Podcasts about hacktivists

The messaging app used by CBP and the White House faces continued security scrutiny. Hacktivists breach the airline used for U.S. deportation flights. The FBI warns that threat actors are exploiting outdated, unsupported routers. Education giant Pearson confirms a cyberattack. Researchers report exploitation of Windows Remote Management (WinRM) for stealthy lateral movement in Active Directory (AD) environments. A sophisticated email attack campaign uses malicious PDF invoices to deliver a cross-platform RAT. A zero-day vulnerability in SAP NetWeaver enables remote code execution. An Indiana health system reports a data breach affecting nearly 263,000 individuals. Our guest is Alex Cox, Director of Information Security at LastPass, discussing tax-related lures targeting refunds. AI empowers a murder victim to speak from beyond the grave.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Alex Cox, Director of Information Security at LastPass, to discuss tax-related lures facing both tax preparation agencies and filers expecting refunds. Selected Reading On the state of modern Web Application Security (BrightTalk) Customs and Border Protection Confirms Its Use of Hacked Signal Clone TeleMessage  (Wired) Hackers hit deportation airline GlobalX, leak flight manifests, and leave an unsubtle message for "Donnie" Trump (Bitdefender) FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers (infosecurity magazine) Education giant Pearson hit by cyberattack exposing customer data (Bleeping Computer) Hackers Using Windows Remote Management to Stealthily Navigate Active Directory Network (Cybersecurity News) Hackers Weaponizing PDF Invoices to Attack Windows, Linux & macOS Systems (Cybersecurity News) SAP Zero-Day Targeted Since January, Many Sectors Impacted (Security Week) Indiana Health System Notifies 263,000 of Oracle Hack (Bank of Infosecurity) A Judge Accepted AI Video Testimony From a Dead Man (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Big thanks to Radware for sponsoring this video and sharing technical insights with us! // Radware reports REFERENCE // Executive Summary: https://davidbombal.wiki/2025threats 2025 Global Threat Analysis Report: https://davidbombal.wiki/2025threatsu... // Pascal Geenens' SOCIAL // LinkedIn: / geenensp Website: https://www.radware.com/ // Radware SOCIAL // YouTube: / radwareinc Webinars: https://www.radware.com/newsroom/events/ LinkedIn / radware // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 01:03 - Intro 01:40 - What are the Reports About? 06:59 - Hacktivists (Dark Storm Team) 10:19 - DDos For Hire (Telegram) 13:24 - Check-Host.net 14:27 - Dienet 19:44 - How to Bring Down a Website 21:46 - DNS DDoS Attacks 26:28 - HTTP/2 29:22 - Botnet Capability 31:51 - Noname057 35:09 - Home Routers (TRS-069) 39:05 - Bullet Proof Cloud Services 45:13 - Vulnerable IoT 49:04 - Shodan (IoT Search Engine) 50:07 - Downloading Threats 52:45 - Application Programming Interfaces (APIs) 57:15 - Artificial Intelligence (AI) 01:06:49 - The Fight Against Bad AI 01:08:49 - How to Protect Yourself 01:14:52 - What is Radware? 01:16:00 - The Struggle of Downloading Models 01:20:06 - Should AI Keep your Data? 01:22:01 Connect with Pascal 01:22:36 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.

Hacktivists sabotage over 100 Iranian ships, Iran calls out China for hacking, six new Paragon customers come to light, and North Korea creates a new cyber unit. Show notes

A Pro Palestinian group claims credit for the X DDoS, CISA gets a new director as DOGE fires its red teams, and Asian scam compounds keep growing. Show notes

In this episode of the Cyber Uncut podcast, hosts David Hollingworth and Daniel Croft look back on their week reporting on cyber crime in Australia and abroad. Croft and Hollingworth talk about a hack that really wasn't - the 2023 Dymocks data breach is commonly resold on hacking forums, and Croft has found another instance of an enterprising type trying to make money from a previous compromise, and it did not end well for them. Finally, the pair discuss how hacktivists crave publicity in return for very little actual hacking and Hewlett Packard Enterprise's (HPE) most recent investigation into another alleged data breach, before talking about the state of cyber crime reporting in the first month of 2025. Buckle in; it's going to be one heck of a year. Enjoy the podcast, The Cyber Uncut team

In this episode of the Cyber Uncut podcast, hosts David Hollingworth and Daniel Croft look back on their week reporting on cyber crime in Australia and abroad. Croft and Hollingworth talk about a hack that really wasn't – the 2023 Dymocks data breach is commonly resold on hacking forums, and Croft has found another instance of an enterprising type trying to make money from a previous compromise, and it did not end well for them. Finally, the pair discuss how hacktivists crave publicity in return for very little actual hacking and Hewlett Packard Enterprise's (HPE) most recent investigation into another alleged data breach, before talking about the state of cyber crime reporting in the first month of 2025. Buckle in; it's going to be one heck of a year. Enjoy the podcast, The Cyber Uncut team

In this episode of the Cyber Uncut podcast, hosts David Hollingworth and Daniel Croft discuss a widespread hacking campaign by a network of hacktivist groups and an alleged data breach impacting United States Marine Corps personnel. The pair also catch up on the evolving case of the apparent assassination of UnitedHealthcare's CEO and talk about the threat of Chinese espionage operations against telecommunications companies. Hollingworth and Croft begin by breaking down a campaign by a raft of pro-Russian and pro-Palestine hacktivist groups that recently targeted more than 60 Australian organisations, taking websites offline, defacing others, and even getting into a handful of operational technology environments. Croft then breaks down an alleged data breach that saw the personal details of thousands of US Marine Corps personnel leaked on a popular hacking forum. He also goes into some detail about the challenges of reporting and investigating data leaks. Finally, Hollingworth and Croft catch up on the latest developments in the case of the murder of UnitedHealthcare CEO Brian Thompson and then share stories from a pair of recent discussions with experts from CrowdStrike and BlackBerry regarding the insidious threat of Chinese espionage efforts in the telecommunications sector. Enjoy the podcast, The Cyber Uncut team

In today's podcast we cover four crucial cyber and technology topics, including: 1.        Researchers disclose fixed flaw in Apple devices 2.        Bumblebee and Latrodectus malware return 3.        Cypress pressed by wave of hacktivist attacks 4.        SolarWinds 2020 hack generates millions in fines via SEC I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Hacktivists Escalate Sophisticated, Multi-Vector Assaults on Banking and Financial Services, Government, and Utilities In this podcast episode, we will explore the evolving threat of distributed denial-of-service (DDoS) attacks targeting telecom carriers, as revealed in NETSCOUT's latest DDoS Threat Intelligence Report. With 5G connectivity rapidly expanding—from 12.6 million subscriptions in 2019 to an anticipated 2.8 billion by the end of 2024—cybercriminals are exploiting the increased attack surface presented by 5G-connected devices. Join us as we dive into the report's findings and discuss the implications of this alarming trend with Richard Hummel, NETSCOUT's director of threat intelligence. About NETSCOUT NETSCOUT is a leading provider of performance management, cybersecurity, and DDoS attack protection solutions. The company helps organizations monitor, analyze, and protect their digital infrastructure. Focusing on safeguarding critical networks, NETSCOUT's solutions are widely used across industries, including telecom, finance, and government, to ensure the reliability and security of their operations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, X, or Facebook.

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here. Show notes Risky Biz News: China says Taiwan's military is behind a hacktivist group

Video Episode: https://www.youtube.com/watch?v=-sAsXlXZixs In today’s episode, we discuss critical updates affecting cybersecurity and networking, including significant issues with macOS 15 ‘Sequoia’ impacting VPN and antivirus functionalities such as CrowdStrike Falcon and ESET Endpoint Security. We also cover Microsoft’s new Hotpatching feature in Windows Server 2025, enabling seamless security updates without restarts, and LinkedIn’s halting of AI data processing in the U.K. due to privacy concerns. Additionally, we delve into the hacktivist group Twelve’s destructive cyber attacks targeting Russian entities, highlighting their methods and tools. Timestamps 00:00 – Introduction 01:14 – MacOS Sequoia Upgrade Bugs 02:45 – Windows Server 2025 Hot Patching 04:06 – LinkedIn AI Privacy Violations 05:53 – Hacktivists attack Russian infrastructure Links to articles discussed: 1. https://www.bleepingcomputer.com/news/apple/macos-sequoia-change-breaks-networking-for-vpn-antivirus-software/ 2. https://www.bleepingcomputer.com/news/microsoft/windows-server-2025-hotpatching-in-public-preview-installs-security-updates-without-restarts/ 3. https://thehackernews.com/2024/09/linkedin-halts-ai-data-processing-in-uk.html 4. https://thehackernews.com/2024/09/hacktivist-group-twelve-targets-russian.html 1. What are today’s top cybersecurity news stories? 2. How does macOS 15 Sequoia impact VPN and antivirus software? 3. What are the issues reported with CrowdStrike Falcon on macOS Sequoia? 4. Why did LinkedIn halt AI data processing in the UK? 5. What is Microsoft’s Hotpatching feature for Windows Server 2025? 6. How does the hacktivist group Twelve conduct cyber attacks on Russian entities? 7. What problems are users experiencing with Mullvad VPN after upgrading to macOS Sequoia? 8. What changes in macOS Sequoia are affecting network connections for security tools? 9. How has the ICO responded to LinkedIn’s use of user data for AI training? 10. What security vulnerabilities did the group Twelve exploit for their attacks? macOS Sequoia, VPN, antivirus, compatibility, Hotpatching, Microsoft, security updates, compatibility, LinkedIn, AI, privacy, data, Twelve, DARKSTAR, cyber operations, encrypting,

In this compelling episode of our podcast, we delve into the intriguing world of Anonymous, the infamous hacktivist collective that has left a significant mark on internet culture and activism. The discussion begins with a gripping account of an early morning raid by law enforcement, highlighting how "ten thousand angry kids" challenged the established order and shook the foundations of institutions like PayPal and WikiLeaks. We explore the rise of Anonymous as a chaotic yet powerful force, characterized by a lack of formal leadership but a strong commitment to freedom of expression. The conversation takes a deeper dive into the roots of hacktivism, tracing its origins back to playful pranks at MIT and the motivations of various hacker groups, including the influential "Cult of the Dead Cow." The impact of Anonymous on global movements, particularly during the Arab Spring, is examined, showcasing how their actions supported activists fighting against government censorship and repression. Finally, we reflect on the personal consequences of being involved in Anonymous, discussing the ethical implications of hacktivism and the ongoing struggle against censorship. This episode is not just a narrative of rebellion; it's a powerful exploration of the meaning of freedom in the digital age. Join us for an enlightening discussion that reveals the complexities of activism in our interconnected world.Here's a summary of the documentary in five bullet points with timestamps:- **Introduction to Anonymous** (00:14 - 01:42): The documentary opens with a personal account of an early morning raid by law enforcement. The speaker reflects on how the actions of "ten thousand angry kids" challenged governmental authority and perceptions surrounding organizations like PayPal and WikiLeaks.- **The Rise of Anonymous and Its Activities** (02:20 - 05:36): Anonymous is described as a chaotic force in activism, with no formal leadership but a strong collective ethos focused on freedom of expression. The group claims various high-profile attacks, including on government and corporate websites, positioning themselves as defenders of internet freedom.- **Hacktivism and Cultural Origins** (06:56 - 08:06): The concept of hacktivism is explored, detailing its roots in playful pranks at MIT and the subsequent political motivations of hackers. Key figures and groups, such as the "Cult of the Dead Cow," are mentioned in relation to the development of hacktivism as a political movement.- **Impact of Anonymous on Global Movements** (01:01:15 - 01:03:53): The documentary highlights Anonymous's involvement in significant global events, including the Arab Spring, where they provided support to activists facing government censorship and violence, demonstrating the power of online activism in real-world protests.- **Consequences and Reflections on Activism** (01:30:12 - 01:33:35): The speaker discusses the personal repercussions of their involvement with Anonymous, reflecting on the ethical dilemmas of hacking as activism. The closing thoughts emphasize the ongoing struggle against censorship and oppression, asserting that everyone's opinion matters in the fight for freedom.

Barrett Brown is the author of the memoir, "My Glorious Defeats: Hacktivist, Narcissist, Anonymous," in which he discusses his experiences – both online and off – that resulted in a prison sentence for his part an attempt to catalog, interpret, and disseminate top-secret documents exposed in a security lapse by the intelligence contractor Stratfor in 2011. In this episode, Brown joins host David Braue to discuss his story in further detail, including what inspired him to write the memoir, and more. For more about Brown's memoir, visit https://www.amazon.com/My-Glorious-Defeats-Hacktivist-Narcissist/dp/B097V3WYGS. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Hacktivists respond to the arrest of Telegram's CEO in France. Stealthy Linux malware stayed undetected for two years. Versa Networks patches a zero-day vulnerability. Google has patched its tenth zero-day vulnerability of 2024. Researchers at Arkose labs document Greasy Opal. A flaw in Microsoft 365 Copilot allowed attackers to exfiltrate sensitive user data. Gafgyt targets crypto mining in cloud native environments. Microsoft investigates an Exchange Online message quarantine issue. Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Kentucky Prisoners Trick Tablets to Generate Fake Money.  Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Available on GitHub, AI Goat is an intentionally vulnerable AI environment built in Terraform that includes numerous threats and vulnerabilities for testing and learning purposes. Learn more.  Selected Reading Arrest of Telegram CEO sparks cyberattacks against French websites (SC Media) Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules (AON) Stealthy 'sedexp' Linux malware evaded detection for two years (Bleeping Computer) Google tags a tenth Chrome zero-day as exploited this year (Bleeping Computer) Versa fixes Director zero-day vulnerability exploited in attacks (Bleeping Computer) Greasy Opal: Greasing the Skids for Cybercrime (Arkose Labs) Microsoft Copilot Prompt Injection Vulnerability Let Hackers Exfiltrate Personal Data (Cyber Security News) Gafgyt Botnet: Weak SSH Passwords Targeted For GPU Mining (Security Boulevard) Microsoft: Exchange Online mistakenly tags emails as malware (Bleeping Computer) Kentucky prisoners hack state-issued computer tablets to digitally create $1M. How'd they do it? (Union Bulletin) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Wenn mit Hacking Politik gemacht wird, kann das die Demokratie stärken. Aber Leaks können auch schaden: Der bisher erfolgreichste Hacktivist ist der russische Geheimdienst. Wie soll die Gesellschaft mit Leaks umgehen und sind offene Daten immer gut? Wolfangel, Eva www.deutschlandfunk.de, Wissenschaft im Brennpunkt

Barrett Brown - My Glorious Defeats: Hacktivist, Narcissist, Anonymous: A Memoir4 days agoBarrett Brown is an American journalist, essayist, activist and former associate of Anonymous. In 2010, he founded Project PM, a group that used a wiki to analyze leaks concerning the military-industrial complex. It was classified a "criminal organization" by the Department of Justice. In late 2020, Brown restarted Project PM.After a series of escapades both online and off that brought him in and out of 4chan forums, the halls of power, heroin addiction, and federal prison, Barrett Brown is a free man. He was arrested for his part in an attempt to catalog, interpret, and disseminate top-secret documents exposed in a security lapse by the intelligence contractor Stratfor in 2011. An influential journalist who is also active in the hacktivist collective Anonymous, Brown recounts exploits from a life shaped by an often self-destructive drive to speak truth to power. With inimitable wit and style, palpable anger and conviction, he exposes the incompetence and injustices that plague media and politics, reflects on the successes and failures of the transparency movement, and shows the way forward in harnessing digital communication tools for collective action.But My Glorious Defeats is more than just the tale of the clever and hilarious Brown; it's also a rigorously researched dissection of our decaying institutions and of human nature itself. As Brown makes clear, institutions are made of people—people with personal ambitions and personal vices—and it is people, just like him, just like us, who hold power. As optimistic as it is heartbreaking, My Glorious Defeats is an entertaining and illuminating manual for insurgency in the information age.Become a supporter of this podcast: https://www.spreaker.com/podcast/the-opperman-report--1198501/support.

In today's episode, we discuss a 20% rise in ransomware activity in Q2 2023, driven primarily by the ransomware group LockBit and impacting U.S.-based businesses most heavily, as reported by Reliaquest. We also explore Void Banshee APT's exploitation of CVE-2024-38112 to spread Atlantida malware via spear-phishing campaigns, and the NullBulge group's data breach of Disney in protest against AI-generated artwork. Finally, we cover Microsoft's announcement of new checkpoint cumulative updates for Windows to improve update efficiency. URLs: https://www.cybersecuritydive.com/news/ransomware-leak-site-increase/721480/ https://www.helpnetsecurity.com/2024/07/16/cve-2024-38112-void-banshee/ https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-windows-checkpoint-cumulative-updates/ https://www.theguardian.com/technology/article/2024/jul/16/hackers-claim-disney-data-theft-in-protest-against-ai-generated-artwork 00:00 - Intro 01:14 - Hackers Leak Disney Data Over AI Art 02:58 - Microsoft Unveils Efficient 'Checkpoint' Updates 04:18 - Void Banshee Exploits Windows Flaw, Microsoft Fumbles 06:05 - LockBit Surge Drives 20% Ransomware Spike Video Episode: https://youtu.be/lRuQiv-KWnQ Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Ransomware, attacks, LockBit, organizations, Void Banshee, APT, MSHTML vulnerability, Trend Micro, Microsoft, Checkpoint, cumulative updates, bandwidth, NullBulge, hacktivists, Disney, AI-generated artwork Search Phrases: What are today's top cybersecurity news stories? How did ransomware group LockBit contribute to the spike in ransomware attacks during May? Ransomware attacks on organizations in Q2 Void Banshee APT exploits CVE-2024-38112 vulnerability Trend Micro's Zero Day Initiative findings on MSHTML vulnerability Microsoft checkpoint cumulative updates for Windows Benefits of Microsoft's new cumulative updates NullBulge hacktivists' breach of Disney's network AI-generated artwork controversy in cybersecurity Latest trends in hacktivism and digital protests

Rite Aid says 'limited' cybersecurity incident affected over 2 million people AT&T ransom laundered through mixers and gambling services Hacktivists leak Disney data to protect artist rights Thanks to today's episode sponsor, Conveyor Why do teams choose Conveyor over the competition to automate answering security questionnaires? A few reasons.  One.  Market-leading AI accuracy Two. They don't have to maintain a crazy knowledge base anymore because ConveyorAI can read from any source like external support sites, documents, past questionnaires and more. Three. It can process ANY customer file format - even PDFs! It will even auto-scroll and auto-complete portal-based questionnaires. Don't believe it? Try it yourself for free at www.conveyor.com. For the stories behind the headlines, head to CISOseries.com.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Guests: ✨ Dr. Melanie Garson, Cyber Policy & Tech Geopolitics Lead, Tony Blair Institute for Global Change [@InstituteGC]On LinkedIn | https://www.linkedin.com/in/melaniegarson/Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martin____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode's SponsorsBlackCloak

A hacktivist group called the Belarusian Cyber Partisans rocked Belarus when it hacked into government servers and released secret police files and government wiretaps – the kinds of hacks we're used to seeing by nation-states. They represent the changing face of hacktivism. Some hacktivists are becoming more professional, while others are falling prey to darker forces.

Hello, cybersecurity enthusiasts! Welcome to a brand-new episode of "On Location with Sean Martin and Marco Ciappelli" at InfoSecurity Europe 2024 in London. Today, Sean hosts a very special guest, Richard Meeus, Director of Security Technology and Strategy, EMEA at Akamai, who will provide us with valuable insights into cybersecurity resilience and the evolving landscape of distributed denial of service (DDoS) attacks.The High Energy at InfoSecurity Europe 2024Sean Martin kicks off the conversation by highlighting the vibrant atmosphere at InfoSecurity Europe. With a bustling crowd and high energy, it's the perfect setting to look and discuss pressing cybersecurity topics. Richard Meeus appreciates the opportunity to be part of this lively event and shares his excitement for the discussions ahead.The Importance of ResilienceIn recent months, Sean has noticed a growing emphasis on the concept of resilience in cybersecurity conversations. Notably, both Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) are prioritizing resilience to safeguard their organizations. Richard shares his perspective, emphasizing the critical importance of resilience, especially in Europe. He points out that new legislations like NIST 2 and DORA are driving organizations to focus on maintaining the availability of their systems.The Rise in DDoS AttacksTransitioning to the main topic, Sean and Richard discuss the alarming increase in DDoS attacks observed in EMEA (Europe, the Middle East, and Africa). Over the past few years, there has been a significant surge in such attacks, with notable activity driven by hacktivists rather than traditional criminal actors. Richard explains that hacktivists use DDoS attacks to make a statement, often targeting high-profile organizations to maximize their impact.The Role of Akamai in Protecting Against DDoSRichard explains Akamai's pivotal role in defending against DDoS attacks. He highlights Akamai's extensive cloud protection service, boasting a global network with 2,400 points of presence (POPs). This vast infrastructure allows Akamai to protect some of the world's largest and most prominent brands.Richard explains the importance of shifting the burden of DDoS defense to the cloud to handle the massive attack traffic. Akamai's scrubbing centers, strategically located worldwide, meticulously clean the incoming traffic, ensuring only legitimate requests reach the client's systems.Evolution of DDoS AttacksSean invites Richard to provide an overview of how DDoS attacks have evolved over the years. While some traditional tactics like sin floods remain prevalent, there has been a resurgence of older techniques like water torture attacks targeting DNS. Richard emphasizes that organizations must protect their entire infrastructure, including APIs, which are increasingly becoming the target of such attacks.The Financial Sector: A Prime TargetThe financial sector is frequently targeted by DDoS attacks, according to Richard. He stresses that the trust customers place in financial institutions is heavily reliant on the availability of their digital services. Any disruption can erode this trust and have a significant material impact on the organization's reputation and customer confidence.Comprehensive Protection StrategyRichard underscores the importance of a comprehensive protection strategy for organizations facing the threat of DDoS attacks. By leveraging Akamai's global network and sophisticated scrubbing techniques, organizations can effectively mitigate the impact of these attacks. The combination of automated defenses and skilled SOC teams ensures real-time protection and rapid response to evolving threats.In this conversation, Sean and Richard reiterate the significance of maintaining trust and resilience in the face of growing cyber threats. With the right strategies, partnerships, and technologies, organizations can safeguard their digital presence and continue to deliver reliable services to their customers.For more in-depth insights, be sure to check out Akamai's latest report and explore their extensive back catalog of valuable cybersecurity resourcesLearn more about Akamai: https://www.akamai.com/Note: This story contains promotional content. Learn more.Guest: Richard Meeus, Director, Security Technology and Strategy, Akamai [@Akamai]On LinkedIn | https://www.linkedin.com/in/richard-meeus/ResourcesFighting the Heat: EMEA's Rising DDoS Threats: https://itspm.ag/akamaievkiLearn more and catch more stories from Akamai: https://www.itspmagazine.com/directory/akamaiView all of our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

This week's episode was recorded in front of a live audience at AusCERT's 2024 conference. Pat and Adam talked through: Google starts using security as a marketing tool against Microsoft, along with steep discounts Microsoft announces a creepy desktop recording AI UK govt proposes ransom payment controls Arizona woman runs a laptop farm for North Korea Julian Assange just keeps on with his malarky And much, much more This week's episode is sponsored by Tines. Its CEO Eoin Hinchy joins the show to talk about how AI can be genuinely useful in automation. Show notes (1) Dina Bass on X: "Google is offering deep discounts to government and corporate customers to entice them to switch from Microsoft Office as it attacks Microsoft's cybersecurity over recent breaches, citing US gov't cybersecurity review board report https://t.co/43sIJmBWi5" / X Microsoft president set to testify before Congress on ‘security shortcomings' | Cybersecurity Dive Chairman Green, Ranking Member Thompson Announce Microsoft President Will Testify on Company's Security Shortcomings Following Hack of Government Accounts – Committee on Homeland Security Google leverages Microsoft's cyber gaps to woo Workspace customers | Cybersecurity Dive CSRB report highlights the need for a new approach to security (1) vx-underground on X: "tl;dr Microsoft introduces 24/7 surveillance functionality for the NSA and/or CIA but markets it as a feature that you'll like" / X Everything You Need to Know About Windows 11's Recall Feature Australian government warns of 'large-scale ransomware data breach' (1) National Cyber Security Coordinator on X: "The Australian Government continues to assist MediSecure, an electronic prescriptions provider, respond to a cyber incident. We are still working to build a picture of the size and nature of the data that has been impacted by this data breach impacting MediSecure. This https://t.co/oyNeRonurZ" / X HHS offering $50 million for proposals to improve hospital cybersecurity Remote-access tools the intrusion point to blame for most ransomware attacks | Cybersecurity Dive UK insurance industry begins to acknowledge role in tackling ransomware Exclusive: UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments Hacktivists turn to ransomware in attacks on Philippines government Arizona woman accused of helping North Koreans get remote IT jobs at 300 companies | Ars Technica US offers $5 million for info on North Korean IT workers involved in job fraud FCC might require telecoms to report on securing internet's BGP technology FCC to probe ‘grave' weaknesses in phone network infrastructure EPA says it will step up enforcement to address ‘critical' vulnerabilities within water sector EPA takes steps to address cybersecurity weaknesses at water utilities British signals agency to protect election candidates' phones from cyberattacks Feds seize BreachForums platform, Telegram page Dark web narcotics market's alleged leader arrested and charged in New York WikiLeaks' Julian Assange Can Appeal His Extradition to the US, British Court Says | WIRED

In this Tech Talks Daily Podcast episode, I sit down with Richard Hummel from NETSCOUT to delve into the ever-evolving DDoS threat landscape. Why has there been an explosion in hacktivist groups and DDoS attack activity this year, and what does this mean for organizations across all sectors? With over 1,200 hacktivist groups active in 2023 alone, the threat landscape is more challenging than ever. We explore how geopolitical tensions are directly influencing attack strategies and targets, resulting in a continuous onslaught of sophisticated attacks that challenge traditional defense mechanisms. Critical infrastructure, particularly DNS servers, is being targeted with unprecedented frequency, posing significant risks to the stability of the internet itself. Richard provides valuable insights into how attackers are employing more advanced tactics, including leveraging public cloud hosting to evade defenses and utilizing AI to generate potent attacks. He also highlights how global conflicts, elections, and political unrest directly trigger hacktivist activity, with adversaries often striking both sides of a conflict. To help organizations defend themselves, Richard shares the importance of adopting a predictive defense strategy based on real-time threat intelligence, stressing that visibility into network traffic is critical. With proactive blocking of known adversary infrastructure and AI chatbots identifying new attack vectors, Richard outlines practical recommendations for staying ahead of the curve. Tune in to understand the risks, challenges, and the strategies organizations can implement to bolster their defenses. Do you feel adequately prepared for this evolving threat landscape, or is your organization vulnerable to these increasingly sophisticated attacks? Listen and share your thoughts!    

(5/2/24) - In today's Federal Newscast: Expanded data on the federal workforce is opening the door for better planning and hiring. Republican Senators are squeezing the Education Dept for higher telework numbers. And pro-Russian hacktivists have broken into American and European critical infrastructure networks. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

(5/2/24) - In today's Federal Newscast: Expanded data on the federal workforce is opening the door for better planning and hiring. Republican Senators are squeezing the Education Dept for higher telework numbers. And pro-Russian hacktivists have broken into American and European critical infrastructure networks. Learn more about your ad choices. Visit megaphone.fm/adchoices

What a weekend that was! Now that the sleep-deprivation is subsiding, Moose and Dews catch up this week to chat about the PGM. They also want to help other events, so they're joined by Kris from Mangata Festival in Nottingham ahead of this years event, which features artists including Hacktivist, Boss Keloid and Skarlett Riot. Check out our chosen charity Metal For Good and some of the great charity work they do here https://metalforgood.org/ https://primordialradio.com  https://www.instagram.com/primordialradio  https://tiktok.com/@primordialradio  https://www.facebook.com/primordialradio  https://www.twitter.com/primordialradio​ 

Google Maps adds more charging features for EV drivers, Snap plans to watermark AI images made with its tools, Take-Two halts some projects to cut costs. MP3 Please SUBSCRIBE HERE. You can get an ad-free feed of Daily Tech Headlines for $3 a month here. A special thanks to all our supporters–without you, none ofContinue reading "Mandian Links Hacktivist Group Cyber Army of Russia To Sandworm – DTH"

Gearhead Consultants and Garage Hour hosts Justin Case and Marking Time met up high above the city to watch it all burn during our recent eclipsalypse.  Rounds were chambered, pizza from Sprouts was et, and beers from Red Leg, Pike's Peak, Outer Range and Dry Dock were sipped, but unfortunately, no pepperoni armed pajama perp apocalypse was thwarted, not even in the driveway.  Fortunately, Justin and Justmark didn't mind missing “shoot, shovel and shut up” because doin's were to be discussed: a positive word or three about hybrid automotive technology, the growing dumbness of nanny tech in cars, Eneos sneg for fun and kitchen, Van Café and LaRue for edible freebies, and Dude Food ala dove and grilled sirloin from Omaha Steaks. Don't forget the sauce: Led Zeppelin, free televisions, Gold Camp Road, apocalypse booze and getaway vehicles, some guns, historical eclipses, more electric car fails, and Chuck Norris.

Gearhead Consultants and Garage Hour hosts Justin Case and Marking Time met up high above the city to watch it all burn during our recent eclipsalypse.  Rounds were chambered, pizza from Sprouts was et, and beers from Red Leg, Pike's Peak, Outer Range and Dry Dock were sipped, but unfortunately, no pepperoni armed pajama perp apocalypse was thwarted, not even in the driveway.  Fortunately, Justin and Justmark didn't mind missing “shoot, shovel and shut up” because doin's were to be discussed: a positive word or three about hybrid automotive technology, the growing dumbness of nanny tech in cars, Eneos sneg for fun and kitchen, Van Café and LaRue for edible freebies, and Dude Food ala dove and grilled sirloin from Omaha Steaks. Don't forget the sauce: Led Zeppelin, free televisions, Gold Camp Road, apocalypse booze and getaway vehicles, some guns, historical eclipses, more electric car fails, and Chuck Norris.

47e6GvjL4in5Zy5vVHMb9PQtGXQAcFvWSCQn2fuwDYZoZRk3oFjefr51WBNDGG9EjF1YDavg7pwGDFSAVWC5K42CBcLLv5U OR DONATE HERE: www.monerotalk.live/donate or get Monerotopia24 tickets here: monerotopia.com Monerotopia 2023 - El Dinero de la Gente May 5 - May7 in Mexico City! We had AMAZING Speakers lined up: freedom seekers on a mission to build out a true digital cash parallel economy outside of State control. Speakers: Amir Taaki (British-Iranian Anarchist Revolutionary, Hacktivist, and Programmer) Links: https://twitter.com/AmirTaakiDEV Watch on YouTube (https://youtu.be/Hm6nY7k5kbM) TELEGRAM: https://t.me/monerotopia MATRIX: https://matrix.to/#/%23monerotopia%3Amonero.social MoneroTopia23 Confer Vids: ODY: https://odysee.com/@MoneroTalk:8/Monerotopia23:8 TY: https://youtube.com/playlist?list=PLfJ_JjSwYaa810CWboNcPX7cY-JYEWo-4 A SUPER Thank you to CakeWallet.com and Monero.com for being the Main Stage Sponsor! https://twitter.com/cakewallet https://twitter.com/monerocom ITUNES: https://apple.co/34W7FVp SPOTIFY: https://spoti.fi/2t1y9b4 STITCHER: https://bit.ly/2tUcIck ODYSEE: https://bit.ly/3bMaFtE WEBSITE: https://www..Monerotopia.com CONTACT: monerotopia@protonmail.com Mastedon: @Monerotopia@mastodon.social TWITTER: https://twitter.com/monerotopia INSTAGRAM: https://www.instagram.com/monerotopia/ DOUGLAS: https://twitter.com/douglastuman SUNITA: https://twitter.com/sunchakr

Pascal Geenens from Radware joins us to discuss the latest research findings relating to hacktivists an other actors using volumetric and other network-based attacks. We'll discuss everything from the current state of DDoS attacks to use in the military and even the impact of cyberattacks on popular culture! You can find the report Pascal mentions here, on Radware's website: https://www.radware.com/threat-analysis-report/ In this week's news segment, we discuss the lack of funding announcements, and the potential effect RSA could have on the timing of all sorts of press releases. We also discuss 1Password's potential future with its sizable customer base and the $620M it raised a few years back. Some other topics we discuss: NIST CSF 2.0 insider threats Ivanti Pulse Secure's appliance software found to be running positively ancient software (11 year old Linux distro, 5-20+ year old libraries & components) Nevada AG trying to get messaging decrypted for children, to "protect them" Kelly Shortridge's response to CISA's secure development RFI OpenAI's new GenAI video product, Sora and the potential impact it could have on cybersecurity Instacart spews out crappy AI recipes and photos Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-351

Pascal Geenens from Radware joins us to discuss the latest research findings relating to hacktivists an other actors using volumetric and other network-based attacks. We'll discuss everything from the current state of DDoS attacks to use in the military and even the impact of cyberattacks on popular culture! You can find the report Pascal mentions here, on Radware's website: https://www.radware.com/threat-analysis-report/ In this week's news segment, we discuss the lack of funding announcements, and the potential effect RSA could have on the timing of all sorts of press releases. We also discuss 1Password's potential future with its sizable customer base and the $620M it raised a few years back. Some other topics we discuss: NIST CSF 2.0 insider threats Ivanti Pulse Secure's appliance software found to be running positively ancient software (11 year old Linux distro, 5-20+ year old libraries & components) Nevada AG trying to get messaging decrypted for children, to "protect them" Kelly Shortridge's response to CISA's secure development RFI OpenAI's new GenAI video product, Sora and the potential impact it could have on cybersecurity Instacart spews out crappy AI recipes and photos Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-351

Pascal Geenens from Radware joins us to discuss the latest research findings relating to hacktivists an other actors using volumetric and other network-based attacks. We'll discuss everything from the current state of DDoS attacks to use in the military and even the impact of cyberattacks on popular culture! You can find the report Pascal mentions here, on Radware's website: https://www.radware.com/threat-analysis-report/ Show Notes: https://securityweekly.com/esw-351

We take a look at the part of the Israel-Hamas war that is harder to see – the battle raging in cyberspace. Hacktivists are joining forces with Iran-backed operators to target victims with gossamer connections to Israel.

BGP attack disrupts Internet service. Data breach law firm breached. Remcos RAT returns. Poison packages in the PyPI repository. Hacktivist personae and GRU fronts. BreachForums impresario re-arrested. Cyber National Mission Force gets a new leader. On our Solution Spotlight, Simone Petrella talks with ISC2 CEO Clar Rosso about putting a dent in the cybersecurity workforce gap. LinkedIn as a dating platform? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella talks with ISC2 CEO Clar Rosso about putting a dent in the cybersecurity workforce gap through empowerment, breaking down barriers and expanding Diversity, Equity and Inclusion (DE&I) initiatives. Selected Reading BGP attack disrupts Internet service. Pirated Zeppelin ransomware source code for sale in a C2C souk. BreachForums impresario re-arrested. (CyberWire) Hacker hijacks Orange Spain RIPE account to cause BGP havoc (Bleeping Computer) RIPE Account Hacking Leads to Major Internet Outage at Orange Spain (SecurityWeek) Law firm that handles data breaches was hit by data breach (TechCrunch) UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT (The Hacker News) EXPERTS FOUND 3 MALICIOUS PACKAGES HIDING CRYPTO MINERS IN PYPI REPOSITORY (SecurityAffairs) BreachForums administrator detained after violating parole (The Record) Russian hackers wiped thousands of systems in KyivStar attack (Bleeping Computer) US military's Cyber National Mission Force gets a new chief (The Record) The Hottest New Dating Site: LinkedIn (Business Insider) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Iran-linked hackers claim responsibility for a cyber attack on a small town's water supply. Sources describe Mike Pence's conversations with federal investigators. And a deep-pocketed donor group backs Nikki Haley over Donald Trump. Learn more about your ad choices. Visit megaphone.fm/adchoices

Iranian hacktivists claim an attack on a Pennsylvania water utility. North Korea's increased attention to supply-chains. Rhysida's action against British and Chinese targets. Sandworm activity puts European power utilities on alert. Neanderthals and the Telekopye bot. Mirai-based botnet activity. Our guest is Chris Betz, the new CISO of AWS Security, with insights on the upcoming AWS re:Invent conference. And just how easy is it to track the comings and goings at Mar-a-Lago? CyberWire Guest Our guest today is Chris Betz, the new CISO of AWS Security giving us some insight into what to expect at the AWS re:Invent conference. You can connect with Chris on LinkedIn and find out more about AWS re:Invent on the event website. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/224 Selected Reading Municipal Water Authority of Aliquippa hacked by Iranian-backed cyber group (KDKA News) Iranian-linked cyber army had partial control of Aliquippa water system (Beaver Countian) Cyber Av3ngers Claim Israeli MEKOROT National Water Company Hack (Cyberwarzone) A hack in hand is worth two in the bush (Securelist by Kaspersky) Diamond Sleet supply chain compromise distributes a modified CyberLink installer (Microsoft) UK and Republic of Korea issue warning about DPRK state-linked cyber actors attacking software supply chains (National Cyber Security Centre) Rhysida (SentinelOne) Rhysida, the new ransomware gang behind British Library cyber-attack (The Guardian) RHYSIDA RANSOMWARE GANG CLAIMED CHINA ENERGY HACK (Security Affairs) #StopRansomware: Rhysida Ransomware (CISA) Russia continuing cyberthreats against NATO countries (Defence Industry Europe) Europe's grid is under a cyberattack deluge, industry warns (Politico) Telekopye: Chamber of Neanderthals' secrets (ESET) InfectedSlurs Botnet Spreads Mirai via Zero-Days (Akamai) We Spied on Trump's ‘Southern White House' From Our Couches (Rolling Stone)

The Hamas-Israel war continues to be marked by hacktivism. Arid Viper's exploitation of Arabic speaker's Android devices. Iran shows improved cyberespionage capabilities. A URL shortener in the C2C market. Taking down the Mozi botnet. Ransomware in healthcare. Two are Russians arrested on treason charges, accused of hacking for Ukraine. In our sponsored Industry Voices segment, Anna Belak from Sysdig shares a new threat framework for the cloud. Rick Howard previews his new online course on cyber security first principles. And no, Russia hasn't really replaced its currency with Arctic Ocean gastropods. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/209 Selected reading. ‘Hacktivists' join the front lines in Israel-Hamas war (C4ISRNet)  The global cyber divide between Gaza and Israel - IT-Online (IT-Online) Arid Viper disguising mobile spyware as updates for non-malicious Android applications (Cisco Talos Blog) In Cyberattacks, Iran Shows Signs of Improved Hacking Capabilities (New York Times) FBI ‘keeping a close eye' on Iranian hackers as Israel-Hamas war intensifies (Record) Why Iran Is Gambling on Hamas (Foreign Affairs) To Aid and Abet: Prolific Puma Helps Cybercriminals Evade Detection (Infoblox Blog) Who killed Mozi? Finally putting the IoT zombie botnet in its grave (ESET) The State of Ransomware in Healthcare 2023 (Sophos) Russian security service detains two hackers allegedly working for Ukraine (Record)  Pro-Ukraine group says it breached Russian card payment system (Record)  Learn more about your ad choices. Visit megaphone.fm/adchoices

Teaching AI to misbehave. Ransomware's effect on healthcare downtime. Two reports on the state of cybersecurity in the financial services sector. Possible connections between Hamas and Quds Force. Ukrainian cyber authorities report a rise in privateering Smokeloader attacks. Russian hacktivist auxiliaries strike Czech targets. My conversation with Sherrod DeGrippo, host of The Microsoft Threat Intelligence Podcast. Jay Bhalodia from Microsoft Federal shares insights on multi-cloud security. And Winter Vivern exploits a mail service 0-day. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/204 Selected reading. AI vs. human deceit: Unravelling the new age of phishing tactics (Security Intelligence) Ransomware attacks on US healthcare organizations cost $20.8bn in 2020 (Comparitech)  Cyberattack at 5 southwestern Ontario hospitals leaves patients awaiting care (CBC News)  State of Security for Financial Services (Swimlane) Veracode Reveals Automation and Training Are Key Drivers of Software Security for Financial Services (Business Wire) Hamas' online infrastructure reveals ties to Iran APT, researchers say (CSO Online)  Hamas Application Infrastructure Reveals Possible Overlap With TAG-63 and Iranian Threat Activity | Recorded Future (Recorded Future) Ukraine cyber officials warn of a ‘surge' in Smokeloader attacks on financial, government entities (Record)  Bloomberg: Russia steps up cyberattacks to disrupt Ukraine's key services (Euromaidan)  Pro-Russia group behind today's mass cyberattack against Czech institutions (Expats.cz) Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers (We Live Security) Learn more about your ad choices. Visit megaphone.fm/adchoices

Okta discloses a data exposure incident. Cisco works to fix a zero-day. DPRK threat actors pose as IT workers. The Five Eyes warn of AI-enabled Chinese espionage. Job posting as phishbait. The risk of first-party fraud. Hacktivists trouble humanitarian organizations with nuisance attacks. Content moderation during wartime. Malek Ben Salem of Accenture describes code models. Our guest is Joe Oregon from CISA, discussing the tabletop exercise that CISA, the NFL, and local partners conducted in preparation for the next Super BowI. And the International Criminal Court confirms that it's sustained a cyberespionage incident. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/202 Selected reading. Okta says hackers used stolen credentials to view customer files (Record) Cisco discloses new IOS XE zero-day exploited to deploy malware implant (BleepingComputer) Additional Guidance on the Democratic People's Republic of Korea Information Technology Workers (IC3) A stern glance from all Five Eyes. (CyberWire)  DarkGate malware campaign (WithSecure)  The Fraud Next Door: First-Party Fraud Runs Rampant in America (PR Newswire) Cyberattacks Intensify on Israeli and Palestinian Human Rights Groups (Wall Street Journal)  Israel's burial society website comes under cyberattack (Jerusalem Post)  Sheba Medical Center Hit by Cyber Attack (Jewish Press)  Health Ministry disconnects the remote connection of several hospitals following cyber attack (Jerusalem Post) EU asks Meta, TikTok to account for their response to Israel-Hamas disinformation (Record)  Pro-Palestinian creators use secret spellings, code words to evade social media algorithms (Washington Post)  Web Summit CEO resigns after comments on Israel-Hamas conflict (Reuters)  YouTube is Autogenerating Videos for Songs Advocating the Expulsion of Muslims from India (bellingcat)  Palestinians Claim Social Media 'Censorship' Is Endangering Lives (WIRED)  International Criminal Court says cyberattack was attempted espionage (TechCrunch)  War crimes tribunal says September cyberattack was act of espionage (Record)  International Criminal Court investigating “unprecedented” cyberattack (Cybernews)  Learn more about your ad choices. Visit megaphone.fm/adchoices

Hamas and Israel exchange accusations in a hospital strike. Using Gazan cell data to develop intelligence, and using hostages' devices to spread fear. Black Basta ransomware is out and about, again. Qubitstrike is a newly discovered cryptojacking campaign. Preparing for post-quantum security. Tim Starks from the Washington Post looks at one US Senator's ability to gum up cyber legislation. In the Learning Layer, N2K's Sam Meisenberg explores the challenges and best practices of rolling out a large-scale corporate re-skilling program. And attention people of Pompei: that volcano alert is bogus. Probably. Learning Layer. On this segment of Learning Layer, N2K's Sam Meisenberg is joined by Phil, an N2K client who leads Talent Development at a large telecommunication company. They discuss the challenges and best practices of rolling out a large-scale corporate re-skilling program, including increasing learner engagement, accountability, and the importance of internal talent development and recognition. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/199 Selected reading. Blast kills hundreds at Gaza hospital; Hamas and Israel trade blame, as Biden heads to Mideast (AP News) In deadly day for Gaza, hospital strike kills hundreds (Reuters)  Hacktivist attacks against Israeli websites mirror attacks following Russian invasion of Ukraine (ComputerWeekly.com)  Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict (Infosecurity Magazine)  Israel-Hamas war illuminates trouble with political hacking groups (Axios)  ISRAEL GAZA CONFLICT : THE CYBER PERSPECTIVE (CYFIRMA)  Tracking Cellphone Data by Neighborhood, Israel Gauges Gaza Evacuation (New York Times)  Hamas Hijacked Victims' Social Media Accounts to Spread Terror (New York Times) TV advertising sales giant affected by ransomware attack (Record) Chilean government warns of Black Basta ransomware attacks after customs incident (Record) Qubitstrike - An Emerging Malware Campaign Targeting Jupyter Notebooks (Cado Security) DigiCert Global Study: Preparing for a Safe Post-Quantum Computing Future (DigiCert)  SpyNote Android malware spreads via fake volcano eruption alerts (BleepingComputer)  Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacktivists join both sides of Hamas's renewed war. Disinformation and content control in social media. Storm-0062 exploits an Atlassian 0-day. Curl and Libcurl vulnerabilities. Betsy Carmelite from Booz Allen on how to expand and diversify the Cyber Talent Pool. Our guest is Kuldip Mohanty, CIO of North Dakota. And some further reflections on hacktivism and the laws of war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/195 Selected reading. False Alarm of Hezbollah Aircraft Infiltration Underlines Israeli Concern of Multi-Front War (FDD) Israel-Hamas conflict extends to cyberspace (CSO Online) Hamas-Israel Cyber War Escalates: What We Know So Far (Technopedia)  Israeli Cyber Companies Rally as Digital, Physical Assaults Continue (Wall Street Journal)  X promises 'highest level' response on posts about Israel-Hamas war. Misinformation still flourishes (AP News)  Europe gives Mark Zuckerberg 24 hours to respond about Israel-Hamas conflict and election misinformation (CNBC) Elon Musk Is Shitposting His Way Through the Israel-Hamas War (WIRED) Facebook video of Biden prompts probe into Meta content policy (Financial Times)  MIDDLE EAST : A CYBER ARMS RACE (CYFIRMA)  Storm0062 exploits Atlassian 0-day. (CyberWire) Curl and Libcurl vulnerabilities. (CyberWire) Ukraine at D+595: Sabotage in the Baltic Sea. (CyberWire) A Hacktivist Code of Conduct May Be Too Little Too Late (OODA Loop) Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's show Patrick Gray and Lina Lau discuss the week's security news. They cover: Microsoft has killed VBScript Google to make passkeys the new default sign-in method MGM losses to exceed $100m Clorox has a bad quarter Why a bug in cURL could be really bad news Much, much more This week's show is brought to you by KSOC. Jimmy Mesta, KSOC's co-founder and CTO, is this week's sponsor guest. He talks to us about how we can start applying real, actual IAM to Kubernetes environments. Show notes Deprecated features in the Windows client - What's new in Windows | Microsoft Learn Google Makes Passkeys Default, Stepping Up Its Push to Kill Passwords | WIRED AWS kicks off cloud race to mandate MFA by default | Cybersecurity Dive MGM Resorts' Las Vegas area operations to take $100M hit from cyberattack | Cybersecurity Dive Clorox warns of quarterly loss related to August cyberattack, production delays | Cybersecurity Dive Blackbaud agrees to $49.5 million settlement with AGs of nearly all 50 states Cybercrime gangs now deploying ransomware within 24 hours of hacking victims Microsoft: Human-operated ransomware attacks tripled over past year Ukraine, Israel, South Korea top list of most-targeted countries for cyberattacks Microsoft: State-backed hackers grow in sophistication, aggressiveness | CyberScoop 67 X accounts spread coordinated Israel-Hamas disinformation: report John Hultquist

On this week's show Patrick Gray and Lina Lau discuss the week's security news. They cover: Microsoft has killed VBScript Google to make passkeys the new default sign-in method MGM losses to exceed $100m Clorox has a bad quarter Why a bug in cURL could be really bad news Much, much more This week's show is brought to you by KSOC. Jimmy Mesta, KSOC's co-founder and CTO, is this week's sponsor guest. He talks to us about how we can start applying real, actual IAM to Kubernetes environments. Show notes Deprecated features in the Windows client - What's new in Windows | Microsoft Learn Google Makes Passkeys Default, Stepping Up Its Push to Kill Passwords | WIRED AWS kicks off cloud race to mandate MFA by default | Cybersecurity Dive MGM Resorts' Las Vegas area operations to take $100M hit from cyberattack | Cybersecurity Dive Clorox warns of quarterly loss related to August cyberattack, production delays | Cybersecurity Dive Blackbaud agrees to $49.5 million settlement with AGs of nearly all 50 states Cybercrime gangs now deploying ransomware within 24 hours of hacking victims Microsoft: Human-operated ransomware attacks tripled over past year Ukraine, Israel, South Korea top list of most-targeted countries for cyberattacks Microsoft: State-backed hackers grow in sophistication, aggressiveness | CyberScoop 67 X accounts spread coordinated Israel-Hamas disinformation: report John Hultquist

NSA and CISA release a list of the ten most common misconfigurations along with Identity and access management guidelines. The Predator Files. Cyber cooperation between Russia and North Korea. Hacktivist auxiliaries hit Australia. Hacktivists and hacktivist auxiliaries scorn the application of international humanitarian law. The direction of Russian cyber operations. Dave Bittner speaks with Andrea Little Limbago from Interos to talk about geopolitics, cyber and the C-suite. Rick Howard talks with John Hultquist, Chief Analyst at Mandiant, at the mWISE 2023 Cybersecurity Conference about cyber threat intelligence. And, finally, adventures in catphishing: “LoveGPT.” For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/192 Selected reading. NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations (Cybersecurity and Infrastructure Security Agency CISA) CISA and NSA Release New Guidance on Identity and Access Management (Cybersecurity and Infrastructure Security Agency CISA) Microsoft Digital Defense Report 2023 (Microsoft) Predator Files | EIC (European Investigative Collaborations) Meet the ‘Predator Files,' the latest investigative project looking into spyware (Washington Post) NORTH KOREA–RUSSIA SUMMIT : A NEW ALLIANCE IN CYBERSPACE? - CYFIRMA (CYFIRMA)  Australia's home affairs department hit by DDoS attack claimed by pro-Russia hackers (the Guardian)  Pro-Russia hacktivist group targets Australian government agencies over support for Ukraine (Cyberdaily.au)  Home Affairs, Administrative Appeals Tribunal websites hit by cyber attacks (SBS News)  ‘War has no rules': Hacktivists scorn Red Cross' new guidelines (Record)  Espionage fuels global cyberattacks (Microsoft On the Issues)  LoveGPT: How “single ladies” looking for your data upped their game with ChatGPT (Avast Threat Labs) Learn more about your ad choices. Visit megaphone.fm/adchoices

China deploys tools used against Uyghurs in broader espionage. The Five Eyes call out a GRU cyberespionage campaign. Russian hacktivist auxiliaries hit Czech banks and the platform formerly known as Twitter. A Spring-Kafka zero-day is discovered. Deepen Desai from Zscaler explains RedEnergy Stealer-as-a-Ransomware attacks. Luke Nelson of UHY Consulting on ransomware's impact on schools. And, hey, go Wolverines: the University of Michigan overcomes a cyberattack that delayed the academic year. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/166 Selected reading. BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps (We Live Security)  Earth Estries Targets Government, Tech for Cyberespionage (Trend Micro)  Infamous Chisel Malware Analysis Report (Cybersecurity and Infrastructure Security Agency CISA) UK and allies support Ukraine calling out Russia's GRU for new malware campaign (NCSC)  Hackers Attack Czech Banks, Demanding End of Support For Ukraine (Brno Daily)  More Russian attacks on Czech banks: Hackers call for end of support to Ukraine (Expats.cz) Anonymous Sudan hacks X to put pressure on Elon Musk over Starlink (BBC News)  Contrast Assess uncovers Spring-Kafka deserialization zero day (Contrast Security) U. Michigan restores campus internet after cyberattack disrupts first week of classes (EdScoop) Internet restored on University of Michigan campus, ongoing issues still expected (mlive) University of Michigan isn't disclosing details of internet outage cyberattack (Detroit Free Press) Expert weighs in on school cyberattacks as University of Michigan makes progress on internet outages (CBS News) Learn more about your ad choices. Visit megaphone.fm/adchoices

Telekopye and the rise of commodified phishing kits. Lazarus Group fields new malware. Implications of China's campaign against vulnerable Barracuda appliances. Abhubllka ransomware's targeting and low extortion demands. Malek Ben Salem of Accenture outlines generative AI Implications to spam detection. Jeff Welgan, Chief Learning Officer at N2K Networks, unpacks the NICE framework and strategic workforce intelligence. And a new hacktivist group emerges, and takes a particular interest in NATO members. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/162 Selected reading. eBay Users Beware Russian 'Telekopye' Telegram Phishing Bot (Dark Reading) Telekopye: Hunting Mammoths using Telegram bot (ESET) Lazarus Group's infrastructure reuse leads to discovery of new malware (Cisco Talos Blog)  FBI fingers China for attacks on Barracuda email appliances (Register) Suspected PRC Cyber ActorsContinue to Globally Exploit Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) (FBI) Identifying ADHUBLLKA Ransomware: LOLKEK, BIT, OBZ, U2K, TZW Variants (Netenrich) Ransomware ecosystem targeting individuals, small firms remains robust (Record)  Ransomware With an Identity Crisis Targets Small Businesses, Individuals (Dark Reading)  Hacking group KittenSec claims to 'pwn anything we see' to expose corruption (CyberScoop) Learn more about your ad choices. Visit megaphone.fm/adchoices

Open Bullet malware is seen in the wild. Threat actors exploit a Salesforce vulnerability for phishing. BlueCharlie (that's Russia's FSB) shakes up its infrastructure. Midnight Blizzard (and that's Russia's SVR) uses targeted social engineering. How NoName057(16) moved on to Spanish targets. Robert M. Lee from Dragos shares his reaction to the White House's national cybersecurity strategy. Our guest Raj Ananthanpillai of Trua warns against oversharing with ChatGPT. And NSA releases guidance on hardening Cisco next-generation firewalls. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/147 Selected reading. No Honour Amongst Thieves: A New OpenBullet Malware Campaign (Kasada) “PhishForce” — Vulnerability Uncovered in Salesforce's Email Services Exploited for Phishing… (Medium) Hackers exploited Salesforce zero-day in Facebook phishing attack (BleepingComputer) Hackers exploit Salesforce email zero-day for Facebook phishing campaign (Computing)  Russia-based hackers building new attack infrastructure to stay ahead of public reporting (Record)  Midnight Blizzard conducts targeted social engineering over Microsoft Teams (Microsoft Security)  Unraveling Russian Multi-Sector DDoS Attacks Across Spain (Radware) Pro-Russian Hackers Claim Cyberattacks on Italian Banks (MarketWatch)  NSA Releases Guide to Harden Cisco Next Generation Firewalls (National Security Agency/Central Security Service) Cisco Firepower Hardening Guide (US National Security Agency)

The Lazarus Group targets developers. Threat actors target the banking sector with fake LinkedIn profiles and open source supply chain attacks. Vulnerabilities reported in OpenMeetings. HTML smuggling is sold in the C2C market. Johannes Ullrich from SANS describes attacks against niche web apps. Our guest is Damir Brecic of Inversion6 discussing the privacy and security concerns of Meta's new Threads app. And Romania's SVR reports a pattern of Russian cyberattacks. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/138 Selected reading. GitHub warns of Lazarus hackers targeting devs with malicious projects (BleepingComputer) Cyberattack on GitHub customers linked to North Korean hackers, Microsoft says (Record) Security alert: social engineering campaign targets technology industry employees (The GitHub Blog) First Known Targeted OSS Supply Chain Attacks Against the Banking Sector (Checkmarx) A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State (Sonar)  Fresh Phish: HTML Smuggling Made Easy, Thanks to a New Dark Web Phish Kit (INKY)  KillNet Showcases New Capabilities While Repeating Older Tactics (Mandiant). Pro-Russian hacktivists increase focus on Western targets. The latest is OnlyFans. (CyberScoop). Anonymous Sudan DDoS strikes dominate attacks by KillNet collective (SC Media) Romanian Intelligence General: All Russian secret services attempted cyber attacks against Romania (ACTMedia)