Podcasts about kaspersky

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A financially motivated threat actor known as GS7 is conducting a large-scale phishing campaign called Operation DoppelBrand, targeting Fortune 500 companies by impersonating their corporate login portals.Kaspersky researchers have analyzed a newly identified Android malware strain named Keenadu that provides attackers with remote control over infected devices.Application Programming Interfaces continue to be a primary attack surface, and new research from Wallarm shows the problem is accelerating as AI adoption expands.Hacker News outlines cybersecurity technology priorities for 2026, framing the environment as one of continuous instability rather than periodic disruption.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Expertos de Kaspersky detectaron en 2025 estas extorsiones, que continúan apareciendo, y donde exigen pagos en criptomonedas. Los  correos amenazan con divulgar imágenes comprometidas de la víctima o ser un sicario que le perdonará la vida si paga una cantidad.

Die Themen in den Wissensnachrichten: +++ Unterhose misst Anzahl der Fürze von gesunden Erwachsenen +++ Jede zweite Mail ist Spam +++ Vögeln ist es oft zu laut +++**********Weiterführende Quellen zu dieser Folge:Smart underwear: A novel wearable for long-term monitoring of gut microbial gas production via flatus, Biosensors and Bioelectronics: X, 11.10.2025Kaspersky reports 15% growth in malicious email attacks in 2025, Kaspersky, 11.02.2026Zahl der Masernfälle in Europa und Zentralasien 2025 im Vergleich zum Vorjahr rückläufig, aber Gefahr von Ausbrüchen bleibt bestehen – UNICEF und WHO, WHO, 11.02.2026Increasing self- and desired psychiatric diagnoses among emerging adults: Mixed-methods insights from clinical psychologists, International Journal of Clinical and Health Psychology, 31.12.2025Trait-mediated effects of anthropogenic noise on bird behaviour and fitness, Proceedings B, 11.02.2026Alle Quellen findet ihr hier.**********Ihr könnt uns auch auf diesen Kanälen folgen: TikTok und Instagram .

No novo episódio do Podcast Canaltech, falamos sobre os riscos por trás da trend que pede para a inteligência artificial criar caricaturas “com tudo o que sabe sobre você”. Em conversa com Fabio Assolini, diretor da Equipe Global de Pesquisa e Análise da Kaspersky, explicamos como informações aparentemente inofensivas como rotina, trabalho e hábitos podem ser usadas para criar golpes personalizados, facilitar fraudes e até roubo de identidade. O episódio também mostra o que acontece com os dados compartilhados em plataformas de IA, por que tanta gente ignora permissões e políticas de privacidade, e quais cuidados são essenciais para usar essas ferramentas de forma mais segura no dia a dia. Você também vai conferir: WhatsApp prepara uma novidade que vai além das mensagens, fenômeno no espaço coloca cientistas do mundo todo em alerta e OpenAI está preparando algo que ainda vai demorar para chegar. Este podcast foi roteirizado e apresentado por Fernada Santos e contou com reportagens de João Melo, Renato Moura e Vinicius Moschen, sob coordenação de Anaísa Catucci. A trilha sonora é de Guilherme Zomer, a edição de Leandro Gomes e a arte da capa é de Erick Teixeira.See omnystudio.com/listener for privacy information.

Con: Silvia Roldán, Enrique Maza. Dirige Carlos Lillo. Gracias a: KASPERSKY, CYBER GURU, NETTARO y SEMPERIS

Hoy tenemos un programa muy ecléctico: Soldaduras de carriles de trenes de Alta Velocidad, Redes Sociales sin riegos, la IA en la Super Bowl, Noticias de Tecnologia...Con: Silvia Roldán, Enrique Maza. Dirige Carlos Lillo. Gracias a: KASPERSKY, CYBER GURU, NETTARO y SEMPERIS

Con Mar Sánchez, Pedro Montes y Alba Sánchez. Dirige: Carlos Lillo. Gracias a: nettaro, Kaspersky y Semperis

Con Mar Sánchez, Pedro Montes y Alba Sánchez. Dirige: Carlos Lillo. Gracias a: nettaro, Kaspersky y Semperis

Nuestros amigos del podcast: Kaspersky: https://kas.pr/d3rg Delonghi: https://www.delonghi.com/es-mx

México es el país más afectado de América Latina por las aplicaciones “montadeudas” o también conocidas como SpyLoan, que son programas disfrazados de apps de préstamo que bloquean el teléfono celular de la víctima si esta no paga una supuesta deuda, según el Panorama de Amenazas 2025 de Kaspersky.

On this episode of Embracing Erosion, Devon sits down with Chris Gaebler — a seasoned Chief Marketing Officer whose career spans leadership roles at Netscout, Kaspersky, Guardicore, Sonrai Security, and Protegrity.In this conversation, they dive into what it means to lead marketing in an era defined by relentless change — from navigating new go-to-market models and the rise of AI, to keeping teams motivated and creative amid uncertainty. Chris shares his perspective on how CMOs can separate signal from noise, adapt their playbooks in real time, and build organizations that thrive through disruption.Enjoy the conversation!

Con: Alfonso Calvo y Mar Sánchez. Dirige: Carlos Lillo. Gracias a Kaspersky y Semperis.

Episodio con el apoyo de nuestros amigos de Kaspersky: https://latam.kaspersky.com/home-security?utm_source=youtube&utm_medium=influencer&utm_campaign=mx_latam-spokes_acq_ona_influ__onl_b2c_yot_video_chisme_______9d745cb55b172e60&kaspr=xhu8 Código de descuento: CHISME - es un 15% en todo LATAM pero no aplica Brasil

Con Mar Sanchez y Alfonso Calvo. Gracias a Kaspersky y Semperis.

EUA suspendem emissão de vistos no Brasil e mais 74 países! O governo do Brasil consegue bloquear a internet igual ao Irã? Polícia desmantela quadrilha de investimentos falsos via WhatsApp no Brasil. Loja vaza capa e mostra visual do Galaxy S26 Ultra sem querer; confira as imagens e Apple Creator Studio é o novo pacotão de apps criativos disponível por assinatura; confira!

Parce que… c'est l'épisode 0x6xx! Shameless plug 25 et 26 février 2026 - SéQCure 2026 CfP 31 mars au 2 avril 2026 - Forum INCYBER - Europe 2026 14 au 17 avril 2026 - Botconf 2026 28 et 29 avril 2026 - Cybereco Cyberconférence 2026 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2026 - SSTIC 2026 19 septembre 2026 - Bsides Montréal Description Introduction Ce deuxième épisode sur la Cyber Threat Intelligence (CTI) réunit Nicolas, Alexis Dorais-Joncas et Jordan Theodore pour approfondir les mécanismes de production et de consommation de l'intelligence sur les menaces. La conversation explore les défis techniques, organisationnels et éthiques auxquels font face les professionnels de la sécurité dans ce domaine en constante évolution. Les deux univers de la CTI Alexis établit une distinction fondamentale entre deux « clusters » dans l'écosystème de la CTI. D'un côté, les producteurs : entreprises de réponse d'incident et fournisseurs de services de cybersécurité comme CrowdStrike, Microsoft, Kaspersky ou Proofpoint, qui observent directement les attaques chez leurs clients et génèrent des rapports détaillés. De l'autre, les consommateurs : organisations qui utilisent ces rapports pour comprendre leurs risques et se protéger contre les attaques potentielles. Cette dichotomie se reflète même dans les rôles professionnels. Un analyste CTI chez un vendeur dispose d'une visibilité globale sur des milliers de clients, tandis qu'un analyste en entreprise se concentre sur son propre environnement. Les mindsets et les résultats sont fondamentalement différents, bien que les compétences de base soient similaires. L'ampleur du défi : naviguer dans l'océan de données Les chiffres partagés par Alexis illustrent l'échelle impressionnante du problème. Chez ESET, environ 300 000 fichiers exécutables malveillants ou suspects uniques arrivent chaque jour. Chez Proofpoint, ce sont 3,5 milliards d'emails quotidiens, avec 50 millions de pièces jointes et 90 millions d'URL à analyser. Face à ce déluge, les équipes de recherche doivent développer des heuristiques sophistiquées et des règles de tri pour identifier ce qui mérite une attention particulière. L'art du clustering : trouver l'aiguille dans la botte de foin Le cœur du travail de CTI réside dans la capacité à regrouper des attaques apparemment distinctes en « clusters » attribuables à un même acteur. Alexis explique que cette attribution repose sur la recherche d'éléments uniques ou de combinaisons uniques d'éléments observables. L'exemple du certificat SSL avec une coquille typographique illustre parfaitement ce concept : un seul détail peut permettre de lier des dizaines de domaines entre eux et de découvrir toute une infrastructure d'attaque. Les indicateurs utilisés pour le clustering sont multiples : similarité de code source, exploits modifiés, choix d'hébergeurs et de registraires, mais aussi des éléments plus « soft » comme le ciblage. Un professeur spécialisé sur l'Iran qui se fait soudainement cibler peut indiquer l'implication de groupes iraniens, même si les indicateurs techniques sont nouveaux. Les niveaux de confidentialité : une cascade d'information Alexis révèle que 95% ou plus de la CTI produite par les vendeurs n'est jamais rendue publique. L'information suit une cascade : d'abord partagée uniquement avec les clients directement ciblés, puis avec l'ensemble des clients payants, et enfin, pour une fraction seulement, avec le public. Cette dernière étape implique des choix délicats : révéler certains indicateurs peut aider la défense, mais aussi alerter l'attaquant et compromettre la capacité à le tracker à l'avenir. La qualité variable de la CTI secondaire Un point de frustration majeur émerge concernant la couverture médiatique et les analyses secondaires. Alexis estime que 80% de la couverture secondaire n'apporte aucune valeur ajoutée, 5% apporte une vraie perspective informée, et 10-15% est carrément nuisible en véhiculant des erreurs ou des exagérations. Cette désinformation force les analystes en entreprise à perdre des journées entières à remonter aux sources originales et à désamorcer les inquiétudes injustifiées des dirigeants. La course à la publication et ses nuances Bien qu'il existe une certaine compétition entre vendeurs pour être le premier à publier sur une nouvelle menace, Alexis nuance fortement ce phénomène. La collaboration informelle entre analystes de différentes entreprises est courante. De plus, même si un concurrent publie en premier, il reste possible d'apporter une valeur complémentaire en confirmant les découvertes depuis une perspective différente ou en ajoutant des observations uniques. L'exemple de Kaspersky et Proofpoint sur un APT illustre comment deux entreprises peuvent enrichir mutuellement la compréhension d'une menace. L'attribution : utile pour qui ? L'attribution géopolitique des attaques s'avère principalement pertinente pour les grandes organisations et les entités gouvernementales ciblées de manière spécifique. Pour la majorité des entreprises victimes d'attaques opportunistes, savoir qu'un ransomware vient de tel ou tel groupe importe peu. L'essentiel est de comprendre les techniques d'attaque et les prochaines étapes possibles. Alexis souligne qu'environ 95% des attaques ciblées chez Proofpoint touchent moins de 5 clients avec moins de 60 emails – un volume extrêmement faible qui contraste avec les attaques opportunistes massives. Le casse-tête des noms de groupes Un problème persistant dans l'industrie concerne la prolifération de noms différents pour les mêmes groupes. APT28 peut être appelé Fancy Bear, Pawn Storm, TA422, ou une quinzaine d'autres noms selon le vendeur. Cette situation s'explique par les différences de visibilité : Proofpoint observe l'infrastructure email, tandis qu'un EDR voit le comportement post-compromission. Chaque vendeur nomme ce qu'il peut observer, créant une confusion considérable pour les praticiens en réponse d'incident. Alexis confirme cependant qu'aucune pression marketing n'a jamais été exercée pour créer des noms propriétaires, et qu'il est inacceptable de renommer un groupe découvert par un autre sans l'avoir observé soi-même. Conclusion Ce podcast met en lumière la complexité et les nuances du monde de la CTI. Entre volumes de données massifs, décisions éthiques sur ce qu'il faut publier, collaboration et compétition entre acteurs, et défis d'attribution, les professionnels naviguent dans un écosystème en constante évolution. La clé réside dans la compréhension que chaque vendeur apporte une perspective unique basée sur sa visibilité spécifique, et que la véritable valeur de la CTI se trouve dans la capacité à corréler ces différentes sources pour obtenir une image complète des menaces. Collaborateurs Nicolas-Loïc Fortin Jordan Theodore Alexis Dorais-Joncas Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

Neste episódio conversamos como Willian Oliveira e Fernando Andreazi, da Kaspersky, sobre a evolução das ferramentas de segurança que vão além do endpoint, abordando a mudança no cenário de segurança e a necessidade de enfrentar ameaças cada vez mais sofisticadas. Você irá aprender sobre XDR, também conhecido como Extended Detection and Response e o MXDR, ou ou Managed Extended Detection and Response. Willian e Fernando trarão toda a sua experiência na área para lhe ajudar na escolha da melhor solução de segurança para o seu negócio. Este é um episódio patrocinado pela Kaspersky. Conheça o Kaspersky Next Optimum – Segurança em níveis projetada especialmente para solucionar vários desafios de negócios  Visite nossa campanha de financiamento coletivo e nos apoie!  Conheça o Blog da BrownPipe Consultoria e se inscreva no nosso mailing

#Podcast #Apps2025 #Perplexity #cristianoronaldo Kaspersky: https://kas.pr/619nCupón: NosotrosClonesUn episodio nuevo todos los miércoles y viernes, con Aura López, Javier Matuk y José Antonio Pontón. Puedes seguirlos de manera independiente en Instagram: @aurav @jmatuk y @japonton.

Trong bối cảnh chuyển đổi số tăng tốc, an ninh mạng trở thành yếu tố then chốt giúp doanh nghiệp bảo vệ dữ liệu, duy trì vận hành liên tục và giữ vững niềm tin của khách hàng. Một chiến lược phòng vệ chủ động không chỉ ngăn chặn thiệt hại mà còn tạo lợi thế cạnh tranh bền vững trên thị trường.Là một trong những tên tuổi đáng tin cậy toàn cầu với hơn một tỷ thiết bị được bảo vệ, Kaspersky liên tục phát triển các giải pháp và dịch vụ an ninh mạng tiên tiến dành cho doanh nghiệp, chính phủ và người tiêu dùng. Tại Việt Nam, suốt 17 năm qua, Kaspersky đồng hành cùng hàng nghìn doanh nghiệp trong hành trình chuyển đổi số an toàn, góp phần xây dựng một môi trường số phát triển và bền vững hơn.Dẫn dắt hoạt động của Kaspersky tại Việt Nam là anh Ngô Tấn Vũ Khanh – Giám đốc Quốc gia, đồng thời là Giám đốc chương trình Thạc sĩ Information Design and Technology (IDT) tại Đại học Kinh tế TP.HCM (UEH). Với hơn 20 năm kinh nghiệm trong lĩnh vực Công nghệ Thông tin và từng đảm nhiệm nhiều vị trí quản lý tại các tập đoàn công nghệ lớn, anh mang đến định hướng chiến lược vững vàng, góp phần thúc đẩy sự phát triển của hệ sinh thái an ninh mạng tại Việt Nam. Trong số 105 của podcast Vietnam Innovators (Tiếng Việt), chúng ta sẽ cùng lắng nghe những chia sẻ sâu sắc từ anh Ngô Tấn Vũ Khanh về các rủi ro an ninh mạng trong thời đại số, cũng như những giải pháp thiết thực giúp mỗi cá nhân và doanh nghiệp chủ động bảo vệ dữ liệu và thông tin quan trọng của mình.—Đừng quên có thể xem bản video của podcast này tại: YouTubeVà đọc những bài viết thú vị tại: https://vietcetera.com/vn/bo-suu-tap/vietnam-innovatorNếu có bất cứ góp ý, phản hồi hay mong muốn hợp tác, bạn có thể gửi email về địa chỉ hello@vni-digest.com

With cyberbullying, malware, and phishing scams hiding in the games our kids love, online safety has never been more urgent. Adrian Hia, Managing Director for APAC at Kaspersky, breaks down the latest threats targeting young people, how AI is changing the game for both attackers and defenders. Produced and presented by Audrey SiekSee omnystudio.com/listener for privacy information.

La empresa de ciberseguridad Kaspersky advirtió sobre una serie de falsas notificaciones que se hacen pasar por bancos para robar el dinero de los usuarios. Y destacó que este tipo de fraudes se multiplican durante diciembre cuando los trabajadores reciben su aguinaldo.

La empresa de ciberseguridad Kaspersky advirtió sobre una serie de falsas notificaciones que se hacen pasar por bancos para robar el dinero de los usuarios. Y destacó que este tipo de fraudes se multiplican durante diciembre cuando los trabajadores reciben su aguinaldo.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comThe Tomiris cyber-espionage group, which has been under Kaspersky's watch since 2021, has evolved its tactics in a new wave of attacks observed in early 2025. Article #2.CISA has recently added CVE-2021-26829 to its known exploited vulnerabilities, or KEV catalog, marking it as a confirmed threat based on real world exploitation. Researchers at KOI Security have identified a malicious NPM package, which not only performs typical credential stealing behavior, but also includes a new, subtle tactic attempting to manipulate AI-driven security scanners via embedded prompt engineering. Article #2.Iranian state sponsored threat group MuddyWater has launched a new wave of cyber espionage attacks targeting Israeli organizations across sectors including academia, civil infrastructure, engineering, technology and utilities.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

México es el país más afectado de América Latina por las aplicaciones “montadeudas” o también conocidas como SpyLoan, que son programas disfrazados de apps de préstamo que bloquean el teléfono celular de la víctima si esta no paga una supuesta deuda, según el Panorama de Amenazas 2025 de Kaspersky.

#Podcast #Starlink #IA #StrangerThings Más información de Asus:b2b_mx@asus.comhttps://www.asus.com/mx/Kaspersky: https://kas.pr/619nCupón: NosotrosClonesPLAYLIST Rolones: https://acortar.link/syEyR7

Matt from Linux Out Loud guest hosts with Jill and Ryan to dive into major internet events and Linux news! We tackle Ryan's "disappointing" take according to a listerner on EU censorship and free speech, discuss the massive Cloudflare outage that took half the internet down, debate if antivirus is necessary on Linux, and look at ProtonDB and the Steam Survey to see if Linux gaming has already won. Plus, we highlight Rclone as the Software Pick. 00:00:00 Intro 00:01:54 Community Feedback: “Disappointed in Ryan” (EU Censorship & Free Speech) 00:31:10 Sandfly Security – Agentless Defense for Linux 00:33:48 Cloudflare Falls Over: When Half the Internet Trips 00:34:38 Game Preservation: Keeping Delisted Classics Alive 00:47:03 Kaspersky on Linux: Do We Even Need Antivirus? 00:54:28 ProtonDB & Steam Survey: Has Linux Gaming Already Won? 01:04:15 Software Pick: Rclone – RSync for All Your Clouds 01:06:29 Outro Hosted by: Ryan (DasGeek) = dasgeek.net Jill Bryant = jilllinuxgirl.com Special Guest = Matt (Linux Out Loud)

Podcast: ICS Arabia PodcastEpisode: Conversations on OT Cybersecurity with Anton Shipullin | 17Pub date: 2025-11-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJoin Dr Sulaiman Alhasawi for an interesting conversation as he sits down with Anton Shipullin. In this interview, we delve into Anton's extensive experience and invaluable contributions to the community of ICS/OT cybersecurity. From his insights on OT cybersecurity in Russia to Dubai , we explore the multifaceted aspects of his journey.Anton has confounded BEERISAC podcast and RUSCADASEC.com and he has worked with international OT Cybersecurity companies , such as Kaspersky and Nozomi Networks. We touch upon his evangelism efforts, shedding light on how he spreads awareness about the significance of ICS/OT cybersecuritThe podcast and artwork embedded on this page are from ICS ARABIA PODCAST, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

This week Steve and Noah talk about the things you didn't know you knew about Linux. Scott Jenson joins the program to talk about principals of UX/UI design. -- During The Show -- 00:52 Self Hosting After Death - Michael Steve's thought process Important things Home Assistant (https://www.home-assistant.io/) Mealie (https://docs.mealie.io/) Frigate (https://frigate.video/) Steve's plan Draw.io LLMs No desire to be trained Open Source Documentation Noah's plan Self hosted vs Cloud Techie Friends 12:21 Scott Jenson - UX/UI Design Product Strategist For Home Assistant and Mastodon Scott's Website (https://jenson.org/) Coloring outside the lines Mobile vs Desktop Desktop UI shortcomings UX in Audacity and Penpot (https://penpot.app/) Where can UX designers grow? Articulating the business use case Ink & Switch (https://www.inkandswitch.com/) 18:23 News Wire Nano 8.7 - gnu.org (https://lists.gnu.org/archive/html/info-gnu/2025-11/msg00002.html) Thunderbird 145 - thunderbird.net (https://www.thunderbird.net/en-US/thunderbird/145.0/releasenotes) Firefox 145 - firefox.com (https://www.firefox.com/en-US/firefox/145.0/releasenotes) Wine 10.19 - webpronews.com (https://www.webpronews.com/wine-10-19-ushers-in-linuxs-next-leap-for-windows-app-mastery) Proton 10.0 - phoronix.com (https://www.phoronix.com/news/Proton-10.0-3-Released) KDE Frameworks 6.20.0 - kde.org (https://kde.org/announcements/frameworks/6/6.20.0) SparkyLinux 8.1 - sparkylinux.org (https://sparkylinux.org/sparky-8-1) Debian 13.2 - debian.org (https://www.debian.org/News/2025/20251115) Tails 7.2 - torproject.org (https://blog.torproject.org/new-release-tails-7_2) Nitrix 5.0 - itsfoss.com (https://itsfoss.com/news/nitrux-5-release) Kaspersky for Linux - tomshardware.com (https://www.tomshardware.com/software/antivirus/banned-russian-antivirus-maker-kaspersky-rolls-out-new-products-basic-plan-for-linux-starts-at-usd59-99-a-year) Avahi Logic Flaw - zeropath.com (https://zeropath.com/blog/avahi-simple-protocol-server-dos-cve-2025-59529) ImunifyAV Flaw - bleepingcomputer.com (https://www.bleepingcomputer.com/news/security/rce-flaw-in-imunifyav-puts-millions-of-linux-hosted-sites-at-risk) Akira Targets Nutanix VMs - bleepingcomputer.com (https://www.bleepingcomputer.com/news/security/cisa-warns-of-akira-ransomware-linux-encryptor-targeting-nutanix-vms) Kraken Expands - cyberpress.org (https://cyberpress.org/kraken-ransomware) VibeThinker-1.5B - venturebeat.com (https://venturebeat.com/ai/weibos-new-open-source-ai-model-vibethinker-1-5b-outperforms-deepseek-r1-on) Worry Over Chinese AI - businessinsider.com (https://www.businessinsider.com/eric-schmidt-worried-governments-use-chinese-ai-open-source-models-2025-11) US Must Go Open Source - techbuzz.ai (https://www.techbuzz.ai/articles/databricks-co-founder-us-must-go-open-source-to-beat-china-in-ai) Linux Knowledge The "Mythical New User" People use all sorts of UI/UX today Knowledge we take for granted Teaching is the highest form of learning See one, do one, teach one Talk radio principle: Watering plants that are already there Linux and Windows architectures are different 39:50 Source Command How it works Variables Environment Variable What the source command does Getting started with source and python 48:00 Know your short comings Know what you don't know Know how to explain it simply Keeping things simple -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/467) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed) Special Guest: Scott Jenson.

#Podcast #Tecnología #IA #Apple #Samsung #Noticias #buenfinEn este episodio revisamos las noticias más importantes del día: una posible MacBook con pantalla táctil, la escuela mexicana especializada en inteligencia artificial, y la integración de Gemini en la nueva Siri. También hablamos de las ofertas de Samsung por el Buen Fin, los polémicos anuncios de Meta y el debate sobre si la IA superará a los humanos. Cerramos con recomendaciones de cine y series, además de una entrevista para poner a prueba a Jimmy.Kaspersky: https://kas.pr/619nCupón: NosotrosClonesPLAYLIST Rolones: https://acortar.link/syEyR7www.samsung.com/mx

#Podcast #BuenFin2025 #Kaspersky Kaspersky: https://kas.pr/619nCupón: NosotrosClonesEn este episodio de Los Clones viajamos, reímos y analizamos todo lo que está pasando en el mundo de la tecnología, entre China, Oaxaca y el Buen Fin… Te contamos cómo Kaspersky nos salvó en China, la experiencia con GM en Oaxaca, y ya llegó en Buen Fin.Además, hablamos del adiós de Movistar, las novedades de Apple y, claro, del fenómeno Dr. Simi y los clones ya tienen stickers.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The UK Information Commissioner's Office (ICO) recently released a comprehensive 136-page report detailing the BlackBasta ransomware attack on Capita in March 2023.Kaspersky researchers have detailed two active campaigns from North Korean APT group BlueNoroff, which continue the group's long-running SnatchCrypto operation targeting individuals in financial and tech sectors.The exploitation of the first Chrome zero-day of 2025 has been attributed to a state-sponsored threat actor involved in Operation ForumTroll, a cyber-espionage campaign targeting Russian entities across sectors like education, finance, media, and government.Netscout has identified a newly emerging Internet of Things (IoT) botnet, Aisuru, which has already launched distributed denial-of-service (DDoS) attacks exceeding 20 Tbps, placing it among the most powerful botnets observed to date.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Three Buddy Problem - Episode 70: Dave Aitel from OpenAI's technical staff joins the buddies to discuss the just-launched Aardvark, OpenAI's agentic “security researcher” that claims to read code, finds bugs, validates exploits, and ships patches. We press him on where LLMs beat fuzzers, privacy boundaries, human-in-the-loop realities, SDLC budgets, pen-test cadence, and the zero-day economy. Plus, L3 Harris/Trenchant exec pleads guilty to selling exploits to Russian brokers, Kaspersky catches the return of HackingTeam using Chrome zero-day exploit chain, and news of a proposed law in Russia to force researchers to report vulnerabilities first to goverment agencies. Cast: Dave Aitel (https://www.linkedin.com/in/daveaitel/) (Technical Staff, OpenAI), Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

We don't do holiday themed episodes in this house, so no tricks, but we have some treats for you. First we discuss the problem of shadow AI (1:00) and how it seems like we're just repeating the mistakes of previous tech waves in ignoring security until it's too late. Then we dig into a new report from Kaspersky about a crazy exploit they discovered for a Chrome sandbox escape that led them to identify the new version of Hacking Team's spyware called Dante (23:00). Finally, we provide some important updates on our respective wildlife encounters (33:00).Kaspersky report: https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/ Support the show

Edição de 28 de outubro 2025

On today's Technology Podcast, sponsored by Elbit America, Justin Sherman, the founder of Global Cyber Strategies advisory firm and a nonresident fellow at the Atlantic Council's Cyber Statecraft Initiative, joins Defense & Aerospace Report Editor Vago Muradian to discuss his new report for the Center for Naval Analyses — “Hacking and Firewalls Under Siege: Russia's Cyber Industry During the War on Ukraine (https://www.cna.org/reports/2025/08/Hacking-and-Firewalls-Under-Seige.pdf)” — the nature of the cyber war between Russia and Ukraine; the role of Russian state, corporate and general public actors in advancing Moscow's tactical and strategic aims from offensive cyber actions to hacking and information operations; the government's role in controlling these actors; how many have been sanctioned; the impact of Kaspersky's role in support of the Russian government and how that's impacting the company's global business; analysis of Russia's “Secret Blizzard” operation against foreign embassies by exploiting a Microsoft vulnerability; cyber lessons from Ukraine as it defends itself against Russia; and  happens to efforts to counter Russian in cyberspace when Washington normalizes relations with Moscow.

Send us a textSergey Novikov shares his fascinating journey from early days at Kaspersky Lab through his evolution as a malware analyst and cybersecurity expert, offering unique insights into the changing threat landscape and ethical considerations of security research.• Started at Kaspersky in 2002 when it was a small startup with fewer than 100 employees• Applied mathematics background led to research correlating human epidemic models with computer virus propagation• Worked as a "woodpecker" malware analyst detecting threats 24/7• Became part of Kaspersky's elite Global Research and Analysis Team (GREAT)• Team took pride in identifying APTs regardless of national origin to protect customers worldwide• Described security researchers as "paleontologists" uncovering complex digital threats• Participated in analysis of sophisticated threats like Stuxnet requiring specialized knowledge• Left Kaspersky in 2022 after Russia-Ukraine conflict began• Transitioned to pharmaceutical industry cybersecurity before joining CyberProof• Observes modern threats have blurred lines between nation-state actors, cybercriminals and hacktivists• Believes cybersecurity professionals must maintain perpetual learning mindset• Recommends self-learning and hands-on experience for aspiring security researchers• Notes AI is enabling more agile, automated attacks rather than quantum computing threatsConnect with Sergey on LinkedIn or visit cyberproof.com to learn more about their security services and research blog.Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

1. Scrutiny of the "Tea" Dating AppThe women-focused dating app "Tea" faces backlash after two data breaches exposed 72,000 sensitive images and 1.1 million private messages. Though security upgrades were promised, past data remained exposed, and the app lacks end-to-end encryption. Additionally, anonymous features enabling posts about men have sparked defamation lawsuits. Critics argue Tea prioritized rapid growth over user safety, exemplifying the danger of neglecting cybersecurity in pursuit of scale.2. North Korean Remote Work InfiltrationCrowdStrike has flagged a 220% surge in North Korean IT operatives posing as remote workers—over 320 cases in the past year. These operatives use stolen/fake identities, aided by generative AI to craft résumés, deepfake interviews, and juggle multiple jobs. Their earnings fund Pyongyang's weapons programs. The tactic reveals the limits of traditional vetting and the need for advanced hiring security.3. Airportr's Data ExposureUK luggage service Airportr suffered a major security lapse exposing passport photos, boarding passes, and flight details—including those of diplomats. CyberX9 found it possible to reset accounts with just an email and no limits on login attempts. Attackers could gain admin access, reroute luggage, or cancel flights. Although patched, the incident underscores risks of convenience services with poor security hygiene.4. Risks of AI-Generated CodeVeracode's "2025 GenAI Code Security Report" found that nearly 45% of AI-generated code across 80 tasks had security flaws—many severe. This highlights the need for human oversight and thorough reviews. While AI speeds development, it also increases vulnerability if unchecked, making secure coding a human responsibility.5. Microsoft's SharePoint Hack ControversyChinese state hackers exploited flaws in SharePoint, breaching hundreds of U.S. entities. A key concern: China-based Microsoft engineers maintained the hacked software, potentially enabling earlier access. Microsoft also shared vulnerability data with Chinese firms through its MAPP program, while Chinese law requires such data be reported to the state. This raises alarms about outsourcing sensitive software to geopolitical rivals.6. Russian Embassy Surveillance AttackRussia's "Secret Blizzard" hackers used ISP-level surveillance to deliver fake Kaspersky updates to embassies. These updates installed malware and rogue certificates enabling adversary-in-the-middle attacks—allowing full decryption of traffic. The attack shows the threat of state-level manipulation of software updates and underscores the need for update authenticity verification.7. Signal's Threat to Exit AustraliaSignal may pull out of Australia if forced to weaken encryption. ASIO's push for access contradicts Signal's end-to-end encryption model, which can't accommodate backdoors without global compromise. This standoff underscores a broader debate: encryption must be secure for all or none. Signal's resistance reflects the rising tension between privacy advocates and governments demanding access.8. Los Alamos Turns to AILos Alamos National Laboratory has launched a National Security AI Office, signaling a pivot from nuclear to AI capabilities. With massive GPU infrastructure and university partnerships, the lab sees AI as the next frontier in scientific and national defense. This reflects a shift in global security dynamics—where large language models may be as strategically vital as missiles.

EP 254. In this week's update:Despite back-to-back data breaches and legal blowback, women are still queuing up by the millions for Tea.  This is one hot dating app that's apparently more viral than secure.North Korean IT operatives are clocking into remote jobs worldwide. Fueled by GenAI and fake identities in what CrowdStrike calls a daily cybersecurity crisis.A British luggage startup managed to lose more than just bags. Airportr briefly exposed diplomatic travel data and full backend access to anyone with a browser and curiosity.According to Veracode, nearly half of all AI-generated code is insecure. And that should leave you feeling insecure, especially if your code reviews have been neglectedMicrosoft confirmed Chinese engineers have long supported the same SharePoint software recently hacked by Beijing.  The breach hit hundreds of U.S. institutions—including nuclear and homeland security.Russian state hackers tricked foreign embassies into installing fake updates from “Kaspersky.”  The malware came with a rogue root certificate—and full surveillance capabilities.Signal's president warned it might pull out of Australia over demands to weaken encryption. The country's privacy pushback continues—and secure apps are packing their bags.Los Alamos is pouring resources into AI research—because in 2025, the most powerful weapon might be a large language model, rather than a missile.Finish that cuppa, we have a lot to cover!Find the full transcript to this podcast here.

In this episode, I address listener feedback and corrections regarding use of public Wi-Fi, MAC addresses, and aliases. I dive deep into the nuances of MAC address randomization on GrapheneOS versus Apple's private Wi-Fi addresses, explaining why GrapheneOS offers superior privacy protection. I discuss the real threats of public Wi-Fi in 2025 (hint: it's not hackers with Wireshark), and share my approach with aliases.I also cover the rising threat of infostealers like Atomic Info Stealer for macOS, the dangerous intersection of gaming cheats and malware, and why I avoid third-party antivirus software. Most importantly, I address the GrapheneOS controversy: the loss of a senior developer to military conscription, Google's strategic pivot that threatens custom ROMs, and why claims of GrapheneOS “dying” are misinformation spread by those with competing agendas.In this week's episode:Clarifications and Corrections: Public Wi-Fi, MAC addresses, and alias managementMAC address randomization: GrapheneOS vs Apple's implementationThe real threats of public Wi-Fi in 2025Info stealers and video games can be a privacy nightmareGrapheneOS controversy: Developer conscription, Google's lockdown, and the future of custom ROMsWhy antivirus software might be the malware you're trying to avoidMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:MAC Address Lookup - https://maclookup.app/OUI Lookup - https://oui.is/33mail - https://www.33mail.com/OpenSnitch - https://github.com/evilsocket/opensnitchPrivacy.com - https://privacy.comLithic - https://lithic.comKaspersky and Russian Government - https://en.wikipedia.org/wiki/Kaspersky_and_the_Russian_governmentGoogle Not Killing AOSP - https://www.androidauthority.com/google-not-killing-aosp-3566882/GrapheneOS on Developer Conscription - https://grapheneos.social/@GrapheneOS/114359660453627718GrapheneOS on OEM Partnerships (June 19) - https://grapheneos.social/@GrapheneOS/114671100848024807GrapheneOS Response to Misinformation - https://grapheneos.social/@GrapheneOS/114825492698412916GrapheneOS on iPhone Security - https://grapheneos.social/@GrapheneOS/114824816120139544“Social engineering bypasses all technologies, including firewalls.”- Kevin Mitnick ★ Support this podcast on Patreon ★

Joining the podcast this week is Dmitry Bestuzhev, senior director of cyber threat intelligence (CTI) at Blackberry. He gives Petko an inside look into the key types of CTI and how the insights can be used to build context and determine response in specific circumstances, such as in the recent case of attempted targets at NATO. Dmitry also turns our attention to the risks posed by public charging stations - a ploy dubbed “Juice Jacking.”   Dmitry Bestuzhev, Senior Director CTI at BlackBerry Dmitry Bestuzhev is Senior Director, CTI (Cyber Threat Intelligence) at BlackBerry. Prior to BlackBerry, Dmitry was Head of Kaspersky's Global Research and Analysis Team for Latin America, where he oversaw the company's experts' anti-malware development work in the region. Dmitry has more than 20 years of experience in IT security across a wide variety of roles. His field of expertise covers everything from traditional online fraud to targeted high-profile attacks on financial and governmental institutions. His main focus in research is on producing Threat Intelligence reports on financially motivated targeted attacks. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e341

Joining the podcast this week is Dmitry Bestuzhev, senior director of cyber threat intelligence (CTI) at Blackberry. He gives Petko an inside look into the key types of CTI and how the insights can be used to build context and determine response in specific circumstances, such as in the recent case of attempted targets at NATO. Dmitry also turns our attention to the risks posed by public charging stations - a ploy dubbed “Juice Jacking.”   Dmitry Bestuzhev, Senior Director CTI at BlackBerry Dmitry Bestuzhev is Senior Director, CTI (Cyber Threat Intelligence) at BlackBerry. Prior to BlackBerry, Dmitry was Head of Kaspersky's Global Research and Analysis Team for Latin America, where he oversaw the company's experts' anti-malware development work in the region. Dmitry has more than 20 years of experience in IT security across a wide variety of roles. His field of expertise covers everything from traditional online fraud to targeted high-profile attacks on financial and governmental institutions. His main focus in research is on producing Threat Intelligence reports on financially motivated targeted attacks. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e340

Researchers uncover a major privacy violation involving tracking scripts from Meta and Yandex. A compliance automation firm discloses a data breach. PumaBot stalks vulnerable IoT devices. The Ramnit banking trojan gets repurposed for ICS intrusions. The North Face suffers a credential stuffing attack. Kaspersky says the Black Owl team is a cyber threat to Russia. CISA releases ISC advisories. An Indian grocery delivery startup suffers a devastating data wiping attack. The UK welcomes their new Cyber and Electromagnetic (CyberEM) Command. Our guest is Rohan Pinto, CTO of 1Kosmos, discussing the implications of AI deepfakes for biometric security. The cybersecurity sleuths at Sophos unravel a curious caper. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Rohan Pinto, CTO of 1Kosmos, and he is discussing the implications of AI deepfakes for biometric security. Selected Reading Meta and Yandex are de-anonymizing Android users' web browsing identifiers (Ars Technica) Vanta leaks customer data due to product code change (Beyond Machines) New Linux PumaBot Attacking IoT Devices by Brute-Forcing SSH Credentials (Cyber Security News) Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift (SecurityWeek) The North Face warns customers of April credential stuffing attack (Bleeping Computer) Pro-Ukraine hacker group Black Owl poses ‘major threat' to Russia, Kaspersky says (The Record) CISA Releases ICS Advisories Covering Vulnerabilities & Exploits (Cyber Security News) Indian grocery startup KiranaPro was hacked and its servers deleted, CEO confirms (TechCrunch) UK CyberEM Command to spearhead new era of armed conflict (The Register) Widespread Campaign Targets Cybercriminals and Gamers  (Infosecurity Magazine) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

04 Jun 2025. Airfares are reportedly down 40% from a year ago with airlines making just $7 per flight. We get a reaction from aviation lawyer Nick Humphrey. Plus, RAK Bank surveys SMEs about their outlook, we get the results from Dhiraj Kunwar. And Kaspersky’s Maher Yamout breaks down the latest cyber threat targeting fintech and trading apps.See omnystudio.com/listener for privacy information.

xorsearch Update Diedier updated his "xorsearch" tool. It is now a python script, not a compiled binary, and supports Yara signatures. With Yara support also comes support for regular expressions. https://isc.sans.edu/diary/xorsearch.py%3A%20Searching%20With%20Regexes/31854 Shorter Lived Certificates The CA/Brower Forum passed an update to reduce the maximum livetime of certificates. The reduction will be implemented over the next four years. EFF also released an update to certbot introducing profiles that can be used to request shorter lived certificates. https://www.eff.org/deeplinks/2025/04/certbot-40-long-live-short-lived-certs https://groups.google.com/a/groups.cabforum.org/g/servercert-wg/c/bvWh5RN6tYI New Malware Harvesting Data from USB drives and infecting them. Kaspersky is reporting that they identified new malware that not only harvests data from USB drives, but also spread via USB drives by replacing existing documents with malicious files. https://securelist.com/goffee-apt-new-attacks/116139/

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memory-safe languages mean for developers? What exactly are memory-safe languages? Australia joins the Kaspersky ban. Gmail plans to switch from SMS to QR code authentication. A SpinRite success and some fun feedback. An astonishing new technology for targeted radio jamming Show Notes - https://www.grc.com/sn/SN-1015-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com bitwarden.com/twit veeam.com threatlocker.com for Security Now

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memory-safe languages mean for developers? What exactly are memory-safe languages? Australia joins the Kaspersky ban. Gmail plans to switch from SMS to QR code authentication. A SpinRite success and some fun feedback. An astonishing new technology for targeted radio jamming Show Notes - https://www.grc.com/sn/SN-1015-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com bitwarden.com/twit veeam.com threatlocker.com for Security Now

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memory-safe languages mean for developers? What exactly are memory-safe languages? Australia joins the Kaspersky ban. Gmail plans to switch from SMS to QR code authentication. A SpinRite success and some fun feedback. An astonishing new technology for targeted radio jamming Show Notes - https://www.grc.com/sn/SN-1015-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com bitwarden.com/twit veeam.com threatlocker.com for Security Now

Retired Gen. Paul Nakasone warns the U.S. is falling behind in cyberspace. Australia orders government entities to remove and ban Kaspersky products. FatalRAT targets industrial organizations in the APAC region. A major cryptocurrency exchange reports the theft of $1.5 billion in digital assets. Apple removes end-to-end encryption (E2EE) for iCloud in the UK. Researchers uncover a LockBit ransomware attack exploiting a Windows Confluence server. Researchers uncover zero-day vulnerabilities in a widely used cloud logging utility.A PayPal email scam is tricking users into calling scammers. Republican leaders in the House request public input on national data privacy standards. A Michigan man faces charges for his use of the Genesis cybercrime marketplace. Our guest is  Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, explaining the domino effect of a cyberattack on the power grid. Meta sues an Insta Extortionist. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Dave speaks with Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, about the domino effect of a cyberattack on the power grid. You can dig into the details in their report.  Selected Reading Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace (CyberScoop) Kaspersky Banned on Australian Government Systems (SecurityWeek) Chinese Hackers Attacking Industrial Organizations With Sophisticated FatalRAT (Cyber Security News) Bybit Hack Drains $1.5 Billion From Cryptocurrency Exchange (SecurityWeek) Experts Slam Government After “Disastrous” Apple Encryption Move (Infosecurity Magazine) Confluence Exploit Leads to LockBit Ransomware (The DFIR Report) Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks (Cyber Security News) Beware: PayPal "New Address" feature abused to send phishing emails (Bleeping Computer) Top House E&C Republicans query public for ideas on data privacy law (CyberScoop) US Charges Genesis Market User (SecurityWeek) Meta Sues Alleged Instagram Extortionist (404 Media)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

President Trump rolls back AI regulations and throws TikTok a lifeline. Attackers pose as Ukraine's CERT-UA tech support. A critical vulnerability is found in the Brave browser. Sophos observes hacking groups abusing Microsoft 365 services and exploiting default Microsoft Teams settings. Researchers uncover critical flaws in tunneling protocols. A breach exposes personal information of thousands of students and educators. Oracle patches 320 security vulnerabilities. Kaspersky reveals over a dozen vulnerabilities in a Mercedes-Benz infotainment system. Tim Starks from CyberScoop discusses executive orders on cybersecurity and the future of CISA. We preview coming episodes of Threat Vector.  Honesty isn't always the best policy.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector podcast preview today:  IoT devices are everywhere, with billions deployed globally in industries like healthcare, manufacturing, and critical infrastructure. But this explosion of connectivity brings unprecedented security challenges. Host David Moulton speaks with Dr. May Wang, CTO of IoT Security at Palo Alto Networks, about how AI is transforming IoT security. Stay tuned for the full conversation this Thursday.  CyberWire Guest Our guest is Tim Starks from CyberScoop discussing executive orders on cybersecurity and the future of CISA. You can read Tim's article on the recent Biden EO here.   Selected Reading Trump revokes Biden executive order on addressing AI risks (Reuters) TikTok is back up in the US after Trump says he will extend deadline (Bleeping Computer) Hackers impersonate Ukraine's CERT to trick people into allowing computer access (The Record)  Brave Browser Vulnerability Let Malicious Website Mimic as Legitimate One (Cyber Security News)  Ransomware Groups Abuse Microsoft Services for Initial Access (SecurityWeek) Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally (Hackread) Students, Educators Impacted by PowerSchool Data Breach (SecurityWeek) Oracle To Address 320 Vulnerabilities in January Patch Update (Infosecurity Magazine) Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities (SecurityWeek) Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices