POPULARITY
President Trump signs the Take It Down Act into law. A UK grocer logistics firm gets hit by ransomware. Researchers discover trojanized versions of the KeePass password manager. Researchers from CISA and NIST promote a new metric to better predict actively exploited software flaws. A new campaign uses SEO poisoning to deliver Bumblebee malware. A sophisticated phishing campaign is impersonating Zoom meeting invites to steal user credentials. CISA has added six actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. A bipartisan bill aims to strengthen the shrinking federal cybersecurity workforce. Our guest is Chris Novak, Vice President of Global Cybersecurity Solutions at Verizon, sharing insights on their 2025 DBIR. DOGE downsizes, and the UAE recruits. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Chris Novak, Vice President of Global Cybersecurity Solutions at Verizon, sharing insights on their 2025 Data Breach Investigations Report (DBIR).Selected Reading Trump signs the Take It Down Act into law |(The Verge) Supplier to Tesco, Aldi and Lidl hit with ransomware (Computing) Fake KeePass password manager leads to ESXi ransomware attack (Bleeping Computer) Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers (Security Week) Threat Actors Deliver Bumblebee Malware Poisoning Bing SEO (Cybersecurity News) New Phishing Attack Poses as Zoom Meeting Invites to Steal Login Credentials (GB Hackers) CISA Adds Six Known Exploited Vulnerabilities to Catalog (CISA) Federal cyber workforce training institute eyed in bipartisan House bill (CyberScoop) UAE Recruiting US Personnel Displaced by DOGE to Work on AI for its Military (Zetter Sero Day) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
You've found The Backup Wrap-up, your go-to podcast for all things backup, recovery, and cyber-recovery. In this episode, we tackle one of the scariest threats out there - ransomware targeting VMware ESXi environments. I'm joined by Prasanna Malaiyandi and our special guest Melissa Palmer, also known as @vmiss, who's an independent technology analyst and ransomware resiliency architect. We get into why virtualization environments are such juicy targets for attackers, how they're specifically going after vCenter and ESXi hosts, and why your backup strategy is probably missing some critical components. If you've got a virtualized environment, you need to listen to this. Melissa brings her unique perspective from both the virtualization and security worlds to help you protect your most critical infrastructure. So buckle up - this is an episode you can't afford to miss if you want to keep your VMware environment safe from ransomware attacks.
In this episode, I cover news of fallout from the April Windows updates, the latest AI developments, a new FSLogix release and more. Reference Links: https://www.rorymon.com/blog/april-updates-causing-headaches-google-announces-layoffs-return-of-a-free-esxi/
00:00 - PreShow Banter™ — The Bed Slinger08:34 - The Oracle of Lies! - BHIS - Talkin' Bout [infosec] News 2025-03-3110:43 - Story # 1: Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service20:00 - Story # 2: A Sneaky Phish Just Grabbed my Mailchimp Mailing List26:17 - Story # 3: Windows 11 is closing a loophole that let you skip making a Microsoft account29:51 - Story # 4: The Trump Administration Accidentally Texted Me Its War Plans32:51 - Story # 4b: Signal is ‘absolutely not suitable' for government use: Former NSA hacker37:42 - Story # 5: How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack42:27 - Story # 6: Retail giant Sam's Club investigates Clop ransomware breach claims45:07 - WEBCAST – Keeping Things Local – Making Your Own Private LLM w/ Bronwen Aker46:16 - Story # 7: New VanHelsing ransomware targets Windows, ARM, ESXi systems48:28 - Story # 8: Infostealer campaign compromises 10 npm packages, targets devs53:13 - Story # 9: Risky Biz News: EU bans anonymous crypto payments56:02 - ChickenSec: South African Poultry Company Reports $1M Loss After Cyber Intrusion
Robby Stahl, technical account manager at Platform9, joins the vBrownBag crew to vJailbreak, an open source tool that automates VM migration from VMware ESXi to KVM. Chapters: 00:00 Robby & Damian banter 04:49 What is vJailbreak? 10:06 vJailbreak on GitHub 13:45 A demo is attempted, but the demo gods do not approve 22:00 A video of the demo is attempted, but the video gods do not approve 23:40 Robby shares some successful customer anecdotes 34:12 Philosophizing ensues Resources: https://github.com/platform9/vjailbreak https://www.youtube.com/watch?v=seThilJ5ujM&list=PLUqDmxY3RncV-_mzIgL3P29Jssri7Y052&index=5 https://www.linkedin.com/in/robby-stahl/
Researchers turn any Bluetooth device into an AirTag tracker, VMware patches three ESXi zero-days, France debates encryption backdoors, and a fifth of the stolen Bybit funds are now untraceable. Show notes
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Guest Diary: How Access Brokers Maintain Persistence Explore how cybercriminals utilize access brokers to persist within networks and the impact this has on organizational security. https://isc.sans.edu/forums/diary/Guest+Diary+How+Access+Brokers+Maintain+Persistence/31600/ Critical Vulnerability in Meta's Llama Stack (CVE-2024-50050) A deep dive into CVE-2024-50050, a critical vulnerability affecting Meta's Llama Stack, with exploitation details and mitigation strategies. https://www.oligo.security/blog/cve-2024-50050-critical-vulnerability-in-meta-llama-llama-stack ESXi Ransomware and SSH Tunneling Defense Strategies Learn how to fortify your infrastructure against ransomware targeting ESXi environments, focusing on SSH tunneling and proactive measures. https://www.sygnia.co/blog/esxi-ransomware-ssh-tunneling-defense-strategies/ Zyxel USG FLEX/ATP Series Application Signature Recovery Steps Addressing issues with Zyxel s USG FLEX/ATP Series application signatures as of January 24, 2025, with a detailed recovery guide. https://support.zyxel.eu/hc/en-us/articles/24159250192658-USG-FLEX-ATP-Series-Recovery-Steps-for-Application-Signature-Issue-on-January-24th-2025 Subaru Starlink Vulnerability Exposed Cars to Remote Hacking Discussing how a vulnerability in Subaru s Starlink system left vehicles susceptible to remote exploitation and the steps taken to resolve it. https://www.securityweek.com/subaru-starlink-vulnerability-exposed-cars-to-remote-hacking/
Sponsor by SEC Playground --- Support this podcast: https://podcasters.spotify.com/pod/show/chillchillsecurity/support
On this episode of the Virtually Speaking Podcast, we're joined by Dilpreet Bindra, Senior Director of Engineering at Broadcom. As a leader of the VCF Workload Organization, Dilpreet drives the delivery of runtime platforms and automation essential for workloads and clouds. In this episode, Dilpreet discusses his extensive experience with key VMware technologies like ESXi, the kernel, vMotion, Storage vMotion, vCenter, and more. He also explains how VMware by Broadcom enhances the cloud-like experience, enabling customers to deliver greater value for their businesses. Additionally, Dilpreet shares insights into how Private AI empowers VMware by Broadcom to offer a new class of workloads, maintaining the simplicity and resource management principles that VMware was built upon. Links Mentioned Private AI and Advanced Services on VCF: What's Next? Playlist: VMware Explore Las Vegas 2024 The Virtually Speaking Podcast The Virtually Speaking Podcast is a technical podcast dedicated to discussing VMware topics related to private and hybrid cloud. Each week Pete Flecha and John Nicholson bring in various subject matter experts from within the industry to discuss their respective areas of expertise. If you're new to the Virtually Speaking Podcast check out all episodes on vspeakingpodcast.com and follow on TwitterX @VirtSpeaking
The conversation discusses a vulnerability in VMware ESXi hypervisors that grants full admin privileges to threat actors. The vulnerability has been exploited by ransomware groups to deploy ransomware after gaining access to a network. The hosts emphasize the importance of patching systems and working with security teams or MSP/MSSPs to address the vulnerability. They also highlight the need for better monitoring and detection tools for ESXi hypervisors and the potential risks associated with domain access and group creation. The conversation concludes with a reminder to stay vigilant and secure. Article: VMware ESXi hypervisor vulnerability grants full admin privileges https://www.csoonline.com/article/3478658/vmware-esxi-hypervisor-vulnerability-grants-full-admin-privileges.html?fbclid=IwY2xjawEcQr9leHRuA2FlbQIxMAABHcdeBdrmjA-lnkJbw6prQ-v38t6CLlZCzmMJXUWgGSZbmZpdAp54EXZpHw_aem_ir4GNeCxoUn1V4IwZzNKwg& Please LISTEN
How and why the recent huge Windows outage was caused by a bad CrowdStrike update and how it could have been avoided, a hilariously dumb ESXi vulnerability, and using SAS drives with a PCIe card. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News A closer […]
How and why the recent huge Windows outage was caused by a bad CrowdStrike update and how it could have been avoided, a hilariously dumb ESXi vulnerability, and using SAS drives with a PCIe card. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News A closer... Read More
On this week's show, Patrick Gray and Adam Boileau discuss the week's security news, including: The insurance industry's reaction to CrowdStrike's mess Google's Workspace email validation flaw and its consequences for OAuth'd applications Is the VMWare ESX group membership feature a CVE or an FYI? Secureboot continues to under-deliver North Korea's revenue neutral intelligence services And much, much more This episode is sponsored by allowlisting software vendor Airlock Digital. Airlock uses a kernel driver on Windows, so Chief Executive David Cottingham joined to discuss what the CrowdStrike kernel driver bug drama means for security vendors. This episode is also available on Youtube. If you want to ruin the magic of radio and see the faces behind the show, well, now you can! Show notes Business interruption claims will drive insurance losses linked to CrowdStrike IT disruption | Cybersecurity Dive Delta hires David Boies to seek damages from CrowdStrike, Microsoft CrowdStrike disruption direct losses to reach $5.4B for Fortune 500, study finds | Cybersecurity Dive (1145) Why CrowdStrike's Baffling BSOD Disaster Was Avoidable - YouTube CrowdStrike offers a $10 apology gift card to say sorry for outage | TechCrunch Crooks Bypassed Google's Email Verification to Create Workspace Accounts, Access 3rd-Party Services – Krebs on Security Hackers exploit VMware vulnerability that gives them hypervisor admin | Ars Technica Microsoft calls out apparent ESXi vulnerability that some researchers say is a ‘nothing burger' | CyberScoop AMI Platform Key leak undermines Secure Boot on 800+ PC models Chrome will now prompt some users to send passwords for suspicious files | Ars Technica Google Online Security Blog: Improving the security of Chrome cookies on Windows A Senate Bill Would Radically Improve Voting Machine Security | WIRED U.S. told Philippines it made ‘missteps' in secret anti-vax propaganda effort | Reuters Cyber firm KnowBe4 hired a fake IT worker from North Korea | CyberScoop North Korean hacker used hospital ransomware attacks to fund espionage | CyberScoop North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime's Military and Nuclear Programs North Korean hacking group makes waves to gain Mandiant, FBI spotlight | CyberScoop ServiceNow spots sales opportunities post-CrowdStrike outage | Cybersecurity Dive Chaining Three Bugs to Access All Your ServiceNow Data Cyber Supply Chain Risk Management Conference (CySCRM) 2024 | Conference | PNNL
Forecast = Persistent cyber heat dome in effect with no sign of abatement. In this episode of Storm⚡️Watch, we dive into the latest cybersecurity news and trends. We kick things off with a breaking story about DigiCert's certificate revocation incident. Due to a validation issue affecting about 0.4% of their domain validations, DigiCert is revoking certificates with less than 24 hours' notice. This could impact thousands of SSL certs and potentially cause outages worldwide starting July 30 at 19:30 UTC. Organizations using affected certificates should be prepared for a busy night of renewals. Our Cyberside Chat focuses on a critical vulnerability in VMware ESXi hypervisors that ransomware operators are actively exploiting. Identified as CVE-2024-37085, this flaw allows attackers to gain full administrative access to ESXi servers without proper validation. Several ransomware groups, including Storm-0506 and Storm-1175, have been using this vulnerability to deploy ransomware like Akira and Black Basta. Microsoft reports that incidents targeting ESXi hypervisors have doubled over the past three years, highlighting the growing threat to these systems. In our Cyber Spotlight, we examine a global cyber espionage campaign conducted by North Korean hackers. This operation aims to steal classified military intelligence to advance Pyongyang's nuclear weapons program. The hackers, known as Anadriel or APT45, have targeted defense and engineering companies involved in producing tanks, submarines, naval ships, fighter jets, and missile technologies. The campaign affects not only the US, UK, and South Korea but also entities in Japan and India. This underscores the persistent threat posed by state-sponsored actors from North Korea in their pursuit of military and nuclear ambitions. We wrap up with our Tag Roundup, highlighting recent trends in cyber threats, and our KEV Roundup, discussing the latest known exploited vulnerabilities cataloged by CISA. These segments provide valuable insights into the current threat landscape and help our listeners stay informed about potential risks to their organizations. Don't forget to check out the Storm Watch homepage and learn more about GreyNoise for additional cybersecurity resources and updates. Storm Watch Homepage >> Learn more about GreyNoise >>
VMware recently released vSphere and vSAN 8.0 Update 3, and of course, we had to invite Feidhlim, Jason, and Pete back on the show to discuss what's new in these releases. There's awesome new functionality released and some great enhancements, so make sure to listen to the full episode. Key Takeaways:vSphere 8.0 update 3 introduces the vSphere Live Patch Update Path, which allows for patching ESXi hosts without evacuating VMs or entering full maintenance mode.Improvements in GPU functionality include the ability to use two DPUs in an ESXi host for availability, better support for VGPUs with different profiles and memory sizes, and simplified activation of GPU mobility with DRS.The vSphere cluster service (VCLS) has been re-architected to reduce resource consumption and improve rollback mechanisms.The 8.0 update 3 introduces stretched VVols, which customers have been asking for, and support for stretched fault tolerance.There are enhancements in VVols, including unmapped support for NVMe over fabrics.The updates in NVMe over Fabrics provide faster data migration and cloning.NFS enhancements include VMK port binding and support for NFS version 4.1.vSAN 8.0 U3 introduces new features and enhancements in flexible topologies, agile data protection, and enhanced management.The support for stretch cluster arrangement in VCF allows customers to take full advantage of ESA and improve performance, storage efficiency, and resilience.The full support of vSAN Max as principal storage within a workload domain enables customers to maintain a centralized shared storage model while leveraging the capabilities of vSAN.vSAN data protection allows users to create snapshots based on groups of VMs, set snapshotting schedules, and easily recover VMs without them being part of the inventory.Enhancements in alerting capabilities for NVMe storage devices and proactive hardware management provide better visibility and intelligence about the health and wellbeing of storage devices.Follow us on Twitter for updates and news about upcoming episodes: https://twitter.com/UnexploredPod.Last but not least, make sure to hit that subscribe button, rate wherever possible, and share the episode with your friends and colleagues!Disclaimer: The thoughts and opinions shared in this podcast are our own/guest(s), and not necessarily those of Broadcom or VMware by Broadcom.
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.SigmaHQ has introduced Sigma Correlations to enhance its rule-based detection capabilities, allowing for more sophisticated event correlation across multiple Sigma rules.Tyler Buchanan, a 22-year-old from the UK and alleged leader of the Scattered Spider hacking group, was arrested in Spain.Microsoft has issued an urgent update for all supported versions of Windows to address a critical Wi-Fi vulnerability, CVE-2024-30078.Three individuals— Yousef Selassie, Ugochukwu Emmanuel Nwosu, and David Gil—have been charged with operating Empire Market, a dark web marketplace that facilitated over $430 million in illegal transactions.In September 2022, Mandiant began investigating several intrusions conducted by UNC3886, a China-linked cyber espionage group, after discovering malware in ESXi hypervisors.
Sadly, the Broadcom acquisition of VMWare has hit 7MinSec hard – we love running ESXi on our NUCs, but ESXi free is no longer available. To add insult to injury, our vCenter lab at OVHcloud HQ got a huge price gouge (due to license cost increase; not OVH's fault). Now we're exploring Proxmox as an alternative hypervisor, so we're using today's episode to kick off a series about the joys and pains of this migration process.
Sich die Virtualisierungs-Distribution Proxmox anzuschauen, ist nicht nur sinnvoll, wenn man zufällig gerade von VMware weg möchte. Auch zum Zusammenfassen eines Haufens Smart-Home-Raspis auf einer einzigen Kiste ist es geeignet, oder einfach für Testinstallationen von Betriebssystemen und Software. Die c't-Kollegen Niklas Dierking und Peter Siering haben nicht nur Artikel zum Thema Proxmox geschrieben, sondern sie sind auch zu Gast in dieser Folge des c't uplink. Wir sprechen darüber, was Proxmox kann, woraus es besteht, für wen es sich eignet und mehr. Unseren Proxmox-Schwerpunkt lesen Sie in c't 9/2024.
On this episode of the podcast, I cover a huge announcement by Google which could impact enterprise customers of the Chrome browser, I run through the April Patch Tuesday Windows Updates, some Windows 11 24H2 features and much more! Reference Links: https://www.rorymon.com/blog/new-chrome-enterprise-browser-subscription-patch-tuesday-news-esxi-hosts-under-attack/
Forecast = Areal Cyber Flood Warning In this episode of Storm⚡️Watch we delve into a variety of cybersecurity topics that are essential for professionals in the field. The episode kicks off with a roundtable discussion, setting the stage for a deep dive into recent critical vulnerabilities in VMware's ESXi, as reported by SecurityWeek. We explore the history of VMware vulnerabilities, including the infamous log4j, and speculate on the company's future trajectory. The spotlight then shifts to Microsoft and the implications of Russia's breach of their systems, as well as the impact of the SEC's disclosure policies on Microsoft's transparency. This discussion is informed by reports from The Record and the SEC's official documentation. Our tool segment introduces listeners to aiocrioc, a project available on GitHub, and the work of James Brine, which can be found on his personal website. This tool represents the cutting edge of cybersecurity technology and is a must-know for industry professionals. We also touch on the resurgence of USB hacks by nation-states, a trend highlighted by Dark Reading, and discuss the implications of such low-tech yet effective attack vectors. In our self-promotion segment, we discuss Censys' insights on ConnectWise exposure and GreyNoise's own research on hunting for Fortinet's CVE-2024-21762. These resources are invaluable for cybersecurity practitioners looking to enhance their defensive strategies. The episode wraps up with a roundup of recent and active campaigns, as seen on GreyNoise's visualization trends, and a discussion on the Known Exploited Vulnerabilities (KEV) catalog from CISA, including the new KEV submission form available on the Federal Register. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>
The .NET programming language is taking cloud native deployment and observability seriously, and most notably with the recent announcement of .NET Aspire stack unveiled at the recent .NET Conf 2023. In this episode, we reviewed the open source maintainers' journey to making .NET a "by default, out of the box observable platform", as ASP.NET Core creator David Fowler put it. David was this episode's guest, and with him we dived into .NET Aspire and how it simplifies the complexities of cloud app development with capabilities around service discovery, observability, and resilience. We discussed the local developer experience, the path to developer observability, and what we can expect from the upcoming GA release of .NET8. David Fowler has been at Microsoft for 15 years working on developer frameworks and tools in the .NET space. He's one of the creators of several popular OSS frameworks and tools such as NuGet, SignalR and ASP.NET Core, and also architected the Azure SignalR Service. Originally from Barbados, he's an avid open-source advocate and developer currently focused on simplifying developer experiences in the microservice space. The episode was live-streamed on 21 February 2024 and the video is available at https://www.youtube.com/watch?v=Ll1T9Zs7jUo OpenObservability Talks episodes are released monthly, on the last Thursday of each month and are available for listening on your favorite podcast app and on YouTube. We live-stream the episodes on Twitch and YouTube Live - tune in to see us live, and chime in with your comments and questions on the live chat. https://www.youtube.com/@openobservabilitytalks https://www.twitch.tv/openobservability Show Notes: 00:10 - episode and guest intro 04:03 - what .NET used to be like for developing cloud-native 15:10 - out-of-the-box observability in .NET 21:05 - .NET aligning with OpenTelemetry 26:40 - what's .NET Aspire 32:37 - existing .NET components are part of Aspire 37:46 - developing an observability UI as part of Aspire 43:24 - how to transition containerized apps from dev to prod 48:48 - the relationship between Aspire to Dapr and Radius 53:31 - Aspire roadmap to GA 57:13 - where to follow Aspire and David Fowler 59:13 - K8sgpt accepted to CNCF as a sandbox project 59:56 - Strimzi reaches CNCF incubation with Kafka on Kubernetes 1:00:40 - OpenFeature becomes a CNCF incubating project 1:03:03 - Broadcom kills free ESXi and other VMware restructuring Resources: .NET Aspire GitHub repo: https://github.com/dotnet/aspire .NET Aspire Preview 3: https://learn.microsoft.com/en-us/dotnet/aspire/whats-new/preview-3 Instrumenting C# .NET apps with OpenTelemetry: https://logz.io/blog/csharp-dotnet-opentelemetry-instrumentation/?utm_source=devrel&utm_medium=devrel OpenTelemetry beginner's guide: https://logz.io/learn/opentelemetry-guide/?utm_source=devrel&utm_medium=devrel K8sgpt accepted to CNCF sandbox: https://www.linkedin.com/posts/horovits_genai-sre-kubernetes-activity-7158185284289888256-0KuZ Strimzi reaches CNCF incubation: https://www.cncf.io/blog/2024/02/08/strimzi-joins-the-cncf-incubator/ OpenFeature reaches CNCF incubation: https://www.cncf.io/blog/2023/12/19/openfeature-becomes-a-cncf-incubating-project/ Broadcom decided to kill the free edition of ESXi and other VMware restructuring: https://horovits.medium.com/0aea7efafb47 Socials: Twitter: https://twitter.com/OpenObserv YouTube: https://www.youtube.com/@openobservabilitytalks Dotan Horovits ============ Twitter: https://twitter.com/horovits LinkedIn: https://www.linkedin.com/in/horovits/ Mastodon: https://fosstodon.org/@horovits David Fowler ========== Twitter: https://twitter.com/davidfowl LinkedIn: https://www.linkedin.com/in/davidfowl Mastodon: https://hachyderm.io/@davidfowl
Will Broadcom's bold move with VMware's licensing leave your budget on cloud nine or bring it crashing back down to earth? This episode is a whirlwind tour through the cost conundrum shaking the foundations of VMware Cloud Foundation's license portability, and we do it all with the cheeky banter you've come to love. Plus, we're not shy about calling out the elephant in the room: the industry's skeptical eye on the promised TCO reductions. So buckle up, tech enthusiasts, as we dissect just how the Broadcom-VMware alliance is reshaping the game for everyone from fledgling startups to tech goliaths.The virtualization space is at a crossroads, and VMware's path is looking as rugged as the surface of Mars. Say farewell to the free ride with vSphere hypervisor ESXi and hello to potential new horizons with contenders like Proxmox and Nutanix. As we explore the ripples of VMware's licensing labyrinth, we also cast a spotlight on the startling layoffs at Cisco—no easy feat for a company that's been a bedrock in the tech landscape. In this cheeky chat, we're spilling the tea on Cisco's strategic shuffle and musing about how Nvidia's astronomical growth could be rewriting the rulebook for tech titans.Who needs a crystal ball when you've got the inside scoop on the cloud market's future? In the final stretch, we're breaking down the Aviatrix report's revelations on cloud cost optimization and why the big CSPs might be keeping those purse strings a bit too tight. Get ready for a lively debate on Microsoft's potential to outpace AWS by 2026 thanks to its ecosystem integration strategy. With our usual mix of sass and savvy, we promise you won't look at the cloud—or your cloud budget—the same way again after tuning into this episode of Cables to Clouds.Check out the Fortnightly Cloud Networking NewsVisit our website and subscribe: https://www.cables2clouds.com/Follow us on Twitter: https://twitter.com/cables2cloudsFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatjArt of Network Engineering (AONE): https://artofnetworkengineering.com
We chat about VMware's rug pull with Bret, aka Raid Owl, and then get into Unraid's big changes and more. Special Guest: Raid Owl.
Nginx is forked, Broadcom/VMware kills ESXi, dedup is finally fixed in ZFS, using multiple network interfaces on a NAS, and more. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes News announcing freenginx.org Broadcom-owned VMware kills the free version of ESXi virtualization software OpenZFS Native Encryption Use […]
Nginx is forked, Broadcom/VMware kills ESXi, dedup is finally fixed in ZFS, using multiple network interfaces on a NAS, and more. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes News announcing freenginx.org Broadcom-owned VMware kills the free version of ESXi virtualization software OpenZFS Native Encryption Use... Read More
Wie ist der Stand der Dinge bei NVMe-Adaptern für den Raspberry Pi 5? Wie gut kommt er mit Passivkühlung klar? In dieser Folge des c't uplink gehts um zwei kleine aber feine Stücke Hardware für den aktuellsten Raspi und wo ihre Grenzen liegen. Außerdem sprechen wir kurz über Virtualisierung auf dem Raspberry Pi. Geht das einfach so, und warum klappt es mit dem Raspi 5 noch nicht so gut wie mit dem Vorgänger? Und: Läuft Kodi zum Abspielen von 4K-Filmem mit HDR auf dem 5er eigentlich besser? In c't 2/2024 finden Sie diese Themen zum Nachlesen: Kurztest: GeekPi Armor Case V5 (S. 76) Praxis: Hyperbeere – Virtualisierung auf dem Raspi (S. 142) Praxis: Mit Raspberry Pi 5 und Kodi 4K-Fiolme mit HDR wiedergeben (S. 152)
Two of the biggest players in the networking space are about to become one. Rumors started swirling on Monday evening that HPE was looking to acquire Juniper Networks and those rumors were confirmed yesterday. HPE will be paying $40/share or approximately $14 billion for all of the company. Juniper started off as a huge player in the service provider space before making strategic acquisitions of companies like Mist Systems and Apstra to become a force in the wireless and data center networking space. The move has the networking analysts abuzz with potential for integration of AI software as well as complementary product lines. Time Stamps: 0:00 - Welcome to the Rundown 1:03 - Articul8 Spun Off From Intel 3:26 - Broadcom Takes VMware's Top Partners Direct 7:02 - IBM Acquires Two iPaaS Applications 9:58 - Wi-Fi 7 Is Finally A Thing (Sort of) 13:26 - Micron is Building FeRAM 18:11 - HPE Acquiring Juniper Networks for $14 Billion 39:07 - The Weeks Ahead 41:31 - Thanks for Watching Follow our Hosts on Social Media Tom Hollingsworth: https://www.twitter.com/NetworkingNerd Stephen Foskett: https://www.twitter.com/SFoskett Follow Gestalt IT Website: https://www.GestaltIT.com/ Twitter: https://www.twitter.com/GestaltIT LinkedIn: https://www.linkedin.com/company/Gestalt-IT Tags: #Rundown, #Data, #ESXi, #VMware, #Security, #GoogleCloud, #Cloud, #AI, @HammerspaceInc, @VMware, @Informa, @TechTarget, @LG, @Seagate, @Google, @GoogleCloud, @Synopsys, @Ansys, @TechFieldDay, @FuturumGroup, @GestaltIT, @SFoskett, @NetworkingNerd, #CFD19, #AFD4, #NFD34, #CiscoLiveEMEA, #TFDx,
MLOps Coffee Sessions #164 with Rob Hirschfeld, Open Source and Fast Decision Making. This episode is brought to you by. // Abstract Rob Hirschfeld, the CEO and co-founder of Rack N, discusses his extensive experience in the DevOps movement. He shares his notable achievement of coining the term "the cloud" and obtaining patents for infrastructure management and API provision. Rob highlights the stagnant progress in operations and the persistent challenges in security and access controls within the industry. The absence of standardization in areas such as Kubernetes and single sign-on complicates the development of robust solutions. To address these issues, Rob underscores the significance of open-source practices, automation, and version control in achieving operational independence and resilience in infrastructure management. // Bio Rob is the CEO and Co-founder of RackN, an Austin-based start-up that develops software to help automate data centers, which they call Digital Rebar. This platform helps connect all the different pieces and tools that people use to manage infrastructure into workflow pipelines through seamless multi-component automation across the different pieces and parts needed to bring up IT systems, platforms, and applications. Rob has a background in Scale Computing, Mechanical and Systems Engineering, and specializes in large-scale complex systems that are integrated with the physical environment. He has founded companies and been in the cloud and infrastructure space for nearly 25 years and has done everything from building the first Clouds using ESXi betas to serving four terms on the OpenStack Foundation Board. Rob was trained as an Industrial Engineer and holds degrees from Duke University and Louisiana State University. // MLOps Jobs board https://mlops.pallet.xyz/jobs // MLOps Swag/Merch https://mlops-community.myshopify.com/ // Related Links https://rackn.com/ https://robhirschfeld.com/about/ --------------- ✌️Connect With Us ✌️ ------------- Join our slack community: https://go.mlops.community/slack Follow us on Twitter: @mlopscommunity Sign up for the next meetup: https://go.mlops.community/register Catch all episodes, blogs, newsletters, and more: https://mlops.community/ Connect with Demetrios on LinkedIn: https://www.linkedin.com/in/dpbrinkm/ Connect with Rob on LinkedIn: https://www.linkedin.com/in/rhirschfeld/ Timestamps: [00:00] Rob's preferred coffee [00:17] Rob Hirschfeld's background [01:42] Takeaways [02:36] Please like, share, and subscribe to this channel! [03:09] Creation of Cloud [08:38] Changes in Cloud after 25 Years [10:54] Pros and cons of microservices [13:06] Secure Access Provisioning [15:46] Parallelism with ads [18:08] Redfish protocol [20:21] Impact of using open source vs using a SAS provider [26:15] Automation [32:39] Embrace Operational Flexibility [35:08] Automating infrastructure inefficiently [41:26] Legacy code and resiliency [43:39] Collection of metadata [45:50] RackN [51:23] Granular Cloud Preferences [54:35] Reframing of perceived complexity [57:32] Generative DevOps [58:50] Wrap up
This week Dr. Doug talks: Killer Robots, ESXI, Lockbit, MoveIt, CISA, SEC, Texas, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-305
This week Dr. Doug talks: Killer Robots, ESXI, Lockbit, MoveIt, CISA, SEC, Texas, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-305
This week Dr. Doug talks: Killer Robots, ESXI, Lockbit, MoveIt, CISA, SEC, Texas, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-305
China-linked APT group spotted exploiting a VMware ESXi zero-day Hundreds of thousands of ecommerce sites impacted by critical plugin vulnerability 7-Nation LockBit report shows US paid over $90m in ransoms since 2020 Thanks to today's episode sponsor, Conveyor Let's gladly pass the most thankless job in cybersecurity – completing customer security questionnaires – to the AI bots. Conveyor's GPT-questionnaire response tool auto-generates precise, accurate answers to entire questionnaires. With accuracy far superior to other tools, you can spend almost zero time reviewing generated answers. There's an in platform auto-fill feature or a browser extension for tricky portals. Stop settling for mediocre tools that only provide lousy “near hits” from your library. Try a free proof of concept with your own data. Learn more at www.conveyor.com. For the stories behind the headlines, head to CISOseries.com.
Singing Terminators, Gmail, Joe Sullivan, Dragos, ESXi, Microsoft, Greatness, Jessica Davis, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn297
Singing Terminators, Gmail, Joe Sullivan, Dragos, ESXi, Microsoft, Greatness, Jessica Davis, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn297
First up in the news, Linux Kernel 6.3 Officially Released, blendOS 2 supports Android, new Vivaldi out, new Opera One Dev Release, GIMP completes GTK3 rewrite, QEMU drops 32-bit, Ryzens are burning, Proton launches a password app, Jetpack Announces the end of twitter auto-sharing, and Red Hat lays of 4% due to high profits; In security and privacy, Mullvad foils a search warrant, and RTM Locker targets NAS and ESXi; Then in our Wanderings, Joe goes 3D, Moss upgrades, Bill shuffles cards, Majid has a few lightbulb moments, and Dale has entered the Void. Download
On this week's episode of the podcast I cover info on some new features coming to Windows 11, some new Azure services, details of new versions of ESXi and vCenter plus more! Reference Links: https://www.rorymon.com/blog/two-chrome-patches-in-5-days-mac-ransomware-cio-fined-for-failed-migration/
You! Yes, you! Running vSphere 6.5 or 6.7? We understand, you're busy! For many, many reasons, you couldn't get around to upgrading your systems to 7.0 when VMware deprecated support for 6.7 and 6.5 on October 15th, 2022. So now you're at a cross roads. vSphere 8 is out, but fairly new, and comes with its own set of new hardware requirements. Assuming your existing hardware meets them, do you upgrade to vSphere 7 or vSphere 8? If instead you get new hosts, should you run ESXi 7 or 8 on them? And what if you're already running vSphere 7? Should you upgrade to 8? It's a been a little while, but your favorite, most empathetic, most wise and most entertaining IT therapists are back in the office to look at all things vSphere 8. In this episode of Data Center Therapy, your intrepid hosts Matt ‘Pi before Pi was cool' Yette and Matt ‘Distributed Everything Si-fu' Cozzolino teach you with their technology equivalents of the martial art of Wing Chun on what's new with vSphere 8. In this episode, you, our treasured watchers (DCT is now on YouTube!) and our listeners, will get to learn about: How mature ESXi 7.0 is, when it came out, and how relatively rare PSODs are now What some of the implications of the new hardware requirements are for ESXi 8, and how boot media and types have changed since ESXi 7 appeared What new concepts and hardware support exists in ESXi 8, what Distributed Processing Units (DPUs) do and how AI/ML and hardware consumption models are managed inside vCenter What changes have taken place in the Lifecycle Manager of vCenter to make things easier to update and upgrade (both on the ESXi front, as well as the firmware of the systems ESXi is deployed on!) How regions and availability zone concepts, once solely in cloud hosting providers, has trickled down into the vSphere command-and-control paradigms as well as Tanzu's current state of integration As the Matts state in this episode, it's not too late to join “Professor” Cozzolino in his Introduction to vSphere 8 class March 21st through 24th, and his Advanced vSphere 8 class April 18th through 21st. If you need to know “how” to operate your systems, the Intro class is likely the best choice for you. If you'd like to know the “why” of best practices in vSphere, then the Advanced class is the best choice for you. To get registered ASAP, talk to your IVOXY Account Manager and we'll be happy to assist right away. As always, be sure to like, share and subscribe wherever you found this episode of Data Center Therapy. If you need assistance planning or executing your own organization's vSphere upgrades, please reach out to your IVOXY Account Manager. In the meantime, stay up to date, stay supported, stay stable and optimized (as we like our ESXi hosts to be), and stay informed, DCT friends! Talk to you on our next fresh episode!
On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: North Korea is ransomwaring hospitals with homegrown and Russian strains Russia proposes law greenlighting “patriotic hacks” It's 702 renewal time… again CISA releases ESXiArgs recovery script (yay!) UK mulls crimephone ban Much, much more This week's show is brought to you by Thinkst Canary. Haroon Meer is this week's sponsor guest and joins us to talk about Thinkst's latest release: the credit card canary. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes North Korean hackers extort health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics Risky Biz News: US and UK sanction seven Trickbot members United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang | U.S. Department of the Treasury Risky Biz News: Russia wants to absolve patriotic hackers from any criminal liability The FBI's Most Controversial Surveillance Tool Is Under Threat | WIRED Meet the Creator of North Korea's Favorite Crypto Privacy Service | WIRED CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel - The Record from Recorded Future News decrypt your crypted files in ESXi servers affected by CVE-2020-3992 / CryptoLocker attack Tonga is the latest Pacific Island nation hit with ransomware - The Record from Recorded Future News UK Proposes Making the Sale and Possession of Encrypted Phones Illegal UK High Court allows Bahraini activists to sue government over spyware - The Record from Recorded Future News Russian cybersecurity expert convicted of charges in $90M hack-to-trade case | CyberScoop Deepfake 'news anchors' appear in pro-China footage on social media, research group says - ABC News Geotargeting tools are allowing phishing campaigns to home in on potential victims - The Record from Recorded Future News This week's Reddit breach shows company's security is (still) woefully inadequate | Ars Technica Namecheap denies system breach after email service used to spread phishing scams - The Record from Recorded Future News Mysterious leak of Booking.com reservation data is being used to scam customers | Ars Technica DOM XSS vulnerability in Gartner Peer Insights widget patched | The Daily Swig Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game - Avast Threat Labs OAuth ‘masterclass' crowned top web hacking technique of 2022 | The Daily Swig New XSS Hunter host Truffle Security faces privacy backlash | The Daily Swig 'No evidence of malicious access,' Toyota says about serious bug exploited by outside researcher - The Record from Recorded Future News A year after outcry, IRS still doesn't offer taxpayers alternative to ID.me | CyberScoop
On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: North Korea is ransomwaring hospitals with homegrown and Russian strains Russia proposes law greenlighting “patriotic hacks” It's 702 renewal time… again CISA releases ESXiArgs recovery script (yay!) UK mulls crimephone ban Much, much more This week's show is brought to you by Thinkst Canary. Haroon Meer is this week's sponsor guest and joins us to talk about Thinkst's latest release: the credit card canary. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes North Korean hackers extort health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics Risky Biz News: US and UK sanction seven Trickbot members United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang | U.S. Department of the Treasury Risky Biz News: Russia wants to absolve patriotic hackers from any criminal liability The FBI's Most Controversial Surveillance Tool Is Under Threat | WIRED Meet the Creator of North Korea's Favorite Crypto Privacy Service | WIRED CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel - The Record from Recorded Future News decrypt your crypted files in ESXi servers affected by CVE-2020-3992 / CryptoLocker attack Tonga is the latest Pacific Island nation hit with ransomware - The Record from Recorded Future News UK Proposes Making the Sale and Possession of Encrypted Phones Illegal UK High Court allows Bahraini activists to sue government over spyware - The Record from Recorded Future News Russian cybersecurity expert convicted of charges in $90M hack-to-trade case | CyberScoop Deepfake 'news anchors' appear in pro-China footage on social media, research group says - ABC News Geotargeting tools are allowing phishing campaigns to home in on potential victims - The Record from Recorded Future News This week's Reddit breach shows company's security is (still) woefully inadequate | Ars Technica Namecheap denies system breach after email service used to spread phishing scams - The Record from Recorded Future News Mysterious leak of Booking.com reservation data is being used to scam customers | Ars Technica DOM XSS vulnerability in Gartner Peer Insights widget patched | The Daily Swig Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game - Avast Threat Labs OAuth ‘masterclass' crowned top web hacking technique of 2022 | The Daily Swig New XSS Hunter host Truffle Security faces privacy backlash | The Daily Swig 'No evidence of malicious access,' Toyota says about serious bug exploited by outside researcher - The Record from Recorded Future News A year after outcry, IRS still doesn't offer taxpayers alternative to ID.me | CyberScoop
Picture of the Week. The European Union's Internet Surveillance Proposal. 30,000 patient records online? .DEV is always HTTPS! Google changes Chrome's release strategy. Russia shoots the messenger. A fool and his Crypto... QNAP is back. CVSS severity discrepancy. Closing the Loop. How ESXi Fell. Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit barracuda.com/securitynow canary.tools/twit - use code: TWIT
On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week's show is brought to you by Red Canary. Red Canary's Adam Mashinchi is this week's sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident' - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach' - The Record from Recorded Future News Switzerland's largest university confirms ‘serious cyberattack' - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,' Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher' tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig
On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week's show is brought to you by Red Canary. Red Canary's Adam Mashinchi is this week's sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident' - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach' - The Record from Recorded Future News Switzerland's largest university confirms ‘serious cyberattack' - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,' Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher' tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig
Picture of the Week. The European Union's Internet Surveillance Proposal. 30,000 patient records online? .DEV is always HTTPS! Google changes Chrome's release strategy. Russia shoots the messenger. A fool and his Crypto... QNAP is back. CVSS severity discrepancy. Closing the Loop. How ESXi Fell. Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit barracuda.com/securitynow canary.tools/twit - use code: TWIT
Picture of the Week. The European Union's Internet Surveillance Proposal. 30,000 patient records online? .DEV is always HTTPS! Google changes Chrome's release strategy. Russia shoots the messenger. A fool and his Crypto... QNAP is back. CVSS severity discrepancy. Closing the Loop. How ESXi Fell. Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit barracuda.com/securitynow canary.tools/twit - use code: TWIT
Picture of the Week. The European Union's Internet Surveillance Proposal. 30,000 patient records online? .DEV is always HTTPS! Google changes Chrome's release strategy. Russia shoots the messenger. A fool and his Crypto... QNAP is back. CVSS severity discrepancy. Closing the Loop. How ESXi Fell. Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit barracuda.com/securitynow canary.tools/twit - use code: TWIT
Picture of the Week. The European Union's Internet Surveillance Proposal. 30,000 patient records online? .DEV is always HTTPS! Google changes Chrome's release strategy. Russia shoots the messenger. A fool and his Crypto... QNAP is back. CVSS severity discrepancy. Closing the Loop. How ESXi Fell. Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit barracuda.com/securitynow canary.tools/twit - use code: TWIT
Picture of the Week. The European Union's Internet Surveillance Proposal. 30,000 patient records online? .DEV is always HTTPS! Google changes Chrome's release strategy. Russia shoots the messenger. A fool and his Crypto... QNAP is back. CVSS severity discrepancy. Closing the Loop. How ESXi Fell. Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit barracuda.com/securitynow canary.tools/twit - use code: TWIT
Your money is gone, Chaos, Ublerleaks, Esxi, Fortinet, Cloudflare, Praetorian, Jason Wood, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn262