Podcasts about EDR

Thinking about starting a career in a Security Operations Center (SOC)? This InfosecTrain session is your complete introduction to SOC fundamentals—from analyst roles to the tools and frameworks that drive modern cyber defense.

Threat Hunting isn't just about alerts and dashboards—it's about proactively tracking adversaries before they strike. In this exclusive InfosecTrain session, a top cybersecurity expert reveals proven Threat Hunting and DFIR (Digital Forensics & Incident Response) techniques you can apply right away.This isn't theory—it's a hands-on guide for SOC analysts, security engineers, and cybersecurity enthusiasts who want to master detection, investigation, and rapid response.

לראייתי כול קובץ שנכנס לארגון דורש בדיקה והלבנה, בעידן שמערכות הלבנה מסוגלות לבצע בדיקה ללא לייטנסי ומבלי לעכב את המשתמש כול קובץ צריך לעבור סניטציה. אחת ולתמיד מה ההבדל בין מערכת הלבנת קבצים לבין בדיקת וירוסים (נוזקות)? בתחילת הדרך המשמעות של הלבנה הייתה בדיקה של הקבצים ע"י מספר מנועי אנטי וירוס בד"כ 3-5 בו זמנית ו"הצבעה" ביניהם על תקינות הקובץ אם הזמן השתכללו מערכות ההלבנה וכיום הן מפרקות את הקובץ לגורמים ומרכיבות אותו מחדש תוך שהן מסירות חלקי קוד שעלולים להוות סיכון נחשון פינקו מארח את יוסי שני  מייסד ומנכ"ל יזמטק אחד מוותיקי תחום ההלבנה בישראל (ולא רק) בשיחה על מהות ההלבנה,  ההבדל בין תהליך הלבנת קובץ לבין בדיקתו ע"י טכנולוגיות אחרות כגון אי.די.אר, אנטי וירוס, סאנדבוקס ואחרים.  ולמה יש צורך לפעול עוד בטרם כניסתו של הקובץ לארגון והגעתו למשתמש הקצה Every file that enters an organization requires thorough inspection, scanning, and sanitization to ensure its integrity and security. Sanitizing systems can perform checks without latency and without delaying the user. Once and for all, what is the difference between CDR - Content Disarm and Reconstruction and a virus (malware) scan? Initially, sanitizing involved checking the files with multiple antivirus engines, typically three to five of them. These engines would each scan the file for potential threats and then 'vote' on the integrity of the file. If a majority of the engines deemed the file safe, it would be considered sanitized. However, this method was not foolproof and could sometimes result in false negatives. CDR systems have evolved significantly over time, becoming more sophisticated. Today, they can disassemble a file into its components, reassemble it, and remove potentially risky code segments. This evolution in file sanitization is a testament to the continuous advancements in cybersecurity Nachshon Pincu hosts Yossi Shani, founder and CEO of Yazmtech, one of the veterans in the file sanitizing field in Israel (and beyond), in a conversation about the essence of file sanitizing. They discuss the difference between CDR and checking it using other technologies, such as EDR, antivirus, and sandbox. Each of these technologies plays a unique role in the security landscape, but file sanitization stands out for its ability to proactively remove potential threats before they can cause harm.    

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CISA has added CVE-2025-54948, a critical vulnerability in Trend Micro Apex One, to its Known Exploited Vulnerabilities (KEV) catalog, signaling that the flaw has been actively exploited in the wild.PyPI has introduced new security measures to detect and respond to expired domains tied to user accounts, aiming to shut down a known supply chain attack vector: domain resurrection.A recently discovered post-exploitation tool named RingReaper is gaining attention for its sophisticated evasion strategy: abusing the Linux kernel's io_uring interface to operate undetected by standard endpoint detection and response (EDR) systems.A cyberattack on the Netherlands' Openbaar Ministerie (OM), the Public Prosecution Service, has unexpectedly disrupted speed enforcement across the country.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Welcome to the security box, podcast 252. This is the second of two podcasts talking about the subject of EDR. We've got news, notes, the landscape, trivia and of course the said topic. I even have something I found on Facebook that I thought was worth sharing that was posted to a group by a follower. I don't normally read these, but I think its worth sharing. Its not necessarily tech related, but still worth it. New">https://technology.jaredrimer.net/2025/08/15/new-edr-killer-was-used-by-8-different-ransomware-groups-several-are-unknown-to-me/">New EDR killer was used by 8 different ransomware groups, several are unknown to me is the blog post. It links to New">https://www.bleepingcomputer.com/news/security/new-edr-killer-tool-used-by-eight-different-ransomware-groups/">New EDR killer tool used by eight different ransomware groups if you want to read it. That's the article for discussion and its a doozie.If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do

Finally we are BACK in the studio with all the juicyness which is EDR! We dive in deep with the details on our EDR trip which include some hijynx with the Mr. and Mrs. Feelgood and of course Sweet and Sour are back in our sights as we continue our journey with them! Sayless about our missed opportunities in PS and also made some new txt friends in Florida and we are currently booking tickets as we speakCome join us on our journey into the lifestyle as a longtime married couple living in Southern California!Call or text us on our Sweet phone at 951-226-5261Contact us:TheSweetSideOfLifePodcast@outlook.comTikTok:https://www.tiktok.com/@sweetsideoflifepodcast?_t=8f44ltzMqMA&_r=1Twitter(X):@SweetSidePodUse my Bluechew referral code to get $20 off your first order!https://bluechew.com/?coupon=LHAS

Today we're joined by New Zealand enduro racer, Winni Goldsbury. After some stellar U21 results, Winni is competing in her first elite EDR season this year. There's been ups and downs, but the future looks bright for this young rider. We hear how Winni grew up surrounded by bikes and grew to love riding and racing. Winni shares the importance of community in supporting her success so far and we dig into the current state of enduro, along with Winni's hopes for the future. This is a conversation with one of the riders who represents the future of EDR and if this conversation is anything to go by, I think the future looks bright. So sit back, hit play, and enjoy this conversation with Winni Goldsbury. You can also watch this episode on YouTube here. You can follow Winni on Instagram @winni_goldsbury. Podcast Stuff Listener Offers Downtime listeners can now get 10% off of Stashed Space Rails. Stashed is the ultimate way to sort your bike storage. Their clever design means you can get way more bikes into the same space and easily access whichever one you want to ride that day. If you have 2 or more bikes in your garage, they are definitely worth checking out. Just head to stashedproducts.com/downtime and use the code DOWNTIME at the checkout for 10% off your entire order. And just so you know, we get 10% of the sale too, so it's a win win. Patreon I would love it if you were able to support the podcast via a regular Patreon donation. Donations start from as little as £3 per month. That's less than £1 per episode and less than the price of a take away coffee. Every little counts and these donations will really help me keep the podcast going and hopefully take it to the next level. To help out, head here. Merch If you want to support the podcast and represent, then my webstore is the place to head. All products are 100% organic, shipped without plastics, and made with a supply chain that's using renewable energy. We now also have local manufacture for most products in the US as well as the UK. So check it out now over at downtimepodcast.com/shop. Newsletter If you want a bit more Downtime in your life, then you can join my newsletter where I'll provide you with a bit of behind the scenes info on the podcast, interesting bits and pieces from around the mountain bike world, some mini-reviews of products that I've been using and like, partner offers and more. You can do that over at downtimepodcast.com/newsletter. Follow Us Give us a follow on Instagram @downtimepodcast or Facebook @downtimepodcast to keep up to date and chat in the comments. For everything video, including riding videos, bike checks and more, subscribe over at youtube.com/downtimemountainbikepodcast. Are you enjoying the podcast? If so, then don't forget to follow it. Episodes will get delivered to your device as soon as it's available and it's totally free. You'll find all the links you need at downtimepodcast.com/follow. You can find us on Apple Podcast, Spotify, Google and most of the podcast apps out there. Our back catalogue of amazing episodes is available at downtimepodcast.com/episodes Photo - Seb Schieck

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.• Attackers are actively exploiting CVE-2023-46604, a remote code execution vulnerability in Apache ActiveMQ first disclosed in October 2023, that is used to compromise cloud-hosted Linux servers.• AshES Cybersecurity has publicly disclosed a critical zero-day vulnerability in Elastic's Endpoint Detection and Response (EDR) platform, specifically in the Microsoft-signed kernel driver elastic-endpoint-driver.sys.• At least a dozen ransomware groups are now deploying kernel-level EDR killers - tools designed specifically to disable endpoint detection and response solutions - as part of their malware arsenal.• Microsoft has released an in-depth technical analysis of PipeMagic, a modular backdoor linked to ransomware operations carried out by Storm-2460, a financially motivated threat group associated with RansomEXX.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Send us a textCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvNetwork security is the cornerstone of modern cybersecurity, and understanding its intricacies is essential for anyone preparing for the CISSP exam. In this comprehensive episode, Sean Gerber delivers a rapid review of Domain 4: Communications and Network Security, which constitutes 13% of the CISSP exam questions.The episode opens with a cautionary tale about a disgruntled Chinese developer who received a four-year prison sentence for deploying a logic bomb that devastated his former employer's network. This real-world example underscores the critical importance of proper employee termination procedures and privilege management—especially for technical staff with elevated access. As Sean emphasizes, "The eyes of Sauron" should be on any high-privilege employee showing signs of discontent.Diving into Domain 4, Sean expertly navigates through foundational concepts like the OSI and TCP/IP models, explaining how they standardize network communications and why security professionals must understand them to implement effective defense strategies. The discussion progresses through IP networking (both IPv4 and IPv6), secure protocols, multi-layer protections, and deep packet inspection—all crucial components of a robust security architecture.Particularly valuable is Sean's breakdown of modern network technologies like micro-segmentation, which divides networks into highly granular security zones. While acknowledging its power to limit lateral movement during breaches, he cautions that implementation requires sophisticated knowledge of software-defined networking (SDN) and careful planning: "It's better to start small than to go out and think of and get too big when you're dealing with deploying these SDN type of capabilities."Wireless security, content delivery networks, and endpoint protection receive thorough examination, with Sean emphasizing that endpoints are "your first line of detection" and advocating for comprehensive endpoint detection and response (EDR) solutions that go beyond traditional antivirus. The episode concludes with insights on voice communication security, contrasting traditional telephone networks with modern VoIP systems and their unique vulnerabilities.Whether you're preparing for the CISSP exam or looking to strengthen your organization's network security posture, this episode provides actionable insights backed by real-world experience. Ready to deepen your understanding of cybersecurity fundamentals? Subscribe to the CISSP Cyber Training Podcast and check out the free resources available at cisspybertraining.com to accelerate your certification journey.Support the showGain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

L'Empire romain nous a légué des milliers d'inscriptions, précieuses pour comprendre son histoire. Mais beaucoup sont arrivées jusqu'à nous abîmées par le temps : lettres effacées, fragments manquants, supports brisés. Un casse-tête permanent pour les historiens, d'autant que chaque année, pas moins de 1 500 nouvelles inscriptions latines sont mises au jour. Pour leur venir en aide, Google et l'université de Nottingham ont mis au point Aeneas, une intelligence artificielle spécialement conçue pour reconstituer ces textes. Dans la revue Nature, les chercheurs détaillent ses capacités : identifier l'origine d'une inscription, retrouver des parallèles dans d'autres corpus, et surtout compléter les parties manquantes.Concrètement, Aeneas s'appuie sur les ressemblances visuelles et linguistiques avec plus de 176 000 inscriptions latines issues de grandes bases de données comme EDR ou EDH. De quoi lui permettre de proposer des reconstructions plausibles. Sa précision atteint 73 % lorsque la lacune ne dépasse pas dix caractères, et reste à 58 % quand la longueur du texte manquant est inconnue. Pas infaillible donc, mais déjà un gain de temps considérable pour les chercheurs, qui conservent la main et peuvent vérifier étape par étape le raisonnement de l'IA.Et Aeneas a un atout supplémentaire : sa capacité à repérer des détails passés inaperçus pour l'œil humain, ouvrant parfois de nouvelles pistes d'interprétation. L'outil pourrait aussi s'adapter à d'autres langues anciennes, à des papyrus ou même à des pièces de monnaie. D'ailleurs, Google l'a déjà intégré à Ithaca, son IA dédiée au grec. Bonne nouvelle : Aeneas est disponible gratuitement, en open source, avec son code et ses données accessibles sur GitHub. Une manière d'élargir encore le champ des possibles… et de donner une seconde vie aux voix éteintes de Rome. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Welcome to podcast 251 of the security box. Its interesting, we did pass 250 episodes but episode 250 had a tech issue I did not realize until I ended the program. We'll recap things so everyone can be heard, then we'll get in to the news, notes and the landscape. Also this week, one of two EDR articles that we've come across, one by Nick and one by myself. We may have trivia as well. Hope you enjoy the program, thanks so much for listening!

In episode 431 of the "Smashing Security" podcast, a self-proclaimed crypto-influencer calling himself CP3O thought he had found a shortcut to riches — by racking up millions in unpaid cloud bills.Meanwhile, we look at the growing threat of EDR-killer tools that can quietly switch off your endpoint protection before an attack even begins.And for something a little different, we peek into the Internet Archive's dystopian Wayforward Machine and take a detour to Mary Shelley's resting place in Bournemouth.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley, joined this week by special guest Allan "Ransomware Sommelier" Liska.Episode links:Crypto Influencer Sentenced to Prison for Multi-Million Dollar “Cryptojacking” Scheme - US Department of Justice.Ransomware crews don't care about your endpoint security – they've already killed it - The Register.Way Forward Machine - The Internet Archive.Mary Shelley's grave - Atlas Obscura.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Proton Drive - Protect your files with end-to-end encryption in Switzerland's secure cloud — only on Proton Drive.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.ENJOYED THE SHOW?Make sure to check out our sister podcast, "The AI Fix". Hosted on Acast. See acast.com/privacy for more information.

Got a question or comment? Message us here!In this episode, we break down the emerging Crypto24 ransomware attacks that use living-off-the-land techniques to bypass EDR. We'll explore how these attacks unfold and the defensive strategies SOCs and organizations can use, like layered security, enhanced monitoring, and rapid response, to stay ahead of evolving threats.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Od 2024. godine, svi novi automobili proizvedeni u EU moraju imati „Crnu kutiju“ po uzoru na putničke avione. Ona se zove EDR, engleska skraćenica za Event Data Recorder – snimač podataka o udesu. Međutim, malo ko zna da se EDR odavno ugrađuje u mnoge tipove automobila i da se u Nemačkoj još od 2010. koristi kao dokazni materijal pred sudom. Sve o ovom sistemu koji je sveprisutan, a ipak „ispod radara“ u javnosti, kao i drugim sistemima za nadzor vožnje, saznaćete od Saše Bojića i Maje Marić. Von Sasa Bojic.

Russia's most notorious cyber unit—Seashell Blizzard (also known as Sandworm, APT 44 and Iron Viking)—has taken down shipping giants, Olympic systems, and Ukraine's power grid.In this Threat Talks deep dive, Lieuwe Jan Koning, Yuri Wit (Red Team), and Rob Maas (Blue Team) reveal exactly how these attacks unfold, why they're so hard to stop, and how Zero Trust can tip the balance back to defenders.(00:00) - – Cyber warfare in the Ukraine conflict: setting the stage (01:10) - – Who is Seashell Blizzard? Names, aliases, and Russian GRU ties (04:00) - – NotPetya, Olympic Games, and high-profile disruption campaigns (07:31) - – Initial access: stealth exploits on edge devices (11:40) - – Privilege escalation via Living-off-the-Land (LOLBin) tactics (15:23) - – Weaponizing Group Policy Objects with “Tank Trap” for mass wipers (19:13) - – Objectives: disruption, damage, and public bragging rights (23:40) - – Zero Trust defenses, segmentation, and last-resort recovery Key Topics Covered• Seashell Blizzard's attack chain: from stealth reconnaissance to mass destruction.• NotPetya & global fallout: when a Ukraine-targeted attack crippled global shipping.• Defense strategies: hardening edge devices, segmentation, and EDR behavior detection.• Zero Trust in action: protecting critical assets before the breach happens.Related ON2IT Content & Referenced Resources• ON2IT Threat Talks Playlist: https://www.youtube.com/@ThreatTalks/playlists ON2IT Zero Trust Resources: https://on2it.net/zero-trust• MITRE ATT&CK – Sandworm Team (APT 44): https://attack.mitre.org/groups/G0034/Click here to view the episode transcript.

HR software giant Workday discloses a data breach. Researchers uncover a zero-day in Elastic's EDR software. Ghost-tapping is an emerging fraud technique where cybercriminals use NFC relay attacks to exploit stolen payment card data. Germany may be on a path to ban ad blockers. A security researcher documents multiple serious flaws in McDonald's systems. There's a new open-source framework for testing 5G security flaws. New York's Attorney General sues the banks behind Zelle over fraud allegations. The DOJ charges the alleged Zeppelin ransomware operator and seizes over $2.8 million in cryptocurrency. Tim Starks from CyberScoop discusses the overlooked changes that two Trump executive orders could bring to cybersecurity. Bots build their own echo chambers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.CyberWire Guest Today we have Tim Starks from CyberScoop discussing the overlooked changes that two Trump executive orders could bring to cybersecurity. Selected Reading HR giant Workday discloses data breach after Salesforce attack (Bleeping Computer) Researchers report zero-day vulnerability in Elastic Endpoint Detection and Respons Driver that enables system compromise (Beyond Machines) Ghost-Tapping and the Chinese Cybercriminal Retail Fraud Ecosystem (Recorded Future) Is Germany on the Brink of Banning Ad Blockers? User Freedom, Privacy, and Security Is At Risk. (Open Policy & Advocacy) How I Hacked McDonald's (Their Security Contact Was Harder to Find Than Their Secret Sauce Recipe) (bobdahacker) Boffins say tool can sniff 5G traffic, launch 'attacks' without using rogue base stations (The Register) New York claims Zelle's shoddy security enabled a billion dollars in scams  (The Verge) US Seizes $2.8 Million From Zeppelin Ransomware Operator (SecurityWeek) Researchers Made a Social Media Platform Where Every User Was AI. The Bots Ended Up at War (Gizmodo) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Guest: Craig H. Rowland, Founder and CEO, Sandfly Security Topics: When it comes to Linux environments – spanning on-prem, cloud, and even–gasp–hybrid setups – where are you seeing the most significant blind spots for security teams today?  There's sometimes a perception that Linux is inherently more secure or less of a malware target than Windows. Could you break down some of the fundamental differences in how malware behaves on Linux versus Windows, and why that matters for defenders in the cloud? 'Living off the Land' isn't a new concept, but on Linux, it feels like attackers have a particularly rich set of native tools at their disposal. What are some of the more subtly abused but legitimate Linux utilities you're seeing weaponized in cloud attacks, and how does that complicate detection? When you weigh agent-based versus agentless monitoring in cloud and containerized Linux environments, what are the operational trade-offs and outcome trade-offs security teams really need to consider?  SSH keys are the de facto keys to the kingdom in many Linux environments. Beyond just 'use strong passphrases,' what are the critical, often overlooked, risks associated with SSH key management, credential theft, and subsequent lateral movement that you see plaguing organizations, especially at scale in the cloud? What are the biggest operational hurdles teams face when trying to conduct incident response effectively and rapidly across such a distributed Linux environment, and what's key to overcoming them? Resources: EP194 Deep Dive into ADR - Application Detection and Response EP228 SIEM in 2025: Still Hard? Reimagining Detection at Cloud Scale and with More Pipelines  

Crypto Stable coin tricked people out of 40Billion not the creator faces 25 years in prison, Ransomware attackers what to defeat EDR, Volkswagen in UK charging you monthly for more HP, Should I get another HP Envy? Year old Samsung pop-up on my phone, Is your phone Naked? Travel with Wifi / VPN,

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-503

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503

Stellar Cyber Revolutionizes SOC Cybersecurity Operations with Human-Augmented Autonomous Platform at Black Hat 2025 A Stellar Cyber Event Coverage of Black Hat USA 2025 Las VegasAn ITSPmagazine Brand Story with Subo Guha, Senior Vice President Product, Stellar Cyber____________________________Security operations centers face an unprecedented challenge: thousands of daily alerts overwhelming analyst teams while sophisticated threats demand immediate response. At Black Hat USA 2025 in Las Vegas, Stellar Cyber presented a revolutionary approach that fundamentally reimagines how SOCs operate in the age of AI-driven threats.Speaking with ITSPmagazine's Sean Martin, Subo Guha, Senior Vice President of Products at Stellar Cyber, outlined the company's vision for transforming security operations through their human-augmented autonomous SOC platform. Unlike traditional approaches that simply pile on more automation, Stellar Cyber recognizes that effective security requires intelligent collaboration between AI and human expertise.The platform's three-layer architecture ingests data from any source – network devices, applications, identities, and endpoints – while maintaining vendor neutrality through open EDR integration. Organizations can seamlessly work with CrowdStrike, SentinelOne, Sophos, or other preferred solutions without vendor lock-in. This flexibility proves crucial for enterprises navigating complex security ecosystems where different departments may have invested in various endpoint protection solutions.What sets Stellar Cyber apart is their autonomous SOC concept, which dramatically reduces alert volume from hundreds of thousands to manageable numbers within days rather than weeks. The platform's AI-driven auto-triage capability identifies true positives among thousands of false alarms, presenting analysts with prioritized "verdicts" that demand attention. This transformation addresses one of security operations' most persistent challenges: alert fatigue that leads to missed threats and burned-out analysts.The revolutionary AI Investigator copilot enables natural language interaction, allowing analysts to query the system conversationally. An analyst can simply ask, "Show me all impossible travel incidents between midnight and 4 AM," and receive actionable intelligence immediately. This democratization of security operations means junior analysts can perform at senior levels without extensive coding knowledge or years of experience navigating complex query languages.Identity threat detection and response (ITDR) emerged as another critical focus area during the Black Hat presentation. With identity becoming the new perimeter, Stellar Cyber integrated sophisticated user and entity behavior analytics (UEBA) directly into the platform. The system detects impossible travel scenarios, credential attacks, and lateral movement patterns that indicate compromise. For instance, when a user logs in from Portland at 11 PM and then appears in Moscow 30 minutes later, the platform immediately flags this physical impossibility.The identity protection extends beyond human users to encompass non-human identities, addressing the growing threat of automated attacks powered by large language models. Hackers now leverage generative AI to create credential attacks at unprecedented scale and sophistication, making robust identity security more critical than ever.Guha emphasized that AI augmentation doesn't displace security professionals but elevates them. By automating mundane tasks, analysts focus on strategic decision-making and complex threat hunting. MSSPs report dramatic efficiency gains, scaling operations without proportionally increasing headcount. Where previously a hundred thousand alerts might take weeks to process, requiring extensive junior analyst teams, the platform now delivers actionable insights within days with smaller, more focused teams.The platform's unified approach eliminates tool sprawl, providing CISOs with real-time visualization of their security posture. Executive reporting becomes instantaneous, with high-priority verdicts clearly displayed for rapid decision-making. This visualization capability transforms how security teams communicate with leadership, replacing lengthy reports with dynamic dashboards that convey risk and response status at a glance.Real-world deployments demonstrate significant operational improvements. Organizations report faster mean time to detection and response, reduced false positive rates, and improved analyst satisfaction. The platform's learning capabilities mean it becomes more intelligent over time, adapting to each organization's unique threat landscape and operational patterns.As organizations face increasingly sophisticated threats powered by generative AI, Stellar Cyber's human-augmented approach represents a paradigm shift. By combining AI intelligence with human intuition, the platform delivers faster threat detection, reduced false positives, and empowered security teams ready for tomorrow's challenges. The company's commitment to continuous innovation, evidenced by rapid feature releases between RSA and Black Hat, positions them at the forefront of next-generation security operations. Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947Note: This story contains promotional content. Learn more.Guest: Subo Guha, Senior Vice President Product, Stellar Cyber | https://www.linkedin.com/in/suboguha/ResourcesLearn more and catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyberLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Researchers uncover multiple vulnerabilities in a popular open-source secrets manager. Software bugs threaten satellite safety. Columbia University confirms a cyberattack. Researchers uncover malicious NPM packages posing as WhatsApp development tools.A new EDR killer tool is being used by multiple ransomware gangs. Home Improvement stores integrate AI license plate readers into their parking lots. The U.S. federal judiciary announces new cybersecurity measures after cyberattacks compromised its case management system. CISA officials reaffirm their commitment to the CVE Program. Our guest is David Wiseman, Vice President of Secure Communications at BlackBerry, discussing the challenges of secure communications. AI watermarking breaks under spectral pressure. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by David Wiseman, Vice President of Secure Communications at BlackBerry, who is discussing the challenges and misconceptions around secure communications. Selected Reading HashiCorp Vault 0-Day Flaws Enable Remote Code Execution Attacks (GB Hackers) Yamcs v5.8.6 Vulnerability Assessment (VisionSpace) Columbia University says hacker stole SSNs and other data of nearly 900,000 (The Record) Fake WhatsApp developer libraries hide destructive data-wiping code (Bleeping Computer) New EDR killer tool used by eight different ransomware groups (Bleeping Computer) Home Depot and Lowe's Share Data From Hundreds of AI Cameras With Cops (404 Media) US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks (Infosecurity Magazine) CISA pledges to continue backing CVE Program after April funding fiasco  (The Record) CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits (GB Hackers) AI Watermark Remover Defeats Top Techniques  (IEEE Spectrum) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is our sponsored guest, Rob Allen, chief product officer, ThreatLocker. In this episode: Large enterprise security demands drive vendor improvements Technical expertise becomes leadership liability without delegation EDR evolution needs prevention focus Career breaks require personal ownership and strategic timing A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

“Detection is not the end—it's just the beginning.” — Jerry Mancini, NETSCOUT In this episode of Technology Reseller News, Publisher Doug Green speaks with Jerry Mancini of NETSCOUT about the company's latest advancements in automated threat detection and response—with a particular focus on why telecommunications networks are uniquely vulnerable and high-value targets. NETSCOUT, long known for its deep packet inspection and network performance management, is expanding the capabilities of its adaptive threat analytics—a platform designed not only to detect threats but also to assemble and contextualize them using network-level intelligence. Beyond Detection: Seeing the Full Picture While most cybersecurity tools focus on isolated detections—EDR, firewall logs, and suspicious indicators—NETSCOUT's approach centers on reconstructing the complete threat narrative across the enterprise. By capturing packet data continuously and using workflows to connect disparate detections, NETSCOUT enables investigators to: Understand the root cause and lateral movement Detect activity before and after a flagged incident Integrate signals from multiple sources (EDR, NDR, WAF, and more) Investigate threats in real time and retrospectively Why Telcos Are at Greater Risk Mancini highlights the unique role of telco infrastructure in global data movement, making them prime targets for cyber espionage and traffic manipulation. Attackers, such as the Salt Typhoon group, have used compromised routers and peering points to reroute and eavesdrop on massive data flows—impacting not just carriers but their customers across the internet. Best Practices for Threat Hunters NETSCOUT supports both bottom-up investigations (starting with a detected incident) and top-down threat hunts (searching for indicators tied to known campaigns). The platform's ability to store and search packet-level data gives teams visibility that goes far beyond typical log-based detection tools. Mancini's key advice: “You need more than alerts—you need the data to trace back, understand what happened, and act before it's too late.” Where to Learn More Visit netscout.com to explore solutions in: Network Performance Management DDoS Detection & Mitigation Adaptive Threat Analytics NETSCOUT supports both enterprise and service provider environments and is available to assist with immediate and long-term threat management strategies.

In this special live episode of Autonomous IT, Live! we walk through a high-stakes incident response drill that mimics a disturbingly realistic threat scenario: an attacker gains access to your internal tools — not by breaking in, but by logging in.Here's the setup: a user unknowingly reuses compromised credentials with the company's SSO provider. An attacker logs in, flies under the radar, and impersonates internal IT support using Slack, email, and calendar invites. Their goal? Convince employees to install a fake remote access tool—all while avoiding anyone likely to report suspicious behavior.Join Landon Miles, Tom Bowyer, and Ryan Braunstein as they:

Az előfizetők (de csak a Belső kör és Közösség csomagok tulajdonosai!) már szombat hajnalban hozzájutnak legfrissebb epizódunk teljes verziójához. A hétfőn publikált, ingyen meghallgatható verzió tíz perccel rövidebb. Itt írtunk arról, hogy tudod meghallgatni a teljes adást. A futball Liam Gallaghere. A XXI. század Czinege Lajosa. Anikó igényei. Orbán unokája. Trump Patriotja. A focista Lamborghinije. Almák matricái, kenyerek cetlijei. Winkler morális pillanata. 00:54 Médiatörténelem: lehet podcastolni Tour de France-bámulás közben. Az Oasis cardiffi visszatérése crowdsource-olva. A Beastie Boys filmje, amit tényleg Adam MCA Yauch rendezett. A futballpályák Liam Gallaghere. Urbán Flórián és Zlatan Ibrahimovic. 05:31 Zlatan XTB-t reklámoz. Különböző balkáni arcberendezések. Vennél használt autót Zlatantól? Bernard Hinault Skodát reklámoz. Amikor Tom Simpson amfetaminokkal és alkohollal teletömve meghalt a biciklin. 10:50 Kvíz 1: Ruszin-Szendi és Dr. Szöszi. Kvíz 2: Honnan tudja Uj Péter, hogy mikor járt le Winkler Róbert halszósza? Kvíz 3: Vállalási tasak. Kvíz 4: Romina és Ronett. 17:13 Ruszin-Szendi Romulusz palotájának részletei. A magyar honvédség lakberendezési hagyományai. Czinege Lajos palotája az Edrődi Sándor utca 18/B-ben. 21:58 Czinege, az érdekes figura. 24:52 Melyik a legszarabb ház Dunakeszin? Mennyibe kerül egy magaságyás? A grillezés Stradivarija. Mikor ástál utoljára emésztőgödröt? 29:49 Bőrgarnitúra, 18 étkezőszék, Nespresso-csészék. Vegyenek már egy rendes Kees van der Westent! Anikó asszony igényei. 34:13 Ez már nem az a Ruszin-Szendi és nem az a Magyar. Várjuk a további feleségek listáit! Megvehették volna a Gellértet is. 37:49 Miért nem tiltja a szerződésük a 390 kilométer per órát? José Antonio Reyes halála. Luc Longley bodyboard-sérülése. 42:07 Az almamatricák és kenyércetlik pokla. 46:51 Hogyan lássunk el fiatalokat minőségi alkohollal? See omnystudio.com/listener for privacy information.

Bob Burke, Chief Information Security Officer at Beyond Identity, challenges the effectiveness of traditional multi-factor authentication (MFA) in the evolving landscape of cybersecurity. He argues that legacy MFA solutions, which often rely on out-of-band authorization methods like push notifications or one-time passwords, are no longer sufficient against the rising tide of sophisticated cyber threats. With the advent of services like phishing-as-a-service, attackers can easily bypass these outdated security measures, necessitating a shift towards phishing-resistant authentication methods. Burke emphasizes the need for organizations to adopt solutions that not only enhance security but also consider device posture and trustworthiness.Burke also critiques the current state of FIDO2 and passkeys, acknowledging their potential while highlighting their limitations, particularly in terms of device posture and user experience. He suggests that small to mid-sized businesses (SMBs) should prioritize phishing-resistant solutions that integrate both browser protection and device authentication. Furthermore, he raises concerns about the pricing models of many Software as a Service (SaaS) providers, which often place essential security features behind higher-tier subscriptions, effectively discouraging customers from adopting more secure practices.The conversation shifts to the endpoint detection and response (EDR) market, where Burke notes that while EDR solutions are still necessary, they are evolving into more comprehensive offerings like extended detection and response (XDR). He points out that many of these solutions are priced for enterprise-level organizations, leaving SMBs and mid-market companies struggling to find affordable options. Burke encourages these organizations to seek out solutions that fit their budget while still providing essential security capabilities.Finally, Burke shares insights from his experience with the FedRAMP certification process, emphasizing the importance of building internal security competencies and integrating security into product design from the outset. He advocates for a clear internal compliance program, such as NIST, to guide organizations in their security efforts. As the cybersecurity landscape continues to evolve, Burke warns that the tempo and scope of attacks are increasing, driven by advancements in AI, and urges organizations to reassess their security architectures to stay ahead of emerging threats.  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

What a busy swinger season we are having! Butts bday and after parties and pool parties! What kinda trouble can we get into??Upcoming parties:July 11-13th - EDR time!!!July 26th - LS party with The Goodies in OB San DiegoAug 1 - Say Less MandG at The CoveCome join us on our journey into the lifestyle as a longtime married couple living in Southern California!Call or text us on our Sweet phone at 951-226-5261Contact us:TheSweetSideOfLifePodcast@outlook.comTikTok:https://www.tiktok.com/@sweetsideoflifepodcast?_t=8f44ltzMqMA&_r=1Twitter(X):@SweetSidePodUse my Bluechew referral code LHAS

Send us a textWould you board a flight if the pilot landed safely only 99.5% of the time? Ricardo Villadiego wouldn't—and he applies that same mindset to cybersecurity. In this high-impact episode from IT Nation Secure 2025, Joey Pinz talks with Ricardo, founder of Lumu, about precision, preparation, and protecting MSPs from EDR evasion and network breaches.✈️ Drawing parallels between aviation and cybersecurity, Ricardo shares how checklists, training, and feedback loops apply to both flying planes and defending networks. He recalls lessons from the Miracle on the Hudson and explains why being “left of boom” isn't optional—it's essential.

We had a great time at Athenas and met some new friends. Introducing "Sweet and sour" to the mix! Ice cream butt shenanigans and also talked about some ways to introduce your relationship into the swinging community!Upcoming parties:June 27th - Bday party for Butt at Wine and Beer garden in TemeculaJuly 5th - Saturday FundayJuly 11-13th - EDR time!!!July 26th - LS party with The Goodies in OB San DiegoCome join us on our journey into the lifestyle as a longtime married couple living in Southern California!Call or text us on our Sweet phone at 951-226-5261Contact us:TheSweetSideOfLifePodcast@outlook.comTikTok:https://www.tiktok.com/@sweetsideoflifepodcast?_t=8f44ltzMqMA&_r=1Twitter(X):@SweetSidePodUse my Bluechew referral code LHAS

(Replay) In this episode, Spencer and Brad discuss the ever popular and highly debated topic of evasion. In this podcast we talk about evasion from the context of evading defense controls, not necessarily EDR specific evasion techniques. Our hope with this episode is to shed light on this topic and help defenders understand various methods of evasion and this topic more in general.Resources(Jun 1, 2021) Evadere Classifications - detection & response focusDefense Evasion, Tactic TA0005 - Enterprise | MITRE ATT&CK® - controls focus(Mar 22, 2024) Atomics on a Friday - Evade or Bypass - edr focusBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/mylinks Work with Us: https://securit360.com

Send us a textTodays episode vocers a comprehensive overview of Network Detection and Response (NDR) technology, explaining its core function in detecting abnormal and malicious system behaviors by analyzing network traffic data. It outlines key features such as data ingestion, detection, and response, and discusses common use cases including lateral movement and insider threat detection, even extending to Operational Technology (OT) environments. The text also reviews the current market vendors based on a Gartner Magic Quadrant analysis, differentiates NDR from other security technologies like EDR, SIM, and XDR, and explores the integration of AI in enhancing NDR capabilities.Support the showGoogle Drive link for Podcast content:https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnkoMy Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/Youtube Channnel : https://www.youtube.com/@TheCybermanShow Twitter handle https://twitter.com/prashant_cyber PS: The views are my own and dont reflect any views from my employer.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Sometimes, one plus one is three. Back in 2021, McAfee's Enterprise business merged with FireEye to form Trellix. Today, the net result is a company that generates $1.2 billion globally and $400 million in the public sector. In today's interview, Ken Karsten details how federal leaders can use Trellix to improve cybersecurity in a federal world with rapidly increasing end points. Setting the stage, Ken Karsten reviews an Executive Order 14028  from 2021 that encouraged federal agencies to aggressively protect endpoints, sometimes called Endpoint Detection and Response. In four short years, AI has transformed the way malicious actors attack end points and the defense had to be improved. Enter, Extended Detection and response. During the interview, Ken Karsten gives listeners an overview of XDR's continuous monitoring, advanced analytics, and rapid threat assessment and response capabilities. Advances in AI have allowed Trellix to deliver EDR and XDR capabilities at a drastically reduced cost. Topics in the discussion include Operational Technology, 5G, and Trellix's recent DoD IL5 authorization. Provide a link to download the Trellix Cyber Threat Report.

I used to think of my car as just a tool to get from point A to point B. But after this conversation, I can't help but see it as something else entirely, a powerful data collection device that knows far more about me than I realized. From where I go and who I text to how I drive and even what's on my phone, today's vehicles are gathering a staggering amount of personal information. In this episode, I talk with Andrea Amico, the founder of Privacy4Cars. Andrea is one of the leading voices in automotive data privacy and someone who's spent years uncovering the hidden ways cars collect, store, and share our information. He breaks down how connected cars work, what's actually being tracked, and why it matters not just for your privacy, but for your safety and finances too. We get into everything from rental car risks and data left behind when you sell a car, to how automakers and third parties might be profiting off your data without your knowledge. If you've ever paired your phone with a vehicle or assumed your texts disappear when you disconnect, this episode is going to change the way you think about driving and how to take back control. Show Notes: [01:28] Andrea started Privacy4Cars because cars collect a lot of data. There were zero protections for privacy and security. He's dedicated to turning your car into a more private space and giving you more choice, understanding, and control. [02:25] We talk about when cars started collecting data. OnStar started about 25 years ago. Things really began to evolve when Bluetooth and navigation became common. [03:12] Things really exploded with modern telematics which is like putting a cell phone inside your car that calls home all the time. The average car collects around 25 GB of data per day. [04:08] We talk about the type of data that is collected by cars from GPS to having your phone collected and the car even knowing your weight. [05:26] The sensors in your car know exactly how you drive. [06:46] Informed consumers are better off. These data collecting policies are usually hidden in the car manufacturers privacy policies. [08:46] You can find your car's privacy policy at Vehicle Privacy Report. [10:21] The goal is to make the car manufacturer's behavior visible to consumers, because that's the way to drive better company behavior. [11:26] When you rent a car and when you sell a car, your car is like a giant unencrypted hard drive that contains your data. [12:06] We should wipe the data in our cars the same way we wipe the data in our phones when we replace them. [13:05] You can find a tool to help remove data from your car at Privacy4Cars. [14:21] We talk about what rental cars get from your connected phone.  [17:24] Found data can be used in targeted spear phishing attacks. [19:18] Most cars since 2017 have a SIM card. If a prior owner consented to data collection, that data is still being collected when you take over the car. [22:15] Ford estimated that they would make $2,000 per car per year from data services. [24:17] It's common for cars to even have a camera that looks at you. In a few years it might be common for vehicles to monitor for things like intoxication. [26:56] Organizations creating standards like the Future of Privacy Forum. [29:09] Cars have an EDR electronic data recorder. It's like a black box for when an accident happens. [34:05] Delete data when you buy, rent, or sell a car. Opt out if you can. [36:33] Think about your car just like your computers and your phone. [37:15] Andrea shares a story about how an ex-spouse was able to duplicate her key. The dealer wanted $1,000 to reset her car. [40:23] Parting advice includes looking up your car's VIN at Vehicle Privacy Report. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Andrea Amico - Privacy4Cars Privacy4Cars Vehicle Privacy Report Andrea Amico - LinkedIn Future of Privacy Forum Endpoints-On-Wheels – Protecting Company And Employee Data In Cars. Ciso Mitigation Strategies For Fleets, Rentals, And Personnel-Owned Vehicles

OctoSQL & Vulnerability Data OctoSQL is a neat tool to query files in different formats using SQL. This can, for example, be used to query the JSON vulnerability files from CISA or NVD and create interesting joins between different files. https://isc.sans.edu/diary/OctoSQL+Vulnerability+Data/32026 Mirai vs. Wazuh The Mirai botnet has now been observed exploiting a vulnerability in the open-source EDR tool Wazuh. https://www.akamai.com/blog/security-research/botnets-flaw-mirai-spreads-through-wazuh-vulnerability DNS4EU The European Union created its own public recursive resolver to offer a public resolver compliant with European privacy laws. This resolver is currently operated by ENISA, but the intent is to have a commercial entity operate and support it by a commercial entity. https://www.joindns4.eu/ WordPress FAIR Package Manager Recent legal issues around different WordPress-related entities have made it more difficult to maintain diverse sources of WordPress plugins. With WordPress plugins usually being responsible for many of the security issues, the Linux Foundation has come forward to support the FAIR Package Manager, a tool intended to simplify the management of WordPress packages. https://github.com/fairpm

Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems * What tools exist for analyzing Linux systems? (AIDE, uac, chkrootkit) * Best Anti-Malware for Linux - Commercial tools, open-source, both, none? * ClamAV - fa-notify and the dangers Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-877

Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems * What tools exist for analyzing Linux systems? (AIDE, uac, chkrootkit) * Best Anti-Malware for Linux - Commercial tools, open-source, both, none? * ClamAV - fa-notify and the dangers Show Notes: https://securityweekly.com/psw-877

Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems * What tools exist for analyzing Linux systems? (AIDE, uac, chkrootkit) * Best Anti-Malware for Linux - Commercial tools, open-source, both, none? * ClamAV - fa-notify and the dangers Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-877

Enduro is back and it feels like it might be turning a corner. After a couple of tough seasons, there's a real sense of momentum building in the sport, and we're here for it. In this episode, I'm joined by Greg Callaghan and Morgane Charre, two riders who've been at the sharp end of Enduro racing for years, to dig into the first two rounds of the 2025 EDR season. We're talking big changes: the return of two-day racing, a fresh energy in the pits, and a crop of new talent shaking things up. Greg and Morgane share their experiences from Pietra and Poland so we get the low down on what went on. We get into everything from course design and recovery strategies to weather chaos, injuries, and the impact of a brand new documentary series that's got people talking. There's still a way to go, but if the start of the season is anything to go by, Enduro's future is looking a whole lot brighter. So it's time to sit back, hit play and listen to this episode with Morgane Charre and Greg Callaghan. You can also watch this episode on YouTube here. You can follow Morgane on Instagram @morganecharre. Greg is @greg_callaghan on Instagram and you can find his YouTube channel here. To be in with the chance of winning a set of Magura Gustav Pros and a Wahoo ELEMNT BOLT bike computer, fill out our audience survey here before the end of June 2025. Podcast Stuff Supporting Partners Magura With the new Gustav Pro, Magura have produced the ultimate gravity and ebike brake. With all the power you could ever need, delivered with incredible modulation, you never need to question your brakes again. Head to magura.com and check them out. Wahoo Head to wahoofitness.com to check out Wahoo's brand new ELEMNT BOLT and ROAM bike computers. From tracking your rides, through navigation, to sharing the results, Wahoo have got you covered with easy to use, lightweight computers with incredible battery life. Listener Offers Downtime listeners can now get 10% off of Stashed Space Rails. Stashed is the ultimate way to sort your bike storage. Their clever design means you can get way more bikes into the same space and easily access whichever one you want to ride that day. If you have 2 or more bikes in your garage, they are definitely worth checking out. Just head to stashedproducts.com/downtime and use the code DOWNTIME at the checkout for 10% off your entire order. And just so you know, we get 10% of the sale too, so it's a win win. Patreon I would love it if you were able to support the podcast via a regular Patreon donation. Donations start from as little as £3 per month. That's less than £1 per episode and less than the price of a take away coffee. Every little counts and these donations will really help me keep the podcast going and hopefully take it to the next level. To help out, head here. Merch If you want to support the podcast and represent, then my webstore is the place to head. All products are 100% organic, shipped without plastics, and made with a supply chain that's using renewable energy. We now also have local manufacture for most products in the US as well as the UK. So check it out now over at downtimepodcast.com/shop. Newsletter If you want a bit more Downtime in your life, then you can join my newsletter where I'll provide you with a bit of behind the scenes info on the podcast, interesting bits and pieces from around the mountain bike world, some mini-reviews of products that I've been using and like, partner offers and more. You can do that over at downtimepodcast.com/newsletter. Follow Us Give us a follow on Instagram @downtimepodcast or Facebook @downtimepodcast to keep up to date and chat in the comments. For everything video, including riding videos, bike checks and more, subscribe over at youtube.com/downtimemountainbikepodcast. Are you enjoying the podcast? If so, then don't forget to follow it. Episodes will get delivered to your device as soon as it's available an...

This week, we are joined by Deepen Desai, Zscaler's Chief Security Officer and EVP of Cyber and AI Engineering, taking a dive deep into Mustang Panda's latest campaign. Zscaler ThreatLabz uncovered new tools used by Mustang Panda, including the backdoors TONEINS, TONESHELL, PUBLOAD, and the proxy tool StarLoader, all delivered via phishing. They also discovered two custom keyloggers, PAKLOG and CorKLOG, and an EDR evasion tool, SplatCloak, highlighting the group's focus on surveillance, persistence, and stealth in cyberespionage operations.4o. The research can be found here: Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1 Latest Mustang Panda Arsenal: PAKLOG, CorKLOG, and SplatCloak | P2 Learn more about your ad choices. Visit megaphone.fm/adchoices

This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and mouse with malware There's a cellular modem in your solar gear Don't slack on securing Slack XSS in your mail SIM swapping and the SEC Ivanti and libraries Supercomputers in space! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-875

This episode is sponsored by Edmond de Rothschild and Palistar Capital and first appeared on The Infrastructure Investor Podcast  Digital infrastructure is developing rapidly, turbocharged first by the coronavirus pandemic and now by advances in artificial intelligence, which have turned data centres into arguably the hottest investment in infrastructure at the moment. The sector also includes fibre and towers, both of which are also attracting strong investor interest. This episode focuses on the growth of – and opportunities within – digital infrastructure's three key subsectors. Jean-Francis Dusch, global head of infrastructure and structured finance at EdR, and Josh Oboler, investment partner at Palistar Capital, explore how AI is transforming the data centre landscape, where to find the best opportunities in fibre, and why towers continue to make such a good investment.

This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and mouse with malware There's a cellular modem in your solar gear Don't slack on securing Slack XSS in your mail SIM swapping and the SEC Ivanti and libraries Supercomputers in space! Show Notes: https://securityweekly.com/psw-875

The LockBit ransomware gang has been hacked. Google researchers identify a new infostealer called Lostkeys. SonicWall is urging customers to patch three critical device vulnerabilities. Apple patches a critical remote code execution flaw. Cisco patches 35 vulnerabilities across multiple products. Iranian hackers cloned a German modeling agency's website to spy on Iranian dissidents. Researchers bypass SentinelOne's EDR protection. Education tech firm PowerSchool faces renewed extortion. CrowdStrike leans into AI amidst layoffs. Our guest is Caleb Barlow, CEO of Cyberbit, discussing the mixed messages of the cyber skills gaps. Honoring the legacy of Joseph Nye. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Caleb Barlow, CEO of Cyberbit, who is discussing the mixed messages of the cyber skills gaps. Selected Reading LockBit ransomware gang hacked, victim negotiations exposed (Bleeping Computer) Russian state-linked Coldriver spies add new malware to operation (The Record) Fake AI Tools Push New Noodlophile Stealer Through Facebook Ads (Hackread) SonicWall urges admins to patch VPN flaw exploited in attacks (Bleeping Computer) Researchers Details macOS Remote Code Execution Vulnerability - CVE-2024-44236 (Cyber Security News) Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers (Cyber Security News) Cisco Patches 35 Vulnerabilities Across Several Products (SecurityWeek) Iranian Hackers Impersonate as Model Agency to Attack Victims (Cyber Security News) Hacker Finds New Technique to Bypass SentinelOne EDR Solution (Infosecurity Magazine) CrowdStrike trims workforce by 5 percent, aims to rely on AI (The Register) Despite ransom payment, PowerSchool hacker now extorting individual school districts (The Record)  Joseph Nye, Harvard professor, developer of “soft power” theory, and an architect of modern international relations, dies at 88 (Harvard University)  Nye Lauded for Cybersecurity Leadership (The Belfer Center for Science and International Affairs at Harvard University) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker: has been hacked AI slop vulnerability reporting Bricking iPhones with a single line of code Hacking planet technology Vibe hacking for the win? Cybersecurity CEO arrested for deploying malware Hello my perverted friend FastCGI - fast, but vulnerable Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-873

In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-394

In this edition of Snake Oilers three vendors pitch host Patrick Gray on their tech: Pangea: Guardrails and security for AI agents and applications (https://pangea.cloud) Worried about your AI apps going rogue, being mean to your customers or even disclosing sensitive information? Pangea exists to address these risks. Fascinating stuff. Cosive: A threat intelligence company that can host your MISP server in AWS. CloudMISP! (https://www.cosive.com/snakeoilers) Are you running a MISP server on some old hardware under a desk in your SOC? There's a better way! Cosive can run it for you on AWS so you can just use it instead of wrestling with maintaining it. They also do some CTI consulting to help you get better use out of MISP. Sysdig: A Linux runtime security platform (https://sysdig.com/) The modern Windows network is an all-singing, all-dancing, perfectly orchestrated, EDR-protected ballet. The modern Linux production environment… isn't. Find out how Sysdig can help you get some visibility and control over your Linux fleet. This episode is also available on Youtube. Show notes