Podcasts about ESET

In this episode of Cybersecurity Today, host David Shipley covers the latest updates from the Pwn2Own 2025 event in Ireland, where top hackers earned over $1 million for uncovering 73 zero-day vulnerabilities. Despite significant hype, AI's impact on cybersecurity remains limited. We also dive into a critical Microsoft WSUS flaw under active exploitation and its implications for U.S. government cyber defenses amid a federal shutdown. Lastly, ESET reports reveal North Korea's increased cyber espionage targeting European drone manufacturers. Stay informed on the ever-evolving landscape of cybersecurity threats and defenses. 00:00 Introduction and Headlines 00:29 Pwn to Own 2025 Highlights 02:35 AI's Role in Cybersecurity 03:43 Microsoft's Critical WSUS Vulnerability 07:24 US Government Shutdown and Cyber Attacks 10:04 North Korean Cyber Espionage 12:46 Conclusion and Call to Action

In een alarmerend rapport laat AI-bedrijf Anthropic zien hoe taalmodellen worden ingezet voor digitale afpersing, netwerkinbraken en zelfs het bouwen van ransomware. Daarmee daalt de drempel voor cybercrime drastisch: één hacker met een AI-tool is tegenwoordig net zo gevaarlijk als een compleet team.Hoe gebruiken criminelen AI om hun aanvallen te verfijnen? Is dit een keerpunt in de digitale strijd? En moeten AI-bedrijven meer verantwoordelijkheid nemen voor het gedrag van hun modellen?Harm en Dave duiken in de duistere kant van AI, bespreken opvallende voorbeelden, en horen van KPMG alles over AI & ethiek. En natuurlijk de cybertips van de week: Dave: Podcast The trouble with tech companies and their strategyHarm: Een nieuw seizoen van podcastserie Ik weet je wachtwoord van Daniël VerlaanZie het privacybeleid op https://art19.com/privacy en de privacyverklaring van Californië op https://art19.com/privacy#do-not-sell-my-info.

Mobil uygulamalar, konumunuzu siz fark etmeden mi takip ediyor? ESET Ürün ve Pazarlama Müdürü Can Erginkurban, Uber'den Instagram'a kadar popüler uygulamaların lokasyon bilgilerini nasıl kullandığını ve Apple'ın Notification Trigger sisteminin perde arkasını Atıf Ünaldı ile Netizen'de anlatıyor.

Près de 3 ans après sa mise en oeuvre, la Stratégie du Canada pour l'Indo-Pacifique peut faire l'objet d'un premier bilan. De nombreux évènements extérieurs sont venus rebattre les cartes, mais aussi renforcer la nécessité de tisser des liens avec des partenaires partageant les mêmes valeurs. Parmi ces partenaires, Taïwan occupe une position particulière. L'objet de cette table ronde est de dresser le portrait des facteurs qui font de Taïwan un élément extrêmement important de toute stratégie indo-pacifique, et, notamment, de la stratégie canadienne. Son importance géostratégique sera évoquée, ainsi qu'une analyse de son évolution récente. Les panélistes aborderont aussi son rôle de premier plan en matière de réflexion sur les futurs conflits militaires et la cybersécurité. La discussion se conclura par une réflexion sur les spécificités de la relation canado-taïwanaise dans le cadre de la stratégie indo-pacifique du Canada. Avec : Olga Alexeeva, professeure au Département d'histoire de l'UQAM Alexis Rapin, analyste en renseignement sur les cybermenaces, ESET et chercheur associé à l'Observatoire des conflits multidimensionnelsYann Roche, professeur au Département de géographie de l'UQAM, président de l'Observatoire de géopolitique de la Chaire Raoul-Dandurand et titulaire intérimaire de la Chaire d'études asiatiques et indo-pacifiques du CÉRIUM et directeur de l'axe Stratégie et diplomatie

In 2020 werd Finland opgeschrikt door een van de wreedste datalekken ooit: duizenden patiënten van de psychotherapie-verlener Vastaamo werden afgeperst met de meest intieme details uit hun therapiesessies.De dader? De piepjonge Julius Kivimäki, die al snel uitgroeide tot één van de meest beruchte tienerhackers ter wereld. BBC-journalist Joe Tidy volgde hem jarenlang en kreeg een unieke inkijk in zijn karakter. Hij vertelt hoe Kivimäki zijn arrogantie en meedogenloosheid inzette voor grootse cybermisdaden, maar hoe dit uiteindelijk ook zijn ondergang betekende.Kunnen we Kivimäki zien als het boegbeeld van een nieuwe generatie hackers? Wat zien we in Nederland gebeuren met tech-savy jongeren? En hoe houden we hen op het juiste pad? Dat bespreken Dave en Harm met Jordi van den Breekel van KPMG.Tips:Boek: Ctrl+Alt+Chaos - Joe TidyDocumentaire: ‘Most Wanted: Teen Hacker' - HBO Max / Amazon PrimeChallenge The Cyber - sluit je aan als scholier of student!Cybersecurity-katern ReutersHet Digitale Front wordt mede mogelijk gemaakt door KPMG.Zie het privacybeleid op https://art19.com/privacy en de privacyverklaring van Californië op https://art19.com/privacy#do-not-sell-my-info.

Ben Pascoe attended the Eset Slovak Scientist of the Year awards held recently in Bratislava. He brings you interviews with founders, jury members, Slovak scientists and even a former president, as well info on many of the great scientists in Slovakia today.

Defensie kiest voor een nieuwe koers in het digitale domein: niet langer alleen verdedigen, maar ook aanvallen. Staatssecretaris Gijs Tuinman presenteerde deze week een nieuwe cyberstrategie waarin offensieve digitale operaties voor het eerst expliciet worden omarmd. Maar hoe werkt dat in de praktijk? Mag Defensie dat juridisch gezien wel? En raken we zo niet verzeild in een nieuwe, onzichtbare wapenwedloop?Te gast is docent Integrale Veiligheid Matthijs Veenendaal, een van de architecten van de eerste cyberstrategie in 2012, voor een kritische blik op de plannen van nu.Tips:Matthijs: volg een cyberopleiding! Kijk hier of hier! Dave: overzicht digitale Tweede Kamerleden, via deze link of nerdvote.nl Harm: Artikel New York Times over AI-videogeneratorenHet Digitale Front wordt mede mogelijk gemaakt door KPMG.Zie het privacybeleid op https://art19.com/privacy en de privacyverklaring van Californië op https://art19.com/privacy#do-not-sell-my-info.

Op 29 oktober is het zover: dan mogen we naar de stembus om te bepalen wie er in de Tweede Kamer komt. Maar hoe digitaal zijn de verkiezingsprogramma's dit jaar eigenlijk? Welke partijen durven écht werk te maken van cyberveiligheid? Wie ziet een minister van Digitale Zaken wel zitten? En hoe gaan we ervoor zorgen dat we beschermd worden tegen schadelijke algoritmes en grote techreuzen? Dave en Harm nemen je mee op een rondje door Den Haag en bespreken de plannen van GroenLinks-PvdA, VVD, D66 en de Piratenpartij. Wat zijn sterke ideeën, en waar blijft het bij mooie woorden? Zo weet jij straks op wie je moet stemmen voor een gedegen digitale kandidaat.Fleur van Leusden belt ook in om uit te leggen hoe zij met de Kiesraad veilige verkiezingen garanderen en waarom we eigenlijk nog steeds met potlood stemmen, in plaats van online.Tips:Tweede Kamer - Commissie Digitale ZakenBoek ‘Wie vrede wil, moet zich op oorlog voorbereiden' - Rob BauerEuropean Coffee Trip - iOS / Android Het Digitale Front wordt mede mogelijk gemaakt door KPMG.Zie het privacybeleid op https://art19.com/privacy en de privacyverklaring van Californië op https://art19.com/privacy#do-not-sell-my-info.

Zdeněk Ráčil opustil kampus prestižní fakultní nemocnice a po dvaceti letech ve vrcholové medicíně se rozhodl stát se praktikem na malé vesnici a ve volném čase pomáhat v Ugandě. Právě díky němu je ve městě Buikwe nejlepší klinika pro srpkovitou anémii a africké děti si ho podmanily natolik, že se za nimi vrací několikrát ročně.Partnerem podcastu je ESET - zaměřuje na digitální bezpečnost domácností i firem a právě nyní mají akci 3 za 2 – tři roky ochrany za cenu dvou. Takže pokud chcete začít brát digitální bezpečnost vážně. Mrkněte na eset.cz

Deze zomer werd laboratorium Clinical Diagnostics getroffen door een enorme ransomware-aanval. Zeer gevoelige gegevens van meer dan 850.000 Nederlanders werden op het dark web gepubliceerd. Wat zegt dit over de databeveiliging binnen ons zorgsysteem? En brengt dit ons vertrouwen in de zorg - en daarmee ook onze gezondheid - in gevaar?Techjournalist Daniël Verlaan zag een deel van de gelekte gegevens in en vertelt wat hij daar precies aantrof. Samen met techjurist Lisette Meij bespreken Harm en Dave welke juridische gevolgen Clinical Diagnostics en Bevolkingsonderzoek Nederland boven het hoofd hangen, en kijken ze naar de mogelijkheden voor slachtoffers: waar moet je waakzaam voor zijn als jouw gegevens zijn betrokken bij een lek?Ellen Mok belt namens de Digitale Dolle Mina's in over de politieke nasleep van de hack en legt uit hoe zij strijdt voor de belangen van de - veelal vrouwelijke - slachtoffers.Tips:Podcast ‘The Kill List'FraudehelpdeskZet de verbetering van generatieve AI uit op LinkedInPodcast ‘NOOD'Het Digitale Front wordt mede mogelijk gemaakt door KPMG.Zie het privacybeleid op https://art19.com/privacy en de privacyverklaring van Californië op https://art19.com/privacy#do-not-sell-my-info.

If you like what you hear, please subscribe, leave us a review and tell a friend!Authorities and security firms are warning about a variety of cyber threats impacting users and organizations worldwide. The FBI flagged a spoofed IC3 website, while macOS users are targeted by a widespread infostealer campaign. SonicWall urged users to reset credentials and European airports experienced check-in disruptions due to a cyberattack while a verified Steam game reportedly stole donations. Canadian authorities dismantled the TradeOgre exchange, seizing $40 million in cryptocurrency and ESET reported collaboration between two of the Kremlin's most active hack groups.

Flights at Heathrow have been disrupted by a major cyber attack.We speak to ESET's Global Cybersecurity Advisor Jake Moore about the issues that took the boarding tech offline, throwing the airport into chaos.Also in this episode:Donald Trump says the Murdochs could be part of US team to stop TikTok being banned in the US.A Lib Dem proposal to boost online safety could lead to social media health warnings every time you open your favourite app.More people see AI as a risk than an opportunity according to new research from the Tony Blair Institute.Could Cycle to Work become Workout from Work? ukactive pushes for government support to get our fitness levels up.Apple users in the EU are missing out on the latest features amid Brussel's data sharing row. Hosted on Acast. See acast.com/privacy for more information.

Back to school and back to work! Tech lifestyle expert Carley Knobloch joins us to share some great Fall tech pics for the entire familyShould teachers allow genAI in the classroom? Tony Anscombe, Chief Security Evangelist with ESET, says “yes” -- and explains whyLife-saving communications tech during natural disasters and other emergencies – we'll learn all about Verizon Frontline with its VP, Cory DavisI'll share some thoughts on the Apple AirPods Pro 3. In a word? Wow.Thank you to Visa and Sandisk for your support!

Het kan je niet ontgaan zijn: de militaire parade waar China trots al haar nieuwe tanks, raketten en drones de revue liet passeren. Maar: hun belangrijkste wapens ontbraken daarin. China voert namelijk geen traditionele oorlog, maar zet digitale wapens in om ons dagelijks leven te ontwrichten.Van grootschalige cyberaanvallen op Westerse infrastructuur tot het saboteren van onze satellieten: wat is China's strategie en waar willen ze naartoe? En waarom kiezen ze ervoor om hun cyberpraktijken achter gesloten deuren te houden? Versterkt door oud-China-correspondent Anouk Eigenraam, duiken Dave en Harm in de eerste aflevering van dit nieuwe seizoen naar China's cyberstrategie en de geslotenheid van het land. Zo vertelt Anouk over haar interviewpoging op het hoofdkantoor van DeepSeek en hoe ze daarvoor de vingerafdruk van een schoonmaakster nodig had om een medewerker te kunnen spreken…Tips:The Telegraph - ‘Nato is defenceless against China's real West-killing weaponsRapport ‘Mobilizing Cyberpower'Substack NetAskari + Boek ‘Apple in China' - Patrick McGeeApp 112NL: iOS / AndroidApp BrandSnap: iOS / AndroidHet Digitale Front wordt mede mogelijk gemaakt door KPMG.Zie het privacybeleid op https://art19.com/privacy en de privacyverklaring van Californië op https://art19.com/privacy#do-not-sell-my-info.

It is one thing to avoid dealing with strangers, but when you get a plea for help from someone you know, you might be letting your guard down. Lester Kiewit speaks to Lucas Molefe, a Cybersecurity expert, to find out how criminals are assuming the identities of people you know, with the aim of parting you from your money. Good Morning Cape Town with Lester Kiewit is a podcast of the CapeTalk breakfast show. This programme is your authentic Cape Town wake-up call. Good Morning Cape Town with Lester Kiewit is informative, enlightening and accessible. The team’s ability to spot & share relevant and unusual stories make the programme inclusive and thought-provoking. Don’t miss the popular World View feature at 7:45am daily. Listen out for #LesterInYourLounge which is an outside broadcast – from the home of a listener in a different part of Cape Town - on the first Wednesday of every month. This show introduces you to interesting Capetonians as well as their favourite communities, habits, local personalities and neighbourhood news. Thank you for listening to a podcast from Good Morning Cape Town with Lester Kiewit. Listen live on Primedia+ weekdays between 06:00 and 09:00 (SA Time) to Good Morning CapeTalk with Lester Kiewit broadcast on CapeTalk https://buff.ly/NnFM3Nk For more from the show go to https://buff.ly/xGkqLbT or find all the catch-up podcasts here https://buff.ly/f9Eeb7i Subscribe to the CapeTalk Daily and Weekly Newsletters https://buff.ly/sbvVZD5 Follow us on social media CapeTalk on Facebook: https://www.facebook.com/CapeTalk CapeTalk on TikTok: https://www.tiktok.com/@capetalk CapeTalk on Instagram: https://www.instagram.com/ CapeTalk on X: https://x.com/CapeTalk CapeTalk on YouTube: https://www.youtube.com/@CapeTalk567 See omnystudio.com/listener for privacy information.

L'été a été noir sur le front de la cybersécurité. Benoît Grunemwald, expert cybersécurité, fait le point sur les dernières cybermenaces. Au programme : des attaques de grande ampleur, une nouvelle technique de piratage via de faux captchas, et l'émergence d'un ransomware boosté à l'intelligence artificielle.En partenariat avec ESETDerrière les fuites de données qui ont touché France Travail, Air France-KLM, Orange ou Bouygues Télécom, des techniques toujours plus sournoises : hameçonnage, infostealers, ingénierie sociale et compromission de comptes employés. Benoît Grunemwald lève le voile sur ces méthodes redoutables — y compris une arnaque inédite qui détourne les captchas pour pousser l'utilisateur à installer lui-même un logiciel malveillant via une simple ligne de commande.Nous parlons également de PromptLock, un ransomware de nouvelle génération capable de s'adapter en temps réel grâce à l'intelligence artificielle, rendant la détection et la prévention encore plus difficiles.

„Tíz drónnál nincs véletlen” – Sz. Bíró Zoltán szerint Moszkva a NATO tűrőképességét teszteli. Béke csak erős biztonsági garanciákkal képzelhető el – akár fájdalmas területi kompromisszum árán. A háború lezárásának joga pedig a rendkívüli hősiességet mutató ukránoké - mondja az Oroszország-szakértő.

Cette semaine : sanctions records pour Google, innovations à l'IFA, IA dans l'éducation, classement des chatbots menteurs, suicides liés à ChatGPT, psys assistés par IA, retard des entreprises françaises en IA, cyberattaques en hausse et manipulation sur les réseaux sociaux.

ESET odhalil první ransomware poháněný umělou inteligencí s názvem PromptLock. Znamená to začátek nové éry kybernetických hrozeb? V epizodě 296 se podíváme na to, jak může AI proměnit svět ransomwaru, a přidáme i další aktuální novinky z kyberprostoru – od zneužívání Claude AI pro masové útoky přes nové ransomwarové kmeny Cephalus či Sinobi až po detailní analýzu sextortion kampaní posledních čtyř let. Nevynecháme ani společné varování NÚKIB a NSA před čínským aktérem Salt Typhoon. A na závěr se podíváme i na pozitivní projekt týdne, kterým je KYBER CENA ROKU 2025.

　PromptLock の感染事例はまだ確認されていないものの、今回の発見は、AI がサイバー犯罪者の攻撃プロセスをはるかに容易にしていることを示すものであり、防御側は警告と受け止めるべきだろう。ESET の 2 人の研究者は、VirusTotal にアップロードされた Windows 版と Linux 版の両方の亜種を特定したと述べている。

Dozens of online influencers are using their platform to spread financial literacy, which continues to have a growing impact on younger generations looking to get into investing, saving and making more money.And although cybercriminals have been around for decades, they're capitalizing on social media users with the help of artificial intelligence in the form of deep fakes or fraudulent advertisements to get your money and information. Host Mike Eppel speaks to Tony Anscombe, chief security evangelist at ESET to discuss the signs to look out for, and how to protect yourself and your wallet from being one of the millions of cybercrime victims. We love feedback at The Big Story, as well as suggestions for future episodes. You can find us:Through email at hello@thebigstorypodcast.ca Or @thebigstoryfpn on Twitter

Deepfake videos impersonating real doctors are being used to push fake medical advice. How big of a problem is this becoming? Tony Anscombe, chief Security Evangelist for cybersecurity company ESET, joins us.

 “What do you call a haunted house in Egypt?”Isis. Protector of Pharaohs. Guardian of the Dead. Goddess of Magic. Perhaps the most influential of all Egyptian deities. So, what's the deal with that whole getting rid of Ra to put her husband on the throne, thing? Not very Ma'at of her, if you ask us. Other topics include the fear-amids, mythological details regarding the timing of the Snake Bite Incident, a trouble pattern of choices made by Rick Riordan, where the name “Eset” comes from in SMITE, why aesthetic plays a big role in which Egyptian gods get modern appearances, the first weekly live-action American superhero show with a female lead, and some out of the blew but not uncalled for dunks on Black Adam (2022). Content Warning: This episode contains mentions of and conversations about death, the afterlife, dismemberment, necrophilia, and harm to a child. Spoilers for SMITE and The Secrets of IsisLearn more about the Idaho Food Bank: https://idahofoodbank.org/Come see us at Boise Comic Arts Festival!! https://www.boisepubliclibrary.org/using-the-library/boise-comic-arts-festival/Bemused bonus episode available NOW on Patreon! https://www.patreon.com/musesofmythologyAbout UsMuses of Mythology was created and co-hosted by Darien and DJ Smartt.Our music is Athens Festival by Martin Haene. Our cover art is by Ranpakoka. Find him on Instagram @Ranpakoka Love the podcast? Support us on Patreon and get instant access to bloopers, outtakes, and bonus episodes! Patreon.com/musesofmythologyGet you hands on podcast merch at Musesofmythology.com/merchFind us @MusesOfMyth on Instagram. Find all of our episodes and episode transcripts at MusesOfMythology.com-----------------------  Support the showNo portion of this episode may be used for AI training purposes or to create derivative works without express written permission from the creators and co-hosts Darien Smartt or Davis Smartt.

In H1 2025, a new social engineering technique called ClickFix started reshaping the threat landscape, quickly becoming the latest craze among all kinds of threat actors and rising to #2 in ESET telemetry. In stark contrast to this surge, law enforcement disrupted two major infostealer-as-a-service operations: Lumma Stealer and Danabot. And of course, no threat report would be complete without ransomware—this time highlighted by dramatic, deathmatch-style infighting that brought down several players including the leading RansomHub. For more details, visit Welivesecurity.com and read the latest H1 2025 report – no paywall or registration required. Discussed: ClickFix and FakeCaptcha 1:05 Whack-a-hack, infostealer version 9:20 Ransomware deathmatch 18:40 Host: Aryeh Goretsky, ESET Distinguished Researcher Guest: Ondrej Kubovič, Security Awareness Specialist Read more @WeLiveSecurity.com and @ESETresearch on Twitter ESET Threat Report H1 2025

In this episode of Insurance Tomorrow, Vanessa is joined by Delvin Tillett, Head of Cyber at Allianz Commercial, and Jake Moore, Global Cybersecurity Advisor at ESET to unravel the cyber risk landscape in the wake of the recent cyber-attacks on leading UK retailers. We delve into: The current cyber risk landscape and how this is impacting SMEs. The role of insurance in tackling these risks. How businesses can address vulnerabilities in their IT systems. What brokers should consider when advising their clients. Emerging cyber risks and how brokers can prepare their clients. Enjoyed this episode? Don't forget to rate and review to help others discover the Insurance Tomorrow podcast. And, if you're not subscribed yet, tap the follow button so you don't miss out on the latest insights. For more resources, articles, and webinars on business risks and other key topics, visit the Allianz Knowledge Centre. See omnystudio.com/listener for privacy information.

Après l'annonce d'une fuite record de 16 milliards de mots de passe (pas si historique que ça...), Benoît Grunemwald, expert cybersécurité chez ESET, fait le point sur les risques cyber du moment et sur les moyens concrets pour se protéger.En partenariat avec ESETNous revenons sur :16 milliards de mots de passe dans la nature : une fuite pas si nouvelle, en faitL'origine et les risques des “infostealers”, ces logiciels malveillants qui collectent les identifiants en massePourquoi il ne faut pas stocker ses mots de passe dans son navigateur ou dans un simple fichier texteLes bonnes pratiques : gestionnaire de mots de passe, MFA, mises à jour et vigilance en vacancesLe rôle du VPN en déplacement et l'importance de surveiller les appareils connectés à son réseauComment réduire le spam téléphonique et les appels frauduleuxLes précautions à adopter lorsqu'on utilise des IA génératives comme ChatGPT-----------

Internetové podvody, ktoré zneužívajú tváre známych ľudí na lákanie na falošné investície, sú len vrcholom ľadovca. Útočníci neustále prichádzajú s novými, kreatívnymi metódami, ako oklamať používateľov. Jednou z najnovších a na Slovensku mimoriadne rozšírených hrozieb je podvodná CAPTCHA, ktorá zneužíva dôveru ľudí v známy bezpečnostný prvok.V novom dieli podcastu SHARE sa Maroš Žofčin rozpráva so špecialistom na digitálnu bezpečnosť spoločnosti Eset, Ondrejom Kubovičom, o tom, ako tieto útoky fungujú, prečo sú také úspešné a ako sa voči nim môžeme brániť. Tento diel prinášame v spolupráci so spoločnosťou Eset.Podcast prinášame v spolupráci so spoločnosťou Eset.V podcaste hovoríme aj o týchto témach:Ako fungujú deepfake podvody so známymi osobnosťami na sociálnych sieťach.Nová hrozba číslo jedna: Čo je falošná CAPTCHA a prečo je tak nebezpečná.Poloautomatizované podvody na online bazároch ako Vinted či Bazoš.Prečo sú tieto útoky úspešné: Využívanie psychológie a sociálneho inžinierstva.Ako sa brániť a prečo je kritické myslenie najlepšou ochranou.Viac na: https://zive.aktuality.sk/clanok/fcYqW2u/falosny-sagan-aj-hacknute-profily-kapiel-expert-odhaluje-burlive-zakulisie-online-podvodov/Podcast SHARE pripravuje magazín Živé.sk.

Lunettes connectées, smartphone "trumpien", panne SFR, changement d'interface Netflix, fuite massive de données, souveraineté numérique des entreprises, rencontre avec l'inventeur du langage XML... Bienvenue à Monde Numérique, l'hebdo du 21 juin 2025 !

The DOJ files to seize over $7 million linked to illegal North Korean IT workers. The FBI warns of BADBOX 2.0 malware targeting IoT devices. Researchers uncover a major security flaw in Chrome extensions. ESET uncovers Iranian hackers targeting Kurdish and Iraqi government officials. Hitachi Energy, Acronis and Cisco patch critical vulnerabilities. 20 suspects are arrested in a major international CSAM takedown. Hackers exploit a critical flaw in Roundcube webmail. Today's guest is Ian Bramson, Global Head of Industrial Cybersecurity at Black & Veatch, exploring how organizations can close the cyberattack readiness gap.  ChatGPT logs are caught in a legal tug-of-war.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest is Ian Bramson, Global Head of Industrial Cybersecurity at Black & Veatch. Ian joins us to explore how organizations can close the cyberattack readiness gap in industrial environments—especially as cyber threats grow more sophisticated and aggressive. Selected Reading Department Files Civil Forfeiture Complaint Against Over $7.74M Laundered on Behalf of the North Korean Government (U.S. Department of Justice) FBI: BADBOX 2.0 Android malware infects millions of consumer devices (Bleeping Computer) Chrome Extensions Vulnerability Exposes API Keys, Secrets, and Tokens (Cyber Security News) Iran-linked hackers target Kurdish and Iraqi officials in long-running cyberespionage campaign (The Record) CISA reports critical flaw in Hitachi Energy Relion devices (Beyond Machines) Critical security vulnerabilities discovered in Acronis Cyber Protect software (Beyond Machines) Cisco Patches Critical ISE Vulnerability With Public PoC (SecurityWeek) Police arrests 20 suspects for distributing child sexual abuse content  (Bleeping Computer) Hacker selling critical Roundcube webmail exploit as tech info disclosed (Bleeping Computer)– mentioning this in the Briefing OpenAI slams court order to save all ChatGPT logs, including deleted chats (Ars Technica) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-409

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-409

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Show Notes: https://securityweekly.com/esw-409

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Show Notes: https://securityweekly.com/esw-409

Az e-cigi ipar történetének eddigi legdurvább hazai botrányába csöppentünk: letartóztatták egy bűnszervezet tagjait, akik költségvetési csalással gyanúsíthatók. A gőz mögött most nem aroma, hanem milliárdok lebegnek – és már a bíróság is beleszívott az ügybe. Show notes Letartóztatások kibeszélő

Puzsér Róbert

No episódio de hoje do Podcast Canaltech, destacamos as fraudes digitais com uso de Inteligência Artificial. Conversamos com Daniel Barbosa, especialista em segurança da informação da ESET, sobre como golpistas estão manipulando rostos com deepfakes para invadir contas do Gov.br e outros serviços. E, claro, ele dá dicas práticas pra você se proteger. Você também vai conferir: Manus AI abriu acesso total e liberou créditos grátis diariamente SpaceX lançou 23 satélites Starlink e estreou um novo foguete Amazon já está entregando iPhones e celulares Galaxy com drones nos EUA Computex 2025: IA, velocidade e potencia são destaques Este episódio tem roteiro e apresentação de Fernanda Santos, reportagens de Lilian Sibila, Viviane França, Bruno de Blasi, Vinicius Moschen e João Melo. A trilha sonora de Guilherme Zomer, edição de Jully Cruz e arte de capa de Erick Teixeira.See omnystudio.com/listener for privacy information.

En este episodio de #VidaDigital, Alex Neuman conversa con Mario Micucci, investigador de #ESET Latinoamérica, sobre por qué las instituciones educativas se han convertido en uno de los blancos favoritos de los cibercriminales. Analizamos los casos de ataques dirigidos, las amenazas como ransomware y phishing, el rol de los estudiantes como vectores de ataque, y qué pueden hacer escuelas, universidades y padres para protegerse.

Is DOGE using AI to monitor federal employees? Google's latest Android update addresses two zero-days. Scattered Spider continues its phishing and malware campaigns. Ransomware's grip is slipping. ToddyCat exploits a critical flaw in ESET products. Oracle privately confirms a legacy system breach. Over 5,000 Ivanti Connect Secure appliances remain exposed online to a critical remote code execution vulnerability. CISA confirms active exploitation of a critical vulnerability in CrushFTP. In our Industry Voices segment, we are joined by Matt Radolec, VP of Incident Response at Varonis, on turning to gamers to to Build Resilient Cyber Teams. AI outphishes human red teams.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In our Industry Voices segment, we are joined by Matt Radolec, VP of Incident Response, Cloud Operations & SE EU from Varonis, as he is discussing research on “From Gamer to Leader: How to Build Resilient Cyber Teams.” Catch Matt's keynote at RSAC 2025 on April 30th.  Selected Reading Exclusive: Musk's DOGE using AI to snoop on U.S. federal workers, sources say (Reuters) Tariff Wars: The Technology Impact (BankInfo Security) Google Patched Android 0-Day Vulnerability Exploited in the Wild (Cyber Security News)  Scattered Spider adds new phishing kit, malware to its web (The Register) Ransomware Underground Faces Declining Relevance (BankInfo Security) ESET Vulnerability Exploited for Stealthy Malware Execution (SecurityWeek) Oracle Confirms that Hackers Broke Systems & Stole Client Login Credentials (Cyber Security News)  Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk (SecurityWeek) CISA Warns of CrushFTP Vulnerability Exploitation in the Wild (Infosecurity Magazine) AI Outsmarts Human Red Teams in Phishing Tests (GovInfo Security) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Join Paco as he sits down with Cameron Tousey and Tony Anscombe to delve into the evolving landscape of cybersecurity. In this insightful interview, they discuss ESET's perspective on the latest trends and how Managed Service Providers (MSPs) can navigate these changes to better protect their clients. Don't miss out on expert advice and valuable insights that can help you stay ahead in the cybersecurity game! --------------------------------------------------- Connect with us! --------------------------------------------------- MSP Unplugged https://mspunplugged.com/ Paco Lebron from ProdigyTeks  Email: paco@mspunplugged.com Rick Smith from Renactus Technology  Email: rick@mspnplugged.com Corey L Kirkendoll from 5K Technical Services https://linkedin.com/in/coreykirkendoll/

Send us a textGet up to speed with everything that mattered in cybersecurity this month. In this episode of The Cyberman Show, we break down March 2025's top cyber incidents, threat actor tactics, security product launches, and vulnerabilities actively exploited in the wild.Here's what we cover:

Les messageries instantanées chiffrées comme WhatsApp, Signal ou Telegram sont devenues des outils du quotidien… y compris pour les plus hauts responsables politiques et militaires. Mais leur utilisation massive n'est pas sans risques.En partenariat avec ESET.Dans cet épisode, Benoît Grünemwald, expert en cybersécurité chez ESET, analyse une incroyable affaire survenue aux États-Unis : un journaliste a accidentellement eu accès à une conversation confidentielle entre hauts responsables militaires. L'incident, dû à une erreur humaine, relance la question cruciale de l'usage professionnel de ces outils, initialement conçus pour le grand public.L'épisode revient aussi sur l'arsenal sécurisé utilisé par les forces de l'ordre françaises (terminaux NEO, messagerie Tchap), sur la transparence du code de Signal, sur les menaces posées par des logiciels espions comme Pegasus, et sur les dérives potentielles des propositions législatives visant à introduire des "portes dérobées" pour les enquêtes judiciaires.Enfin, Benoît Grünemwald alerte sur une nouvelle forme d'hameçonnage via QR code : le quishing, une technique redoutable déjà exploitée sur les terrains de guerre… et désormais à surveiller dans la sphère civile.-----------

Over 150 government database servers are dangerously exposed to the internet. Threat actors are exploiting a vulnerability in CheckPoint's ZoneAlarm antivirus software. Albabat ransomware goes cross-platform. ESET reports on the Chinese Operation FishMedley campaign. VanHelsing ransomware targets Windows systems in the U.S. and France. CISA issues five ICS advisories warning of high-severity vulnerabilities across critical infrastructure systems. A former NFL coach is indicted for allegedly hacking into the accounts of thousands of college athletes. Brandon Karpf joins us with a look at cyberspace in space. A fraud detection firm gets shut down for fraud.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Brandon Karpf, friend of N2K CyberWire, joins T-Minus Space Daily host Maria Varmazis for the Space and Cyber March segment. Selected Reading Over 150 US Government Database Servers Vulnerable to Internet Exposure (GB Hackers) White House Shifting Cyber Risk to State and Local Agencies (Data Breach Today) Cybercriminals Exploit CheckPoint Driver Flaws in Malicious Campaign (Infosecurity Magazine) Albabat Ransomware Attacking Windows, Linux & macOS by Leveraging GitHub (Cyber Security News) Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley (SecurityWeek) VanHelsing Ransomware Attacking Windows Systems With New Evasion Technique & File Extension (Cyber Security News) CISA Releases Five Industrial Control Systems Advisories Covering Vulnerabilities & Exploits (Cyber Security News) Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes' Intimate Photos (SecurityWeek) AdTech CEO whose products detected ad fraud jailed for fraud (The Register)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Mimoriadna inventúra všetkých kľúčových inštitúcií štátu, ale najmä Katastra nehnuteľností. To je odporúčanie šéfa NKÚ v exkluzívnom rozhovore pre Ráno Nahlas. Podľa neho po hekerskom útoku nemáme istotu, že nedošlo k posunom na listoch vlastníctva. Prípad odhalil zásadné rezervy v kybernetickej bezpečnosti Slovenska, ako i masívne mrhanie financií v oblasti informatizácie, tvrdí Ľubomír Andrassy. A prečo si štát nenajme služby firmy Eset?Kataster nehnuteľností čelil masívnemu útoku neznámych hekerov. Útok, ktorý Katastrálny úrad doslova paralyzoval, tak v plnej sile odhalil slabiny v oblasti kybernetickej bezpečnosti kritickej infraštruktúry nášho štátu."Ak celý projekt vznikal v roku 2007 a mal byť spustený do prevádzky v roku 2012, tak my sme sa pozreli na tento projekt v roku 2019. Vtedy sme skonštatovali, že ani 7 rokov po tom ako projekt mal slúžiť občanom i štátnym inštitúciám, tak nič v tom čase nefungovalo. Čo je však ešte horšie, štátne úrady, ktoré za tento projekt zodpovedali, verejnosť - i Brusel (ktorý to platil) zavádzali a tvrdili, že všetko funguje, čo ale vôbec nebola pravda." Tvrdí šéf NKÚ pre Aktuality. Do informatizácie Slovenska pritom Európska únia naliala už niekoľko miliárd eur, výsledky v podobe moderného digitálneho štátu na úrovni 21. storočia sú však až neuveriteľne žalostné. Natíska sa preto logická otázka: Kam všetky tieto peniaze vlastne išli, kto z nich mal skutočný profit a prečo je stav digitalizácie - ale i kybernetickej bezpečnosti tohto štátu, na tak chabej úrovni?Na premrhané financie v oblasti informatizácie pritom dlhodobo upozorňuje aj Najvyšší kontrolný úrad. Ten ale aktuálne čelí čoraz častejším a ostrejším útokom. Dôvodom sú zistenia jeho kontrolórov voči ktorým sa kontrolované subjekty bránia šikanou či dokonca zastrašovaním. Namiesto nápravy odhalených nedostatkov si za verejné zdroje najímajú právnikov, ktorí sa snažia kontrolu nielen sťažiť, ale dokonca chcú utajiť jej výsledky pred verejnosťou, hovorí pre Aktuality šéf NKÚ Ľubomír Andrassy."Ak sa budú v dôležitých štátnych funkciách objavovať ľudia ako Majka z Gurunu na Štrbskom plese a ak budeme do pozícií v rámci kľúčových inštitúcií štátu pre riadenie krajiny v mimoriadnych situáciách dosadzovať ľudí nie na základe odbornosti, ale na základe ich kamarátstva s politikmi, tak schopnosť štátu reagovať na výzvy doby bude čoraz komplikovanejšia a občania si budú čoraz viac klásť otázku, či je Slovenská republika vedená ľuďmi, ktorí vôbec tušia, kam ju chcú doviesť a majú aspoň nejakú predstavu, ako má fungovať moderná demokratická krajina." odkazuje verejnosti šéf štátnych kontrolórov. Vzhľadom na závažnosť zistení NKÚ, ich celospoločenský dosah, opakovanú relevantnosť, ale rovnako tak i rastúcu mieru tlaku na NKÚ, sme sa v Aktualitách rozhodli poskytnúť šéfovi Najvyššieho kontrolného úradu pravidelný priestor na zistenia kontrolórov NKÚ.Počúvate Ráno Nahlas, pekný deň a pokoj v duši praje Braňo Dobšinský.

In today's episode, we start by talking about the PFSYNC protocol used to synchronize firewall states to support failover. Oracle released it's quarterly critical patch update. ESET is reporting about a critical VPN supply chain attack and CISA released guidance for victims of recent Ivanti related attacks. Catching CARP: Fishing for Firewall States in PFSync Traffic https://isc.sans.edu/diary/Catching%20CARP%3A%20Fishing%20for%20Firewall%20Stat%20es%20in%20PFSync%20Traffic/31616)** Discover how attackers exploit PFSync traffic to manipulate firewall states. This deep dive explores vulnerabilities and mitigation strategies in network defense. Oracle Critical Patch Update January 2025 https://www.oracle.com/security-alerts/cpujan2025.html)** Oracle's January 2025 patch release addresses numerous critical vulnerabilities across their product suite. Learn about key updates and how to secure your systems. PlushDaemon: Compromising the Supply Chain of a Korean VPN Service https://www.welivesecurity.com/en/eset-research/plushdaemon-compromises-supply-chain-korean-vpn-service/ ESET Research uncovers PlushDaemon, a sophisticated supply chain attack targeting a Korean VPN provider. Understand the implications for supply chain security. CISA Cybersecurity Advisory: AA25-022A https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-022a The latest advisory highlights active threats and mitigation strategies for critical infrastructure. Stay ahead with CISA s guidance on emerging cyber risks.

In this episode, we cover how to use honeypot data to keep your offensive infrastructure alive longer, three critical vulnerabilities in SimpleHelp that must be patched now, and an interesting vulnerability affecting many systems allowing UEFI Secure Boot bypass. Leveraging Honeypot Data for Offensive Security Operations [Guest Diary] A recent guest diary on the SANS Internet Storm Center discusses how offensive security professionals can utilize honeypot data to enhance their operations. The diary highlights the detection of scans from multiple IP addresses, emphasizing the importance of monitoring non-standard user-agent strings in web requests. https://isc.sans.edu/diary/Leveraging%20Honeypot%20Data%20for%20Offensive%20Security%20Operations%20%5BGuest%20Diary%5D/31596 Security Vulnerabilities in SimpleHelp 5.5.7 and Earlier SimpleHelp has released version 5.5.8 to address critical security vulnerabilities present in versions 5.5.7 and earlier. Users are strongly advised to upgrade to the latest version to prevent potential exploits. Detailed information and upgrade instructions are available on SimpleHelp's official website. https://simple-help.com/kb---security-vulnerabilities-01-2025#send-us-your-questions Under the Cloak of UEFI Secure Boot: Introducing CVE-2024-7344 ESET researchers have identified a new vulnerability, CVE-2024-7344, that allows attackers to bypass UEFI Secure Boot on most UEFI-based systems. This flaw enables the execution of untrusted code during system boot, potentially leading to the deployment of malicious UEFI bootkits. Affected users should apply available patches to mitigate this risk. https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/

New reports shed light on both Volt and Salt Typhoons. Tenable updates faulty Nessus Agents and resumes plugin updates. A new infostealer campaign targets gamers on Discord. A fake version of a popular browser extension has been discovered stealing login credentials and conducting phishing attacks. ESET warns Windows 10 users of a potential “security fiasco.” A vulnerability in Nuclei allows attackers to bypass template signature verification and inject malicious code. An Indiana dental practice pays a $350,000 settlement over an alleged ransomware coverup. Tim Starks, Senior Reporter from CyberScoop, joins us today to discuss a new United Nations cybercrime treaty and his outlook for 2025. Farewell to a visionary leader.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Tim Starks, Senior Reporter from CyberScoop, joins us today to discuss a new United Nations cybercrime treaty and his outlook for 2025. Read Tim's article on the UN cybercrime treaty here.  Selected Reading The US's Worst Fears of Chinese Hacking Are on Display in Guam (Bloomberg) How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons (Wall Street Journal) China protests US sanctions for its alleged role in hacking, complains of foreign hacker attacks (AP News) Tenable Disables Nessus Agents Over Faulty Updates (SecurityWeek) New Infostealer Campaign Uses Discord Videogame Lure (Infosecurity Magazine) Beware! Malicious EditThisCookie Chrome Extension Steals Login Credentials (Cyber Security News) Windows 10 users urged to upgrade to avoid "security fiasco" (Bleeping Computer) Nuclei flaw lets malicious templates bypass signature verification (Bleeping Computer) Dental Practice Pays State in Alleged Data Breach 'Cover Up' (GovInfo Security) Tenable CEO Amit Yoran Dead at 54 (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Three Buddy Problem - Episode 23: Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity's “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusions. We also cover news on a Firefox zero-day exploited on the Tor browser, the professionalization of ransomware, ESET's discovery of a Linux bootkit (we have a scoop on the origins of this!), Binarly research on connections to LogoFAIL, and major visibility gaps in the firmware ecosystem. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek). Honorary buddy: Steven Adair (https://twitter.com/sadair) (Volexity)

The feds take down the PopeyeTools cybercrime market. Five alleged Scattered Spider members have been charged.  CISA warns of critical vulnerabilities in VMware's vCenter Server. Global AI experts convene to discuss safety. MITRE updates its list of Top 25 Most Dangerous Software Weaknesses. US and Australian agencies warn critical infrastructure organizations about evolving tactics by the BianLian ransomware group. A new report looks at rising threats to the U.S. manufacturing industry. Researchers at ESET uncover the WolfsBane Linux backdoor. A pair of malicious Python packages impersonating ChatGPT went undetected for over a year. A data breach at a French hospital compromised the medical records of 750,000 patients. On our Industry Voices segment, guest Avihai Ben-Yossef, Cymulate's Co-Founder and CTO, joins us to discuss "The Evolution and Outlook of Exposure Management." AI Pimping is the scourge of Instagram.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, guest Avihai Ben-Yossef, Cymulate's Co-Founder and CTO, joins us to discuss "The Evolution and Outlook of Exposure Management." Resources:  Security Validation Essentials Hertz Israel Reduced Cyber Risk by 81% within 4 Months with Cymulate SecOps Roundtable: Security Validation and the Path to Exposure Management Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD Selected Reading US seizes PopeyeTools cybercrime marketplace, charges administrators (Bleeping Computer) Five Charged in Scattered Spider Case (Infosecurity Magazine) CISA Warns of VMware VCenter Vulnerabilities Actively Exploited in Attacks (Cyber Security News) US Gathers Allies to Talk AI Safety as Trump's Vow to Undo Biden's AI Policy Overshadows Their Work (SecurityWeek) MITRE Updates List of 25 Most Dangerous Software Vulnerabilities (SecurityWeek) BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk (Infosecurity Magazine) Manufacturing Sector Under Siege: Industry Faces Wave of Advanced Email Attacks (Abnormal Security) Gelsemium APT Hackers Attacking Linux Servers With New WolfsBane Malware (Cyber Security News) Two PyPi Malicious Package Mimic ChatGPT & Claude Steals Developers Data (GB Hackers) Cyberattack at French hospital exposes health data of 750,000 patients (Bleeping Computer) Inside the Booming 'AI Pimping' Industry (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Chinese hacking into US telecoms draws federal scrutiny. ESET examines Evasive Panda's CloudScout toolset. A new ChatGPT jailbreak bypassed security safeguards. Nintendo warns users of a phishing scam. The Five Eyes launch the Secure Innovation initiative for startups. CISA releases “Product Security Bad Practices” guidelines. Apple's new bug bounty program offers a million bucks for critical vulnerabilities. The City of Columbus drops its suit of a cybersecurity researcher. On our Solution Spotlight today, N2K's Simone Petrella speaks with Chris Porter, CISO at Fannie Mae, on cultivating cybersecurity culture and talent. Spooky spam is back. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight today, N2K's Simone Petrella speaks with Chris Porter, CISO at Fannie Mae, on cultivating cybersecurity culture and talent. You can hear Simone's and Chris' full conversation in this special edition podcast. Selected Reading Key Federal Cyber Panel to Probe Chinese Telecoms Hacking (Bank Info Security) CloudScout: Evasive Panda scouting cloud services (We Live Security) ChatGPT Jailbreak: Researchers Bypass AI Safeguards Using Hexadecimal Encoding and Emojis (SecurityWeek) Nintendo Warns of Phishing Attack Mimics Company Email Address (gbhackers) Five Eyes Agencies Launch Startup Security Initiative (Infosecurity magazine) CISA sees elimination of ‘bad practices' as next secure-by-design step (CyberScoop) Apple Launches 'Apple Intelligence' and Offers $1M Bug Bounty for Security (Hackread) Columbus drops lawsuit against data leak whistleblower Connor Goodwolf, but with a catch (NBC) Spooky Spam, Scary Scams: Halloween Threats Rise (Security Boulevard) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: SEC fines tech firms for downplaying the Solarwinds hacks Anonymous Sudan still looks and quacks like a Russian duck Apple proposes max 10 day TLS certificate life Oopsie! Microsoft loses a bunch of cloud logs Veeam and Fortinet are bad and should feel bad North Koreans are good (at hacking) And much, much more. This week's episode is sponsored by Proofpoint. Chief Strategy Officer Ryan Kalember joins to talk about their work keeping up with prolific threat actor SocGholish. This episode is also available on Youtube. Show notes Four cyber companies fined for SolarWinds disclosure failures U.S. charges Sudanese men with running powerful cyberattack-for-hire gang Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals | WIRED Risky Biz News: Anonymous Sudan's Russia Links Are (Still) Obvious Microsoft confirms partial loss of security log data on multiple platforms | Cybersecurity Dive Risky Biz News: Apple wants to reduce the lifespan of TLS certificates to 10 days Encrypted Chat App ‘Session' Leaves Australia After Visit From Police Crypto platform Radiant Capital says $50 million in digital coins stolen following account compromises North Korean hackers use newly discovered Linux malware to raid ATMs - Ars Technica Brazil Arrests ‘USDoD,' Hacker in FBI Infragard Breach – Krebs on Security Here's how SIM swap in alleged bitcoin pump-and-dump scheme worked - Ars Technica Critical Veeam CVE actively exploited in ransomware attacks | Cybersecurity Dive FortiGate admins report active exploitation 0-day. Vendor isn't talking. - Ars Technica Hackers reportedly impersonate cyber firm ESET to target organizations in Israel The latest in North Korea's fake IT worker scheme: Extorting the employers