, discussing the trend of AI native attacks and how defenders should use AI to defend and remediate. Selected Reading Stragglers from Myanmar scam center raided by army cross into Thailand as buildings are blown up (AP News) Aisuru Botnet Shifts from DDoS to Residential Proxies (Krebs on Security) Advertising giant Dentsu reports data breach at subsidiary Merkle (Bleeping Computer) Boston Police Can No Longer Use Facial Recognition Software (Built in Boston) Proton Mail Suspended Journalist Accounts at Request of Cybersecurity Agency (The Intercept) CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware (TechCrunch) Australia sues Microsoft for forcing Copilot AI onto Office 365 customers (Pivot to AI) CISA warns of actively exploited flaws in Dassault DELMIA Apriso manufacturing software (Beyond Machines) CIA cyberattacks targeting the Maduro regime didn't satisfy Trump in his first term. Now the US is flexing its military might (CNN Politics) Zenni's Anti-Facial Recognition Glasses are Eyewear for Our Paranoid Age (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Terwijl in Oekraïne gevochten wordt met wapens, woedt online een tweede oorlog. Russische hackers en trollen vallen het Westen aan met nepnieuws en digitale sabotage. Eén van die groepen, NoName057(16), laat van zich horen en onthult waarom ze hun cyberaanvallen met trots uitvoeren. In 2022 maakten we ook een aflevering over Poetins cyberoorlog. Die kan je hier luisteren. KPN is partner van Ik Weet Je Wachtwoord. KPN beschermt organisaties tegen digitale verstoringen. Met ons DDoS-platform monitoren en filteren we continu dataverkeer, zodat dreigingen snel worden herkend en automatisch worden afgeweerd. Wil je weten hoe wij jouw organisatie helpen om beschikbaar en weerbaar te blijven, ga naar https://www.kpn.com/beterwerken en ontdek hoe wij digitale rust brengen in roerige tijden. Learn more about your ad choices. Visit megaphone.fm/adchoices

In summer 2025, Hano, the infamous hacker behind the malicious DDoS attacks against multiple Hungarian independent news outlets, International Press Institute and Die Tageszeitung, was caught by the Hungarian authorities.    Now that Hano is facing justice, the Media Freedom in Focus podcast series will review the time of the attacks and the implications that they had for the Hungarian media. With us, the editor-in-chief of Media1, Daniel Szalay, is commenting on the newest developments of the affair and the motive of the attacks.    Guest: Daniel Szalay, Editor-in-Chief, Media1.hu. Producer, Editor and Host: Kasperi Kainulainen, Helsingin Sanomat Foundation Fellow at the International Press Institute (IPI).     This podcast series is part of the MFRR in Focus project sponsored by Media Freedom Rapid Response, which tracks, monitors and responds to violations of press and media freedom in EU Member States and Candidate Countries. For more in-depth podcast episodes about the state of press freedom in Europe, visit the MFRR website or search MFRR In Focus on your podcasts apps. The MFRR is co-funded by the European Commission. Other episodes in this series: MFRR in focus: The state of Poland's public service media Press freedom in peril: navigating elections and political turmoil in Poland, Slovakia and Bulgaria Independent journalism in Austria faces a far-right threat Media Freedom in Focus: Untangling media capture in Greece MFRR Podcast: The battle over the future of Poland's politicized public media Examining press freedom in Moldova after tense election

Welcome to episode 328 of The Cloud Pod, where the forecast is always cloudy! Justin, Ryan, and Matt are on board today to bring you all the latest news in cloud and AI, including secret regions (this one has the aliens), ongoing discussions between Microsoft and OpenAI, and updates to Nova, SQL, and OneLake -and even the latest installment of Cloud Journeys.  Let's get started!  Titles we almost went with this week CloudWatch’s New Feature: Because Nobody Likes Writing Incident Reports at 3 AM DNS: Did Not Survive – The Great US-EAST-1 Outage of 2025 404 DevOps Not Found: The AWS Automation Adventure mk When Your DevOps Team Gets Replaced by AI and Then Everything Crashes Database Migrations Get the ChatGPT Treatment: Just Vibe Your Schema Changes AWS DevOps Team Gets the AI Treatment: 40% Fewer Humans, 100% More Questions Breaking Up is Hard to Compute: Microsoft and OpenAI Redefine Their Relationship AWS Goes Full Scope: Now Tracking Your Cloud’s Carbon from Cradle to Gate Platform Engineering: When Your Golden Path Leads to a Dead End DynamoDB’s DNS Disaster: How a Race Condition Raced Through AWS AI Takes Over AWS DevOps Jobs, Servers Take Unscheduled Vacation PostgreSQL Scaling Gets a 30-Second Makeover While AWS Takes a Coffee Break The Domino Effect: When DynamoDB Drops, Everything Drops RAG to Riches: Amazon Nova Learns to Cite Its Sources AWS Finally Tells You When Your EC2 Instance Can’t Keep Up With Your Storage Ambitions AWS Nova Gets Grounded: No More Hallucinating About Reality One API to Rule Them All: OneLake’s Storage Compatibility Play OpenAI gets to pay Alimony Database schema deployments are totally a vibe AWS will tell you how not green you are today, now in 3 scopes General News  02:00 DDoS in September | Fastly Fastly‘s September DDoS report reveals a notable 15.5 million requests per second attack that lasted over an hour, demonstrating how modern application-layer attacks can sustain extreme throughput with real HTTP requests rather than simple pings or amplification techniques. Attack volume in September dropped to 61% of August levels, with data suggesting a correlation between school schedules and attack frequency: lower volumes coincide with school breaks, while higher volumes occur when schools are in session. Media & Entertainment companies faced the highest median attack sizes, followed by Education and High Technology sectors, with 71% of September’s peak attack day attributed to a single enterprise media company. The sustained 15 million RPS attack originated from a single cloud-provider ASN, using sophisticated daemons that mimicked browser behavior, making detection more challenging than typical DDoS patterns. Organizations should evaluate whether their incident response runbooks can handle hour-long attacks at 15+ million RPS, as these sustained high-throughput attacks require automated mitigation rather than manual intervention. Listen, we're not inviting a DDoS attack, but also…we'll just turn off the website, so there's that.  AI Is Going Great – Or How ML Makes Money 04:41 Google AI Studi

Got a question or comment? Message us here!This week on the #SOCBrief, Andrew breaks down RondoDox, a rapidly growing botnet campaign taking aim at routers, DVRs, and IoT devices worldwide. With over 50 vulnerabilities across 30+ vendors, this “shotgun” exploitation strategy is fueling massive DDoS and crypto-mining attacks.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Pete is back to join Max and Steve this week, and the trio discuss the mystery DDOS that took down a bunch of gaming services… But who was behind it?

In this episode of Cybersecurity Today, host David Shipley discusses several major events, including the FBI's takedown of the Breach Forums portal. This site was associated with a significant Salesforce data breach and extortion campaign led by groups like Shiny Hunters and Scattered Lapses Hunters. Oracle users are also warned about a new critical vulnerability in the E-Business Suite, which could allow unauthorized data access without requiring login credentials. Additionally, the resurgence of the Asuru botnet, leveraging compromised IoT devices to execute large-scale DDoS attacks, raises concerns. The episode emphasizes the need for immediate patching and robust security measures by organizations and consumers alike. A positive note highlights a cybersecurity awareness initiative by the Indiana Toll Road. 00:00 FBI Takes Down Breach Forums 03:42 Oracle E-Business Suite Vulnerability 07:39 Massive Botnet Threatening US Networks 11:04 Community Cybersecurity Awareness 11:47 Conclusion and Sign-Off

In this week's Security Sprint, Dave and Andy covered the following topics:Main Topics:Russia, China and North Korea are using ChatGPT to influence you — here's how. A new report from OpenAI found foreign adversaries are increasingly using artificial intelligence to power hacking and influencing operations. The report found they were using OpenAI's popular tool ChatGPT. The report showed those adversaries include Russia, China and North Korea. “AI-enabled attacks are becoming more capable and harder to detect,” Daryl Lim, affiliate at the Center for Socially Responsible Artificial Intelligence at Penn State University, told Straight Arrow News. “Adversaries can personalize attacks, evade filters and iterate faster than before.”• The Case for AI Loss of Control Response Planning and an Outline to Get Started• Can Humans Devise Practical Safeguards That Are Reliable Against an Artificial Superintelligent Agent?The true cost of cyber attacks - and the business weak spots that allow them to happen. What makes companies like Jaguar Land Rover and Marks & Spencer particularly vulnerable is the way in which their supply chains work.• UK NCSC: UK experiencing four 'nationally significant' cyber attacks every week• Cyber attack contingency plans should be put on paper, firms told• Policyholder Plot Twist: Cyber Insurer Sues Policyholder's Cyber Pros• The Ransomware Pricing Paradox: An Empirical Study of the Six Stages of Ransomware Negotiations. PDF• Paying off cyber criminals no guarantee stolen data won't be published – studySevere Weather: Hurricane Season continues18 Oct: No Kings nationwide protestsQuick Hits:• Peace in Israel and Gaza?• Sen. Peters tries another approach to extend expired cyber threat information-sharing law & Peters & Rounds Introduce Bipartisan Bill to Restore Critical Cybersecurity Protections• Yet another shutdown and its impact on cybersecurity professionals• Experts: Shutdown Strains Healthcare Cyber Defenses• Is the government shutdown impacting info sharing for healthcare cyber threats? • ICYMI! Gate 15 Weekly Security Sprint EP 130. The Evangelist has returned! Cybersecurity Awareness Month and more! • Poland says cyberattacks on critical infrastructure rising, blames Russia• Anatomy of a Hacktivist Attack: Russian-Aligned Group Targets OT/ICS• Critical networks face unprecedented threat as DDoS attacks are getting shorter and more intense• Belgian PM reported to be among targets of ‘jihad-inspired' drone plot• Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign

DHS reassigns cyberstaff to immigration duties. A massive DDoS attack disrupts several major gaming platforms. Discord refuses ransom after a third-party support system breach. Researchers examine Chaos ransomware and creative log-poisoning web intrusions. The FCC reconsiders its telecom data breach disclosure rule. Experts warn of teen recruitment in pro-Russian hacking operations. Ukraine's parliament approves the establishment of Cyber Forces. Troy Hunt criticizes data breach injunctions as empty gestures. Our guest is Sarah Graham from the Atlantic Council's Cyber Statecraft Initiative (CSI) discussing their report, "Mythical Beasts: Diving into the depths of the global spyware market." And, Spy Dog's secret site goes off leash. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Sarah Graham from the Atlantic Council's Cyber Statecraft Initiative (CSI) discussing their work and findings on "Mythical Beasts: Diving into the depths of the global spyware market." Selected Reading Homeland Security Cyber Personnel Reassigned to Jobs in Trump's Deportation Push (Bloomberg) Massive DDoS Attack Knocks Out Steam, Riot, and Other Services (Windows Report) Hackers claim Discord breach exposed data of 5.5 million users (Bleeping Computer) The Evolution of Chaos Ransomware: Faster, Smarter, and More Dangerous (FortiGuard Labs) The Crown Prince, Nezha: A New Tool Favored by China-Nexus Threat Actors (Huntress) Court Pauses FCC Data Breach Rules as Agency Takes New Look | Regulation (Cablefax) Arrests Underscore Fears of Teen Cyberespionage Recruitment (Data Breach Today) Ukraine's parliament backs creation of cyber forces in first reading (The Kyiv Independent) Troy Hunt: Court Injunctions are the Thoughts and Prayers of Data Breach Response (Troy Hunt) Spy Dog: Children's books pulled over explicit weblink (BBC News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The boys discuss Patch 25.20, ARAM Mayhem, Account Linking, Streamer Mode, Account Penalties, DDOS Attacks, Hackathon, LR in LEC, LCS Promotion Tournament, emails and more on episode 711 of Leaguecast! Email us - mail@leaguecastpodcast.com   Support us - https://www.patreon.com/leaguecast  Tweet us - https://twitter.com/leaguecast   Facebook - https://www.facebook.com/Leaguecast/   Join Our Discord - https://discord.gg/leaguecast   

Brigitte Macron bajo la lupa: una periodista americana acusa, la primera dama demanda y Francia entero intenta controlar la narrativa. ¿Qué hay detrás de esta historia? Te contamos cómo un rumor se convirtió en un caso de comunicación política global, con acusaciones de grooming, teorías de conspiración, ataques DDoS y demandas que pueden redefinir la relación entre política, prensa y poder. La pregunta no es si es verdad o mentira, sino cómo un país entero maneja una crisis de reputación cuando la transparencia sería la salida más simple.☕️ Acompaña este episodio con Café Granell: https://cafesgranell.esNuestros sabores favoritos: avellana y vainilla. Pruébalos con un 10% de descuento usando el código SINFILTRO10 al hacer tu pedido.⏰ Minutos (00:25) Macron demanda a Candace Owens(01:28) El efecto Streisand explicado(03:05) Quién es Candace Owens(05:12) Macron tenía 15 cuando la conoció(08:04) Relación consensuada o grooming(10:22) El misterio de las fotos de Brigitte(12:48) El hermano invisible Jean-Michel Trogneux(15:06) Reconocimiento facial(18:03) Medios vs teoría de conspiración(21:00) Ataque DDoS desde Francia(23:05) Difamación y la Primera Enmienda(26:12) Crisis de comunicación de Macron(28:10) Qué delitos implicaría ocultar identidad(30:02) Conclusión narrativa vs verdad

Aparelhos comuns como câmeras de segurança, babás eletrônicas, roteadores e até robôs aspiradores podem ser usados como armas em ataques digitais. No novo episódio do Podcast Canaltech, conversamos com Matheus Castanho, Tech Lead da Huge Networks, sobre os riscos de segurança que rondam os dispositivos IoT (Internet das Coisas). O especialista explica como esses aparelhos podem ser transformados em botnets usadas em ataques DDoS e até em espionagem dentro das casas, além de revelar os erros mais comuns que deixam tudo mais vulnerável. Matheus também aponta caminhos para fabricantes e usuários reduzirem os riscos e compartilha dicas práticas para quem já tem uma casa cheia de dispositivos conectados. Você também vai conferir: ChatGPT-5 já mostra desempenho de humano em áreas como saúde, finanças e varejo, LG lança TV com modo fácil e botão de emergência para idosos, Amazon dificulta pirataria no Kindle com nova atualização de segurança, Brasil tem mais alunos no EAD do que no ensino presencial e Heineken abre mais de 30 vagas em tecnologia com salários de até R$ 22 mil. Este podcast foi roteirizado e apresentado por Fernanda Santos e contou com reportagens de João Melo, Vinicius Moschen, Wendel Martins, Nathan Vieira e Claudio Yuge sob coordenação de Anaísa Catucci. A trilha sonora é de Guilherme Zomer, a edição de Jully Cruz e a arte da capa é de Erick Teixeira.See omnystudio.com/listener for privacy information.

Fortra flags a critical flaw in its GoAnywhere Managed File Transfer (MFT) solution. Cisco patches a critical vulnerability in its IOS and IOS XE software. Cloudflare thwarts yet another record DDoS attack. Rhysida ransomware gang claims the Maryland Transit cyberattack. The new “Obscura” ransomware strain spreads via domain controllers. Retailers' use of generative AI expands attack surfaces. Researchers expose GitHub Actions misconfigurations with supply chain risk. Mandiant links the new BRICKSTORM backdoor to a China-based espionage campaign. Kansas students push back against an AI monitoring tool. Ben Yelin speaks with Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab, discussing Women's health apps and the legal grey zone that they create with HIPAA. Senators push the FTC to regulate your brainwaves. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin, co-host of Caveat, is speaking with Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab, about Women's health apps and the legal grey zone that they create with HIPAA. If you want to hear the full conversation, check it out on Caveat, here. Selected Reading Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems (HackRead) Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability (Cisco) Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack (Bleeping Computer) Ransomware gang known for government attacks claims Maryland transit incident (The Record) Obscura, an obscure new ransomware variant (Bleeping Computer) Threat Labs Report: Retail 2025 (Netskope) pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks (Orca) China-linked hackers use ‘BRICKSTORM' backdoor to steal IP (The Record) AI safety tool sparks student backlash after flagging art as porn, deleting emails (The Washington Post) Senators introduce bill directing FTC to establish standards for protecting consumers' neural data (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Person arrested in connection with airport attack Record-breaking DDoS attack hits new highs China-linked attackers use ‘BRICKSTORM' backdoor to steal IP Huge thanks to our sponsor, Conveyor  Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles move without stalls. Breathe easier—check out Conveyor at www.conveyor.com.  

If you like what you hear, please subscribe, leave us a review and tell a friend!Recent cyber incidents show a surge in attacks targeting both public and private sectors. Threat actors exploited vulnerabilities in software like GeoServer and Pandoc, leading to breaches in U.S. federal agencies and cloud environments. Malware campaigns, such as BadIIS, spread via SEO poisoning, while SonicWall and Boyd Gaming faced rootkits and data breaches, respectively. Security firms like Cloudflare successfully mitigated record-breaking DDoS attacks, and Mozilla introduced safeguards allowing Firefox add-on developers to roll back problematic updates. Law enforcement, including the Secret Service, has intervened to dismantle telecom threats impacting global operations like the UN.

The Secret Service says it thwarted a telecommunications cyber-op in New York City. On Tuesday, the agency announced that it seized a network of SIM servers. It was capable of jamming cell towers, conducting DDoS attacks and enabling encrypted communications. The discovery came ahead of world leaders gathering for the UN General Assembly this week. Also, Apple has delayed the release of its new series The Savant just three days before it was supposed to premiere this week. The timing of the sudden delay, and the lack of explanation for why the company is delaying the show, could be telling. Disney made a similar knee-jerk reaction in placing Jimmy Kimmel Live! on indefinite hiatus following a joke Kimmel made about the reaction to the killing of right-wing activist Charlie Kirk. And, AI is an enormous energy drain, contributing to greenhouse gas emissions at a time when the planet desperately needs progress in the opposite direction. Although most of that comes from running GPUs, cooling them is another significant overhead. So, it's worth noting when a company of Microsoft's stature claims to have achieved a breakthrough in chip cooling. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Markus Viitamäki, Senior Infrastructure Architect at Embark Studios is back on the podcast. In this episode, he and Mattias Fridström discuss Markus' previous engagement in the world's largest gaming festival DreamHack, when to establish local gaming sites to meet customer needs (and what the requirements are), DDoS attacks in the gaming industry, and whether gamers really understand how the Internet is working. 

Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Join us as we battle illness to bring you the pithy, erudite commentary you crave.  That you deserve even.  Start with software designed cores, mix in some Nvidia domination, season with the largest DDoS attack EVaR, then Ubisoft kills games and finish with fast SSDs.  What an evening you are in for.  Timestamps:00:00 Intro00:36 Patreon02:21 Food with Josh04:29 Intel Nova Lake-S has 52 cores?06:05 Software-defined super cores09:15 Intel admits "we didn't have a good offering this year"16:55 AMD launching Ryzen 9000F series CPUs18:51 ASRock AM5 BIOS update20:36 NVIDIA GPU market share is hard to believe25:46 The latest on the Windows 11 SSD failure saga30:18 Sapphire launching B850 motherboards35:59 Arm AI news48:55 Apple iPhone 1755:12 (In)Security Corner1:12:04 Gaming Quick Hits1:23:32 Jeremy reviews the SK hynix P51 Platinum SSD1:33:20 The 8TB Samsung 9100 PRO is ridiculous 1:37:31 Picks of the Week1:48:39 Outro ★ Support this podcast on Patreon ★

If you like what you hear, please subscribe, leave us a review and tell a friend!Multiple high-profile cyber incidents are impacting organizations worldwide, including ransomware attacks, data breaches, malware campaigns, and sophisticated DDoS operations. Notable events involve compromises of GitHub accounts affecting Salesloft and Drift, ransomware groups like LockerGoga, MegaCortex, and Nefilim, a massive DDoS hitting a defender platform, and breaches exposing sensitive financial and personal data in Vienna, VA, while Ukraine faces evolving Russian hacker tactics.

'2.5 billion Gmail users at risk'? Entirely false, says Google Cloudflare blocks largest recorded DDoS attack peaking at 11.5 Tbps Jaguar Land Rover says cyberattack ‘severely disrupted' production Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

A whistle-blower claims DOGE uploaded a sensitive Social Security database to a vulnerable cloud server. Allies push back against North Korean IT scams. ZipLine is a sophisticated phishing campaign targeting U.S.-based manufacturing. Researchers uncover a residential proxy network operating across at least 20 U.S. states. Flock Safety license plate readers face increased scrutiny. A new report chronicles DDoS through the first half of the year. LLM guard rails fail to defend against run-on sentences. A South American APT targets the Colombian government. Our guest is Harry Thomas, Founder and CTO at Frenos, on the benefits of curated and vetted AI training data. One man's fight against phantom jobs posts. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Harry Thomas, Founder and CTO at Frenos, talking about the benefits of curated and vetted AI training data.  Learn more about the Frenos and N2K Networks partnership to utilize industry validated intelligence to build the first AI native OT security posture management platform. Selected Reading DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says (The New York Times) Governments, tech companies meet in Tokyo to share tips on fighting North Korea IT worker scheme (The Record) ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies (Check Point Research) Phishing Campaign Targeting Companies via UpCrypter (FortiGuard Labs) Belarus-Linked DSLRoot Proxy Network Deploys Hardware in U.S. Residences, Including Military Homes (Infrawatch) CBP Had Access to More than 80,000 Flock AI Cameras Nationwide (404 Media) Evanston shuts down license plate cameras, terminates contract with Flock Safety (Evanston Round Table) Global DDoS attacks exceed 8M amid geopolitical tensions (Telecoms Tech News) One long sentence is all it takes to make LLMs misbehave (The Register) TAG-144's Persistent Grip on South American Organizations (Recorded Future) This tech worker was frustrated with ghost job ads. Now he's working to pass a national law banning them (CNBC) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Arch is under fire, two weeks and counting. We'll break down the mess, and share a quick fix. Plus, the killer new apps we've just added to our homelabs.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Microsoft releases emergency out-of-band (OOB) Windows updates. Trump targets NSA's leading AI and cyber expert in clearance revocations. A breach may have compromised the privacy of Ohio medical marijuana patients. Cybercriminals exploit an AI website builder to rapidly create phishing sites. Warlock ransomware operators target Microsoft's SharePoint ToolShell vulnerability. Google and Mozilla patch Chrome and Firefox. European officials report two cyber incidents targeting water infrastructure. A federal appeals court has upheld fines against T-Mobile and Sprint for illegally selling customer location data. Authorities dismantle DDoS powerhouse Rapper Bot. On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, speaking about ShinyHunters and the problems with securing Salesforce. Microsoft Copilot gets creative with compliance.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, who is speaking about ShinyHunters and the problems with securing Salesforce. You can hear more from Matt here. Selected Reading Microsoft releases emergency updates to fix Windows recovery (Bleeping Computer) Trump Revokes Security Clearances of 37 Former and Current Officials (The New York Times) Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database (WIRED) AI Website Builder Lovable Abused for Phishing and Malware Scams (Hackread) Warlock Ransomware Hitting Victims Globally Through SharePoint ToolShell Exploit (InfoSecurity Magazine) High-Severity Vulnerabilities Patched in Chrome, Firefox (SecurityWeek) Russia-linked European attacks renew concerns over water cybersecurity (CSO Online) T-Mobile claimed selling location data without consent is legal, judges disagree (Ars Technica) Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator (CyberScoop) Copilot Broke Your Audit Log, but Microsoft Won't Tell You (Pistachio Blog) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A researcher uncovers vulnerabilities across Intel's internal websites that exposed sensitive employee and supplier data. The Kimsuky group (APT43) targets South Korean diplomatic missions. A new DDoS vulnerability bypasses the 2023 “Rapid Reset” fix. Drug development firm Inotiv reports a ransomware attack to the SEC. The UK drops their demand that Apple provide access to encrypted iCloud accounts. Hackers disguise the PipeMagic backdoor as a fake ChatGPT desktop app. The source code for a powerful Android banking trojan was leaked online. A Nebraska man is sentenced to prison for defrauding cloud providers to mine nearly $1 million in cryptocurrency. On this week's Threat Vector, David Moulton speaks with Liz Pinder and Patrick Bayle for a no holds barred look at context switching in the SOC. A UK police force fails to call for backup. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Security analysts are drowning in tools, alerts, and tabs. On today's Threat Vector segment from Palo Alto Networks, we offer a snapshot from host⁠ David Moulton⁠'s conversation with⁠ Liz Pinder⁠ and⁠ Patrick Bayle⁠⁠. Together they take a no holds barred look at context switching in the SOC, what it costs, why it's getting worse, and how smarter design can fix it. You can listen to David, Patrick, and Liz's conversation⁠ here⁠. It's a must-listen for anyone building or managing a modern SOC. New episodes of⁠ Threat Vector⁠ drop each Thursday on the N2K CyberWire network and in your favorite podcast app. Selected Reading Intel data breach: employee data could be accessed via API (Techzine Global) North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware (GB Hackers) Internet-wide Vulnerability Enables Giant DDoS Attacks (Dark Reading) Drug development company Inotiv reports ransomware attack to SEC (The Record) UK ‘agrees to drop' demand over Apple iCloud encryption, US intelligence head claims (The Record) Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft (The Record) ERMAC Android malware source code leak exposes banking trojan infrastructure (Bleeping Computer) Nebraska man gets 1 year in prison for $3.5M cryptojacking scheme (Bleeping Computer) South Yorkshire Police Deletes 96,000 Pieces of Digital Evidence  (Infosecurity Magazine) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia's financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state portal cyberattack.  Hungarian police arrest a man accused of launching DDoS attacks on independent media outlets. On our Threat Vector segment guest host ⁠Michael Sikorski⁠ ⁠and Michael Daniel⁠ of the Cyber Threat Alliance (CTA) explore cybersecurity collaboration. A Spyware kingpin wants back in. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector segment, host David Moulton turns the mic over to guest host ⁠Michael Sikorski⁠ and his guest ⁠Michael Daniel⁠ of the Cyber Threat Alliance (CTA) for a deep dive into cybersecurity collaboration. You can hear Michael and Michael's full discussion on Threat Vector ⁠⁠⁠here⁠⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets (SecurityWeek) Microsoft: Windows Server KB5062557 causes cluster, VM issues (Bleeping Computer)  File transfer company CrushFTP warns of zero-day exploit seen in the wild (The Record) UK to lead crackdown on cyber criminals with ransomware measures (GOV.UK) Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims (Infosecurity Magazine) Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks (Infosecurity Magazine) WordPress spam campaign abuses Google Tag Manager scripts (SC Media) After website hack, Arizona election officials unload on Trump's CISA (CyberScoop) Hungarian police arrest suspect in cyberattacks on independent media (The Record) Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry (TechCrunch) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices