Podcasts about kaspersky

This week Steve and Noah talk about the things you didn't know you knew about Linux. Scott Jenson joins the program to talk about principals of UX/UI design. -- During The Show -- 00:52 Self Hosting After Death - Michael Steve's thought process Important things Home Assistant (https://www.home-assistant.io/) Mealie (https://docs.mealie.io/) Frigate (https://frigate.video/) Steve's plan Draw.io LLMs No desire to be trained Open Source Documentation Noah's plan Self hosted vs Cloud Techie Friends 12:21 Scott Jenson - UX/UI Design Product Strategist For Home Assistant and Mastodon Scott's Website (https://jenson.org/) Coloring outside the lines Mobile vs Desktop Desktop UI shortcomings UX in Audacity and Penpot (https://penpot.app/) Where can UX designers grow? Articulating the business use case Ink & Switch (https://www.inkandswitch.com/) 18:23 News Wire Nano 8.7 - gnu.org (https://lists.gnu.org/archive/html/info-gnu/2025-11/msg00002.html) Thunderbird 145 - thunderbird.net (https://www.thunderbird.net/en-US/thunderbird/145.0/releasenotes) Firefox 145 - firefox.com (https://www.firefox.com/en-US/firefox/145.0/releasenotes) Wine 10.19 - webpronews.com (https://www.webpronews.com/wine-10-19-ushers-in-linuxs-next-leap-for-windows-app-mastery) Proton 10.0 - phoronix.com (https://www.phoronix.com/news/Proton-10.0-3-Released) KDE Frameworks 6.20.0 - kde.org (https://kde.org/announcements/frameworks/6/6.20.0) SparkyLinux 8.1 - sparkylinux.org (https://sparkylinux.org/sparky-8-1) Debian 13.2 - debian.org (https://www.debian.org/News/2025/20251115) Tails 7.2 - torproject.org (https://blog.torproject.org/new-release-tails-7_2) Nitrix 5.0 - itsfoss.com (https://itsfoss.com/news/nitrux-5-release) Kaspersky for Linux - tomshardware.com (https://www.tomshardware.com/software/antivirus/banned-russian-antivirus-maker-kaspersky-rolls-out-new-products-basic-plan-for-linux-starts-at-usd59-99-a-year) Avahi Logic Flaw - zeropath.com (https://zeropath.com/blog/avahi-simple-protocol-server-dos-cve-2025-59529) ImunifyAV Flaw - bleepingcomputer.com (https://www.bleepingcomputer.com/news/security/rce-flaw-in-imunifyav-puts-millions-of-linux-hosted-sites-at-risk) Akira Targets Nutanix VMs - bleepingcomputer.com (https://www.bleepingcomputer.com/news/security/cisa-warns-of-akira-ransomware-linux-encryptor-targeting-nutanix-vms) Kraken Expands - cyberpress.org (https://cyberpress.org/kraken-ransomware) VibeThinker-1.5B - venturebeat.com (https://venturebeat.com/ai/weibos-new-open-source-ai-model-vibethinker-1-5b-outperforms-deepseek-r1-on) Worry Over Chinese AI - businessinsider.com (https://www.businessinsider.com/eric-schmidt-worried-governments-use-chinese-ai-open-source-models-2025-11) US Must Go Open Source - techbuzz.ai (https://www.techbuzz.ai/articles/databricks-co-founder-us-must-go-open-source-to-beat-china-in-ai) Linux Knowledge The "Mythical New User" People use all sorts of UI/UX today Knowledge we take for granted Teaching is the highest form of learning See one, do one, teach one Talk radio principle: Watering plants that are already there Linux and Windows architectures are different 39:50 Source Command How it works Variables Environment Variable What the source command does Getting started with source and python 48:00 Know your short comings Know what you don't know Know how to explain it simply Keeping things simple -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/467) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed) Special Guest: Scott Jenson.

#Podcast #Tecnología #IA #Apple #Samsung #Noticias #buenfinEn este episodio revisamos las noticias más importantes del día: una posible MacBook con pantalla táctil, la escuela mexicana especializada en inteligencia artificial, y la integración de Gemini en la nueva Siri. También hablamos de las ofertas de Samsung por el Buen Fin, los polémicos anuncios de Meta y el debate sobre si la IA superará a los humanos. Cerramos con recomendaciones de cine y series, además de una entrevista para poner a prueba a Jimmy.Kaspersky: https://kas.pr/619nCupón: NosotrosClonesPLAYLIST Rolones: https://acortar.link/syEyR7www.samsung.com/mx

#Podcast #BuenFin2025 #Kaspersky Kaspersky: https://kas.pr/619nCupón: NosotrosClonesEn este episodio de Los Clones viajamos, reímos y analizamos todo lo que está pasando en el mundo de la tecnología, entre China, Oaxaca y el Buen Fin… Te contamos cómo Kaspersky nos salvó en China, la experiencia con GM en Oaxaca, y ya llegó en Buen Fin.Además, hablamos del adiós de Movistar, las novedades de Apple y, claro, del fenómeno Dr. Simi y los clones ya tienen stickers.

Hoy nos acompañan dos invitados al programa. En primer lugar tendremos a Davis Artuñedo, CTO de Ravenloop a hablarnos de los AGENTES INTELIGENTES y para acabar Claudia Corcobado de CYBER GURU a incidir en la importancia de la Concienciación en Ciberseguridad. Además de las noticias destacamos el AI GATEWAY, que es la verdadera Torre de Control para las distintas IA que pueda haber en una empresa. Con: Rubén Carrasco y Carlos Lillo. Patrocinan: V-VALLEY, CYBERTIX, KASPERSKY, SEMPERIS, CYBER GURU, CATO NETWORKS

Hoy nos acompañan dos invitados al programa. En primer lugar tendremos a Davis Artuñedo, CTO de Ravenloop a hablarnos de los AGENTES INTELIGENTES y para acabar Claudia Corcobado de CYBER GURU a incidir en la importancia de la Concienciación en Ciberseguridad. Además de las noticias destacamos el AI GATEWAY, que es la verdadera Torre de Control para las distintas IA que pueda haber en una empresa.Con: Rubén Carrasco y Carlos Lillo.Patrocinan: V-VALLEY, CYBERTIX, KASPERSKY, SEMPERIS, CYBER GURU, CATO NETWORKS

Hoy nos acompaña JOSÉ CARLOS MOLINA, responsable de Desarrollo de Negocio de Ciberseguridad en V-VALLEY.Además vemos como puede ayudar la IA a personas que viven en soledad no deseada.Con: Rubén Carrasco, Alfonso Calvo.Dirige: Carlos Lillo. Producción: ClickRadioTV. Gracias a: Semperis, Cyber Guru, Cato Networks, V-Valley, Kaspersky, Cybertix

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The UK Information Commissioner's Office (ICO) recently released a comprehensive 136-page report detailing the BlackBasta ransomware attack on Capita in March 2023.Kaspersky researchers have detailed two active campaigns from North Korean APT group BlueNoroff, which continue the group's long-running SnatchCrypto operation targeting individuals in financial and tech sectors.The exploitation of the first Chrome zero-day of 2025 has been attributed to a state-sponsored threat actor involved in Operation ForumTroll, a cyber-espionage campaign targeting Russian entities across sectors like education, finance, media, and government.Netscout has identified a newly emerging Internet of Things (IoT) botnet, Aisuru, which has already launched distributed denial-of-service (DDoS) attacks exceeding 20 Tbps, placing it among the most powerful botnets observed to date.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Three Buddy Problem - Episode 70: Dave Aitel from OpenAI's technical staff joins the buddies to discuss the just-launched Aardvark, OpenAI's agentic “security researcher” that claims to read code, finds bugs, validates exploits, and ships patches. We press him on where LLMs beat fuzzers, privacy boundaries, human-in-the-loop realities, SDLC budgets, pen-test cadence, and the zero-day economy. Plus, L3 Harris/Trenchant exec pleads guilty to selling exploits to Russian brokers, Kaspersky catches the return of HackingTeam using Chrome zero-day exploit chain, and news of a proposed law in Russia to force researchers to report vulnerabilities first to goverment agencies. Cast: Dave Aitel (https://www.linkedin.com/in/daveaitel/) (Technical Staff, OpenAI), Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

We don't do holiday themed episodes in this house, so no tricks, but we have some treats for you. First we discuss the problem of shadow AI (1:00) and how it seems like we're just repeating the mistakes of previous tech waves in ignoring security until it's too late. Then we dig into a new report from Kaspersky about a crazy exploit they discovered for a Chrome sandbox escape that led them to identify the new version of Hacking Team's spyware called Dante (23:00). Finally, we provide some important updates on our respective wildlife encounters (33:00).Kaspersky report: https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/ Support the show

Edição de 28 de outubro 2025

Referências do EpisódioMem3nt0 mori – The Hacking Team is back!Stable Channel Update for Desktop - Tuesday, March 25, 2025Crypto wasted: BlueNoroff's ghost mirage of funding and jobsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

El corte del hiperescalar AWS ha marcado notablemente los últimos días de esta semana de octubre. ¿Sabes qué es un Cybermentalista? Escúchanos y te lo contará Antonio Martínez. Como invitado hemos tenido a Javier Sánchez, CISO de Engie España. Equipo: Rubén Carrasco, Pedro Montes, Carlos Lillo (D). Sponsor: Cyber Guru, Cato Networks, Semperis, V-Valley, Kaspersky, Cybertix. Producción: ClickRadioTV.

El corte del hiperescalar AWS ha marcado notablemente los últimos días de esta semana de octubre. ¿Sabes qué es un Cybermentalista? Escúchanos y te lo contará Antonio Martínez. Como invitado hemos tenido a Javier Sánchez, CISO de Engie España. Equipo: Rubén Carrasco, Pedro Montes, Carlos Lillo (D). Sponsor: Cyber Guru, Cato Networks, Semperis, V-Valley, Kaspersky, Cybertix. Producción: ClickRadioTV.

ETRMS El Valle de Arán y Ciberseguridad. Un robot domótico barato. Noticias. Concurso. Gracias a SEMPERIS, V-VALLEY, CYBER GURU, CYBERTIX, CATO NETWORKS, KASPERSKY.

La firma de seguridad Kaspersky alertó sobre una nueva estafa llamada “toque fantasma”, con la que delincuentes interceptan pagos sin contacto para hacer compras como si tuvieran la tarjeta física del comprador.

Una introducción a los Kubernetes, esas ayudas a los desarrolladores. La Biomimética ayuda a la tecnologia. Los sesgos en el modelo educativo de la IA. Y las habituales secciones de noticias, tecnoefemérides, concurso... Con: Silvia Roldán, Alfonso Calvo y Rubén Carrasco. Patrocinan: Cyber Guru, Cybertix, V-Valley, Cato Networks, Kaspersky. Producción: ClickRadioTV. Dirige: Carlos Lillo.

Una introducción a los Kubernetes, esas ayudas a los desarrolladores. La Biomimética ayuda a la tecnologia. Los sesgos en el modelo educativo de la IA. Diseño de proteínas con IA. Y las habituales secciones de noticias, tecnoefemérides, concurso...Con: Silvia Roldán, Alfonso Calvo y Rubén Carrasco. Patrocinan: Cyber Guru, Cybertix, V-Valley, Cato Networks, Kaspersky. Producción: ClickRadioTV. Dirige: Carlos Lillo.

La Computación Olfativa, CyberMadrid y las secciones habituales son los protagonistas de esta cuarta edición de la temporada 15.Invitados: Virginia Vicente y Agustín Muñoz-Grandes de CyberMadrid. Con: Sergio Lillo, Rafa López. Gracias a: Cato Networks, V-Valley, Cyber Guru, Kaspersky y Cybertix. Producción: ClickRadioTV. Dirige: Carlos Lillo.

La Computación Olfativa, CyberMadrid y las secciones habituales son los protagonistas de esta cuarta edición de la temporada 15. Invitados: Virginia Vicente y Agustín Muñoz-Grandes de CyberMadrid. Con: Sergio Lillo, Rafa López. Gracias a: Cato Networks, V-Valley, Cyber Guru, Kaspersky y Cybertix. Producción: ClickRadioTV. Dirige: Carlos Lillo.

Wir sprechen mit Jochen Michels von Kaspersky über die Bewertung der Vertrauenswürdigkeit von Cybersicherheitsanbietern.

Hoy viene al programa como invitado Enrique Maza, responsable de Ciberseguridad en Westinghouse España. Ademas desarrollamos:Gestión de las Ciber Crisis. DataChaos. El CISO como comunicador. Y el resto de secciones habituales. Con: Óscar Monrió, Ray Mills y Maribel Morales. Dirige: Carlos Lillo. Gracias a: Cybertix, V-Valley, Kaspersky, CyberGuru y Cato Networks.

Hoy viene al programa como invitado Enrique Maza, responsable de Ciberseguridad en Westinghouse España. Ademas desarrollamos: Gestión de las Ciber Crisis. DataChaos. El CISO como comunicador. Y el resto de secciones habituales. Con: Óscar Monrió, Ray Mills y Maribel Morales. Dirige: Carlos Lillo. Gracias a: Cybertix, V-Valley, Kaspersky, CyberGuru y Cato Networks.

In this week’s What the Hack! feature, Arthur Goldstuck speaks to Africa Melane about SAP restoring its reputation in South Africa after state capture allegations; the new Sony ULT Field 3 portable speaker that is designed to earn a place in everyday life; heading off to Paris for new Huawei wearable range; and some tips to safeguard your smartphone from attacks. Good Morning Cape Town with Lester Kiewit is a podcast of the CapeTalk breakfast show. This programme is your authentic Cape Town wake-up call. Good Morning Cape Town with Lester Kiewit is informative, enlightening and accessible. The team’s ability to spot & share relevant and unusual stories make the programme inclusive and thought-provoking. Don’t miss the popular World View feature at 7:45am daily. Listen out for #LesterInYourLounge which is an outside broadcast – from the home of a listener in a different part of Cape Town - on the first Wednesday of every month. This show introduces you to interesting Capetonians as well as their favourite communities, habits, local personalities and neighbourhood news. Thank you for listening to a podcast from Good Morning Cape Town with Lester Kiewit. Listen live on Primedia+ weekdays between 06:00 and 09:00 (SA Time) to Good Morning CapeTalk with Lester Kiewit broadcast on CapeTalk https://buff.ly/NnFM3Nk For more from the show go to https://buff.ly/xGkqLbT or find all the catch-up podcasts here https://buff.ly/f9Eeb7i Subscribe to the CapeTalk Daily and Weekly Newsletters https://buff.ly/sbvVZD5 Follow us on social media CapeTalk on Facebook: https://www.facebook.com/CapeTalk CapeTalk on TikTok: https://www.tiktok.com/@capetalk CapeTalk on Instagram: https://www.instagram.com/ CapeTalk on X: https://x.com/CapeTalk CapeTalk on YouTube: https://www.youtube.com/@CapeTalk567 See omnystudio.com/listener for privacy information.

On today's Technology Podcast, sponsored by Elbit America, Justin Sherman, the founder of Global Cyber Strategies advisory firm and a nonresident fellow at the Atlantic Council's Cyber Statecraft Initiative, joins Defense & Aerospace Report Editor Vago Muradian to discuss his new report for the Center for Naval Analyses — “Hacking and Firewalls Under Siege: Russia's Cyber Industry During the War on Ukraine (https://www.cna.org/reports/2025/08/Hacking-and-Firewalls-Under-Seige.pdf)” — the nature of the cyber war between Russia and Ukraine; the role of Russian state, corporate and general public actors in advancing Moscow's tactical and strategic aims from offensive cyber actions to hacking and information operations; the government's role in controlling these actors; how many have been sanctioned; the impact of Kaspersky's role in support of the Russian government and how that's impacting the company's global business; analysis of Russia's “Secret Blizzard” operation against foreign embassies by exploiting a Microsoft vulnerability; cyber lessons from Ukraine as it defends itself against Russia; and  happens to efforts to counter Russian in cyberspace when Washington normalizes relations with Moscow.

Send us a textSergey Novikov shares his fascinating journey from early days at Kaspersky Lab through his evolution as a malware analyst and cybersecurity expert, offering unique insights into the changing threat landscape and ethical considerations of security research.• Started at Kaspersky in 2002 when it was a small startup with fewer than 100 employees• Applied mathematics background led to research correlating human epidemic models with computer virus propagation• Worked as a "woodpecker" malware analyst detecting threats 24/7• Became part of Kaspersky's elite Global Research and Analysis Team (GREAT)• Team took pride in identifying APTs regardless of national origin to protect customers worldwide• Described security researchers as "paleontologists" uncovering complex digital threats• Participated in analysis of sophisticated threats like Stuxnet requiring specialized knowledge• Left Kaspersky in 2022 after Russia-Ukraine conflict began• Transitioned to pharmaceutical industry cybersecurity before joining CyberProof• Observes modern threats have blurred lines between nation-state actors, cybercriminals and hacktivists• Believes cybersecurity professionals must maintain perpetual learning mindset• Recommends self-learning and hands-on experience for aspiring security researchers• Notes AI is enabling more agile, automated attacks rather than quantum computing threatsConnect with Sergey on LinkedIn or visit cyberproof.com to learn more about their security services and research blog.Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

1. Scrutiny of the "Tea" Dating AppThe women-focused dating app "Tea" faces backlash after two data breaches exposed 72,000 sensitive images and 1.1 million private messages. Though security upgrades were promised, past data remained exposed, and the app lacks end-to-end encryption. Additionally, anonymous features enabling posts about men have sparked defamation lawsuits. Critics argue Tea prioritized rapid growth over user safety, exemplifying the danger of neglecting cybersecurity in pursuit of scale.2. North Korean Remote Work InfiltrationCrowdStrike has flagged a 220% surge in North Korean IT operatives posing as remote workers—over 320 cases in the past year. These operatives use stolen/fake identities, aided by generative AI to craft résumés, deepfake interviews, and juggle multiple jobs. Their earnings fund Pyongyang's weapons programs. The tactic reveals the limits of traditional vetting and the need for advanced hiring security.3. Airportr's Data ExposureUK luggage service Airportr suffered a major security lapse exposing passport photos, boarding passes, and flight details—including those of diplomats. CyberX9 found it possible to reset accounts with just an email and no limits on login attempts. Attackers could gain admin access, reroute luggage, or cancel flights. Although patched, the incident underscores risks of convenience services with poor security hygiene.4. Risks of AI-Generated CodeVeracode's "2025 GenAI Code Security Report" found that nearly 45% of AI-generated code across 80 tasks had security flaws—many severe. This highlights the need for human oversight and thorough reviews. While AI speeds development, it also increases vulnerability if unchecked, making secure coding a human responsibility.5. Microsoft's SharePoint Hack ControversyChinese state hackers exploited flaws in SharePoint, breaching hundreds of U.S. entities. A key concern: China-based Microsoft engineers maintained the hacked software, potentially enabling earlier access. Microsoft also shared vulnerability data with Chinese firms through its MAPP program, while Chinese law requires such data be reported to the state. This raises alarms about outsourcing sensitive software to geopolitical rivals.6. Russian Embassy Surveillance AttackRussia's "Secret Blizzard" hackers used ISP-level surveillance to deliver fake Kaspersky updates to embassies. These updates installed malware and rogue certificates enabling adversary-in-the-middle attacks—allowing full decryption of traffic. The attack shows the threat of state-level manipulation of software updates and underscores the need for update authenticity verification.7. Signal's Threat to Exit AustraliaSignal may pull out of Australia if forced to weaken encryption. ASIO's push for access contradicts Signal's end-to-end encryption model, which can't accommodate backdoors without global compromise. This standoff underscores a broader debate: encryption must be secure for all or none. Signal's resistance reflects the rising tension between privacy advocates and governments demanding access.8. Los Alamos Turns to AILos Alamos National Laboratory has launched a National Security AI Office, signaling a pivot from nuclear to AI capabilities. With massive GPU infrastructure and university partnerships, the lab sees AI as the next frontier in scientific and national defense. This reflects a shift in global security dynamics—where large language models may be as strategically vital as missiles.

EP 254. In this week's update:Despite back-to-back data breaches and legal blowback, women are still queuing up by the millions for Tea.  This is one hot dating app that's apparently more viral than secure.North Korean IT operatives are clocking into remote jobs worldwide. Fueled by GenAI and fake identities in what CrowdStrike calls a daily cybersecurity crisis.A British luggage startup managed to lose more than just bags. Airportr briefly exposed diplomatic travel data and full backend access to anyone with a browser and curiosity.According to Veracode, nearly half of all AI-generated code is insecure. And that should leave you feeling insecure, especially if your code reviews have been neglectedMicrosoft confirmed Chinese engineers have long supported the same SharePoint software recently hacked by Beijing.  The breach hit hundreds of U.S. institutions—including nuclear and homeland security.Russian state hackers tricked foreign embassies into installing fake updates from “Kaspersky.”  The malware came with a rogue root certificate—and full surveillance capabilities.Signal's president warned it might pull out of Australia over demands to weaken encryption. The country's privacy pushback continues—and secure apps are packing their bags.Los Alamos is pouring resources into AI research—because in 2025, the most powerful weapon might be a large language model, rather than a missile.Finish that cuppa, we have a lot to cover!Find the full transcript to this podcast here.

Une enquête publiée par Microsoft révèle une vaste opération d'espionnage informatique visant plusieurs ambassades étrangères à Moscou. En cause : un groupe de hackers lié au FSB, les services de renseignement russes. Le groupe, connu sous le nom de Secret Blizzard, mais aussi sous les alias Turla, Snake ou encore Venomous Bear, sévit depuis la fin des années 1990. Leur dernière trouvaille ? Un malware baptisé ApolloShadow, capable de s'installer discrètement sur les ordinateurs diplomatiques… à partir même des connexions Internet locales.Comment ça fonctionne ? L'attaque débute dès qu'un appareil se connecte à un fournisseur d'accès russe. Les hackers redirigent alors le trafic vers une fausse page de connexion, similaire à celles des réseaux Wi-Fi publics. En coulisses, une requête Windows censée contacter Microsoft est détournée vers un domaine frauduleux. Le piège se referme : le logiciel espion s'installe sans que l'utilisateur ne clique sur quoi que ce soit. ApolloShadow se fait ensuite passer pour un banal installateur Kaspersky, affichant une fenêtre système qui semble légitime. Une fois les droits administrateur accordés, il installe deux certificats racine pour intercepter les connexions sécurisées. Résultat : même les échanges diplomatiques cryptés peuvent être espionnés. Le malware modifie les règles du pare-feu, redéfinit le réseau comme privé, et crée un compte système fantôme, “UpdatusUser”, qui permet aux attaquants de conserver l'accès.L'activité a été détectée en février 2025, mais le malware circulait déjà depuis l'an dernier. Microsoft a fourni aux ambassades les outils pour détecter les infections, et recommande désormais l'usage de VPN ou de connexions satellites pour contourner les infrastructures russes. Un rappel sévère : la diplomatie moderne ne se joue plus seulement autour d'une table… mais aussi dans les câbles. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Noite bizarra na TV brasileira: o sinal da Record News é invadido e exibe um vídeo de creepypasta misterioso, teve vazamento da Apple com imagens que revelam a linha completa do iPhone 17 antes da hora. No campo da segurança, idosos estão sendo enganados com pedidos de fotos na rua e caindo em fraudes bancárias. Um estudo aponta que o sistema de reconhecimento facial em São Paulo não reduziu os crimes. Do lado da ciência, pesquisadores brasileiros criam uma IA capaz de detectar a agressividade do câncer e o YouTube usará IA para diferenciar contas de menores de idade e adultos.

Mais de 11 milhões de brasileiros têm dados bancários expostos em falha grave no sistema do Judiciário! ‘Lei Elon Mais de 11 milhões de brasileiros têm dados bancários expostos em falha grave no sistema do Judiciário! ‘Lei Elon Musk': Guilherme Boulos apresenta projeto audacioso que pode fazer as big techs PAGAREM os usuários!? Trump muda radicalmente de ideia e desiste de dividir a Nvidia após conversa surpreendente com CEO. One UI 8 e Android 16 estão chegando: descubra AGORA se seu Galaxy vai receber a atualização. YouTube revoluciona comentários com sistema inspirado no Reddit.

In this episode, I address listener feedback and corrections regarding use of public Wi-Fi, MAC addresses, and aliases. I dive deep into the nuances of MAC address randomization on GrapheneOS versus Apple's private Wi-Fi addresses, explaining why GrapheneOS offers superior privacy protection. I discuss the real threats of public Wi-Fi in 2025 (hint: it's not hackers with Wireshark), and share my approach with aliases.I also cover the rising threat of infostealers like Atomic Info Stealer for macOS, the dangerous intersection of gaming cheats and malware, and why I avoid third-party antivirus software. Most importantly, I address the GrapheneOS controversy: the loss of a senior developer to military conscription, Google's strategic pivot that threatens custom ROMs, and why claims of GrapheneOS “dying” are misinformation spread by those with competing agendas.In this week's episode:Clarifications and Corrections: Public Wi-Fi, MAC addresses, and alias managementMAC address randomization: GrapheneOS vs Apple's implementationThe real threats of public Wi-Fi in 2025Info stealers and video games can be a privacy nightmareGrapheneOS controversy: Developer conscription, Google's lockdown, and the future of custom ROMsWhy antivirus software might be the malware you're trying to avoidMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:MAC Address Lookup - https://maclookup.app/OUI Lookup - https://oui.is/33mail - https://www.33mail.com/OpenSnitch - https://github.com/evilsocket/opensnitchPrivacy.com - https://privacy.comLithic - https://lithic.comKaspersky and Russian Government - https://en.wikipedia.org/wiki/Kaspersky_and_the_Russian_governmentGoogle Not Killing AOSP - https://www.androidauthority.com/google-not-killing-aosp-3566882/GrapheneOS on Developer Conscription - https://grapheneos.social/@GrapheneOS/114359660453627718GrapheneOS on OEM Partnerships (June 19) - https://grapheneos.social/@GrapheneOS/114671100848024807GrapheneOS Response to Misinformation - https://grapheneos.social/@GrapheneOS/114825492698412916GrapheneOS on iPhone Security - https://grapheneos.social/@GrapheneOS/114824816120139544“Social engineering bypasses all technologies, including firewalls.”- Kevin Mitnick ★ Support this podcast on Patreon ★

Joining the podcast this week is Dmitry Bestuzhev, senior director of cyber threat intelligence (CTI) at Blackberry. He gives Petko an inside look into the key types of CTI and how the insights can be used to build context and determine response in specific circumstances, such as in the recent case of attempted targets at NATO. Dmitry also turns our attention to the risks posed by public charging stations - a ploy dubbed “Juice Jacking.”   Dmitry Bestuzhev, Senior Director CTI at BlackBerry Dmitry Bestuzhev is Senior Director, CTI (Cyber Threat Intelligence) at BlackBerry. Prior to BlackBerry, Dmitry was Head of Kaspersky's Global Research and Analysis Team for Latin America, where he oversaw the company's experts' anti-malware development work in the region. Dmitry has more than 20 years of experience in IT security across a wide variety of roles. His field of expertise covers everything from traditional online fraud to targeted high-profile attacks on financial and governmental institutions. His main focus in research is on producing Threat Intelligence reports on financially motivated targeted attacks. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e341

Bénéficiez de l'offre Kaspersky Small Office Security en cliquant ici https://kas.pr/39xiUtilisez le code promo ESOA20 C'est le bon plan ESOA ✌

Joining the podcast this week is Dmitry Bestuzhev, senior director of cyber threat intelligence (CTI) at Blackberry. He gives Petko an inside look into the key types of CTI and how the insights can be used to build context and determine response in specific circumstances, such as in the recent case of attempted targets at NATO. Dmitry also turns our attention to the risks posed by public charging stations - a ploy dubbed “Juice Jacking.”   Dmitry Bestuzhev, Senior Director CTI at BlackBerry Dmitry Bestuzhev is Senior Director, CTI (Cyber Threat Intelligence) at BlackBerry. Prior to BlackBerry, Dmitry was Head of Kaspersky's Global Research and Analysis Team for Latin America, where he oversaw the company's experts' anti-malware development work in the region. Dmitry has more than 20 years of experience in IT security across a wide variety of roles. His field of expertise covers everything from traditional online fraud to targeted high-profile attacks on financial and governmental institutions. His main focus in research is on producing Threat Intelligence reports on financially motivated targeted attacks. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e340

As notícias de hoje incluem a Tesla começando os testes do seu serviço de robotáxi nos Estados Unidos, um novo malware avançado que está clonando aplicativos bancários para roubar seus dados, Nvidia e a Foxconn planejando uma fábrica com robôs humanoides, planos da Applepara lançar um iPhone sem nenhum recorte ou furo na tela, e imagens vazadas dos próximos gandes lançamentos da Samsung, incluindo o Galaxy Z Fold 7, Z Flip 7 e os novos Galaxy Watch 8 e Watch Ultra 2.

Researchers uncover a major privacy violation involving tracking scripts from Meta and Yandex. A compliance automation firm discloses a data breach. PumaBot stalks vulnerable IoT devices. The Ramnit banking trojan gets repurposed for ICS intrusions. The North Face suffers a credential stuffing attack. Kaspersky says the Black Owl team is a cyber threat to Russia. CISA releases ISC advisories. An Indian grocery delivery startup suffers a devastating data wiping attack. The UK welcomes their new Cyber and Electromagnetic (CyberEM) Command. Our guest is Rohan Pinto, CTO of 1Kosmos, discussing the implications of AI deepfakes for biometric security. The cybersecurity sleuths at Sophos unravel a curious caper. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Rohan Pinto, CTO of 1Kosmos, and he is discussing the implications of AI deepfakes for biometric security. Selected Reading Meta and Yandex are de-anonymizing Android users' web browsing identifiers (Ars Technica) Vanta leaks customer data due to product code change (Beyond Machines) New Linux PumaBot Attacking IoT Devices by Brute-Forcing SSH Credentials (Cyber Security News) Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift (SecurityWeek) The North Face warns customers of April credential stuffing attack (Bleeping Computer) Pro-Ukraine hacker group Black Owl poses ‘major threat' to Russia, Kaspersky says (The Record) CISA Releases ICS Advisories Covering Vulnerabilities & Exploits (Cyber Security News) Indian grocery startup KiranaPro was hacked and its servers deleted, CEO confirms (TechCrunch) UK CyberEM Command to spearhead new era of armed conflict (The Register) Widespread Campaign Targets Cybercriminals and Gamers  (Infosecurity Magazine) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

04 Jun 2025. Airfares are reportedly down 40% from a year ago with airlines making just $7 per flight. We get a reaction from aviation lawyer Nick Humphrey. Plus, RAK Bank surveys SMEs about their outlook, we get the results from Dhiraj Kunwar. And Kaspersky’s Maher Yamout breaks down the latest cyber threat targeting fintech and trading apps.See omnystudio.com/listener for privacy information.

Spionage-Verdacht rund um den Schweizer Geheimdienst: Mitarbeitende haben mit russischen Kontakten kooperiert, zeigt eine Recherche von SRF Investigativ. Dabei sollen auch hochsensible Daten abgeflossen und bei russischen Geheimdiensten gelandet sein. Eine Geheimdienstexpertin ist perplex. Mitarbeitende des Schweizer Geheimdienstes sollen über Jahre eng mit russischen Kontakten kooperiert haben. Das erstaune sie sehr, sagt Geheimdienstexpertin Aviva Guttmann. Der Nachrichtendienst des Bundes NDB müsse häufig mit anderen Geheimdiensten zusammenarbeiten, aber Russland sei da sicher kein guter Partner. Wir sprechen mit ihr darüber, wie der Schweizer Geheimdienst arbeitet und wie sie die Enthüllungen von SRF Investigativ einordnet. Hinweis: Im Podcast sprechen wir fälschlicherweise von Kapersky statt Kaspersky. Wir entschuldigen uns für diesen Versprecher. ____________________ Habt Ihr Fragen oder Themen-Inputs? Schreibt uns gerne per Mail an newsplus@srf.ch oder sendet uns eine Sprachnachricht an 076 320 10 37. ____________________ In dieser Episode zu hören - Aviva Guttmann, Geheimdienstexpertin, Dozentin und Forscherin an der Universität Aberystwyth in Wales - Christo Grozev, Investigativjournalist, der sich seit Jahren mit russischen Geheimdiensten befasst - Bundesrat Martin Pfister, der als Verteidigungsminister für den Nachrichtendienst des Bundes zuständig ist - Balthasar Glättli, Sicherheitspolitiker Grüne - Thomas Hurter, Sicherheitspolitiker SVP ____________________ Links - Die Recherche zur Russland-Affäre im Schweizer Geheimdienst: https://www.srf.ch/news/schweiz/russland-affaere-im-ndb-liess-sich-der-schweizer-geheimdienst-von-russland-beeinflussen - Hörtipp: Die neue Serie von News Plus Hintergrunde mit dem Titel «Die Spritze - zwischen Hype und Hoffnung»: https://www.srf.ch/audio/news-plus-hintergruende/die-spritze-zwischen-hype-und-hoffnung-1-4-der-erste-shot?id=AUDI20250603_NR_0002 ____________________ Team - Moderation: Raphaël Günther - Produktion: Martina Koch - Mitarbeit: Peter Hanselmann ____________________ Das ist «News Plus»: In einer Viertelstunde die Welt besser verstehen – ein Thema, neue Perspektiven und Antworten auf eure Fragen. Unsere Korrespondenten und Expertinnen aus der Schweiz und der Welt erklären, analysieren und erzählen, was sie bewegt. «News Plus» von SRF erscheint immer von Montag bis Freitag um 16 Uhr rechtzeitig zum Feierabend.

xorsearch Update Diedier updated his "xorsearch" tool. It is now a python script, not a compiled binary, and supports Yara signatures. With Yara support also comes support for regular expressions. https://isc.sans.edu/diary/xorsearch.py%3A%20Searching%20With%20Regexes/31854 Shorter Lived Certificates The CA/Brower Forum passed an update to reduce the maximum livetime of certificates. The reduction will be implemented over the next four years. EFF also released an update to certbot introducing profiles that can be used to request shorter lived certificates. https://www.eff.org/deeplinks/2025/04/certbot-40-long-live-short-lived-certs https://groups.google.com/a/groups.cabforum.org/g/servercert-wg/c/bvWh5RN6tYI New Malware Harvesting Data from USB drives and infecting them. Kaspersky is reporting that they identified new malware that not only harvests data from USB drives, but also spread via USB drives by replacing existing documents with malicious files. https://securelist.com/goffee-apt-new-attacks/116139/

[glossary_exclude]It's complicated[/glossary_exclude] by Leo A. Notenboom Transcript (A pre-written script that I riffed from while recording the video.) That some of our software comes from overseas is, I hope, not news. Globalization is strong in technology. However it is you're watching or reading this, you can bet that components used in the software, computers, networks, and servers come from all over the world. When it comes to tech borders are in many ways irrelevant; it's one big planetary market. With recent political events and the rise of geo-political tribalism, those borders have become a little less imaginary. In fact, depending on the border you're talking about they're on the top of many people's minds. Case in point: I've recommended the backup program EaseUS Todo for a long time. One of the push-backs I get semi-regularly is that the company is based in China. While it's not prominent on their website, the corporate information can be found. CHENGDU Yiwo® Tech Development Co. 18F-K, Building 2 Huaxi Meilu, No.17 Section 3 of Renmin South Road Chengdu, Sichuan, 610000 China I received a comment recently: Question: [glossary_exclude]Why do you feel safe about using software from this Chinese owned company?[/glossary_exclude] My response is the same as it's been for years: There's been zero evidence of any wrongdoing. Zero. And I'm an evidence-based guy. If there's eventual evidence of wrong doing, then I'll drop my recommendation, but that's true for any software I use, regardless of the source. But I totally understand that even without evidence, more folks might be concerned in the light of heightened trade war issues. Here's the problem, though: there are few domestic alternatives. (To be fair, I've not evaluated every solution, so maybe there is. But that's kinda not the point.) So much of the software we use originates in other countries, or has massive contributions from overseas sources. A selection of backup and restore tools: Acronis: Singapore and Switzerland (though originally Russian in origin) Aomei Backupper: Hong Kong Ashampoo: Germany Hasleo backup: unknown(!). Macrium Reflect: UK Nero BackItUp: Germany Paragon: Germany DriveImage XML: US (Hawaii), though it's not the complete solution I generally look for and recommend. Open source tools like CloneZilla, and others invite contributions from around the world. It's not just backup software. Kaspersky is a great example of security software that's been explicitly banned -- without evidence, that I'm aware of -- because it comes from "the wrong country", a country some have concerns over, while others apparently do not. And it's not just software. Consider all the hardware we rely on every day. Components come from all over the planet, including China. It's complicated. Honestly I'm less concerned about espionage than I am about the practical impact of the trade war. I would not surprise me if, at some point, EaseUS and other products originating from China were banned (or tarriffed into oblivion) much like Kaspersky, not because of evidence of wrong doing, but simply by being a pawn in a larger geopolitical game. The net result would be fewer and or more expensive options for us all. I'd expect there to be evidence if there were actual espionage or data theft from tools like EaseUS Todo, especially after all this time. I'm comfortable using the tools until either there's proof of malicious behavior, or until the geopolitical situation says I can't have them any more. If you feel differently, that's fine. There are alternatives, but you'll need to choose once again just who it is you do trust. I mean, you're trusting someone, likely several someone's all over the planet, every time you even turn on your computer and connect to the internet. What's your take? Are you avoiding China, and if so based on what? Principle?

Three Buddy Problem - Episode 40: On the show this week, we look at the technical deficiencies and opsec concerns around the use of Signal for ultra-sensitive communications. Plus, some speculation on who's behind Kaspersky's ‘Operation Forum Troll' report, Chinese discussion on NSA/CIA mobile networks exploitation, and the return of ‘Lab Dookhtegan' hack-and-leak exposures. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memory-safe languages mean for developers? What exactly are memory-safe languages? Australia joins the Kaspersky ban. Gmail plans to switch from SMS to QR code authentication. A SpinRite success and some fun feedback. An astonishing new technology for targeted radio jamming Show Notes - https://www.grc.com/sn/SN-1015-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com bitwarden.com/twit veeam.com threatlocker.com for Security Now

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memory-safe languages mean for developers? What exactly are memory-safe languages? Australia joins the Kaspersky ban. Gmail plans to switch from SMS to QR code authentication. A SpinRite success and some fun feedback. An astonishing new technology for targeted radio jamming Show Notes - https://www.grc.com/sn/SN-1015-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com bitwarden.com/twit veeam.com threatlocker.com for Security Now

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memory-safe languages mean for developers? What exactly are memory-safe languages? Australia joins the Kaspersky ban. Gmail plans to switch from SMS to QR code authentication. A SpinRite success and some fun feedback. An astonishing new technology for targeted radio jamming Show Notes - https://www.grc.com/sn/SN-1015-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com bitwarden.com/twit veeam.com threatlocker.com for Security Now

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memory-safe languages mean for developers? What exactly are memory-safe languages? Australia joins the Kaspersky ban. Gmail plans to switch from SMS to QR code authentication. A SpinRite success and some fun feedback. An astonishing new technology for targeted radio jamming Show Notes - https://www.grc.com/sn/SN-1015-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com bitwarden.com/twit veeam.com threatlocker.com for Security Now

Firefox amends their privacy policy -- the world melts down. Signal threatens to leave Sweden. Aftermath of the massive $1.5 billion Bybit ETH heist. It turns out that it wasn't actually Bybit's fault. "The Lazarus Bounty" monitoring and management site. Mozilla's commitment to Manifest V2 (and the uBlock Origin). What does the ACM's plea for memory-safe languages mean for developers? What exactly are memory-safe languages? Australia joins the Kaspersky ban. Gmail plans to switch from SMS to QR code authentication. A SpinRite success and some fun feedback. An astonishing new technology for targeted radio jamming Show Notes - https://www.grc.com/sn/SN-1015-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: legatosecurity.com bitwarden.com/twit veeam.com threatlocker.com for Security Now

Apple, the UK, and data protection, you can get pwned really fast, Australia says no Kaspersky for you!, the default password is on the Internet, topological qubits, dangerous AI tools, old software is not just old but vulnerable too, tearing down Sonic Walls, CWE is good but could be great, updating your pi-hole, should you watch "Zero Day"? my non-spoiler review will tell you, no more DBX hellow SBAT!, and I love it when chat logs of secret not-so-secret ransomware groups are leaked! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-863

Cronenbergs, Dangling Twitchbots, Crypto, Kaspersky, SMS, OT, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-454

Retired Gen. Paul Nakasone warns the U.S. is falling behind in cyberspace. Australia orders government entities to remove and ban Kaspersky products. FatalRAT targets industrial organizations in the APAC region. A major cryptocurrency exchange reports the theft of $1.5 billion in digital assets. Apple removes end-to-end encryption (E2EE) for iCloud in the UK. Researchers uncover a LockBit ransomware attack exploiting a Windows Confluence server. Researchers uncover zero-day vulnerabilities in a widely used cloud logging utility.A PayPal email scam is tricking users into calling scammers. Republican leaders in the House request public input on national data privacy standards. A Michigan man faces charges for his use of the Genesis cybercrime marketplace. Our guest is  Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, explaining the domino effect of a cyberattack on the power grid. Meta sues an Insta Extortionist. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Dave speaks with Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, about the domino effect of a cyberattack on the power grid. You can dig into the details in their report.  Selected Reading Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace (CyberScoop) Kaspersky Banned on Australian Government Systems (SecurityWeek) Chinese Hackers Attacking Industrial Organizations With Sophisticated FatalRAT (Cyber Security News) Bybit Hack Drains $1.5 Billion From Cryptocurrency Exchange (SecurityWeek) Experts Slam Government After “Disastrous” Apple Encryption Move (Infosecurity Magazine) Confluence Exploit Leads to LockBit Ransomware (The DFIR Report) Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks (Cyber Security News) Beware: PayPal "New Address" feature abused to send phishing emails (Bleeping Computer) Top House E&C Republicans query public for ideas on data privacy law (CyberScoop) US Charges Genesis Market User (SecurityWeek) Meta Sues Alleged Instagram Extortionist (404 Media)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

President Trump rolls back AI regulations and throws TikTok a lifeline. Attackers pose as Ukraine's CERT-UA tech support. A critical vulnerability is found in the Brave browser. Sophos observes hacking groups abusing Microsoft 365 services and exploiting default Microsoft Teams settings. Researchers uncover critical flaws in tunneling protocols. A breach exposes personal information of thousands of students and educators. Oracle patches 320 security vulnerabilities. Kaspersky reveals over a dozen vulnerabilities in a Mercedes-Benz infotainment system. Tim Starks from CyberScoop discusses executive orders on cybersecurity and the future of CISA. We preview coming episodes of Threat Vector.  Honesty isn't always the best policy.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector podcast preview today:  IoT devices are everywhere, with billions deployed globally in industries like healthcare, manufacturing, and critical infrastructure. But this explosion of connectivity brings unprecedented security challenges. Host David Moulton speaks with Dr. May Wang, CTO of IoT Security at Palo Alto Networks, about how AI is transforming IoT security. Stay tuned for the full conversation this Thursday.  CyberWire Guest Our guest is Tim Starks from CyberScoop discussing executive orders on cybersecurity and the future of CISA. You can read Tim's article on the recent Biden EO here.   Selected Reading Trump revokes Biden executive order on addressing AI risks (Reuters) TikTok is back up in the US after Trump says he will extend deadline (Bleeping Computer) Hackers impersonate Ukraine's CERT to trick people into allowing computer access (The Record)  Brave Browser Vulnerability Let Malicious Website Mimic as Legitimate One (Cyber Security News)  Ransomware Groups Abuse Microsoft Services for Initial Access (SecurityWeek) Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally (Hackread) Students, Educators Impacted by PowerSchool Data Breach (SecurityWeek) Oracle To Address 320 Vulnerabilities in January Patch Update (Infosecurity Magazine) Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities (SecurityWeek) Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices