Podcasts about infosec

YARA-X 1.14.0 Release https://isc.sans.edu/diary/YARA-X%201.14.0%20Release/32774 INTERPLAY BETWEEN IRANIAN TARGETING OF IP CAMERAS AND PHYSICAL WARFARE IN THE MIDDLE EAST https://research.checkpoint.com/2026/interplay-between-iranian-targeting-of-ip-cameras-and-physical-warfare-in-the-middle-east/ Announcing the Node.js LTS Upgrade and Modernization Program https://openjsf.org/blog/nodejs-lts-upgrade-program nginx UI Vulnerability https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-g9w5-qffc-6762

Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary] https://isc.sans.edu/diary/Differentiating%20Between%20a%20Targeted%20Intrusion%20and%20an%20Automated%20Opportunistic%20Scanning%20%5BGuest%20Diary%5D/32768 CVE-2026-29000: Critical Authentication Bypass in pac4j-jwt - Using Only a Public Key (CVSS 10) https://www.codeant.ai/security-research/pac4j-jwt-authentication-bypass-public-key FreeScout Help Desk Vulnerability https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-mw88-x7j3-74vc Microsoft Authenticator Not Supported on Graphene OS https://www.heise.de/en/news/GrapheneOS-Microsoft-Authenticator-does-not-support-secure-Android-OS-11200495.html

Want More XWorm? https://isc.sans.edu/diary/Want%20More%20XWorm%3F/32766 Cisco Secure Firewall Management Center Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2 LastPass Phishing https://www.securityweek.com/lastpass-users-targeted-with-backup-themed-phishing-emails/

The Unsecurity Podcast returns with a truly joyful conversation with FRecure's own Jo Moldenhauer.Jo, an Associate Information Security Consultant, is famous around the FRSecure office for her weekly security news reviews, where she meticulously compiles articles and talking points for a company-wide discussion around industry trends and snapshots.And this couldn't have been easy to do. Jo's path to InfoSec is a recent and unique one—transitioning from dealing blackjack at casinos after most of them ceased operations during the COVID-19 pandemic. You can see how being tasked with leading a discussion to 75+ industry pros like this as a relative newcomer could be challenging—but Jo simply crushes it.In this episode, learn about:Non-traditional information security career pathsWhat makes "good" InfoSec newsWhy talking about industry news is important to FRSecure (and beyond)How vCISO engagements and risk assessments guide talking pointsThe Gaming (casino) and InfoSec industry Venn Diagram (and what they can learn from each other)User and security awareness training, culture, and incentive ideasLike, subscribe, and share with your network to stay informed about the latest in cyber and information security!We want to hear from you! Reach out at unsecurity@frsecure.com and follow us for more:LinkedIn: https://www.linkedin.com/company/frsecure/Instagram: https://www.instagram.com/frsecureofficial/Facebook: https://www.facebook.com/frsecure/BlueSky: https://bsky.app/profile/frsecure.bsky.socialAbout FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start or looking for a team of experts to collaborate with you, we are ready to serve.

Send a textAlthough discussing the military activities currently taking place in Iran runs the risk or bringing up polarizing political views, the cybersecurity realities simply can't be ignored. And they absolutely have to be discussed. One of these realities is that Iran has a legacy of supporting organizations involved with cyberattacks on networks, infrastructure and companies in Israel and the United States. Companies that utilize industrial control systems. Companies like yours. In light of current events, there is absolutely no question that these groups will escalate their efforts. Although the bombs are falling thousands of miles beyond U.S. borders, know that U.S. manufacturing is a primary target. Historically, many of the groups carrying out these types of cyberattacks were hacktivists or outliers, operating independent of any government or country. They followed their own agenda in realizing personal or political goals. However, as highlighted by the war in Ukraine, these groups have begun to pick sides. They're embracing financial support from nation states and successfully executing attacks meant to shut down, steal data, extort money and/or disrupt critical production or infrastructure operations – regardless of size, sector or location. Thankfully, there are also guys like our guest for today's episode. JP Castellanos is the Director of Threat Intelligence at Binary Defense. Watch/listen as he discusses:The evolving hacktivist community and what recent events could mean for industrial cybersecurity.How manufacturers can prepare and respond to an inevitable uptick in attacks.How IT/OT silos perpetuate these attacks and make manufacturing a more lucrative and appealing target.The motives and operational strategies of state-sponsored Iranian hacker groups.The soft spots in your defenses that these groups take advantage of in targeting the industrial sector.The simple solutions that can have far-reaching and extremely positive impacts on your defenses.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Bruteforce Scans for CrushFTP https://isc.sans.edu/diary/Bruteforce%20Scans%20for%20CrushFTP%20/32762 Android March 2026 Patches, including 0-Day (CVE-2026-21385) https://source.android.com/docs/security/bulletin/2026/2026-03-01 OAuth redirection abuse enables phishing and malware delivery https://www.microsoft.com/en-us/security/blog/2026/03/02/oauth-redirection-abuse-enables-phishing-malware-delivery/

Send a textMaking Data Simple dives into the world of data security with Josh Scott, CISO and VP of Security at Hydrolix — a real-time data platform built for massive scale. Josh unpacks critical challenges like AI adoption, cybersecurity priorities, and how organizations can harness data to stay ahead, all while keeping performance high and costs down.01:02 Investing 04:25 Meet Josh Scott 10:54 Adopting AI Safely 14:42 What IS a CISO? 17:14 What Keeps a CISO Up at Night? 19:11 Using AI for Security 20:47 Two Phones? 21:36 Password Sharing 23:03 CISO Prioritization 27:39 Signal From Noise 29:29 Leadership Style 32:27 The Crystal BallLinkedIn: https://www.linkedin.com/in/joshuascott/ Website: https://www.hydrolix.io/#MakingDataSimple #DataSecurity #Cybersecurity #CISO #AIAdoption #AIAndSecurity #Hydrolix #RealTimeData #DataPlatform #InfoSec #CyberLeadership #TechPodcast #Leadership #BigData #AI #DataPrivacy #CloudSecurity #SignalVsNoiseWant to be featured as a guest on Making Data Simple? Reach out to us at almartintalksdata@gmail.com and tell us why you should be next. The Making Data Simple Podcast is hosted by Al Martin, WW VP Technical Sales, IBM, where we explore trending technologies, business innovation, and leadership ... while keeping it simple & fun.

Send a textMaking Data Simple dives into the world of data security with Josh Scott, CISO and VP of Security at Hydrolix — a real-time data platform built for massive scale. Josh unpacks critical challenges like AI adoption, cybersecurity priorities, and how organizations can harness data to stay ahead, all while keeping performance high and costs down.01:02 Investing 04:25 Meet Josh Scott 10:54 Adopting AI Safely 14:42 What IS a CISO? 17:14 What Keeps a CISO Up at Night? 19:11 Using AI for Security 20:47 Two Phones? 21:36 Password Sharing 23:03 CISO Prioritization 27:39 Signal From Noise 29:29 Leadership Style 32:27 The Crystal BallLinkedIn: https://www.linkedin.com/in/joshuascott/ Website: https://www.hydrolix.io/#MakingDataSimple #DataSecurity #Cybersecurity #CISO #AIAdoption #AIAndSecurity #Hydrolix #RealTimeData #DataPlatform #InfoSec #CyberLeadership #TechPodcast #Leadership #BigData #AI #DataPrivacy #CloudSecurity #SignalVsNoiseWant to be featured as a guest on Making Data Simple? Reach out to us at almartintalksdata@gmail.com and tell us why you should be next. The Making Data Simple Podcast is hosted by Al Martin, WW VP Technical Sales, IBM, where we explore trending technologies, business innovation, and leadership ... while keeping it simple & fun.

As foundation models, including large language models and multimodal models, are increasingly deployed in complex and high-stakes settings, ensuring their safety has become more important than ever. In this talk, I present a probabilistic perspective on AI safety: safety risks are treated as structured distributions to be discovered and controlled, rather than isolated failures to be patched. I first introduce probabilistic red-teaming methods that characterize distributions of failures, revealing systematic safety risks that standard evaluation often misses. I then describe probabilistic defense methods that control model behavior during deployment by adaptively steering generation toward constraint-aligned distributions. By unifying failure discovery and behavior control under a probabilistic perspective, this talk highlights a distributional approach for understanding and managing safety risks in foundation models. About the speaker: Ruqi Zhang is an Assistant Professor in the Department of Computer Science at Purdue University. Her research focuses on probabilistic machine learning, generative modeling, and trustworthy AI. Prior to joining Purdue, she was a postdoctoral researcher at the Institute for Foundations of Machine Learning (IFML) at the University of Texas at Austin. She received her Ph.D. from Cornell University. Dr. Zhang has been a key organizer of the Symposium on Probabilistic Machine Learning. She has served as an Area Chair and Editor for ML conferences and journals, including ICML, NeurIPS, ICLR, AISTATS, UAI, and TMLR. Her contributions have been recognized with several honors, including AAAI New Faculty Highlights, Amazon Research Award, Spotlight Rising Star in Data Science, Seed for Success Acorn Award, and Ross-Lynn Research Scholar.

Quick Howto: ZIP Files Inside RTF https://isc.sans.edu/diary/Quick+Howto+ZIP+Files+Inside+RTF/32696/#comments Keeping the Internet fast and secure: introducing Merkle Tree Certificates https://blog.cloudflare.com/bootstrap-mtc/ Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel https://unit42.paloaltonetworks.com/gemini-live-in-chrome-hijacking/

In this episode of the @Endace, Packet Forensic Files, Michael Morris chats with Andrew Cook, CTO of Recon InfoSec and host of the Thursday Defensive Podcast about Incident Investigation and Response, and Threat Hunting . Andrew has a wealth of experience in high-pressure cyberdefense environments and shares some of the key lessons he's learned along the way, as well as passing some great advice.This episode is a must-listen for cybersecurity professionals who want to learn more about the latest incident response and threat hunting tips, tools and techniques.ABOUT ENDACE *****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. EndaceProbes are deployed on some of the world's largest, fastest and most critical networks. EndaceProbe models are available for on-premise, private cloud and public cloud deployments - delivering complete hybrid cloud visibility from a single pane-of-glass.Endace's open EndaceProbe Analytics appliances (https://www.endace.com/endaceprobe) can be deployed in on-premise locations and can also host third-party security and performance monitoring solutions while simultaneously recording a 100% accurate history of network activity.

Fake Fedex Email Delivers Donuts! https://isc.sans.edu/diary/Fake%20Fedex%20Email%20Delivers%20Donuts!/32754 Abusing .ARPA: The TLD that isn t supposed to host anything https://www.infoblox.com/blog/threat-intelligence/abusing-arpa-the-tld-that-isnt-supposed-to-host-anything/ MC1179154 - Microsoft Authenticator app: Upcoming changes to jailbreak and root detection https://mc.merill.net/message/MC1179154 SECURITY BULLETIN: Apex One and Apex One (Mac) - February 2026 https://success.trendmicro.com/en-US/solution/KA-0022458 Special Webcast: AirSnitch How Worried Should You Be? https://www.sans.org/webcasts/airsnitch-how-worried-should-you-be

Finding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary] https://isc.sans.edu/diary/Finding%20Signal%20in%20the%20Noise%3A%20Lessons%20Learned%20Running%20a%20Honeypot%20with%20AI%20Assistance%20%5BGuest%20Diary%5D/32744 Google API Keys Weren't Secrets. But then Gemini Changed the Rules. https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks https://www.ndss-symposium.org/ndss-paper/airsnitch-demystifying-and-breaking-client-isolation-in-wi-fi-networks/

Are we already living in the age of super-intelligence, or are we just scratching the surface? In this episode, we break down the three fundamental levels of AI: Artificial Narrow Intelligence (ANI), Artificial General Intelligence (AGI), and Artificial Super Intelligence (ASI).We explore why today's most advanced tools, like ChatGPT, Gemini, and Claude, are still firmly in the "Narrow" category, representing only 20% of human cognitive capacity. We also discuss the "Data Decline" crisis, where authentic human data is being outpaced by AI-generated content, and what that means for the future of AGI. Whether you're a tech enthusiast or an Infosec professional, this episode will help you categorize, evaluate, and ultimately decide which AI tools are worth your trust.

The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary] https://isc.sans.edu/diary/The+CLAIR+Model+A+Synthesized+Conceptual+Framework+for+Mapping+Critical+Infrastructure+Interdependencies+Guest+Diary/32748 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability CVE-2026-20127 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk https://blog.talosintelligence.com/uat-8616-sd-wan/ Abusing Cortex XDR Live https://labs.infoguard.ch/posts/abusing_cortex_xdr_live_response_as_c2/ OpenSSL Vulnerability CVE-2025-15467 https://seclists.org/oss-sec/2026/q1/220

Open Redirects: A Forgotten Vulnerability? https://isc.sans.edu/diary/Open%20Redirects%3A%20A%20Forgotten%20Vulnerability%3F/32742 Goodbye innerHTML, Hello setHTML: Stronger XSS Protection in Firefox 148 https://hacks.mozilla.org/2026/02/goodbye-innerhtml-hello-sethtml-stronger-xss-protection-in-firefox-148/ More telnetd issues https://seclists.org/oss-sec/2026/q1/199

Many organizations adopt security frameworks but struggle to turn them into day-to-day operations that reduce risk without slowing delivery. This talk presents a practical operating model that pairs ISO/IEC 27001 (as the certifiable management system that runs governance, risk management, internal audit, and continual improvement) with NIST Cybersecurity Framework 2.0 (as the outcome-focused "dashboard" for aligning security priorities to business objectives and communicating posture to leaders). Attendees will see how to translate business goals into CSF 2.0 current and target profiles, convert those profiles into ISO 27001 objectives and control ownership, and design "evidence by default" workflows that reduce audit fire drills. The session will include real-world design patterns (paved roads, tiered decision rights, exception handling with expiry, and control health metrics) and highlight where assurance programs often drift into "control theater." The goal is a repeatable approach that both practitioners and researchers can critique, improve, and apply. About the speaker: Danny Vukobratovich is a Sr. IT Security Analyst at Purdue University, where he manages Purdue IT's ISO program spanning ISO/IEC 27001 (information security), ISO 9001 (quality management), and ISO/IEC 20000-1 (IT service management). He also oversees Purdue IT's business continuity and disaster recovery planning, with an emphasis on building resilient, auditable operating models that support research and administrative missions. Danny's professional focus is translating risk and governance into practical mechanisms, including clear decision rights, "evidence by design," and metrics that measure control health rather than control presence. His background includes security risk assessments, incident response, monitoring and logging, identity and access management, and standards-based audits across diverse environments. Danny holds the CISSP, ISO/IEC 27001:2022 Lead Implementer, and ITIL 4 Strategic Leader certifications, and an M.S. in Cybersecurity Management.

Another day, another malicious JPEG https://isc.sans.edu/diary/Another%20day%2C%20another%20malicious%20JPEG/32738 Calibre Path Traversal Leading to Arbitrary File Write and Potentially Code Execution CVE-2026-26064 CVE-2026-26065 https://github.com/kovidgoyal/calibre/security/advisories/GHSA-72ch-3hqc-pgmp https://github.com/kovidgoyal/calibre/security/advisories/GHSA-vmfh-7mr7-pp2w CVE-2026-25755: PDF Object Injection in jsPDF (addJS Method) https://github.com/ZeroXJacks/CVEs/blob/main/2026/CVE-2026-25755.md Roundcube Webmail Exploited CVE-2025-49113 https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10 https://www.openwall.com/lists/oss-security/2025/06/02/3

Japanese-Language Phishing Emails https://isc.sans.edu/diary/Japanese-Language%20Phishing%20Emails/32734 'God-Like' Attack Machines: AI Agents Ignore Security Policies https://www.darkreading.com/application-security/ai-agents-ignore-security-policies Starkiller: New Phishing Framework Proxies Real Login Pages to Bypass MFA https://abnormal.ai/blog/starkiller-phishing-kit

It's our 10TH ANNIVERSARY! In this episode of Security Noise, we react to some significant developments in InfoSec, including Microsoft's integration of Sysmon into Windows. We are joined by TrustedSec Founder and CEO David Kennedy to celebrate a decade of our podcast and talk about the early years. As we reminisce, Skyler digs through the archives and pulls up some old clips to see how TrustedSec has evolved in the cybersecurity space over the years. Lastly, but not leastly, we are joined by Senior Security Consultant Kelsey Segrue as she gives her analysis on the U.S. Government's newly-conquered control over TikTok and we discuss the future of social media platforms. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources.

In this episode, the crew dives into reports that Palo Alto Networks allegedly avoided directly attributing a threat campaign to China over fears of retaliation—sparking a broader debate about corporate and government threat attribution, geopolitics, and whether attribution still matters in today's cyber landscape.They also explore the escalating AI arms race, including Meta's aggressive (and expensive) talent poaching, the growing rivalry between OpenAI and Anthropic, and what it all means for the future of the industry.Rounding out the episode, the team discusses the unintended consequences of the AI boom—like global hardware shortages stretching beyond GPUs to hard drives—and examines emerging prompt injection attack techniques, highlighting real-world examples and the growing security risks surrounding AI-powered tools.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

Under the Hood of DynoWiper https://isc.sans.edu/diary/Under%20the%20Hood%20of%20DynoWiper/32730 Vibe Password Generation: Predictable by Design https://www.irregular.com/publications/vibe-password-generation Vulnerabilities (CVE-2025-65715, CVE-2025-65716, CVE-2025-65717) in four popular IDE Extensions https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/ Grandstream GXP1600 VoIP Phones https://www.rapid7.com/blog/post/ve-cve-2026-2329-critical-unauthenticated-stack-buffer-overflow-in-grandstream-gxp1600-voip-phones-fixed/

This episode of the InfoSec Beat podcast focuses on careers in information security. Accenture CISO Kris Burkhardt talks with Dan Cosceari, the delivery lead for the Accenture Client Data Protection program, which helps internal teams treat client data properly and manage information security risk. Dan sees client data protection through customers' eyes. This customer-first mindset started in his restaurant days in New York City, and it drives how Dan protects client data today. Hear how he puts this into practice, advocates across the organization, and stays ahead of technology and regulatory changes.

Tracking Malware Campaigns With Reused Material https://isc.sans.edu/diary/Tracking%20Malware%20Campaigns%20With%20Reused%20Material/32726 From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day Windows Admin Center Elevation of Privilege Vulnerability CVE-2026-26119 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119 DNS-PERSIST-01: A New Model for DNS-based Challenge Validation https://letsencrypt.org/2026/02/18/dns-persist-01.html Defending Web Apps https://www.sans.org/cyber-security-courses/application-security-securing-web-apps-api-microservices

Fake Incident Report Used in Phishing Campaign https://isc.sans.edu/diary/Fake%20Incident%20Report%20Used%20in%20Phishing%20Campaign/32722 Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets https://securelist.com/keenadu-android-backdoor/118913/ CVE-2026-25903: Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates https://seclists.org/oss-sec/2026/q1/166 The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time https://unit42.paloaltonetworks.com/real-time-malicious-javascript-through-llms/ Encrypted RCS in iOS/iPadOS https://developer.apple.com/documentation/ios-ipados-release-notes/ios-ipados-26_4-release-notes

Live from Wild West Hackin' Fest Denver 2026, the Black Hills Information Security crew brings their signature mix of sharp security insight and off-the-cuff banter to a packed in-person audience. This episode centers on a controversial Notepad update that introduced Markdown rendering—along with a potential remote code execution (RCE) issue. The hosts unpack what this says about modern software bloat, “vibe coding,” and the growing push to embed AI into everything—whether it belongs there or not. They also explore the implications of Discord's Age verification requirements, AI-generated code, including OpenAI's latest Codex model, and debate whether we're headed toward a wave of AI-assisted vulnerabilities.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

Deepfake voice technology is rapidly advancing, but how well do current detection systems handle differences in language and writing style? Most existing work focuses on robustness to acoustic variations such as background noise or compression, while largely overlooking how linguistic variation shapes both deepfake generation and detection. Yet language matters: psycholinguistic features such as sentence structure, complexity, and word choice influence how models synthesize speech, which in turn affects how detectors score and flag audio. In this talk,  we will ask questions such as: "If we change the way a person writes, while keeping their voice the same, will a deepfake detector still reach the same decision?" and "Are some text-to-speech and voice cloning models more vulnerable to shifts in writing style than others?" We will then discuss implications for designing robust deepfake voice detectors and for advancing more trustworthy speech AI in an era of increasingly synthetic media. About the speaker:  Thai Le is an Assistant Professor of Computer Science at the Indiana University's Luddy School of Informatics, Computing, and Engineering. He obtained his doctoral degree from the college of Information Science and Technology at the Pennsylvania State University with an Excellent Research Award and a DAAD Fellowship. His research focuses on the trustworthiness of AI/ML models, with a mission to enhance the robustness, safety, and transparency of AI technology in various sociotechnical contexts. Le has published nearly 50 peer-reviewed research works with two best paper presentation awards. He is a pioneer in collecting and investigating so-called text perturbations in the wild, which has been utilized by users and researchers worldwide to study and understand effects of humans' adversarial behaviors on their daily usage with AI/ML models. His works have also been featured in ScienceDaily, DefenseOne, and Engineering and Technology Magazine.

2026 64-Bits Malware Trend https://isc.sans.edu/diary/2026%2064-Bits%20Malware%20Trend/32718 A Comparative Security Analysis of Three Cloud-based Password Managers https://zkae.io Infostealer Infection Targeting OpenClaw Configurations https://www.infostealers.com/article/hudson-rock-identifies-real-world-infostealer-infection-targeting-openclaw-configurations/

AI-Powered Knowledge Graph Generator & APTs https://isc.sans.edu/diary/AI-Powered%20Knowledge%20Graph%20Generator%20%26%20APTs/32712 nslookup and ClickFix https://x.com/MsftSecIntel/status/2022456612120629742 Google Chrome 0-Day Patch https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html TURN Security Threats https://www.enablesecurity.com/blog/turn-server-security-threats/

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris Hadnagy is joined by Josten Pena for an in-depth discussion on cognitive biases and their impact on cybersecurity. Together, they explore how inherent mental shortcuts can increase susceptibility to social engineering attacks. The conversation emphasizes the importance of recognizing and owning these biases, rather than trying to eliminate them, and highlights practical mitigation strategies like hands-on training and fostering critical thinking. [Feb 16, 2026]  00:00 – Intro 00:47 – Meet the Co-Host: Josten Pena  01:38 – Intro Links: Social-Engineer.com - http://www.social-engineer.com/    Offensive Security Vishing Services - https://www.social-engineer.com/offensive-security/vishing/   Offensive Security SMiShing Services - https://www.social-engineer.com/offensive-security/smishing/   Offensive Security Phishing Services - https://www.social-engineer.com/offensive-security/smishing/   Call Back Phishing - https://www.social-engineer.com/offensive-security/call-back-phishing/   Adversarial Simulation Services - https://www.social-engineer.com/offensive-security/adversarial-simulation/   Social Engineering Risk Assessments - https://www.social-engineer.com/offensive-security/social-engineering-risk-assessment/   Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb   CLUTCH - http://www.pro-rock.com/   02:26 – Innocent Lives Foundation & Music 03:36 – Diving into Cognitive Bias 06:42 – Cognitive Bias in Cybersecurity 09:26 – Real-World Examples & Practical Solutions 18:59 – Recap, Final Thoughts & Outro www.social-engineer.com www.innocentlivesfoundation.org 

Four Seconds to Botnet - Analyzing a Self-Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary] https://isc.sans.edu/diary/Four%20Seconds%20to%20Botnet%20-%20Analyzing%20a%20Self%20Propagating%20SSH%20Worm%20with%20Cryptographically%20Signed%20C2%20%5BGuest%20Diary%5D/32708 OpenSSH Update on MacOS https://www.openssh.org/releasenotes.html Employee Monitoring and SimpleHelp Software Abused in Ransomware Operations https://www.huntress.com/blog/employee-monitoring-simplehelp-abused-in-ransomware-operations

WSL in the Malware Ecosystem https://isc.sans.edu/diary/32704 Apple Patches Everything: February 2026 https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20February%202026/32706 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html

Microsoft Patch Tuesday - February 2026 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20February%202026/32700 Refreshing the root of trust https://blogs.windows.com/windowsexperience/2026/02/10/refreshing-the-root-of-trust-industry-collaboration-on-secure-boot-certificate-updates/ Fake 7-Zip downloads are turning home PCs into proxy nodes https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes FortiNet Vulnerabilities https://fortiguard.fortinet.com/psirt/FG-IR-25-093 https://fortiguard.fortinet.com/psirt/FG-IR-25-1052

Quick Howto: Extract URLs from RTF files https://isc.sans.edu/diary/Quick%20Howto%3A%20Extract%20URLs%20from%20RTF%20files/32692 German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists German: https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html English: https://www.verfassungsschutz.de/SharedDocs/publikationen/DE/praevention_wirtschafts-und_wissenschaftsschutz/2026-02-06-gemeinsame-warnmitteilung-phishing.pdf?__blob=publicationFile&v=3 Someone Knows Bash Far Too Well, And We Love It - Pre-Auth RCEs https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/ Pre-Auth RCE in BeyondTrust Remote Support & PRA CVE-2026-1731 https://www.hacktron.ai/blog/cve-2026-1731-beyondtrust-remote-support-rce https://www.beyondtrust.com/trust-center/security-advisories/bt26-02 Fortinet FortiClientEMS SQLi in the administrative interface https://fortiguard.fortinet.com/psirt/FG-IR-25-1142

None of Your Goddamn BusinessJohn Morgan Salomon said something during our conversation that I haven't stopped thinking about. We were discussing encryption, privacy laws, the usual terrain — and he cut through all of it with five words: "It's none of your goddamn business."Not elegant. Not diplomatic. But exactly right.John has spent 30 years in information security. He's Swiss, lives in Spain, advises governments and startups, and uses his real name on social media despite spending his career thinking about privacy. When someone like that tells you he's worried, you should probably pay attention.The immediate concern is something called "Chat Control" — a proposed EU law that would mandate access to encrypted communications on your phone. It's failed twice. It's now in its third iteration. The Danish Information Commissioner is pushing it. Germany and Poland are resisting. The European Parliament is next.The justification is familiar: child abuse materials, terrorism, drug trafficking. These are the straw man arguments that appear every time someone wants to break encryption. And John walked me through the pattern: tragedy strikes, laws pass in the emotional fervor, and those laws never go away. The Patriot Act. RIPA in the UK. The Clipper Chip the FBI tried to push in the 1990s. Same playbook, different decade.Here's the rhetorical trap: "Do you support terrorism? Do you support child abuse?" There's only one acceptable answer. And once you give it, you've already conceded the frame. You're now arguing about implementation rather than principle.But the principle matters. John calls it the panopticon — the Victorian-era prison design where all cells face inward toward a central guard tower. No walls. Total visibility. The transparent citizen. If you can see what everyone is doing, you can spot evil early. That's the theory.The reality is different. Once you build the infrastructure to monitor everyone, the question becomes: who decides what "evil" looks like? Child pornographers, sure. Terrorists, obviously. But what about LGBTQ individuals in countries where their existence is criminalized? John told me about visiting Chile in 2006, where his gay neighbor could only hold his partner's hand inside a hidden bar. That was a democracy. It was also a place where being yourself was punishable by prison.The targets expand. They always do. Catholics in 1960s America. Migrants today. Anyone who thinks differently from whoever holds power at any given moment. These laws don't just catch criminals — they set precedents. And precedents outlive the people who set them.John made another point that landed hard: the privacy we've already lost probably isn't coming back. Supermarket loyalty cards. Surveillance cameras. Social media profiles. Cookie consent dialogs we click through without reading. That version of privacy is dead. But there's another kind — the kind that prevents all that ambient data from being weaponized against you as an individual. The kind that stops your encrypted messages from becoming evidence of thought crimes. That privacy still exists. For now.Technology won't save us. John was clear about that. Neither will it destroy us. Technology is just an element in a much larger equation that includes human nature, greed, apathy, and the willingness of citizens to actually engage. He sent emails to 40 Spanish members of European Parliament about Chat Control. One responded.That's the real problem. Not the law. Not the technology. The apathy.Republic comes from "res publica" — the thing of the people. Benjamin Franklin supposedly said it best: "A republic, if you can keep it." Keeping it requires attention. Requires understanding what's at stake. Requires saying, when necessary: this is none of your goddamn business.Stay curious. Stay Human. Subscribe to the podcast. And if you have thoughts, drop them in the comments — I actually read them.Marco CiappelliSubscribe to the Redefining Society and Technology podcast. Stay curious. Stay human.> https://www.linkedin.com/newsletters/7079849705156870144/Marco Ciappelli: https://www.marcociappelli.com/John Salomon Experienced, international information security leader. vCISO, board & startup advisor, strategist.https://www.linkedin.com/in/johnsalomon/  Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Microsoft Patches Four Azure Vulnerabilities (three critical) https://msrc.microsoft.com/update-guide/vulnerability Evaluating and mitigating the growing risk of LLM-discovered 0-days https://red.anthropic.com/2026/zero-days/ Gitlab AI Gateway Vulnerability CVE-2026-1868 https://about.gitlab.com/releases/2026/02/06/patch-release-gitlab-ai-gateway-18-8-1-released/

Watch the full episode on our YouTube channel: youtube.com/@mreapodcastThis might be the most practical conversation we've ever had about artificial intelligence.We're joined by Geoff Woods, former architect behind The ONE Thing and author of the No. 1 bestselling book, The AI-Driven Leader. Geoff isn't here to talk about better emails or faster busywork. He's here to show us how AI can elevate the one skill that separates top performers from everyone else: strategic thinking.Geoff walks us through how to use AI as a true thought partner, not a shortcut. We unpack the CRIT framework — context, role, interview, task — and show how agents can apply it immediately to lead generation, decision-making, financial reviews, meetings, and even leadership development.We also dig into why most people are using AI the wrong way, how to focus on the 20 percent that drives real results, and why mastering your mindset will always beat chasing the latest tech feature.If you've felt overwhelmed, skeptical, or unsure where AI fits into your business, this episode gives you a clear starting point and a powerful path forward.Resources:Read: The AI-Driven Leader by Geoff WoodsRead: The ONE Thing by Gary Keller and Jay PapasanOrder the Millionaire Real Estate Agent Playbook | Volume 3Connect with Jason:LinkedinProduced by NOVAThis podcast is for general informational purposes only. The views, thoughts, and opinions of the guest represent those of the guest and not  Keller Williams Realty, LLC and its affiliates, and should not be construed as financial, economic, legal, tax, or other advice. This podcast is provided without any warranty, or guarantee of its accuracy, completeness, timeliness, or results from using the information.WARNING! You must comply with the TCPA and any other federal, state or local laws, including for B2B calls and texts. Never call or text a number on any Do Not Call list, and do not use an autodialer or artificial voice or prerecorded messages without proper consent. Contact your attorney to ensure your compliance.Any text or materials generated by artificial intelligence (AI) should be reviewed for accuracy and reliability as there may be errors, omissions, or inaccuracies. The use of generative AI is subject to limitations, including the availability and quality of the training data used to train the AI model used. Users should exercise caution and independently verify any information or output generated by the AI system utilized and should apply their own judgment and critical thinking when interpreting and utilizing the outputs of generative AI. Do not input confidential financial or proprietary information into any AI tool unless it provides a secure, isolated environment. This includes a robust InfoSec infrastructure and guarantees from the provider that your data is used exclusively for your purposes and is not used to train the model or shared with others.

Broken Phishing URLs https://isc.sans.edu/diary/Broken+Phishing+URLs/32686/ n8n command injection vulnerability https://github.com/n8n-io/n8n/security/advisories/GHSA-6cqr-8cfr-67f8 Android February Update https://source.android.com/docs/security/bulletin/pixel/2026/2026-02-01?hl=en Watchguard Firebox LDAP Injection https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00001

Malicious Script Delivering More Maliciousness https://isc.sans.edu/diary/Malicious+Script+Delivering+More+Maliciousness/32682 Synectix LAN 232 TRIO Unauthenticated Web Admin CVE-2026-1633 https://www.cisa.gov/news-events/ics-advisories/icsa-26-034-04 Google Chrome Patches https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem) https://www.tenable.com/blog/google-looker-vulnerabilities-rce-internal-access-lookout

Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

Detecting and Monitoring OpenClaw (clawdbot, moltbot) https://isc.sans.edu/diary.html/Detecting+and+Monitoring+OpenClaw+%28clawdbot%2C+moltbot%29/32678/#comment Synology telnetd Patch https://www.synology.com/en-us/releaseNote/DSM GlassWorm Loader Hits Open VSX via Developer Account Compromise https://socket.dev/blog/glassworm-loader-hits-open-vsx-via-suspected-developer-account-compromise

Scanning for exposed Anthropic Models https://isc.sans.edu/diary/Scanning%20for%20exposed%20Anthropic%20Models/32674 Notepad++ Hijacked by State-Sponsored Hackers https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/ https://notepad-plus-plus.org/news/hijacked-incident-info-update/ Insecure Websockets in OpenClaw https://zeropath.com/blog/openclaw-clawdbot-credential-theft-vulnerability Malicious OpenClaw Skills https://www.koi.ai/blog/clawhavoc-341-malicious-clawedbot-skills-found-by-the-bot-they-were-targeting Exposed OpenClaw Instances https://censys.com/blog/openclaw-in-the-wild-mapping-the-public-exposure-of-a-viral-ai-assistant

Google Presentation Abuse https://isc.sans.edu/diary/Google+Presentations+Abused+for+Phishing/32668/ Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US Microsoft NTLM Strategy https://techcommunity.microsoft.com/blog/windows-itpro-blog/advancing-windows-security-disabling-ntlm-by-default/4489526

No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network Google dismantled the IPIDEA network that used residential proxies to route malicious traffic. https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network Fake Clawdbot VS Code Extension Installs ScreenConnect RAT The news about Clawdbot (now Moltbot) is used to distribute malware, in particular malicious VS Code extensions. https://www.aikido.dev/blog/fake-clawdbot-vscode-extension-malware Threat Bulletin: Critical eScan Supply Chain Compromise Anti-virus vendor eScan was compromised, and its update servers were used to install malware on some customer systems. https://www.morphisec.com/blog/critical-escan-threat-bulletin/

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop? We are seeing attempts to attack CVE-2026-21962, a recent weblog vulnerability, using a non-working AI slop exploit https://isc.sans.edu/diary/Odd%20WebLogic%20Request.%20Possible%20CVE-2026-21962%20Exploit%20Attempt%20or%20AI%20Slop%3F/32662 Fortinet Patches are Rolling Out Fortinet is starting to roll out patches for the recent SSO vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-060 SolarWinds Web Helpdesk Vulnerability Another set of vulnerabilities in SolarWinds Web Helpdesk may result in unauthenticated system access https://horizon3.ai/attack-research/cve-2025-40551-another-solarwinds-web-help-desk-deserialization-issue/

Initial Stages of Romance Scams [Guest Diary] Romance scams often start with random text messages that appear to be misrouted . This guest diary by Faris Azhari is following some of the initial stages of such a scam. https://isc.sans.edu/diary/Initial%20Stages%20of%20Romance%20Scams%20%5BGuest%20Diary%5D/32650 Denial of Service Vulnerabilities in React Server Components Another folowup fix for the severe React vulnerability from last year, but now only fixing a DoS condition. https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg OpenSSL Updates OpenSSL released its monthly updates, fixing a potential RCE. https://openssl-library.org/news/vulnerabilities/ Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission Many Kubernetes Helm Charts are vulnerable to possible remote code executions due to unclear defined access controls. https://grahamhelton.com/blog/nodes-proxy-rce

Scanning Webserver with pwd as a Starting Path Attackers are adding the output of the pwd command to their web scans. https://isc.sans.edu/diary/x/32654 Microsoft Office Security Feature Bypass Vulnerability CVE-2026-21509 Microsoft released an out-of-band patch for Office fixing a currently exploited vulnerability. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509 Exposed Clawdbot Instances Many users of the AI tool clawdbot expose instances without access control. https://x.com/theonejvo/status/2015485025266098536

Analysis of Single Sign-On Abuse on FortiOS Fortinet released an advisory. FortiOS devices are vulnerable if configured with any SAML integration, not just FortiCloud https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios Outlook OOB Update Microsoft released a non-security OOB Update for Outlook, fixing an issue introduced with this months security patches. https://support.microsoft.com/en-us/topic/january-24-2026-kb5078127-os-builds-26200-7628-and-26100-7628-out-of-band-cf5777f6-bb4e-4adb-b9cd-2b64df577491 VMware vCenter Server Vulnerabilities Exploited (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) A VMWare vCenter vulnerability patched last June is now actively exploited. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453