Podcasts about ddos

Cyber attack disrupting service by overloading the provider of the service

  • 1,460PODCASTS
  • 3,995EPISODES
  • 46mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Oct 9, 2025LATEST
ddos

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about ddos

Show all podcasts related to ddos

Latest podcast episodes about ddos

The CyberWire
Cyber defenders pulled into deportation duty.

The CyberWire

Play Episode Listen Later Oct 9, 2025 29:49


DHS reassigns cyberstaff to immigration duties. A massive DDoS attack disrupts several major gaming platforms. Discord refuses ransom after a third-party support system breach. Researchers examine Chaos ransomware and creative log-poisoning web intrusions. The FCC reconsiders its telecom data breach disclosure rule. Experts warn of teen recruitment in pro-Russian hacking operations. Ukraine's parliament approves the establishment of Cyber Forces. Troy Hunt criticizes data breach injunctions as empty gestures. Our guest is Sarah Graham from the Atlantic Council's Cyber Statecraft Initiative (CSI) discussing their report, "Mythical Beasts: Diving into the depths of the global spyware market." And, Spy Dog's secret site goes off leash. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Sarah Graham from the Atlantic Council's Cyber Statecraft Initiative (CSI) discussing their work and findings on "Mythical Beasts: Diving into the depths of the global spyware market." Selected Reading Homeland Security Cyber Personnel Reassigned to Jobs in Trump's Deportation Push (Bloomberg) Massive DDoS Attack Knocks Out Steam, Riot, and Other Services (Windows Report) Hackers claim Discord breach exposed data of 5.5 million users (Bleeping Computer) The Evolution of Chaos Ransomware: Faster, Smarter, and More Dangerous (FortiGuard Labs) The Crown Prince, Nezha: A New Tool Favored by China-Nexus Threat Actors (Huntress) Court Pauses FCC Data Breach Rules as Agency Takes New Look | Regulation (Cablefax) Arrests Underscore Fears of Teen Cyberespionage Recruitment (Data Breach Today) Ukraine's parliament backs creation of cyber forces in first reading (The Kyiv Independent) Troy Hunt: Court Injunctions are the Thoughts and Prayers of Data Breach Response (Troy Hunt) Spy Dog: Children's books pulled over explicit weblink (BBC News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Leaguecast: a League of Legends Podcast

The boys discuss Patch 25.20, ARAM Mayhem, Account Linking, Streamer Mode, Account Penalties, DDOS Attacks, Hackathon, LR in LEC, LCS Promotion Tournament, emails and more on episode 711 of Leaguecast! Email us - mail@leaguecastpodcast.com   Support us - https://www.patreon.com/leaguecast  Tweet us - https://twitter.com/leaguecast   Facebook - https://www.facebook.com/Leaguecast/   Join Our Discord - https://discord.gg/leaguecast   

Canaltech Podcast
Seu robô aspirador ou sua smart TV podem ser usados em ataques digitais

Canaltech Podcast

Play Episode Listen Later Sep 29, 2025 22:59


Aparelhos comuns como câmeras de segurança, babás eletrônicas, roteadores e até robôs aspiradores podem ser usados como armas em ataques digitais. No novo episódio do Podcast Canaltech, conversamos com Matheus Castanho, Tech Lead da Huge Networks, sobre os riscos de segurança que rondam os dispositivos IoT (Internet das Coisas). O especialista explica como esses aparelhos podem ser transformados em botnets usadas em ataques DDoS e até em espionagem dentro das casas, além de revelar os erros mais comuns que deixam tudo mais vulnerável. Matheus também aponta caminhos para fabricantes e usuários reduzirem os riscos e compartilha dicas práticas para quem já tem uma casa cheia de dispositivos conectados. Você também vai conferir: ChatGPT-5 já mostra desempenho de humano em áreas como saúde, finanças e varejo, LG lança TV com modo fácil e botão de emergência para idosos, Amazon dificulta pirataria no Kindle com nova atualização de segurança, Brasil tem mais alunos no EAD do que no ensino presencial e Heineken abre mais de 30 vagas em tecnologia com salários de até R$ 22 mil. Este podcast foi roteirizado e apresentado por Fernanda Santos e contou com reportagens de João Melo, Vinicius Moschen, Wendel Martins, Nathan Vieira e Claudio Yuge sob coordenação de Anaísa Catucci. A trilha sonora é de Guilherme Zomer, a edição de Jully Cruz e a arte da capa é de Erick Teixeira.See omnystudio.com/listener for privacy information.

Compilado do Código Fonte TV
Performance é foco no Java 25; MCP no Laravel; Safe C++ foi rejeitada; Devs Ruby são expulsos do GitHub; IA cresce entre empresas brasileiras [Compilado #216]

Compilado do Código Fonte TV

Play Episode Listen Later Sep 28, 2025 85:16


Compilado do Código Fonte TV
Performance é foco no Java 25; MCP no Laravel; Safe C++ foi rejeitada; Devs Ruby são expulsos do GitHub; IA cresce entre empresas brasileiras [Compilado #216]

Compilado do Código Fonte TV

Play Episode Listen Later Sep 28, 2025 85:16


The CyberWire
Critical GoAnywhere bug exposed.

The CyberWire

Play Episode Listen Later Sep 25, 2025 29:13


Fortra flags a critical flaw in its GoAnywhere Managed File Transfer (MFT) solution. Cisco patches a critical vulnerability in its IOS and IOS XE software. Cloudflare thwarts yet another record DDoS attack. Rhysida ransomware gang claims the Maryland Transit cyberattack. The new “Obscura” ransomware strain spreads via domain controllers. Retailers' use of generative AI expands attack surfaces. Researchers expose GitHub Actions misconfigurations with supply chain risk. Mandiant links the new BRICKSTORM backdoor to a China-based espionage campaign. Kansas students push back against an AI monitoring tool. Ben Yelin speaks with Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab, discussing Women's health apps and the legal grey zone that they create with HIPAA. Senators push the FTC to regulate your brainwaves. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin, co-host of Caveat, is speaking with Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab, about Women's health apps and the legal grey zone that they create with HIPAA. If you want to hear the full conversation, check it out on Caveat, here. Selected Reading Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems (HackRead) Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability (Cisco) Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack (Bleeping Computer) Ransomware gang known for government attacks claims Maryland transit incident (The Record) Obscura, an obscure new ransomware variant (Bleeping Computer) Threat Labs Report: Retail 2025 (Netskope) pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks (Orca) China-linked hackers use ‘BRICKSTORM' backdoor to steal IP (The Record) AI safety tool sparks student backlash after flagging art as porn, deleting emails (The Washington Post) Senators introduce bill directing FTC to establish standards for protecting consumers' neural data (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Security Headlines
Suspect arrested over airport attack, DDoS attack hits new record, BRICKSTORM backdoor steals IPs

Cyber Security Headlines

Play Episode Listen Later Sep 25, 2025 7:37


Person arrested in connection with airport attack Record-breaking DDoS attack hits new highs China-linked attackers use ‘BRICKSTORM' backdoor to steal IP Huge thanks to our sponsor, Conveyor  Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles move without stalls. Breathe easier—check out Conveyor at www.conveyor.com.  

Cyber Briefing
September 24, 2025 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Sep 24, 2025 9:19


If you like what you hear, please subscribe, leave us a review and tell a friend!Recent cyber incidents show a surge in attacks targeting both public and private sectors. Threat actors exploited vulnerabilities in software like GeoServer and Pandoc, leading to breaches in U.S. federal agencies and cloud environments. Malware campaigns, such as BadIIS, spread via SEO poisoning, while SonicWall and Boyd Gaming faced rootkits and data breaches, respectively. Security firms like Cloudflare successfully mitigated record-breaking DDoS attacks, and Mozilla introduced safeguards allowing Firefox add-on developers to roll back problematic updates. Law enforcement, including the Secret Service, has intervened to dismantle telecom threats impacting global operations like the UN.

Engadget
The Secret Service seized a network capable of shutting down NYC's cell service, Apple TV+ indefinitely delayed 'The Savant', and Microsoft claimed a 'breakthrough' in AI chip cooling

Engadget

Play Episode Listen Later Sep 24, 2025 8:39


The Secret Service says it thwarted a telecommunications cyber-op in New York City. On Tuesday, the agency announced that it seized a network of SIM servers. It was capable of jamming cell towers, conducting DDoS attacks and enabling encrypted communications. The discovery came ahead of world leaders gathering for the UN General Assembly this week. Also, Apple has delayed the release of its new series The Savant just three days before it was supposed to premiere this week. The timing of the sudden delay, and the lack of explanation for why the company is delaying the show, could be telling. Disney made a similar knee-jerk reaction in placing Jimmy Kimmel Live! on indefinite hiatus following a joke Kimmel made about the reaction to the killing of right-wing activist Charlie Kirk. And, AI is an enormous energy drain, contributing to greenhouse gas emissions at a time when the planet desperately needs progress in the opposite direction. Although most of that comes from running GPUs, cooling them is another significant overhead. So, it's worth noting when a company of Microsoft's stature claims to have achieved a breakthrough in chip cooling. Learn more about your ad choices. Visit podcastchoices.com/adchoices

The Connectivity Podcast
EP60: Connectivity in the gaming industry: DreamHack, local sites, and future of gaming

The Connectivity Podcast

Play Episode Listen Later Sep 22, 2025 27:11


Markus Viitamäki, Senior Infrastructure Architect at Embark Studios is back on the podcast. In this episode, he and Mattias Fridström discuss Markus' previous engagement in the world's largest gaming festival DreamHack, when to establish local gaming sites to meet customer needs (and what the requirements are), DDoS attacks in the gaming industry, and whether gamers really understand how the Internet is working. 

TechMánia
Spotify végre FLAC-kal – és egy router, ami a pulzusod is látja

TechMánia

Play Episode Listen Later Sep 21, 2025 52:50


Szabadság vs. védelem, hálózat vs. terhelés, hardver vs. élmény – ebben a részben végigmegyünk a hét legfontosabb digitális történetein, és a „miért számít ez neked?” kérdésre is válaszolunk. A UK korhatár-ellenőrzési törvény hullámai messzire gyűrűznek, közben rekord-DDoS rázza meg a netet, az 5G egy új trükkel gyorsul, a viselhető piacon trónváltás, végre érkezik a Spotify veszteségmentes, és az MI egyszerre formálja a marketinget és hűti a vállalati étvágyat.

Security Now (MP3)
SN 1043: Memory Integrity Enforcement - Crypto ATM Scam Epidemic

Security Now (MP3)

Play Episode Listen Later Sep 17, 2025 171:36 Transcription Available


Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

All TWiT.tv Shows (MP3)
Security Now 1043: Memory Integrity Enforcement

All TWiT.tv Shows (MP3)

Play Episode Listen Later Sep 17, 2025 171:51


Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Security Now (Video HD)
SN 1043: Memory Integrity Enforcement - Crypto ATM Scam Epidemic

Security Now (Video HD)

Play Episode Listen Later Sep 17, 2025 171:21 Transcription Available


Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Security Now (Video HI)
SN 1043: Memory Integrity Enforcement - Crypto ATM Scam Epidemic

Security Now (Video HI)

Play Episode Listen Later Sep 17, 2025 171:21 Transcription Available


Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Radio Leo (Audio)
Security Now 1043: Memory Integrity Enforcement

Radio Leo (Audio)

Play Episode Listen Later Sep 17, 2025 171:36


Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Security Now (Video LO)
SN 1043: Memory Integrity Enforcement - Crypto ATM Scam Epidemic

Security Now (Video LO)

Play Episode Listen Later Sep 17, 2025 171:21 Transcription Available


Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

All TWiT.tv Shows (Video LO)
Security Now 1043: Memory Integrity Enforcement

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Sep 17, 2025 171:21 Transcription Available


Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

Radio Leo (Video HD)
Security Now 1043: Memory Integrity Enforcement

Radio Leo (Video HD)

Play Episode Listen Later Sep 17, 2025 171:21 Transcription Available


Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit

PC Perspective Podcast
Podcast #836 - Intel & AMD CPU News, NVIDIA GPU Marketshare, Sapphire B850, SK hynix and Samsung SSD Reviews, Ubisoft kills games + MORE!

PC Perspective Podcast

Play Episode Listen Later Sep 13, 2025 111:02


Join us as we battle illness to bring you the pithy, erudite commentary you crave.  That you deserve even.  Start with software designed cores, mix in some Nvidia domination, season with the largest DDoS attack EVaR, then Ubisoft kills games and finish with fast SSDs.  What an evening you are in for.  Timestamps:00:00 Intro00:36 Patreon02:21 Food with Josh04:29 Intel Nova Lake-S has 52 cores?06:05 Software-defined super cores09:15 Intel admits "we didn't have a good offering this year"16:55 AMD launching Ryzen 9000F series CPUs18:51 ASRock AM5 BIOS update20:36 NVIDIA GPU market share is hard to believe25:46 The latest on the Windows 11 SSD failure saga30:18 Sapphire launching B850 motherboards35:59 Arm AI news48:55 Apple iPhone 1755:12 (In)Security Corner1:12:04 Gaming Quick Hits1:23:32 Jeremy reviews the SK hynix P51 Platinum SSD1:33:20 The 8TB Samsung 9100 PRO is ridiculous 1:37:31 Picks of the Week1:48:39 Outro ★ Support this podcast on Patreon ★

Cyber Briefing
September 11, 2025 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Sep 11, 2025 9:44


If you like what you hear, please subscribe, leave us a review and tell a friend!Multiple high-profile cyber incidents are impacting organizations worldwide, including ransomware attacks, data breaches, malware campaigns, and sophisticated DDoS operations. Notable events involve compromises of GitHub accounts affecting Salesloft and Drift, ransomware groups like LockerGoga, MegaCortex, and Nefilim, a massive DDoS hitting a defender platform, and breaches exposing sensitive financial and personal data in Vienna, VA, while Ukraine faces evolving Russian hacker tactics.

Camada 8
#68 - Infraestrutura Crítica dos Bancos Brasileiros com Edney Fernandes

Camada 8

Play Episode Listen Later Sep 10, 2025 53:34


No novo episódio do Camada 8, convidamos Edney Fernandes, Coordenador de Redes e Telecomunicações no Banco da Amazônia, para uma conversa sobre a infraestrutura crítica dos bancos, o seu modelo de redes de alta disponibilidade e redundância, até o impacto de falhas.Edney explica como um banco estrutura sua operação para garantir resiliência, atender regulações rígidas e suportar inovações como o PIX. Ele também fala sobre ameaças digitais como ransomware e DDoS, riscos físicos como desastres naturais, e como planos de contingência e recuperação, redundância e segmentação de redes ajudam a manter tudo funcionando.Dê o play e confira agora mesmo o novo episódio do quadro Roteamento de Ideias do Camada 8!#Camada8 #PIX #Drex #SistemaFinanceiro #Infraestruturabancaria #setorfinanceiro #Conectividade #Infraestrutura #Tecnologia Participantes:Antonio Marcos Moreiras (Host) - Gerente de projetos e desenvolvimento no NIC.br https://www.linkedin.com/in/moreiras Lucas Jorge da Silva (Host) - Analista de Projetos do Ceptro.br no NIC.br ⁠https://www.linkedin.com/in/lucasjorgeEdney Fernandes (Convidado) - Coordenador de Redes e Telecomunicações no Banco da Amazônia https://www.linkedin.com/in/edneyfer/Links citados:Curso BCOP Presencial: https://cursoseventos.nic.br/curso/curso-bcop/Curso BCOP EaD: https://cursoseventos.nic.br/curso/curso-bcop-ead/IX Fórum Regional Sudeste: https://regional.forum.ix.br/Agenda de cursos do Ceptro|NIC.br: https://ceptro.br/cursos-eventosRedes Sociais:https://www.youtube.com/nicbrvideos/https://www.twitter.com/comunicbr/https://www.telegram.me/nicbr/https://www.linkedin.com/company/nic-br/https://www.instagram.com/nicbr/https://www.facebook.com/nic.br/https://www.flickr.com/NICbr/Contato:Equipe Ceptro.brcursosceptro@nic.brDireção e áudio:Equipe Ceptro.brEquipe de Comunicação do NIC.brEdição YouProjectSonorização Rádiofobia Podcast e Multimídia: https://radiofobia.com.br/Veja também:https://nic.br/https://ceptro.br/

ALEF SecurityCast
Ep#297 - NÚKIB varuje: čínské technologie mohou ohrozit i vaše data

ALEF SecurityCast

Play Episode Listen Later Sep 8, 2025 10:25


NÚKIB varuje před čínskými technologiemi – hrozba pro data i infrastrukturu. Vysvětlíme, co varování znamená pro firmy i jednotlivce. Podíváme se také na kyberútok na Jaguar Land Rover, který zastavil výrobu po celém světě, rekordní DDoS útok 11,5 Tbps proti Cloudflare, novou kritickou zranitelnost v TP-Link routerech a na to, proč globální výdaje na kyberbezpečnost v roce 2025 vystřelí na rekordních 213 miliard dolarů. Na závěr vás pozveme na livestream Rodina – základ kyberbezpečnosti v rámci akce Týden pro digitální Česko.

KuppingerCole Analysts
Mastering DDoS Defense with Qrator Labs: Evolving Threats & Mitigation Strategies

KuppingerCole Analysts

Play Episode Listen Later Sep 5, 2025 22:22


DDoS attacks are evolving and becoming more dangerous than ever. In this video, Osman Celik speaks with Andrey Leskin from QRator Labs about the current DDoS attack landscape and how organizations can defend themselves. You’ll learn: What DDoS attacks are and how they work across layers 3, 4, and 7 Why Layer 7 (application-layer) attacks are the fastest-growing and hardest to detect How attackers are building massive botnets (millions of compromised devices) Real-world DDoS incidents hitting FinTech, e-commerce, and media sectors The differences between scrubbing capacity and PoP proximity in mitigation How QRator Labs approaches DDoS protection with scrubbing, anti-bot, and WAF solutions With Layer 7 attacks rising by 74% year-over-year and record-breaking volumetric attacks now lasting weeks, no industry can afford to ignore this threat. Watch now to understand how to protect your business from DDoS, botnets, and evolving cyber threats.

Cyber Security Headlines
Google: Gmail is secure, Cloudflare blocks largest DDoS attack, Amazon shutters theft campaign

Cyber Security Headlines

Play Episode Listen Later Sep 3, 2025 6:55


'2.5 billion Gmail users at risk'? Entirely false, says Google Cloudflare blocks largest recorded DDoS attack peaking at 11.5 Tbps Jaguar Land Rover says cyberattack ‘severely disrupted' production Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Risky Business News
Risky Bulletin: YouTubers unmask and help dismantle Chinese scam ring

Risky Business News

Play Episode Listen Later Sep 3, 2025 4:24


Two YouTube channels help dismantle a Chinese scam operation, Cloudflare, Zscaler, and Palo Alto disclose Salesloft-related breaches, a ransomware attack disrupts vehicle production at Jaguar Land Rover, and we have a new record DDoS attack. Show notes Risky Bulletin: YouTubers unmask and help dismantle giant Chinese scam ring

The CyberWire
Whistle-blown and wide open.

The CyberWire

Play Episode Listen Later Aug 27, 2025 25:57


A whistle-blower claims DOGE uploaded a sensitive Social Security database to a vulnerable cloud server. Allies push back against North Korean IT scams. ZipLine is a sophisticated phishing campaign targeting U.S.-based manufacturing. Researchers uncover a residential proxy network operating across at least 20 U.S. states. Flock Safety license plate readers face increased scrutiny. A new report chronicles DDoS through the first half of the year. LLM guard rails fail to defend against run-on sentences. A South American APT targets the Colombian government. Our guest is Harry Thomas, Founder and CTO at Frenos, on the benefits of curated and vetted AI training data. One man's fight against phantom jobs posts. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Harry Thomas, Founder and CTO at Frenos, talking about the benefits of curated and vetted AI training data.  Learn more about the Frenos and N2K Networks partnership to utilize industry validated intelligence to build the first AI native OT security posture management platform. Selected Reading DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says (The New York Times) Governments, tech companies meet in Tokyo to share tips on fighting North Korea IT worker scheme (The Record) ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies (Check Point Research) Phishing Campaign Targeting Companies via UpCrypter (FortiGuard Labs) Belarus-Linked DSLRoot Proxy Network Deploys Hardware in U.S. Residences, Including Military Homes (Infrawatch) CBP Had Access to More than 80,000 Flock AI Cameras Nationwide (404 Media) Evanston shuts down license plate cameras, terminates contract with Flock Safety (Evanston Round Table) Global DDoS attacks exceed 8M amid geopolitical tensions (Telecoms Tech News) One long sentence is all it takes to make LLMs misbehave (The Register) TAG-144's Persistent Grip on South American Organizations (Recorded Future) This tech worker was frustrated with ghost job ads. Now he's working to pass a national law banning them (CNBC) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Briefing
August 26, 2025 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Aug 26, 2025 9:36


If you like what you hear, please subscribe, leave us a review and tell a friend!

LINUX Unplugged
629: Arch Enemies

LINUX Unplugged

Play Episode Listen Later Aug 25, 2025 78:19 Transcription Available


Arch is under fire, two weeks and counting. We'll break down the mess, and share a quick fix. Plus, the killer new apps we've just added to our homelabs.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Vipcast.hu powered by Media1
Hogyan kapták el Hano-t, a magyar internet rémét?

Vipcast.hu powered by Media1

Play Episode Listen Later Aug 25, 2025


Az elmúlt években nagyon megszaporodtak Magyarországon az úgynevezett DDoS-kibertámadások, amelyek sokszor nemzetközi példákat idéző intenzitással bénítottak le hírportálokat és más online szolgáltatásokat. A Media1 legújabb podcast epizódjában részletesen bemutatjuk, hogyan zajlottak ezek a DDoS (Distributed Denial of Service) támadások, amelyek során több ezer, akár több tízezer eszköz összehangoltan árasztja el forgalommal a célpont szervereit. A ... Olvass tovább A Hogyan kapták el Hano-t, a magyar internet rémét? bejegyzés először vipcast.hu powered by Media1-én jelent meg.

The CyberWire
Undoing the undo bug.

The CyberWire

Play Episode Listen Later Aug 20, 2025 32:06


Microsoft releases emergency out-of-band (OOB) Windows updates. Trump targets NSA's leading AI and cyber expert in clearance revocations. A breach may have compromised the privacy of Ohio medical marijuana patients. Cybercriminals exploit an AI website builder to rapidly create phishing sites. Warlock ransomware operators target Microsoft's SharePoint ToolShell vulnerability. Google and Mozilla patch Chrome and Firefox. European officials report two cyber incidents targeting water infrastructure. A federal appeals court has upheld fines against T-Mobile and Sprint for illegally selling customer location data. Authorities dismantle DDoS powerhouse Rapper Bot. On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, speaking about ShinyHunters and the problems with securing Salesforce. Microsoft Copilot gets creative with compliance.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, who is speaking about ShinyHunters and the problems with securing Salesforce. You can hear more from Matt here. Selected Reading Microsoft releases emergency updates to fix Windows recovery (Bleeping Computer) Trump Revokes Security Clearances of 37 Former and Current Officials (The New York Times) Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database (WIRED) AI Website Builder Lovable Abused for Phishing and Malware Scams (Hackread) Warlock Ransomware Hitting Victims Globally Through SharePoint ToolShell Exploit (InfoSecurity Magazine) High-Severity Vulnerabilities Patched in Chrome, Firefox (SecurityWeek) Russia-linked European attacks renew concerns over water cybersecurity (CSO Online) T-Mobile claimed selling location data without consent is legal, judges disagree (Ars Technica) Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator (CyberScoop) Copilot Broke Your Audit Log, but Microsoft Won't Tell You (Pistachio Blog) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Engadget
The White House now has a TikTok account, a man who allegedly used a botnet to take down X has been charged, and Meta's AI voice translation feature rolled out globally

Engadget

Play Episode Listen Later Aug 20, 2025 7:08


The White House has joined TikTok, the social media app that President Trump wanted to ban during his first term. Its first post shows clips of Trump in various events with Kendrick Lamar's track playing in the background. The New York Times notes that it references a popular video edit of Creed, a boxing movie starring Michael B. Jordan, on the app. In the TikTok post, Trump could be heard saying "I am your voice," while the caption reads "America we are BACK! What's up TikTok?" In other news, an Oregon man has been charged in a federal complaint today on allegations of operating a botnet for hire that conducted cyberattacks beginning at least in 2021. Ethan Foltz has been accused of running Rapper Bot, also known as Eleven Eleven Botnet and CowBot, and using it to execute coordinated distributed denial of service or DDoS attacks; Meta rolled out its new voice dubbing feature globally. The Reels feature uses generative AI to translate your voice, with optional lip-syncing. Learn more about your ad choices. Visit podcastchoices.com/adchoices

The CyberWire
Inside Intel's internal web maze.

The CyberWire

Play Episode Listen Later Aug 19, 2025 26:18


A researcher uncovers vulnerabilities across Intel's internal websites that exposed sensitive employee and supplier data. The Kimsuky group (APT43) targets South Korean diplomatic missions. A new DDoS vulnerability bypasses the 2023 “Rapid Reset” fix. Drug development firm Inotiv reports a ransomware attack to the SEC. The UK drops their demand that Apple provide access to encrypted iCloud accounts. Hackers disguise the PipeMagic backdoor as a fake ChatGPT desktop app. The source code for a powerful Android banking trojan was leaked online. A Nebraska man is sentenced to prison for defrauding cloud providers to mine nearly $1 million in cryptocurrency. On this week's Threat Vector, David Moulton speaks with Liz Pinder and Patrick Bayle for a no holds barred look at context switching in the SOC. A UK police force fails to call for backup. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Security analysts are drowning in tools, alerts, and tabs. On today's Threat Vector segment from Palo Alto Networks, we offer a snapshot from host⁠ David Moulton⁠'s conversation with⁠ Liz Pinder⁠ and⁠ Patrick Bayle⁠⁠. Together they take a no holds barred look at context switching in the SOC, what it costs, why it's getting worse, and how smarter design can fix it. You can listen to David, Patrick, and Liz's conversation⁠ here⁠. It's a must-listen for anyone building or managing a modern SOC. New episodes of⁠ Threat Vector⁠ drop each Thursday on the N2K CyberWire network and in your favorite podcast app. Selected Reading Intel data breach: employee data could be accessed via API (Techzine Global) North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware (GB Hackers) Internet-wide Vulnerability Enables Giant DDoS Attacks (Dark Reading) Drug development company Inotiv reports ransomware attack to SEC (The Record) UK ‘agrees to drop' demand over Apple iCloud encryption, US intelligence head claims (The Record) Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft (The Record) ERMAC Android malware source code leak exposes banking trojan infrastructure (Bleeping Computer) Nebraska man gets 1 year in prison for $3.5M cryptojacking scheme (Bleeping Computer) South Yorkshire Police Deletes 96,000 Pieces of Digital Evidence  (Infosecurity Magazine) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

mnemonic security podcast
The Economy for Phish

mnemonic security podcast

Play Episode Listen Later Aug 18, 2025 50:23


This episode, we're joined by Ford Merrill, Senior Director of Research and Innovation at SEC Alliance, to discuss the evolution and sophistication of Phishing as a Service (PhaaS).Merrill shares from his 11 years of experience working on security research in primarily the areas of phishing and DDoS botnets. In the episode, he talks about the shift from Russian to Chinese-speaking operators, who the developers of advanced kits like Darcula and Lighthouse are, and who actually uses them to impersonate brands for financial gain.Merrill also outlines a complex ecosystem with supporting technologies and roles involving spammers, data brokers, and money launderers. He also shares what thinks needs to be done to respond this problem, and where he sees rays of hope already.Related resources:If you haven't listened to our series on Darcula, a phishing-as-a-service operation targeting victims globally, check out episode 137 and 138 to hear Robby's interview with mnemonic's security researchers Erlend Leiknes and Harrison Sand about the findings from their technical investigation into the phishing kit platform Magic Cat. And hear how this story progressed as Robby interviews investigative journalist Martin Gundersen from the Norwegian media agency NRK.Send us a text

Risky Business News
Risky Bulletin: HTTP2 flaw enables massive DDoS attacks

Risky Business News

Play Episode Listen Later Aug 15, 2025 8:03


An HTTP-2 vulnerability enables DDoS attacks, Russia blocks Telegram and WhatsApp voice calls, attackers abuse a zero-day in N-able servers, and the US government is adding trackers to chip shipments. Show notes Risky Bulletin: MadeYouReset vulnerability enables unlimited HTTP/2 DDoS attacks

La French Connection
Épisode 0x275 - Discussion d'été de DDoS à la Chine

La French Connection

Play Episode Listen Later Aug 13, 2025


Discussion d'été de DDoS à la Chine Shamelessplug Hackfest Swag Join Hackfest/La French Connection Discord Join Hackfest us on Masodon Conférence GoSEC 2025 - Montréal - 10-11 sept 2025 - Colloque cybersécurité et protection des données personnelles - Saint-Hyacinthe - 2 octobre 2025 Hackfest - Québec - 16-17-18 Octobre 2025 POLAR - Québec - 16 Octobre 2025 Montréal Connecte 2025 - Montréal - 28-31 octobre 2025 - Cyberchess les 29-30 octobre - Latvia Nouvelles Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks ‘123456' password exposed info for 64 million McDonald's job applicants PATCH YOUR SYSTEMS ! Microsoft - Fortinet - Cisco - Citrix - ZScaler - VMWare - Google Chrome - SonicWall Cyber Threat Intelligence Report: Australia H1 2025 China-Backed Salt Typhoon Hacks US National Guard for Nearly a Yea Spain awards Huawei contracts to manage intelligence agency wiretaps Russian vodka producer reports disruptions after ransomware attack FCC wants to ban Chinese tech from undersea cables RFTA - Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity Global operation targets NoName057(16) pro-Russian cybercrime network Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack Cloudflare 1.1.1.1 incident on July 14, 2025 PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars Four arrested in UK over M&S, Co-op, Harrods cyberattacks Co-op confirms data of 6.5 million members stolen in cyberattack Trump administration to spend $1 billion on ‘offensive' hacking operations A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers WeTransfer clarifies it won't use your files to train AI _ Mashable Crew Patrick Mathieu Francis Coats Steve Waterhouse Crédits Montage audio par Hackfest Communication Music par Sinewinder – Superstring - Spaghettification Locaux virtuels par Streamyard

The Route to Networking
E160 - Max Röttgermann at Deutsche Telekom

The Route to Networking

Play Episode Listen Later Aug 13, 2025 54:49


Send us a textIn this episode of The Route to Networking Podcast, host Ben Davies is joined by Max Röttgermann, Senior Product Manager for IP Transit & DDoS Defense at Deutsche Telekom. With over two decades at the forefront of telecom innovation, Max shares his journey from CB radio enthusiast to building one of the most scalable DDoS mitigation platforms in the world.He reflects on his early hands-on experience running infrastructure at international trade shows, how on-the-job learning shaped his academic path, and why cyber defence has become mission-critical in today's digital world. Max also breaks down the evolution of DDoS attacks and how AI and machine learning are reshaping detection and mitigation strategies.Packed with practical advice for the next generation, Max emphasises the power of curiosity, the value of understanding internet fundamentals, and the importance of balancing technical depth with business acumen.From invisible threats to visible leadership, this is an episode full of insight, innovation, and a passion for protecting the networks that keep the world connected.

Cyber Briefing
August 12, 2025 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Aug 12, 2025 10:05


If you like what you hear, please subscribe, leave us a review and tell a friend!

Tank Talks
Blocking 190 Billion Cyberattacks Daily: Scaling Through Crises & Cold Winters with Michelle Zatlyn of Cloudflare

Tank Talks

Play Episode Listen Later Aug 7, 2025 59:59


In this episode of Tank Talks, we're joined by Michelle Zatlyn, Co-founder, Co-chair, and President of Cloudflare, a company protecting and powering a major part of global internet traffic. Cloudflare helps businesses stay online, load faster, and block threats before they reach the door.Michelle explains how growing up in Saskatchewan shaped her views on leadership and teamwork, and how that experience still guides her as Cloudflare scales. She shares how a hallway conversation at Harvard became the starting point for the business, how they raised their first round of funding without a product, and why they moved to Silicon Valley during a downturn with no connections.She talks through the pressure of going public, the spike in traffic when COVID hit, and how the team responded when customers suddenly needed help keeping their services running. She also walks through Cloudflare's new AI crawler model, how it gives content owners more control, and why a new business model for the web is overdue.From managing billions of attacks a day to helping publishers keep their content protected, Cloudflare shows what it means to stay reliable when the stakes are high, and Michelle makes it clear that good infrastructure only works if people trust it.We explore:* How do you raise money with no product, no revenue, and no connections?* What happens when a hallway idea becomes core infrastructure for the internet?* What changes when your company goes public six months before a global crisis?* Can creators control how AI models use their content?* What can founders do to make their teams more inclusive without making it performative?* Why $100M-to-$1B is more fun than $0-to-$100MThe Canadian Roots and Early Values of a Tech Founder (00:02:36)* Growing up in Prince Albert, Saskatchewan* How cold winters and community spirit shaped her leadership* From science nerd to Silicon Valley co-founderWhy She Left Medicine for Business (00:06:49)* How a summer research job made her rethink med school* Falling into tech through work in Toronto* Applying to Harvard without knowing how to pay for it* The support from Canadian alumni that made it possibleThe Hallway Conversation That Sparked Cloudflare (00:10:50)* A casual remark turns into a business idea* How she and Matthew Prince turned Project Honeypot into a startup* Using their .edu emails to get early help and access* Getting credit for the project instead of taking another classRaising Money With No Traction (00:20:34)* Moving to Silicon Valley in a U-Haul with no connections* Pitching investors with nothing built* Getting $2M on a $4M pre-money valuation* Why the Valley still bets on early-stage founders with clear ideasHiring, Scaling, and Keeping a Startup Culture (00:24:52)* Going from 20 people to over 4,500* Why they still focus on shipping and momentum* How ownership and trust make the difference* Running fast without losing focusGoing Public, Then COVID Hit (00:28:00)* Why they went public when they did* Customers who once said no came running back* What changed when traffic spiked overnight* How customer demand and product pressure collided* Working through the crisis while remote* What Cloudflare learned under fireCloudflare's AI Crawler Controls (00:40:04)* What's happening with AI scraping content* Why Cloudflare built a way to block or license crawlers* The impact on small content creators* How this fits into wider changes to how the web worksDDoS Attacks and Online Threats (00:48:06)* Stopping 190 billion attacks per day* The evolution of DDoS threats in 2025* Why using modern security tools is non-negotiableMichelle's Vision for the Next 15 Years (00:51:18)* Cloudflare as generational infrastructure* Building the most trusted connectivity cloud* Why Internet infrastructure is as vital as plumbingChampioning Women & Diversity in Tech (00:53:27)* Leading by example* Small asks, big impact: improving referral pipelines* Creating space for underrepresented founders and talentCloudflare has grown into critical internet infrastructure, but Michelle talks about it like a work in progress. The problems are large, but they stay focused on solving them one at a time. Her view is practical: strong teams, clear goals, and ongoing effort.About Michelle ZatlynCo-founder, Co-chair & President of CloudflareOne of the most influential leaders in Internet infrastructure, Michelle is a Canadian-born tech executive known for building and scaling Cloudflare into a global powerhouse. A champion for cybersecurity, innovation, and women in tech, she brings passion and grit to every conversation.Connect with Michelle Zatlyn on LinkedIn: https://www.linkedin.com/in/michellezatlyn/Visit Cloudflare Website: https://www.cloudflare.com/Connect with Matt Cohen on LinkedIn: https://ca.linkedin.com/in/matt-cohen1Visit the Ripple Ventures website: https://www.rippleventures.com/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit tanktalks.substack.com

The Segment: A Zero Trust Leadership Podcast
The Monday Microsegment for the week of 8/4/2025

The Segment: A Zero Trust Leadership Podcast

Play Episode Listen Later Aug 4, 2025 7:33


The Monday Microsegment for the week of August 4th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.A cyberattack shuts down the city of St. Paul — and draws in the National Guard.Spiders and dragons and rats — oh my! U.S. authorities issue new cybersecurity warning.And AI-powered bots are making DDoS attacks almost as easy as cheating on your homework.And John Kindervag joins us for a "Kindervag's Compass" segment. Head to The Zero Trust Hub: hub.illumio.comRegister to attend The Illumio World Tour: https://www.illumio.com/illumio-world-tour

The Digital Executive
Pratik Balar on Building Trustless Infrastructure and Empowering Developers in Web3 | Ep 1088

The Digital Executive

Play Episode Listen Later Jul 24, 2025 14:26


On The Digital Executive podcast, Pratik Balar, co-founder and tech lead at NodeOps, shares his vision for how decentralized compute systems are reshaping the future of AI and cloud services. He explains how DPN 2.0—short for Decentralized Physical Infrastructure Networks—offers scalable, cost-effective, and privacy-focused alternatives to traditional cloud computing by leveraging blockchain and global participation. Balar emphasizes that enabling anyone to contribute compute power—such as GPUs or storage—through token incentives can dramatically reduce costs while enhancing performance and resilience. His mission centers on building open, trustless infrastructure that empowers developers without sacrificing reliability, even during challenges like DDoS attacks or cloud outages.Balar also unpacks the technical and philosophical hurdles of building at scale, from maintaining node-to-node connectivity to ensuring data integrity in decentralized environments. He outlines NodeOps' developer-first features, including YAML-based template deployments, an in-browser AI sandbox, and dynamic geographic resource replication—tools that lower the barrier to entry for those new to Web3. With advanced capabilities like port tunneling, RPC APIs, and integrated package managers, NodeOps is focused on simplifying deployment while maintaining high security and performance. Balar believes that decentralization isn't just a technical choice, but a movement toward greater openness, privacy, and global accessibility in cloud infrastructure.Subscribe to the Digital Executive Newsletter for curated strategies, expert perspectives, and industry trends.  Sign up now here.

The CyberWire
The SharePoint siege goes strategic.

The CyberWire

Play Episode Listen Later Jul 22, 2025 33:17


Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia's financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state portal cyberattack.  Hungarian police arrest a man accused of launching DDoS attacks on independent media outlets. On our Threat Vector segment guest host ⁠Michael Sikorski⁠ ⁠and Michael Daniel⁠ of the Cyber Threat Alliance (CTA) explore cybersecurity collaboration. A Spyware kingpin wants back in. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector segment, host David Moulton turns the mic over to guest host ⁠Michael Sikorski⁠ and his guest ⁠Michael Daniel⁠ of the Cyber Threat Alliance (CTA) for a deep dive into cybersecurity collaboration. You can hear Michael and Michael's full discussion on Threat Vector ⁠⁠⁠here⁠⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets (SecurityWeek) Microsoft: Windows Server KB5062557 causes cluster, VM issues (Bleeping Computer)  File transfer company CrushFTP warns of zero-day exploit seen in the wild (The Record) UK to lead crackdown on cyber criminals with ransomware measures (GOV.UK) Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims (Infosecurity Magazine) Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks (Infosecurity Magazine) WordPress spam campaign abuses Google Tag Manager scripts (SC Media) After website hack, Arizona election officials unload on Trump's CISA (CyberScoop) Hungarian police arrest suspect in cyberattacks on independent media (The Record) Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry (TechCrunch) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Canaltech Podcast
Hacker desafia governo com ataques DDoS: entenda o caso Azael

Canaltech Podcast

Play Episode Listen Later Jul 21, 2025 19:49


Uma série de ataques cibernéticos nos últimos meses acendeu o alerta para a vulnerabilidade da infraestrutura digital do Brasil. Entre os responsáveis, um nome tem ganhado atenção de especialistas e órgãos de segurança: Azael, suposto integrante de um grupo cibercriminoso com atuação no Oriente Médio. No novo episódio do Podcast Canaltech, conversamos com Raphael Tedesco, diretor de negócios da NSFOCUS para a América Latina, para entender o que se sabe até agora sobre os ataques, como funciona o modelo de DDoS-as-a-Service, em que qualquer pessoa pode contratar um ataque por valores baixos, e quais os riscos reais para o país. Este podcast foi roteirizado e apresentado por Fernanda Santos. A trilha sonora é de Guilherme Zomer, a edição de Jully Cruz e a arte da capa é de Erick Teixeira.See omnystudio.com/listener for privacy information.

SECURE AF

Got a question or comment? Message us here!Hackers just unleashed the largest DDoS attack in history, peaking at 7.3 Tbps and 4.8 billion packets per second. In just 45 seconds, it pummeled its target with the data equivalent of over 9,000 HD movies, a powerful reminder of how far attack capabilities have evolved.

Nobody Told Me with Mike & Blaine
Cybersecurity “Your Website Called… It's Under Attack” on Mike and Blaine

Nobody Told Me with Mike & Blaine

Play Episode Listen Later Jul 10, 2025 56:17


Send us a textYou're not Amazon. You don't sell crypto. So why would hackers come for your tiny business website? That's exactly what they're hoping you'll think. In this episode, Mike and Blaine dig into the sneaky (and shockingly common) cyber threats that target small business sites—from stolen card testing to DDoS attacks to rogue plugins from 2012. You'll hear why even “boring” sites get hit, what it costs to clean up, and how to protect your business without hiring a full-time IT department. It's less about paranoia—and more about not getting punked by a bot in Belarus.Don't miss the latest insights and entertaining discussions on entrepreneurship, small business, and random BS. Subscribe, follow, and like Mike and Blaine's "Business, Beer, and BS" and catch every episode! Featured Beer: @altstadtbrewery @blindmanbrewingMike: Altstadt Brewery RadlerBlaine: Blindman Brewing “May Long” DIPAWatch on YouTube: https://youtu.be/C2EN43VBbFwThanks to our Beer Sponsors: • Rachel Barnett from Gentle Frog: youtube.com/@GentleFrog • Karen Hairston from 3S Smart Consulting: 3ssmartconsulting.com• Larry Weinstein, the Cash Flow Cowboy in Houston Texas!• Neighbor Pat• DevinListen to all our episodes at mikeandblaine.comcashflowmike.comdryrun.com#mikeandblaine #smallbusines #cashflow #finance #beer #entrepreneur #craftbeerSupport the showCatch more episodes, see our sponsors and get in touch at https://mikeandblaine.com/

Cyber Briefing
July 10, 2025 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Jul 10, 2025 10:27


If you like what you hear, please subscribe, leave us a review and tell a friend!

Let's Know Things
Pay Per Crawl

Let's Know Things

Play Episode Listen Later Jul 8, 2025 17:56


This week we talk about crawling, scraping, and DDoS attacks.We also discuss Cloudflare, the AI gold rush, and automated robots.Recommended Book: Annie Bot by Sierra GreerTranscriptAlongside the many, and at times quite significant political happenings, the many, and at times quite significant military conflicts, and the many, at times quite significant technological breakthroughs—medical and otherwise—flooding the news these days, there's also a whole lot happening in the world of AI, in part because this facet of the tech sector is booming, and in part because while still unproven in many spaces, and still outright flubbing in others, this category of technology is already having a massive impact on pretty much everything, in some cases for the better, in some for the worse, and in some for better and worse, depending on your perspective.Dis- and misinformation, for instance, is a bajillion times easier to create, distribute, and amplify, and the fake images and videos and audio being shared, alongside all the text that seems to be from legit people, but which may in fact be the product of AI run by malicious actors somewhere, is increasingly convincing and difficult to distinguish from real-deal versions of the same.There's also a lot more of it, and the ability to very rapidly create pretty convincing stuff, and to very rapidly flood all available communication channels with that stuff, is fundamental to AI's impact in many spaces, not just the world of propaganda and misinformation. At times quantity has a quality all of its own, and that very much seems to be the case for AI-generated content as a whole.Other AI- and AI-adjacent tools are being used by corporations to improve efficiency, in some cases helping automated systems like warehouse robots assist humans in sorting and packaging and otherwise getting stuff ready to be shipped, as is the case with Amazon, which is almost to the point that they'll have more robots in their various facilities than human beings. Amazon robots are currently assisting with about 75% of all the company's global deliveries, and a lot of the menial, repetitive tasks human workers would have previously done are now being accomplished by robotics systems they've introduced to their shipping chain.Of course, not everyone is thrilled about this turn of events: while it's arguably wonderful that robots are being subbed-in for human workers who would previously have had to engage in the sorts of repetitive, physical tasks that can lead to chronic physical issues, in many cases this seems to be a positive side-benefit of a larger effort to phase-out workers whenever possible, saving the company money over time by employing fewer people.If you can employ 100 people using robots instead of 1000 people sans-robots, depending on the cost of operation for those robots, that might save you money because each person, augmented by the efforts of the robots, will be able to do a lot more work and thus provide more value for the company. Sometimes this means those remaining employees will be paid more, because they'll be doing more highly skilled labor, working with those bots, but not always.This is a component of this shift that for a long while CEOs were dancing around, not wanting to spook their existing workforce or lose their employees before their new robot foundation was in place, but it's increasingly something they're saying out loud, on investor calls and in the press, because making these sorts of moves are considered to be good for a company's outlook: they're being brave and looking toward a future where fewer human employees will be necessary, which implies their stock might be currently undervalued, because the potential savings are substantial, at least in theory.And it is a lot of theory at this point: there's good reason to believe that theory is true, at least to some degree, but we're at the very beginning phases of this seeming transition, and many companies that jumped too quickly and fired too many people found themselves having to hire them back, in some cases at great expense, because their production faltered under the weight of inferior automated, often AI-driven alternatives.Many of these tools simply aren't as reliable as human employees yet. And while they will almost certainly continue to become more powerful and capable—a recent estimate suggested that the current wave of large-language-model-based AI systems, for instance, are doubling in power every 7 months or so, which is wild—speculations about what that will mean, and whether that trend can continue, vary substantially, depending on who you talk to.Something we can say with relative certainty right now, though, is that most of these models, the LLM ones, at least, not the robot-driving ones, were built using content that was gathered and used in a manner that currently exists in a legal gray area: it was scraped and amalgamated by these systems so that they could be trained on a corpus of just a silly volume of human output, much of that output copyrighted or otherwise theoretically not-useable for this purpose.What I'd like to talk about today is a new approach to dealing with the potentially illegal scraping of copyrighted information by and for these systems, and a proposed new pricing scheme that could allow the creators of the content being scraped in this way to make some money from it.—Web scraping refers to the large-scale crawling of websites and collection of data from those websites.There are a number of methods for achieving this, including just manually visiting a bunch of websites and copying and pasting all the content from those sites into a file on your computer. But the large-scale version of that is something many companies, including entities like Google, do, and for various purposes: Google crawls the web to map it, basically, and then applies all sorts of algorithms and filters in order to build their search results. Other entities crawl the web to gather data, to figure out connections between different sorts of sites, and/or to price ads they sell on their own network of sites or the products they sell, and which they'd like to sell for a slightly lower price than their competition.Web scraping can be done neutrally, then, your website scraped by Google so it can add your site to its search results, the data it collects telling its algorithms where you should be in those results based on keywords and who links to your site and other such things, but it can also be done maliciously: maybe someone wants to duplicate your website and use it to get unsuspecting victims to install malware on their devices. Or maybe someone wants to steal your output: your writings, your flight pricing data, and so on.If you don't want these automated web-scrapers to use your data, or to access some portion or all of your site, you can put a file called robots.txt in your site's directory, and the honorable scrapers will respect that request: the googles of the world, for instance, have built their scrapers so that they look for a robots.txt file and read its contents before mapping out your website structure and soaking up your content to decide where to put you in their search results.Not all scrapers respect this request: the robots.txt standard relies on voluntary compliance. There's nothing forcing any scraper, or the folks running these scrapers, to look for or honor these files and what they contain.That said, we've reached a moment at which many scrapers are not just looking for keywords and linkbacks, but also looking to grab basically everything on a website so that the folks running the scrapers can ingest those images and that writing and anything else that's legible to their software into the AI systems they're training.As a result, many of these systems were trained on content that is copyrighted, that's owned by the folks who wrote or designed or photographed it, and that's created a legal quagmire that court systems around the world are still muddling through.There have been calls to update the robots.txt standard to make it clear what sorts of content can be scraped for AI-training purposes and what cannot, but the non-compulsory, not-legally-backed nature of such requests seem to make robots.txt an insufficient vehicle for this sort of endeavor: the land-grab, gold-rush nature of the AI industry right now suggests that most companies would not honor these requests, because it's generally understood that they're all trying to produce the most powerful AI possible as fast as possible, hoping to be at or near the top before the inevitable shakeout moment at which point most of these companies will go bankrupt or otherwise cease to exist.That's important context for understanding a recent announcement by internet infrastructure company Cloudflare, that said they would be introducing something along the lines of an enforceable robots.txt file for their customers called pay per crawl.Cloudflare is US-based company that provides all sorts of services, from domain registration to firewalls, but they're probably best known for their web security services, including their ability to block DDoS, or distributed denial of service attacks, where a hacker or other malicious actor will lash a bunch of devices they've compromised, through malware or otherwise, together, into what's called a botnet, and use those devices to send a bunch of traffic to a website or other web-based entity all at once.This can result in so much traffic, think millions or billions of visits per second—a recent attack that Cloudflare successfully ameliorated sent 7.3 terabytes per second against one of their customers, for instance—it can result in so much traffic that the targeted website becomes inaccessible, sometimes for long periods of time.So Cloudflare provides a service where they're basically like a firewall between a website and the web, and when something like a DDoS attack happens, Cloudflare's services go into action and the targeted website stays up, rather than being taken down.As a result of this and similarly useful offerings, Cloudflare security services are used by more than 19% of all websites on the internet, which is an absolutely stunning figure considering how big the web is these days—there are an estimated 1.12 billion websites, around 200 million of which are estimated to be active as of Q1 2025.All that said, Cloudflare recently announced a new service, called pay per crawl, that would use that same general principle of putting themselves between the customer and the web to actively block AI web scrapers that want to scrape the customer's content, unless the customer gives permission for them to do so.Customers can turn this service on or off, but they can also set a price for scraping their content—a paywall for automated web-scrapers and the AI companies running them, basically.The nature of these payments is currently up in the air, and it could be that content creators and owners, from an individual blogger to the New York Times, only earn something like a penny per crawl, which could add up to a lot of money for the Times but only be a small pile of pennies for the blogger.It could also be that AI companies don't play ball with Cloudflare and instead they do what many tech analysts expect them to do: they come up with ways to get around Cloudflare's wall, and then Cloudflare makes the wall taller, the tech companies build taller ladders, and that process just spirals ad infinitum.This isn't a new idea, and the monetization aspect of it is predicated on some early web conceptions of how micropayments might work.It's also not entirely clear whether the business model would make sense for anyone: the AI companies have long complained they would go out of business if they had to pay anything at all for the content they're using to train their AI models, big companies like the New York Times face possible extinction if everything they pay a lot of money to produce is just grabbed by AI as soon as it goes live, those AI companies making money from that content they paid nothing to make, and individual makers-of-things face similar issues as the Times, but without the leverage to make deals with individual AI companies, like the Times has.It also seems that AI chatbots are beginning to replace traditional search engines, so it's possible that anyone who uses this sort of wall will be excluded from the search of the future. Those whose content is gobbled up and used without payment will be increasingly visible, their ideas and products and so on more likely to pop up in AI-based search results, while those who put up a wall may be less visible; so there's a big potential trade-off there for anyone who decides to use this kind of paywall, especially if all the big AI companies don't buy into it.Like everything related to AI right now, then, this is a wild west space, and it's not at all clear which concepts will win out and become the new default, and which will disappear almost as soon as they're proposed.It's also not clear if and when the larger economic forces underpinning the AI gold rush will collapse, leaving just a few big players standing and the rest imploding, Dotcom Bubble style, which could, in turn, completely undo any defaults that are established in the lead-up to that moment, and could make some monetization approaches no longer feasible, while others, including possibly paywalls and micropayments, suddenly more thinkable and even desirable.Show Noteshttps://www.wired.com/story/pro-russia-disinformation-campaign-free-ai-tools/https://www.wsj.com/tech/amazon-warehouse-robots-automation-942b814fhttps://www.wsj.com/tech/ai/ai-white-collar-job-loss-b9856259https://w3techs.com/technologies/details/cn-cloudflarehttps://www.demandsage.com/website-statistics/https://blog.cloudflare.com/defending-the-internet-how-cloudflare-blocked-a-monumental-7-3-tbps-ddos/https://en.wikipedia.org/wiki/Web_scrapinghttps://en.wikipedia.org/wiki/Robots.txthttps://developers.cloudflare.com/ai-audit/features/pay-per-crawl/use-pay-per-crawl-as-site-owner/set-a-pay-per-crawl-price/https://techcrunch.com/2025/07/01/cloudflare-launches-a-marketplace-that-lets-websites-charge-ai-bots-for-scraping/https://www.nytimes.com/2025/07/01/technology/cloudflare-ai-data.htmlhttps://creativecommons.org/2025/06/25/introducing-cc-signals-a-new-social-contract-for-the-age-of-ai/https://arstechnica.com/tech-policy/2025/07/pay-up-or-stop-scraping-cloudflare-program-charges-bots-for-each-crawl/https://www.cloudflare.com/paypercrawl-signup/https://www.cloudflare.com/press-releases/2025/cloudflare-just-changed-how-ai-crawlers-scrape-the-internet-at-large/https://digitalwonderlab.com/blog/the-ai-paywall-era-a-turning-point-for-publishers-or-just-another-cat-and-mouse-game This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

The CyberWire
A blast from the breached past.

The CyberWire

Play Episode Listen Later Jun 20, 2025 31:43


An historic data breach that wasn't. Aflac says it stopped a ransomware attack. Cloudflare thwarts a record breaking DDoS attack. Mocha Manakin combines clever social engineering with custom-built malware. The Godfather Android trojan uses a sophisticated virtualization technique to hijack banking and crypto apps. A British expert on Russian information warfare is targeted in a sophisticated spear phishing campaign. A federal judge dismisses a lawsuit against CrowdStrike filed by airline passengers. Banana Squad disguises malicious code as legitimate open-source software. The U.S. Justice Department wants to seize over $225 million in cryptocurrency linked to romance and investment scams.  Ben Yelin explains the recent Oversight Committee request for Microsoft to hand over GitHub logs related to alleged DOGE misconduct. This one weird audio trick leaves AI scam calls speechless. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we are joined Ben Yelin, co host of Caveat podcast and Program Director for Public Policy & External Affairs at the University of Maryland Center for Health and Homeland Security, discussing the recent Oversight Committee request for Microsoft to hand over GitHub logs related to alleged misconduct by Elon Musk's "Department of Government Efficiency" (DOGE). You can learn more here. Selected Reading No, the 16 billion credentials leak is not a new data breach (Bleeping Computer) Aflac says it stopped ransomware attack launched by ‘sophisticated cybercrime group' (The Record) Record-Breaking 7.3 Tbps DDoS Attack Targets Hosting Provider (SecurityWeek) New Mocha Manakin Malware Deploys NodeInitRAT via Clickfix Attack (Hackread) Godfather Android Trojan Creates Sandbox on Infected Devices (SecurityWeek) Russia Expert Falls Prey to Elite Hackers Disguised as US Officials (Infosecurity Magazine) Judge Axes Flight Disruption Suit Tied to CrowdStrike Outage (GovInfo Security) Banana Squad Hides Data-Stealing Malware in Fake GitHub Repositories (Hackread) DOJ moves to seize $225 million in crypto stolen by scammers (The Record) Boffins devise voice-altering tech to jam 'vishing' ploys (The Register) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
All systems not go.

The CyberWire

Play Episode Listen Later May 30, 2025 37:05


SentinelOne suffers a global service outage. A major DDoS attack hits a Russian internet provider. U.S. banking groups urge the SEC to scrap cybersecurity disclosure rules. Australia mandates reporting of ransomware payments. Researchers uncover a new Browser-in-the-Middle (BitM) attack targeting Safari users. A Florida health system pays over $800,000 to settle insider breach concerns. CISA issues five urgent ICS advisories. Our guest is  Matt Covington, VP of Product at BlackCloak, discussing the emergence of advanced impersonation techniques like deepfakes and the importance of digital executive protection. The feds are putting all our digital data in one basket. CyberWire Guest On our Industry Voices segment, at the 2025 RSA Conference, we were joined by Matt Covington, VP of Product at BlackCloak, discussing the emergence of advanced impersonation techniques like deepfakes and digital executive protection. Listen to Matt's conversation here. Selected Reading Cybersecurity Firm SentinelOne Suffers Major Outage (Bank Infosecurity) DDoS incident disrupts internet for thousands in Moscow (The Record) Banks Want SEC to Rescind Cyberattack Disclosure Requirements (PYMNTS.com) Australian ransomware victims now must tell the government if they pay up (The Record) New BitM Attack Exploits Safari Vulnerability to Steal Login Credentials (Cyber Security News) Florida Health System Pays $800K for Insider Record Snooping (Bank Infosecurity) UTG-Q-015 Hackers Launched Large Scale Brute-Force Attacks Against Govt Web Servers (Cyber Security News) CISA Releases Five ICS Advisories Targeting Vulnerabilities and Exploits (Cyber Security News) Trump Taps Palantir to Compile Data on Americans (The New York Times) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Bear in the network.

The CyberWire

Play Episode Listen Later May 21, 2025 40:40


A joint advisory warns of Fancy Bear targeting Western logistics and technology firms. A nonprofit hospital network in Ohio suffers a disruptive ransomware attack. The Consumer Financial Protection Bureau (CFPB) drops plans to subject data brokers to tighter regulations. KrebsOnSecurity and Google block a record breaking DDoS attack. A phishing campaign rerouted employee paychecks. Atlassian patches multiple high-severity vulnerabilities. A Wisconsin telecom provider confirms a cyberattack caused a week-long outage.  VMware issues a Security Advisory addressing multiple high-risk vulnerabilities.  Prosecutors say a 19-year-old student from Massachusetts will plead guilty to hacking PowerSchool. Our guest is Rob Allen, Chief Product Officer at ThreatLocker, discussing deliberate simplicity of fundamental controls around zero trust. Oversharing your call location data. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, today we are joined by Rob Allen, Chief Product Officer at ThreatLocker from RSAC 2025. Rob is discussing the deliberate simplicity of fundamental controls around zero trust. Token theft and phishing attacks bypass traditional MFA protections, letting attackers impersonate users and access critical SaaS platforms — without needing passwords. Listen to Rob's interview here. Learn more from the ThreatLocker team here. Selected Reading Russian GRU Targeting Western Logistics Entities and Technology Companies ( CISA) Ransomware attack disrupts Kettering Health Network in Ohio (Beyond Machines) America's CFPB bins proposed data broker crackdown (The Register) Krebs on Security hit by 'test run' DDoS attack that peaked at 6.3 terabits of data per second (Metacurity) SEO poisoning campaign swipes direct deposits from employees (SC Media) Atlassian Warns of Multiple High-Severity Vulnerabilities Hits Data Center Server (Cybersecurity News) Cellcom Service Disruption Caused by Cyberattack (SecurityWeek) VMware releases patches for security flaws in multiple virtualization products (Beyond Machines) Massachusetts man will plead guilty in PowerSchool hack case (CyberScoop) O2 VoLTE: locating any customer with a phone call  (Mast Database) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices