Podcasts about Ivanti

In this episode of the Wise Decision Maker Show, Dr. Gleb Tsipursky speaks to Brooke Johnson, Chief Legal Counsel, Ivanti, who talks about what her company did when employees were displaced by Gen AI.You can learn about Ivanti at https://www.ivanti.com/

CISA braces for widespread staffing cuts. Russian hackers target a Western military mission in Ukraine. China acknowledges Volt Typhoon. The U.S. signs on to global spyware restrictions. A lab supporting Planned Parenthood confirms a data breach. Threat actors steal metadata from unsecured Amazon EC2 instances. A critical WordPress plugin vulnerability is under active exploitation. A new analysis details a critical unauthenticated remote code execution flaw affecting Ivanti products. Joining us today is Johannes Ullrich, Dean of Research at SANS Technology Institute, with his take on "Vibe Security." Does AI understand, and does that ultimately matter?  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joining us today is Johannes Ullrich, Dean of Research at SANS Technology Institute, discussing "Vibe Security," similar to “Vibe Coding” where security teams overly rely on AI to do their job. Selected Reading Trump administration planning major workforce cuts at CISA (The Record) Cybersecurity industry falls silent as Trump turns ire on SentinelOne (Reuters) Russian hackers attack Western military mission using malicious drive (Bleeping Computer) China Admitted to US That It Conducted Volt Typhoon Attacks: Report (SecurityWeek) US to sign Pall Mall pact aimed at countering spyware abuses (The Record) US lab testing provider exposed health data of 1.6 million people (Bleeping Computer) Amazon EC2 instance metadata targeted in SSRF attacks (SC Media) Vulnerability in OttoKit WordPress Plugin Exploited in the Wild (SecurityWeek) Ivanti 0-day RCE Vulnerability Exploitation Details Disclosed (Cyber Security News) Experts Debate: Do AI Chatbots Truly Understand? (IEEE Spectrum) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Treasury's OCC reports a major email breach. Patch Tuesday updates. A critical vulnerability in AWS Systems Manager (SSM) Agent allowed attackers to execute arbitrary code with root privileges.  Experts urge Congress to keep strict export controls to help slow China's progress in AI. A critical bug in WhatsApp for Windows allows malicious code execution.CISA adds multiple advisories on actively exploited vulnerabilities. Insider threat allegations rock a major Maryland medical center. Microsoft's Ann Johnson from Afternoon Cyber Tea is joined by Jack Rhysider, the creator and host of the acclaimed podcast Darknet Diaries. Feds Aim to Rewrite Social Security Code in Record Time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In this episode of Afternoon Cyber Tea, Ann Johnson is joined by Jack Rhysider, the creator and host of the acclaimed podcast Darknet Diaries. You can hear the full conversation here. Be sure to catch new episodes of Afternoon Cyber Tea every other Tuesday on N2K CyberWIre and your favorite podcast app.  Selected Reading Treasury's OCC Says Hackers Had Access to 150,000 Emails (SecurityWeek) Microsoft Fixes Over 130 CVEs in April Patch Tuesday (Infosecurity Magazine) Vulnerabilities Patched by Ivanti, VMware, Zoom (SecurityWeek) Fortinet Patches Critical FortiSwitch Vulnerability (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider (SecurityWeek) AWS Systems Manager Plugin Vulnerability Let Attackers Execute Arbitrary Code (Cyber Security News) Tech experts recommend full steam ahead on US export controls for AI (CyberScoop) Don't open that file in WhatsApp for Windows just yet (The Register) CISA Warns of Microsoft Windows CLFS Vulnerability Exploited in Wild (Cyber Security News) CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days (SecurityWeek) Pharmacist accused of spying on women using work, home cams (The Register) DOGE Plans to Rebuild SSA Code Base in Months, Risking Benefits and System Collapse (WIRED)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Half a century is a long time for an IT business, and Microsoft is justified in making a lot of noise to celebrate its fiftieth anniversary. The celebration brought together three Microsoft CEOs: Gates, Balmer, and Nadella. Microsoft CoPilot isn't quite as old as the company, but it was still at the center of the celebrations. Many Microsoft products have come and gone over fifty years. Is CoPilot going to be one of the keepers? This and more on the Tech Field Day News Rundown. Time Stamps: 0:00 - Welcome to the Rundown1:20 - NVIDIA AI Servers Immune to US Tariffs4:14 - Ivanti Hardware Hacked by Chinese Group7:42 - Oracle Cloud Admits Breach12:07 - Juniper Networks and Palo Alto Products are Being Probed15:55 - IBM launches the AI Mainframe20:05 - HPE Announces Aruba Central VPC Options24:32 - Microsoft Turns Fifty33:09 - The Weeks Ahead35:42 - Thanks for WatchingFollow our hosts ⁠⁠⁠Tom Hollingsworth⁠⁠⁠, ⁠⁠⁠Alastair Cooke⁠⁠⁠, and ⁠⁠⁠Stephen Foskett⁠⁠⁠. Follow Tech Field Day ⁠⁠⁠on LinkedIn⁠⁠⁠, on ⁠⁠⁠X/Twitter⁠⁠⁠, on ⁠⁠⁠Bluesky⁠⁠⁠, and on ⁠⁠⁠Mastodon⁠⁠⁠. #TFDRundown, #Cybersecurity, #AI, #CoPilot, #Mainframe, @Microsoft, @NVIDIA, @Ivanti, @Oracle, @OracleCloud, @JuniperNetworks, @PaloAltoNtwrks, @IBM, @HPE, @NetworkingNerd, @DemitasseNZ, @TechFieldDay, @TheFuturumGroup,

AI Doomsday, Hot Robots, Google, palo Alto, Ivanti, CrushFTP, AI, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-465

AI Doomsday, Hot Robots, Google, palo Alto, Ivanti, CrushFTP, AI, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-465

Send us a textGet up to speed with everything that mattered in cybersecurity this month. In this episode of The Cyberman Show, we break down March 2025's top cyber incidents, threat actor tactics, security product launches, and vulnerabilities actively exploited in the wild.Here's what we cover:

President Trump fires the head of NSA and Cyber Command. The Health Sector Coordinating Council asks the White House to abandon Biden-era security updates. Senators introduce bipartisan legislation to help fight money laundering. A critical vulnerability has been discovered in the Apache Parquet Java library. The State Bar of Texas reports a ransomware-related data breach. New Android spyware uses a password-protected uninstallation method. A Chinese state-backed threat group exploits a critical Ivanti vulnerability for remote code execution. Today's guest is Dave Dewalt, Founder and CEO of NightDragon, with the latest trends and outlook from cyber leaders.  Malware masquerades as the tax man. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest is Dave Dewalt, Founder and CEO of NightDragon, sharing 2024 trends and a 2025 outlook. Selected Reading Haugh fired from leadership of NSA, Cyber Command (The Record) Defense Sec Hegseth in Signalgate Pentagon watchdog probe (The Register) HSCC Urges White House to Shift Gears on Health Cyber Regs (BankInfo Security) Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering (The Record) Critical Apache Parquet RCE Vulnerability Lets Attackers Run Malicious Code (Cyber Security News) State Bar of Texas Says Personal Information Stolen in Ransomware Attack (SecurityWeek) New Android Spyware That Asks Password From Users to Uninstall (TechCrunch) Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw (Infosecurity Magazine) Hackers Leveraging URL Shorteners & QR Codes for Tax-Related Phishing Attacks (Microsoft) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive Using frequency analysis, and training the model with honeypot data as well as log data from legitimate websites allows for a fairly simple and reliable triage of web server logs to identify possible malicious activity. https://isc.sans.edu/diary/Exploring%20Statistical%20Measures%20to%20Predict%20URLs%20as%20Legitimate%20or%20Intrusive%20%5BGuest%20Diary%5D/31822 Critical Unexploitable Ivanti Vulnerability Exploited CVE-2025-22457 In February, Ivanti patched CVE-2025-22457. At the time, the vulnerability was not considered to be exploitable. Mandiant now published a blog disclosing that the vulnerability was exploited as soon as mid-march https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ WinRAR MotW Vulnerability CVE-2025-31334 WinRAR patched a vulnerability that would not apply the Mark of the Web correctly if a compressed file included symlinks. This may make it easier to trick a victim into executing code downloaded from a website. https://nvd.nist.gov/vuln/detail/CVE-2025-31334 Microsoft Warns of Tax-Related Scam With the US personal income tax filing deadline only about a week out, Microsoft warns of commonly deployed scams that they are observing related to income tax filings https://www.microsoft.com/en-us/security/blog/2025/04/03/threat-actors-leverage-tax-season-to-deploy-tax-themed-phishing-campaigns/ Oracle Breach Update https://www.bloomberg.com/news/articles/2025-04-02/oracle-tells-clients-of-second-recent-hack-log-in-data-stolen

AI Doomsday, Hot Robots, Google, palo Alto, Ivanti, CrushFTP, AI, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-465

Three Buddy Problem - Episode 41: Costin and Juanito join the show from Black Hat Asia in Singapore. We discuss Bunnie Huang's keynote on hardware supply chains and a classification system to establish a grounded perspective on trust in hardware, Ivanti's misdiagnosis of a critical VPN applicance flaw and Mandiant reporting on a Chinese APT exploiting Ivanti devices. Plus, breaking news on the sudden firing of NSA director and head of Cyber Command Tim Haugh. We also discuss Microsoft touting AI's value in finding open-source bootloader bugs, Silent Push report on a RUssian APT impersonating the CIA, a backdoor in a popular Chinese robot dog, and Chinese dominance of the robotics market. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

AI Doomsday, Hot Robots, Google, palo Alto, Ivanti, CrushFTP, AI, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-465

Referências do EpisódioApril Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457)Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary CodeCritical RCE Vulnerability in Apache Parquet (CVE-2025-30065) – Advisory and AnalysisFast Flux: A National Security ThreatRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Yes, Oracle Health and Oracle Cloud did get hacked The fallout from Signalgate continues North Korean IT workers pivot to Europe Honeypot data suggests a storm is brewing for Palo Alto VPNs Canadian Anon gets arrested for hacking Texas GOP This week's episode is sponsored by Trail of Bits. Tjaden Hess, a Principal Security Engineer at Trail of Bits who specialises in cryptography, joins the show this week to talk about what a responsible crypto-currency exchange cold wallet setup looks like, and … contrasts that with Bybit. This episode is also available on Youtube. Show notes Oracle Health breach compromises patient data at US hospitals FBI probes Oracle hack tied to healthcare extortion: Report - Becker's Hospital Review | Healthcare News & Analysis Oracle Still Denies Breach as Researchers Persist Hacker linked to Oracle Cloud intrusion threatens to sell stolen data | Cybersecurity Dive Publius on X: "

Schrodinger's Television, Lucid, Crocodilus, Wordpress, Ivanti, Oracle, Android, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-464

Schrodinger's Television, Lucid, Crocodilus, Wordpress, Ivanti, Oracle, Android, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-464

Schrodinger's Television, Lucid, Crocodilus, Wordpress, Ivanti, Oracle, Android, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-464

Schrodinger's Television, Lucid, Crocodilus, Wordpress, Ivanti, Oracle, Android, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-464

FBI warns of increase in free online document converter scams Resurge malware exploits Ivanti flaw BlackLock hackers exposed through leak site vulnerability Thanks to today's episode sponsor, Qualys "Overwhelmed by noise in your cybersecurity processes? Cut through the clutter with Qualys Enterprise TruRisk Management. Quantify your cyber risk in clear financial terms and focus on what matters most. Actionable insights help you prioritize critical threats, streamline remediation, and accelerate risk reduction— while effectively communicating impact to stakeholders. Empower your cybersecurity strategy with tools that drive faster, smarter, and more efficient risk management. Your secure future starts today with Qualys Enterprise TruRisk Management. Visit qualys.com/etm for more information." Find the stories behind the headlines at CISOseries.com.

We promised we'd come back with the solutions to all your vulnerability management problems, so here we are. Plus, we're counting down in unranked order *and* starting from #10 on our list, just to keep you on your toes. Ivanti's Chris Goettl and Robert Waters will go through how you can address resource constraints, siloed tools and data, limited attack surface visibility, inaccurate view of exposures and data overload.And stay tuned for the rest of the list next time! Subscribe to our feed so you don't miss it.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)

X-Twitter had multiple waves of outages yesterday. Signal's president warns against agentic AI. A new lawsuit alleges DOGE bypassed critical security safeguards. Is the Five Eyes Alliance fraying? The Minja attack poisons ai memory through user interaction. Researchers report increased activity from the SideWinder APT group. A critical Veritas vulnerability enables remote code execution. A Kansas healthcare provider breach exposes 220,000 patients' data. New York sues Allstate over data exposure in insurance websites. CISA warns of critical Ivanti and VeraCode vulnerabilities. FTC to refund $25.5 million to victims of tech support scams. On our Industry Voices segment, we are joined by Gerald Beuchelt, CISO at Acronis, who is discussing how threat research and intelligence matter to MSPs. The UK celebrates a record-breaking CyberFirst Girls Competition.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Gerald Beuchelt, CISO at Acronis, who is discussing how threat research and intelligence matter to MSPs. Selected Reading Hackers Take Credit for X Cyberattack (SecurityWeek) X users report login troubles as Dark Storm claims cyberattack (Malwarebytes) Signal President Meredith Whittaker calls out agentic AI as having 'profound' security and privacy issues (TechCrunch) Lawsuit Says DOGE Is Ignoring Key Social Security Data Rules (BankInfo Security) As Trump pivots to Russia, allies weigh sharing less intel with U.S. (NBC News) MINJA sneak attack poisons AI models for other chatbot users (The Register) SideWinder APT Group Attacking Military & Government Entities With New Tools (Cyber Security News) Critical Veritas Vulnerability Let Attackers Execute Malicious Code (Cyber Security News) Kansas healthcare provider says more than 220,000 impacted by cyberattack (The Record) Allstate sued for exposing personal info in plaintext (The Register) CISA Urges All Organizations to Patch Exploited Critical Ivanti Vulnerabilities (Infosecurity Magazine) FTC will send $25.5 million to victims of tech support scams (Bleeping Computer) Record Number of Girls Compete in CyberFirst Contest (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Vulnerability management is not for the faint of heart. The pitfalls are many, and odds are you probably have at least one of these issues. Ivanti's Chris Goettl and Robert Waters run down the list of what can get in the way of vulnerability management done well -- from attack surface visibility to data overload and resource constraints -- all with an eye on how those problems can be addressed. (Which we'll have more on next time. We promise.) Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)

On this edition of the Security Weekly News: False Claims Act, Google Cloud PQC, Salt Typhoon, AI in SOC, Ivanti Flaws, ICS, DeFi and more! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-453

On this edition of the Security Weekly News: False Claims Act, Google Cloud PQC, Salt Typhoon, AI in SOC, Ivanti Flaws, ICS, DeFi and more! Show Notes: https://securityweekly.com/swn-453

On this edition of the Security Weekly News: False Claims Act, Google Cloud PQC, Salt Typhoon, AI in SOC, Ivanti Flaws, ICS, DeFi and more! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-453

On this edition of the Security Weekly News: False Claims Act, Google Cloud PQC, Salt Typhoon, AI in SOC, Ivanti Flaws, ICS, DeFi and more! Show Notes: https://securityweekly.com/swn-453

My Very Personal Guidance and Strategies to Protect Network Edge Devices A quick summary to help you secure edge devices. This may be a bit opinionated, but these are the strategies that I find work and are actionable. https://isc.sans.edu/diary/My%20Very%20Personal%20Guidance%20and%20Strategies%20to%20Protect%20Network%20Edge%20Devices/31660 PostgreSQL SQL Injection A followup to yesterday's segment about the PostgreSQL vulnerability. Rapid7 released a Metasploit module to exploit the vulnerability. https://github.com/rapid7/metasploit-framework/pull/19877 Ivanti Connect Secure Exploited The Japanese CERT observed exploitation of January's Connect Secure vulnerability https://blogs.jpcert.or.jp/ja/2025/02/spawnchimera.html WinZip Vulnerability WinZip patched a buffer overflow vulenrability that may be triggered by malicious 7Z files https://www.zerodayinitiative.com/advisories/ZDI-25-047/ Xerox Printer Patch Xerox patched two vulnerabililites in its enterprise multifunction printers that may be exploited for lateral movement. https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox-VersaLinkPhaser-and-WorkCentre.pdf

Tunnel of Love, Kimsuky, Red Mike, Ivanti, Nvidia, C code, Postgre, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-451

Tunnel of Love, Kimsuky, Red Mike, Ivanti, Nvidia, C code, Postgre, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-451

Tunnel of Love, Kimsuky, Red Mike, Ivanti, Nvidia, C code, Postgre, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-451

Is DOGE a cyberattack against America? The White House plans to nominate a new national cyber director. Patch Tuesday updates. Ivanti discloses a critical stack-based buffer overflow vulnerability. The GAO  identifies cybersecurity gaps in the U.S. Coast Guard's efforts to secure the Maritime Transportation System. An Arizona woman pleads guilty to running a laptop farm for North Korea. A notorious swatter gets a prison sentence. Our guests are  Gianna Whitver and Maria Velasquez, co-hosts of the Breaking Through in Cybersecurity Marketing podcast. Plague-themed phishing tests take it too far. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we welcome Gianna Whitver and Maria Velasquez, co-hosts of the Breaking Through in Cybersecurity Marketing podcast, sharing their plans for 2025. You can listen to new episodes of Breaking Through in Cybersecurity Marketing every Wednesday airing on the N2K CyberWire network and wherever you get your podcasts.  Selected Reading DOGE's Cyberattack Against America (Foreign Policy) Trump plans to nominate GOP insider Sean Cairncross as national cyber director (The Record) Microsoft Fixes Another Two Actively Exploited Zero-Days (Infosecurity Magazine) Chipmaker Patch Tuesday: Intel, AMD, Nvidia Fix High-Severity Vulnerabilities (SecurityWeek) ICS Patch Tuesday: Vulnerabilities Addressed by Schneider Electric, Siemens (SecurityWeek) Ivanti Connect Secure Vulnerabilities Let Attackers Execute Code Remotely (Cyber Security News) GAO Tells Coast Guard to Improve Cybersecurity of Maritime Transportation System (SecurityWeek) Arizona woman pleads guilty to running laptop farm for N. Korean IT workers, faces 9-year sentence (The Record) California Teenager Sentenced to 48 Months in Prison for Nationwide Swatting Spree (US Department of Justice) Phishing Tests, the Bane of Work Life, Are Getting Meaner (Wall Street Journal)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

An Ontology for Threats: Cybercrime and Digital Forensic Investigation on Smart City Infrastructure Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow. https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676 North Korean state actor tricking admins into executing PowerShell North Korean state actors are spending quite a bit of effort setting up relationships with South Korean system administrators, culminating in them getting tricked into executing malicious PowerShell scripts. https://x.com/MsftSecIntel/status/1889407814604296490 Wazuh Vulnerability A deserialization vulnerability in Wazuh may lead to an unauthenticated remote code execution vulnerability https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh PAM PKCS11 Vulnerablity Several vulnerabilities in the Linux PAM module processing smart card authentication can be used to bypass authentication https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13 Ivanti Patches Ivanti released its monhtly update, fixing a number of critical vulnerabilities in Connect Secure and other prodcuts https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-861

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Show Notes: https://securityweekly.com/psw-861

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-861

Frequently Asked Questions: Privacy, Security, and the State of Tech (Early 2025)1. What is "SparkCat" and why is it significant?SparkCat is malware discovered hiding in both the Apple App Store and Google Play. It uses optical character recognition (OCR) to scan users' photo galleries for cryptocurrency wallet recovery phrases and uploads them to attacker-controlled servers. Over 242,000 Android users downloaded infected apps. It highlights the evolving sophistication of malware and the need for increased vigilance, even with apps from reputable sources.2. What is the UK government asking Apple to do, and what are the potential implications?The UK government has reportedly ordered Apple to create a backdoor allowing access to encrypted cloud backups of users worldwide, through a technical capability notice under the Investigatory Powers Act. Apple is likely to discontinue its encrypted storage service in the UK rather than compromise user security globally. If Apple complies, it could set a dangerous precedent for other governments to demand similar access, undermining encryption and weakening security for everyone.3. What is the story about the man trying to buy a landfill, and what does it illustrate?A man is trying to buy a landfill to search for a hard drive containing his lost Bitcoin fortune. While seemingly absurd, it illustrates the very real consequences of poor digital asset management and data security. It highlights the permanence (and potential inaccessibility) of digital assets and the lengths people will go to recover them, even resorting to extreme measures.4. Why is the US considering banning the DeepSeek AI app?The US is considering banning the Chinese AI app DeepSeek due to concerns that it collects data for a foreign government (China). The app pumps data to China Mobile unencrypted, and there are close ties between the company and the Chinese military. This aligns with the US government's broader concerns about foreign-owned apps, especially those from China, posing national security risks due to data privacy and potential surveillance.5. What is the massive brute-force attack targeting VPNs, and how can organizations protect themselves?A large-scale brute-force attack is targeting VPN devices from companies like Palo Alto Networks, Ivanti, and SonicWall, utilizing nearly 2.8 million IP addresses. Attackers are attempting to guess usernames and passwords to gain unauthorized access. To protect edge devices, organizations should change default admin passwords to strong, unique ones, enforce multi-factor authentication (MFA), use allowlists of trusted IPs, and disable web admin interfaces if they are not needed, and also ensure VPN software is fully up to date.6. Why is Google's removal of its pledge not to build AI for weapons or surveillance significant?Google's removal of its pledge not to build AI for weapons or surveillance is a concerning development. It suggests a shift in the company's ethical stance and a willingness to potentially engage in activities that could have negative consequences for human rights and global security. It raises questions about the future direction of AI development and the role of tech companies in shaping its use.7. What is "enshittification" and how does it relate to current tech trends?"Enshittification" refers to the gradual decline of online services as they prioritize profits over user experience. This process involves platforms initially offering value to users, then shifting focus to business customers, and finally exploiting both for maximum profit. Examples include Twitter restricting API access, Facebook prioritizing sponsored content, smart TVs becoming data-hungry ad machines, and Google Assistant's diminishing functionality. It reflects a broader trend of tech companies sacrificing user experience for financial gain.

At a time when DE&I initiatives are facing increasing hostility, it's more important than ever to highlight the real value of inclusive hiring. Beyond being the right thing to do, inclusive hiring broadens talent pools, fosters innovation, and ensures that organizations tap into the full spectrum of people's skills and potential. But what does true accessibility in hiring look like, and how can companies create recruitment processes that are genuinely fair for everyone?   My guest this week is Ron Fish, Global Talent Acquisition Leader at Ivanti and a passionate advocate for disability inclusion in the workplace. Ron is at the forefront of championing accessibility not just to comply with regulations but to build environments where everyone can succeed. In the interview, we discuss: How a revelation about the corporate career site accelerated Ron's journey as an advocate for disability inclusion. Optimal work environments work for everyone. How accessibility has massively advanced inclusion and belonging at Ivanti When bias outweighs common sense Focusing on skills and abilities Treating people as individuals rather than labels Accommodations in the hiring process, how simple changes can make a huge difference Why individuals with disabilities might be reluctant to disclose their needs during the recruitment process, and what strategies can address these concerns Shifting the perception of disability to make hiring more inclusive Follow this podcast on Apple Podcasts. Follow this podcast on Spotify.

In this episode of The Two Minute Drill, Drex dives into the groundbreaking release of DeepSeek R1, a Chinese AI reasoning model rivaling OpenAI's O1. Next, CISA and FBI warnings about ongoing exploitation of Ivanti cloud application vulnerabilities. Then, the controversial pardon of Silk Road founder Ross Ulbricht and its implications for cybersecurity.Remember, Stay a Little Paranoid Subscribe: This Week Health Twitter: This Week Health LinkedIn: Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

Ivanti's Chris Goettl and Robert Waters take on four big questions facing cybersecurity today, namely: Who gets the upper hand from AI, cyber adversaries or the legitimate organizations looking to stop them? What's going to win out, Everywhere Work or RTO? Exposure Management: sea change, or passing fad?And what's the bigger security risk, IoT devices or third-party vendors?Listen in for those questions and, if you're listening closely, a few answers too.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)

In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including a hidden backdoor in Juniper routers, PayPal's recent data breach settlement, the exploitation of older Ivanti bugs, the PowerSchool data breach affecting millions, and CISA's new software security recommendations. The conversation emphasizes the importance of proactive … Continue reading Defensive Security Podcast Episode 294 →

Cursive Funk, Microsoft, Ivanti, Sonic Wall, Exchange, PowerSchool, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-445

Three Buddy Problem - Episode 31: Dennis Fisher steps in for Ryan Naraine to moderate discussion on a very busy week in cybersecurity. The cast dig into the wave of big research reports, the disbanding of the Cyber Safety Review Board (CSRB), the ongoing flood of exploits targeting security appliances from Ivanti and SonicWall, and the recent Lumen research on Juniper router backdoors. Plus, the challenges of coordinating disclosures, the tough realities of intelligence work, and the complex landscape of nation-state attacks -- especially around Chinese threat actors and Western defenses. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Dennis Fisher. Ryan Naraine (https://twitter.com/ryanaraine) in on work travel.

In today's episode, we start by talking about the PFSYNC protocol used to synchronize firewall states to support failover. Oracle released it's quarterly critical patch update. ESET is reporting about a critical VPN supply chain attack and CISA released guidance for victims of recent Ivanti related attacks. Catching CARP: Fishing for Firewall States in PFSync Traffic https://isc.sans.edu/diary/Catching%20CARP%3A%20Fishing%20for%20Firewall%20Stat%20es%20in%20PFSync%20Traffic/31616)** Discover how attackers exploit PFSync traffic to manipulate firewall states. This deep dive explores vulnerabilities and mitigation strategies in network defense. Oracle Critical Patch Update January 2025 https://www.oracle.com/security-alerts/cpujan2025.html)** Oracle's January 2025 patch release addresses numerous critical vulnerabilities across their product suite. Learn about key updates and how to secure your systems. PlushDaemon: Compromising the Supply Chain of a Korean VPN Service https://www.welivesecurity.com/en/eset-research/plushdaemon-compromises-supply-chain-korean-vpn-service/ ESET Research uncovers PlushDaemon, a sophisticated supply chain attack targeting a Korean VPN provider. Understand the implications for supply chain security. CISA Cybersecurity Advisory: AA25-022A https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-022a The latest advisory highlights active threats and mitigation strategies for critical infrastructure. Stay ahead with CISA s guidance on emerging cyber risks.

Risky Business returns for its 19th year! Patrick Gray and Adam Boileau discuss the week's cybersecurity news and there is a whole bunch of it. They discuss: The incoming Trump administration guts the CSRB Biden's last cyber Executive Order has sensible things in it China's breach of the US Treasury gets our reluctant admiration Ross Ulbricht - the Dread Pirate Roberts of Silk Road fame - gets his Trump pardon New year, same shameful comedy Forti- and Ivanti- bugs US soldier behind the Snowflake hacks faces charges after a solid Krebs-ing And much, much (much! after a month off) more. This week's episode is sponsored by Sandfly Security, who make a Linux EDR solution. Founder Craig Rowland joins to talk about how the Linux ecosystem struggles with its lack of standardised approaches to detection and response. If you've got a telco full of unix, and people are asking how much Salt Typhoon you've got in there… Sandfly's tools are probably what you're looking for. If you like your Business like us… - Risky - then we're hiring! We're looking for someone to help with audio and video production for our work, manage our socials, and if you're also into the Cybers… even better. Position is remote, with a preference for timezones amenable to Australia/NZ. Drop us a line: editorial at risky.biz. This episode is also available on Youtube. Show notes POLITICO Pro | Article | Acting DHS chief ousts CSRB experts, other department advisers Treasury's sanctions office hacked by Chinese government, officials say Strengthening America's Resilience Against the PRC Cyber Threats | CISA AT&T, Verizon say they evicted Salt Typhoon from their networks Risky Bulletin: Looking at Biden's last cyber executive order - Risky Business Internet-connected devices can now have a label that rates their security | Reuters US sanctions prominent Chinese cyber company for role in Flax Typhoon attacks FCC ‘rip and replace' provision for Chinese tech tops cyber provisions in defense bill CIA nominee tells Senate he, too, wants to go on cyber offense | CyberScoop Trump tells Justice Department not to enforce TikTok ban for 75 days Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices | The Record from Recorded Future News Unpacking WhatsApp's Legal Triumph Over NSO Group | Lawfare Time to check if you ran any of these 33 malicious Chrome extensions Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls - Arctic Wolf Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware Researchers warn of active exploitation of critical Apache Struts 2 flaw DOJ deletes China-linked PlugX malware off more than 4,200 US computers Russian internet provider confirms its network was ‘destroyed' following attack claimed by Ukrainian hackers | The Record from Recorded Future News Ukraine restores state registers after suspected Russian cyberattack | The Record from Recorded Future News Hackers claim to breach Russian state agency managing property, land records | The Record from Recorded Future News U.S. Army Soldier Arrested in AT&T, Verizon Extortions – Krebs on Security

In this episode, we explore the efficient storage of honeypot logs in databases, issues with Citrix's Session Recording Agent and Windows Update. Ivanti is having another interesting security event and our SANS.edu graduate student Rich Green talks about his research on Passkeys. Extracting Practical Observations from Impractical Datasets: A SANS Internet Storm Center diary entry discusses strategies for analyzing complex datasets to derive actionable insights. https://isc.sans.edu/diary/Extracting%20Practical%20Observations%20from%20Impractical%20Datasets/31582 Citrix Session Recording Agent Update Issue: Citrix reports that Microsoft's January security update fails or reverts on machines with the 2411 Session Recording Agent installed, providing guidance on addressing this issue. https://support.citrix.com/s/article/CTX692505-microsofts-january-security-update-failsreverts-on-a-machine-with-2411-session-recording-agent?language=en_US Ivanti Endpoint Manager Security Advisory: Ivanti releases a security advisory for Endpoint Manager versions 2024 and 2022 SU6, detailing vulnerabilities and recommended actions. https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US Revolutionizing Enterprise Security: The Exciting Future of Passkeys Beyond Passwords: A SANS.edu research paper explores the shift from traditional passwords to passkeys, highlighting the benefits and challenges of adopting passwordless authentication methods. https://www.sans.edu/cyber-research/revolutionizing-enterprise-security-exciting-future-passkeys-beyond-passwords/

In today's episode, we cover the latest updates in cybersecurity: Windows Defender Enhances Chrome Extension Detection Microsoft's Defender now catalogs Chrome extensions to identify malicious ones. Learn how this improves enterprise security. https://isc.sans.edu/diary/Windows%20Defender%20Chrome%20Extension%20Detection/31574 Multi-OLE Analysis in Malicious Documents A look at how attackers embed OLE files in Office documents to evade detection and the tools to combat it. https://isc.sans.edu/diary/Multi-OLE/31580 Ivanti Connect Secure RCE Vulnerability (CVE-2025-0282) Details of a critical vulnerability affecting Ivanti products and the patching timelines. https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282/ Apple USB-C Controller Compromised Researchers hacked Apple s ACE3 USB-C controller, highlighting hardware security challenges. https://cybersecuritynews.com/apples-new-usb-c-controller-hacked/ IRS Pushes for IP PIN Enrollment Protect yourself from tax-related identity theft by securing your IP PIN for the 2025 tax season. https://www.irs.gov/newsroom/irs-encourages-all-taxpayers-to-sign-up-for-an-ip-pin-for-the-2025-tax-season

Take a Network Break! We start with serious CVEs for Perl and Ivanti. On the news front, the FCC wants to license spectrum to raise money to help US telcos rip out Chinese network equipment–even though there’s no evidence Chinese equipment led to telco intrusions by Chinese attackers. Verizon boasts of 5.5Gbps download speeds on... Read more »

Take a Network Break! We start with serious CVEs for Perl and Ivanti. On the news front, the FCC wants to license spectrum to raise money to help US telcos rip out Chinese network equipment–even though there’s no evidence Chinese equipment led to telco intrusions by Chinese attackers. Verizon boasts of 5.5Gbps download speeds on... Read more »

In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the dangers of malware disguised as proof of concept code on GitHub, the alarming rise in phishing attacks, the implications of a recent Treasury hack, and the targeted attacks on Ivanti's security products. The conversation emphasizes … Continue reading Defensive Security Podcast Episode 292 →

The Biden administration is finalizing an executive order to bolster U.S. cybersecurity. Ivanti releases emergency updates to address a critical zero-day vulnerability. A critical vulnerability is discovered in Kerio Control firewall software. Palo Alto Networks patches multiple vulnerabilities in its retired migration tool. Fake exploits for Microsoft vulnerabilities lure security researchers. A medical billing company data breach affects over 360,000. A cyberattack disrupts the city of Winston-Salem. CrowdStrike identifies a phishing campaign exploiting its recruitment branding. Our guest is Danny Allen, CTO from Snyk, sharing how a balanced approach between AI and human oversight can strengthen cybersecurity. The worst of the worst from CES.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Danny Allen, CTO from Snyk, sharing how a balanced approach between AI and human oversight can strengthen cybersecurity. Learn more in Snyk's AI Readiness Report about how some companies are still hesitant to adopt AI, despite its clear benefits in addressing human error and keeping up with fast-evolving technology. Selected Reading White House Rushes to Finish Cyber Order After China Hacks (Bloomberg) Zero-Day Patch Alert: Ivanti Connect Secure Under Attack (GovInfo Security) GFI KerioControl Firewall Vulnerability Exploited in the Wild (SecurityWeek)  Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool (SecurityWeek)  Security pros baited by fake Windows LDAP exploits (The Register) Major US medical billing firm breached, 360K+ customers' healthcare data leaked (Cybernews) Recruitment Phishing Scam Imitates CrowdStrike Hiring Process (CrowdStrike) Some Winston-Salem city services knocked offline by cyberattack (The Record) Excelsior Orthopaedics Data Breach Impacts 357,000 People (SecurityWeek)  The 'Worst in Show' CES Products Put Your Data at Risk and Cause Waste, Privacy Advocates Say (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices