Podcasts about lockbit

Host David Mauro interviews Jon DiMaggio, a well-respected cybercrime investigator, delving into the operations of LockBit, once the Top ransomware gang and now a Cyber Crime Gang Exposed. We discuss the Ransomware Take Down of #Lockbit, and how Jon's research led to cyber criminals exposed on #cybercrimejunkies.#lockbit #ransomware #cybercrimeDon't miss the video: https://www.youtube.com/watch?v=fpRV4YAlXKISend us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Have a Guest idea or Story for us to Cover? You can now text our Podcast Studio direct. Text direct (904) 867-4466

In this episode of the Cyber Uncut podcast, David Hollingworth and Daniel Croft get into a deep ethical discussion after an AI-generated deepfake of a murder victim, untangle the deeply confusing saga of the DragonForce ransomware gang's latest evolution, the Australian Human Rights Commission (AHRC) breaches itself, and the insane back and forth between the People's Republic of China and the CIA. Hollingworth and Croft begin with a robust discussion about a new AI development – using the technology to generate a deepfake video of a murder victim to be played in a US court as a victim impact statement. It's a complex issue, and the pair try to find common ground – but they agree it's a complex issue. The pair then get into the weeds, sorting out the truth regarding the DragonForce ransomware-as-a-service operation, which may or may not be taking over the RansomHub gang. Or maybe the gang is joining DragonForce? It's all very confusing, and Hollingworth and Croft do their best to get to the bottom of a very confusing situation. They also discuss more details that have emerged from behind the scenes of the LockBit gang, and an accidental data breach at the Australian Human Rights Commission. Things get wrapped up with the CIA's bizarre move to recruit Chinese spies, and the rather interesting response of some very dedicated and upset Chinese netizens. It's spycraft in the 21st century, but not as you know it. Enjoy the podcast, The Cyber Uncut team

Chris and Hector dive into the recent breach of the LockBit ransomware gang and what it reveals about operational security failures—even among hackers. They discuss the fallout from the Pegasus spyware scandal, with NSO Group ordered to pay $168 million, and explore the troubling reliance on vulnerable federal contractors. Plus, Hector delivers one of his signature rants—this time on who's really watching the watchers. Join our new Patreon! ⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠ Send HATF your questions at ⁠⁠⁠questions@hackerandthefed.com

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Struggling to find that pesky passwords.xlsx in Sharepoint? Copilot has your back! The ransomware ecosystem is finding life a bit tough lately SAP Netweaver bug being used by Chinese APT crew Academics keep just keep finding CPU side-channel attacks And of course… bugs! Asus, Ivanti, Fortinet… and a Nissan LEAF? This week's episode is sponsored by Resourcely, who will soothe your Terraform pains. Founder and CEO Tracis McPeak joins to talk about how to get from a very red dashboard full of cloud problems to a workable future. This episode is also available on Youtube. Show notes Exploiting Copilot AI for SharePoint | Pen Test Partners MrBruh's Epic Blog Ransomware group Lockbit appears to have been hacked, analysts say | Reuters "CONTI LEAK: Video they tried to bury! 6+ Conti members on a private jet. TARGET's birthday — $10M bounty on his head. Filmed by TARGET himself. Original erased — we kept a copy." Mysterious hackers who targeted Marks and Spencer's computer systems hint at political allegiance as they warn other tech criminals not to attack former Soviet states The organizational structure of ransomware groups is evolving rapidly. SAP NetWeaver exploitation enters second wave of threat activity China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures DOGE software engineer's computer infected by info-stealing malware Hackers hijack Japanese financial accounts to conduct nearly $2 billion in trades FBI and Dutch police seize and shut down botnet of hacked routers Poland arrests four in global DDoS-for-hire takedown School districts hit with extortion attempts after PowerSchool breach EU launches vulnerability database to tackle cybersecurity threats Training Solo - vusec Branch Privilege Injection: Exploiting Branch Predictor Race Conditions – Computer Security Group Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet PSIRT | FortiGuard Labs EPMM Security Update | Ivanti

In this episode, Drex covers three key security stories: the HSCC's "On the Edge" report on rural healthcare cybersecurity vulnerabilities, Mossimo's security breach affecting their manufacturing operations, and the hacking of LockBit ransomware gang which exposed Bitcoin wallets and negotiation messages. Drex also mentions his panel at HIMSS Southern California on healthcare cybersecurity.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

On this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• ICYMI: REGISTER NOW! WaterISAC's 2025 H2OSecCon! (20 May) From cybersecurity to climate resilience, operational continuity to public trust, we must collaborate across sectors to build smarter, stronger, and more adaptive systems. That's why we're inviting leaders like you to join the WaterISAC's 2025 H2OSecCon. Connect with peers and leaders committed to enhancing the resilience of our nation's critical systems.Main Topics:Ransomware & Data Breaches: • Monday was Anti-Ransomware Day 2025! What a great time to invest in ransomware resilience! Contact Gate 15 today to get to work building your Cyber Incident Response Plan and ransomware procedures, to start planning your next ransomware workshop or tabletop exercise, to plan for post-incident analysis or to take advantage of our new very price-friendly ransomware exercise for executives – designed especially for small and medium businesses! • Explore the latest cyber risks and claims trends from Coalition. LockBit ransomware gang hacked, victim negotiations exposed• Reminder! Criminals lie and NEVER DELETE YOUR DATA! School boards hit with ransom demands linked to PowerSchool cyberattack• M&S 'had no plan' for cyber attacks, insider claims, with 'staff left sleeping in the office amid paranoia and chaos' • The Very Real Costs of Ransomware: IT warning after hackers close 160-year-old firm. Extremism:• Ohio Man Charged with Threatening State Public Officials • Texas Man Convicted of Making Threats to Kill Nashville District Attorney Glenn Funk • FBI has opened 250 investigations tied to violent online network '764' that preys on teens, top official says• Teenage Terrorists Are a Growing Threat to Europe's SecurityUSG Transitions• Trump's 2026 budget proposes $163 billion cut to non-defense spending, slashes CISA and FEMA funding• White House Proposes $500 Million Cut to CISA• Hegseth orders Pentagon to cut number of senior generals by 20%• Lawmakers question Noem over cuts to CISA, FEMA, TSA• Lawmakers grill Noem over CISA funding cuts, demand Trump cyber plan• NSA to cut up to 2,000 civilian roles as part of intel community downsizing• NIST loses key cyber experts in standards and researchIndia strikes Pakistan over tourist killings, Pakistan says it will retaliate• Kashmir crisis live: Pakistan PM authorises armed forces to undertake ‘corresponding action' after India strikes kill 26• Pakistan vows to respond after India launches strikes in wake of Kashmir massacre• Pakistan claims to have downed Indian warplanes, vows response to strikes• China urges restraint as India-Pakistan tensions escalate with military strikes• A Timeline of Tensions Between India and Pakistan Over Kashmir• India, Pakistan accuse each other of attacks as hostilities rise• AlQaeda Statement On Indian Strikes In PakistanQuick Hits:• Crypto millionaires targeted in brutal kidnappings across France and Europe; Attackers' modus operandi: cutting off victims' fingers to pressure payments. • The father of a cryptocurrency entrepreneur was kidnapped in Paris and found held captive with his finger severed. (article in French)• Assessing the U.S. Climate in April 2025Assessing the U.S. Climate in April 2025• FBI PSA - Cyber Criminal Proxy Services Exploiting End of Life Routers• FBI FLASH: Cyber Criminal Services Target End-of-Life Routers to Launch Attacks and Hide Their Activities (PDF)• Risky Bulletin: France says Russian influence operations are getting better, achieving results• Unsophisticated Cyber Actor(s) Targeting Operational Technology • Primary Mitigations to Reduce Cyber Threats to Operational Technology• US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations• Primary Mitigations to Reduce Cyber Threats to Operational Technology• UK NCSC: UK pioneering global move away from passwords• Classic Rock - Hunting A Botnet That Preys On The Old

In this episode of the Cyber Uncut podcast, David Hollingworth and Daniel Croft discuss Meta's newly launched AI that will be powered by Facebook, DeepSeek is back in the news, a horror week of hacks for some massive UK retail chains, LockBit, and the wonderful day and night that was last week's Australian Cyber Summit and Australian Cyber Awards. Hollingworth and Croft begin by talking about the latest in artificial intelligence news, with Meta announcing it will be building its next AI based upon information shared on the social network by its users, and China's revelations that it will be using DeepSeek to help develop its next generation of fighter aircraft. The pair then run down the week in cyber crime, with ransomware gang DragonForce potentially being behind a string of disruptive attacks on some big UK retailers, including Harrods and Marks & Spender – and maybe even behind hacking once dominant ransomware giant LockBit. Hollingworth and Croft also discuss Spectrum Medical Imaging's continuing investigation into its January data breach. The pair wrap things up with a recap of the Australian Cyber Summit and Australian Cyber Awards, held last week. It was a great day and night. The two journalists talk about the importance of giving something back to Australians' network defenders and quality of content presented during the day. Enjoy the podcast, The Cyber Uncut team

PowerSchool, T-Mobile, iHeartMedia, LockBit ransomware group, Hertz and more are all part of this week's insanity!

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode, Erich and Javvad discuss how Lockbit appears to be hacked again, Qlin makes a jump to #1 in the ransomware game, Google gets serious against scams with Gemini, and more!   Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android https://thehackernews.com/2025/05/google-rolls-out-on-device-ai.html   Qilin Ransomware Ranked Highest in April 2025 with 72 Data Leak Disclosures https://thehackernews.com/2025/05/qilin-leads-april-2025-ransomware-spike.html   LockBit ransomware gang hacked again https://www.computing.co.uk/news/2025/security/lockbit-ransomware-gang-hacked-again   UK Cyber Insurance Claims Second Highest on Record https://www.infosecurity-magazine.com/news/uk-cyberinsurance-claims-second/

France says Russia's influence operations are achieving results, Crowdstrike lays off 5% of its staff, a hacker dumps LockBit's ransomware database, and a ransomware attack slows production at a major US medical device maker. Show notes

In this episode of the Cyber Uncut podcast, David Hollingworth and Daniel Croft discuss Meta's newly launched AI that will be powered by Facebook, DeepSeek is back in the news, a horror week of hacks for some massive UK retail chains, LockBit, and the wonderful day and night that was last week's Australian Cyber Summit and Australian Cyber Awards. Hollingworth and Croft begin by talking about the latest in artificial intelligence news, with Meta announcing it will be building its next AI based upon information shared on the social network by its users, and China's revelations that it will be using DeepSeek to help develop its next generation of fighter aircraft. The pair then run down the week in cyber crime, with ransomware gang DragonForce potentially being behind a string of disruptive attacks on some big UK retailers, including Harrods and Marks & Spencer – and maybe even behind hacking once dominant ransomware giant LockBit. Hollingworth and Croft also discuss Spectrum Medical Imaging's continuing investigation into its January data breach. The pair wrap things up with a recap of the Australian Cyber Summit and Australian Cyber Awards, held last week. It was a great day and night. The two journalists talk about the importance of giving something back to Australians' network defenders and quality of content presented during the day. Enjoy the podcast, The Cyber Uncut team

The LockBit ransomware gang has been hacked. Google researchers identify a new infostealer called Lostkeys. SonicWall is urging customers to patch three critical device vulnerabilities. Apple patches a critical remote code execution flaw. Cisco patches 35 vulnerabilities across multiple products. Iranian hackers cloned a German modeling agency's website to spy on Iranian dissidents. Researchers bypass SentinelOne's EDR protection. Education tech firm PowerSchool faces renewed extortion. CrowdStrike leans into AI amidst layoffs. Our guest is Caleb Barlow, CEO of Cyberbit, discussing the mixed messages of the cyber skills gaps. Honoring the legacy of Joseph Nye. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Caleb Barlow, CEO of Cyberbit, who is discussing the mixed messages of the cyber skills gaps. Selected Reading LockBit ransomware gang hacked, victim negotiations exposed (Bleeping Computer) Russian state-linked Coldriver spies add new malware to operation (The Record) Fake AI Tools Push New Noodlophile Stealer Through Facebook Ads (Hackread) SonicWall urges admins to patch VPN flaw exploited in attacks (Bleeping Computer) Researchers Details macOS Remote Code Execution Vulnerability - CVE-2024-44236 (Cyber Security News) Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers (Cyber Security News) Cisco Patches 35 Vulnerabilities Across Several Products (SecurityWeek) Iranian Hackers Impersonate as Model Agency to Attack Victims (Cyber Security News) Hacker Finds New Technique to Bypass SentinelOne EDR Solution (Infosecurity Magazine) CrowdStrike trims workforce by 5 percent, aims to rely on AI (The Register) Despite ransom payment, PowerSchool hacker now extorting individual school districts (The Record)  Joseph Nye, Harvard professor, developer of “soft power” theory, and an architect of modern international relations, dies at 88 (Harvard University)  Nye Lauded for Cybersecurity Leadership (The Belfer Center for Science and International Affairs at Harvard University) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode Senior Security Analyst Tyler Moffitt unpacks the 2025 OpenText Cybersecurity Threat Report. He dives into alarming shifts like a 28% spike in malware infections, the relentless resilience of ransomware group LockBit, and the surge of AI-enhanced phishing campaigns. Tyler breaks down why old-school malware tactics still dominate, how affiliate-driven ransomware-as-a-service is thriving, and why European businesses are increasingly in the crosshairs. Plus, he explores what's actually working—simple, disciplined defenses—and why “eating your cybersecurity vegetables” may be the most powerful strategy of all. Don't miss Tyler's predictions on AI's evolving role in both attack and defense for the year ahead.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Jon DiMaggio is the Chief Security Strategist at Analyst1 with over 15 years of experience tracking cyber threats. Specializing in enterprise ransomware and nation-state attacks, Jon is best known for infiltrating the LockBit ransomware gang during a two-year undercover operation. His research, including Ransomware Diaries and The Art of Cyberwarfare, has aided law enforcement and been featured by CBS 60 Minutes, The New York Times, and Wired. A frequent speaker at RSA, he has twice received the SANS Difference Makers Award for his groundbreaking work.00:00 Introduction02:34 You don't need an expensive university11:00 In order to be successful in cyber, you need to…17:38 What are the bad guys doing?23:13 What does the government do to help?26:24 Consequences for bad actors41:35 The Art of Cyber Warfare44:05 Jon's new book--------------------------------------------------------------To learn more about Jon visit https://www.linkedin.com/in/jondimaggio/https://www.amazon.com/Art-Cyberwarfare-Investigators-Ransomware-Cybercrime-ebook/dp/B09BKLRH8P?ref_=ast_author_dpTo learn more about Dark Rhiino Security visit https://www.darkrhiinosecurity.com

Ransomware gangs aren't faceless shadows. Jon DiMaggio knows—he's talked to them. In this episode, A.J. Nash sits down with the Chief Security Strategist at Analyst1 to pull back the curtain on the hidden world of cybercriminals. Jon shares how he builds detailed personas, infiltrates ransomware crews like LockBit, and navigates the psychological toll that comes with living a double life.Jon breaks down the tactics behind covert engagements—how ego, language barriers, and criminal alliances can be used to gain access. He also talks through his storytelling process in The Ransomware Diaries and why long-form, evidence-based intelligence reporting still matters. This isn't just threat research—it's human behavior under a microscope.The conversation also dives into attribution, burnout, and the personal risks Jon has faced. He opens up about being targeted, leaning on mental health support, and using fear as fuel. This is a raw, unfiltered look at cyber threat intelligence from the inside.Send us a textSupport the show

Azim Khodjibaev and Lexi DiScola join Hazel to discuss some of the most prolific ransomware groups (and why LockBit may end this year very differently to how they ended 2024). They also discuss the dominant techniques of ransomware actors, where low-profile tactics led to high-impact consequences.For the full analysis, download Talos' 2024 Year in Review at https://blog.talosintelligence.com/2024yearinreview/

Jon DiMaggio is the Chief Security Strategist at Analyst1 with over 15 years of experience tracking cyber threats. Specializing in enterprise ransomware and nation-state attacks, Jon is best known for infiltrating the LockBit ransomware gang during a two-year undercover operation. His research, including Ransomware Diaries and The Art of Cyberwarfare, has aided law enforcement and been featured by CBS 60 Minutes, The New York Times, and Wired. A frequent speaker at RSA, he has twice received the SANS Difference Makers Award for his groundbreaking work.00:00 Introduction02:34 You don't need an expensive university11:00 In order to be successful in cyber, you need to…17:38 What are the bad guys doing?23:13 What does the government do to help?26:24 Consequences for bad actors41:35 The Art of Cyber Warfare44:05 Jon's new book

When it comes to cybersecurity, most people think about firewalls, passwords, and antivirus software. But what about the attackers themselves? Understanding how they operate is just as important as having the right defenses in place. That's where Paul Reid comes in. As the Vice President of Adversary Research at AttackIQ, Paul and his team work to stay one step ahead of cybercriminals by thinking like them and identifying vulnerabilities before they can be exploited.   In this episode, we dive into the world of cyber threats, ransomware, and the business of hacking. Paul shares insights from his 25+ years in cybersecurity, including his experience tracking nation-state attackers, analyzing ransomware-as-a-service, and why cybercrime has become such a highly organized industry. We also talk about what businesses and individuals can do to protect themselves, from understanding threat intelligence to why testing your backups might save you from disaster. Whether you're in cybersecurity or just trying to keep your data safe, this conversation is packed with insights you won't want to miss. Show Notes: [00:58] Paul is the VP of Adversary Research at AttackIQ.  [01:30] His team wants to help their customers be more secure. [01:52] Paul has been in cybersecurity for 25 years. He began working in Novell Networks and then moved to directory services with Novell and Microsoft, Active Directory, LDAP, and more.  [02:32] He also helped design classification systems and then worked for a startup. He also ran a worldwide threat hunting team. Paul has an extensive background in networks and cybersecurity.  [03:49] Paul was drawn to AttackIQ because they do breach attack simulation. [04:22] His original goal was actually to be a banker. Then he went back to his original passion, computer science. [06:05] We learn Paul's story of being a victim of ransomware or a scam. A company he was working for almost fell for a money transfer scam. [09:12] If something seems off, definitely question it. [10:17] Ransomware is an economically driven cybercrime. Attackers try to get in through social engineering, brute force attack, password spraying, or whatever means possible. [11:13] Once they get in, they find whatever is of value and encrypt it or do something else to extort money from you. [12:14] Ransomware as a service (RaaS) has brought ransomware to the masses. [13:49] We discuss some ethics in these criminal organizations. Honest thieves? [16:24] Threats look a lot more real when you see that they have your information. [17:12] Paul shares a phishing scam story with just enough information to make the potential victim click on it.  [18:01] There was a takedown of LockBit in 2020, but they had a resurgence. It's a decentralized ransomware as a service model that allows affiliates to keep on earning, even if the main ones go down. [20:14] Many of the affiliates are smash and grab, the nation states are a little more patient.  [21:11] Attackers are branching out into other areas and increasing their attack service, targeting Linux and macOS. [22:17] The resiliency of the ransomware as a service setup and how they've distributed the risk across multiple affiliates. [23:42] There's an ever growing attack service and things are getting bigger. [25:06] AttackIQ is able to run emulations in a production environment. [26:20] Having the ability to continuously test and find new areas really makes networks more cyber resilient. [29:55] We talk about whether to pay ransoms and how to navigate these situations.  [31:05] The best solution is to do due diligence, updates, patches, and separate backups from the system.  [35:19] Dealing with ransomware is a no win situation. Everyone is different. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Paul Reid - Vice President, Adversary Research AttackIQ Paul Reid on LinkedIn AttackIQ Academy Understanding Ransomware Threat Actors: LockBit

Moin aus Osnabrück und herzlich willkommen zur 25. Folge vom Update. Dieses Mal begrüßt Ulf Maximilian Dallmann am Podcast Mikrofon. Ulf und Max sprechen in dieser Update Folge über die gefährlichsten Hackergruppen der Welt. Wie arbeiten diese Gruppen? Was macht sie so gefährlich? Worin unterscheiden sie sich? Max und Ulf geben Antworten.

Black Basta creates tool to automate VPN brute-force attacks Bipartisan Senate bill offers improved cybersecurity for water utilities LockBit developer extradited from Israel, appears in New Jersey court Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find – and remove – your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals.   With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com/CISO and use promo code CISO at checkout.  Find the stories behind the headlines at CISOseries.com.

Jim Walter, Senior Threat Researcher on SentinelLabs research team, to discuss their work on "HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code." Over the past six months, new ransomware groups like FunkSec, Nitrogen, and Termite have emerged, while established threats such as Cl0p and LockBit 4.0 have resurfaced. Two prominent Ransomware-as-a-Service (RaaS) operations, HellCat and Morpheus, have gained traction, with research indicating that affiliates of both are using nearly identical ransomware payloads. Despite similarities in their encryption techniques and ransom notes, there is no conclusive evidence linking HellCat and Morpheus to the Underground Team, though shared tools or affiliates may be involved. The research can be found here: HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code Learn more about your ad choices. Visit megaphone.fm/adchoices

Jim Walter, Senior Threat Researcher on SentinelLabs research team, to discuss their work on "HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code." Over the past six months, new ransomware groups like FunkSec, Nitrogen, and Termite have emerged, while established threats such as Cl0p and LockBit 4.0 have resurfaced. Two prominent Ransomware-as-a-Service (RaaS) operations, HellCat and Morpheus, have gained traction, with research indicating that affiliates of both are using nearly identical ransomware payloads. Despite similarities in their encryption techniques and ransom notes, there is no conclusive evidence linking HellCat and Morpheus to the Underground Team, though shared tools or affiliates may be involved. The research can be found here: HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code Learn more about your ad choices. Visit megaphone.fm/adchoices

The White House is urging federal agencies not to lay off cybersecurity teams. Google doesn't deny receiving a secret legal order from the UK government. Microsoft researchers identify a simple method to bypass AI safety guardrails. Scammers are impersonating the Clop ransomware gang. Cisco issues security advisories for multiple IOS XR vulnerabilities. CISA warns of multiple ICS security issues. A LockBit ransomware developer has been extradited to the U.S. GCHQ's former director calls for stronger cybersecurity collaboration. Rick Howard and Kim Jones pass the mic for the CISO Perspectives podcast. Sniffing out Stingrays. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we have Dave speaking with Rick Howard, a friend of the show, and Kim Jones, a veteran CISO, educator, and expert in the field, as Rick passes the mic to Kim for a brand new season of CISO Perspectives, formerly CSO Perspectives.  Selected Reading White House instructs agencies to avoid firing cybersecurity staff, email says (Reuters) Elon Musk Made Visit to U.S. Spy Agency (Wall Street Journal) Google refuses to deny it received encryption order from UK government (The Record) New Context Compliance Exploit Jailbreaks Major AI Models (GB Hackers) Fraudsters Impersonate Clop Ransomware to Extort Businesses (Infosecurity Magazine) Cisco Warns of IOS XR Software Vulnerability Let Attackers Trigger DoS condition (Cyber Security News) CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits (Cyber Security News) LockBit Ransomware Developer Extradited to US (SecurityWeek) Cyber Industry Falls Short on Collaboration, Says Former GCHQ Director  (Infosecurity Magazine) Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying (Electronic Frontier Foundation) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode, we're diving into the world of LockBit, one of the most notorious ransomware groups out there, and how it's keeping law enforcement on its toes. We'll break down their latest moves, the battle between hackers and agencies like the FBI, and what it means for cybersecurity moving forward.Here's what we cover:The Kash Patel Incident: Recently, LockBit took a jab at Kash Patel, the FBI Director, in a post on their leak site. The group congratulated him on his appointment and dropped a hint that they had info that could embarrass the FBI. It's all part of LockBit's strategy to keep itself in the headlines and make sure it stays relevant, even as law enforcement gets serious about shutting them down.LockBit's Operations: LockBit operates on a ransomware-as-a-service model. What does that mean? Well, they provide the tools and infrastructure for affiliates to carry out attacks. And those affiliates don't hold back—LockBit has gone after hospitals, government agencies, and businesses, demanding huge ransoms in the process.Takedowns and Law Enforcement's Response: The FBI has had some wins, like taking down LockBit's leak site during Operation Kronos. But LockBit? It's not exactly slowing down. They've bounced back with new infrastructure and continued to wreak havoc. The group seems to enjoy the back-and-forth with law enforcement, using it to attract more affiliates and keep their operation growing.LockBit's Evolution: The group just dropped version 4.0 of their ransomware, and they're still advertising on their site, offering affiliates big payouts and even luxury cars for successful attacks. Now, they've even started to position themselves as a kind of twisted “pen-testing” service—after they ransom someone, they'll help them find security flaws in their systems. Law Enforcement Struggles: Despite efforts from the FBI and other agencies, ransomware groups like LockBit keep adapting. The Russia-Ukraine conflict has only made things worse, and LockBit has shown no signs of slowing down. While law enforcement is certainly stepping up, the fact remains: no major figures have been caught yet.Practical Tips for Organizations:  We've got some actionable advice for businesses to stay ahead of these ransomware gangs. First off, enable two-factor authentication (2FA) wherever you can. Also, don't ignore your software updates—many attacks exploit outdated systems. And if you can, hire a professional red team to conduct penetration testing and find the holes before the hackers do.. LockBit may not be invincible, but they're still a huge threat. The group's persistence and ability to evolve mean that ransomware operations are going to be around for a while. The battle between cybercriminals and law enforcement is far from over, and it's only going to escalate as these groups get more sophisticated and resilient.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

Retired Gen. Paul Nakasone warns the U.S. is falling behind in cyberspace. Australia orders government entities to remove and ban Kaspersky products. FatalRAT targets industrial organizations in the APAC region. A major cryptocurrency exchange reports the theft of $1.5 billion in digital assets. Apple removes end-to-end encryption (E2EE) for iCloud in the UK. Researchers uncover a LockBit ransomware attack exploiting a Windows Confluence server. Researchers uncover zero-day vulnerabilities in a widely used cloud logging utility.A PayPal email scam is tricking users into calling scammers. Republican leaders in the House request public input on national data privacy standards. A Michigan man faces charges for his use of the Genesis cybercrime marketplace. Our guest is  Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, explaining the domino effect of a cyberattack on the power grid. Meta sues an Insta Extortionist. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Dave speaks with Karl Sigler, Senior Security Research Manager from Trustwave SpiderLabs, about the domino effect of a cyberattack on the power grid. You can dig into the details in their report.  Selected Reading Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace (CyberScoop) Kaspersky Banned on Australian Government Systems (SecurityWeek) Chinese Hackers Attacking Industrial Organizations With Sophisticated FatalRAT (Cyber Security News) Bybit Hack Drains $1.5 Billion From Cryptocurrency Exchange (SecurityWeek) Experts Slam Government After “Disastrous” Apple Encryption Move (Infosecurity Magazine) Confluence Exploit Leads to LockBit Ransomware (The DFIR Report) Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks (Cyber Security News) Beware: PayPal "New Address" feature abused to send phishing emails (Bleeping Computer) Top House E&C Republicans query public for ideas on data privacy law (CyberScoop) US Charges Genesis Market User (SecurityWeek) Meta Sues Alleged Instagram Extortionist (404 Media)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Report: https://thedfirreport.com/2025/02/24/confluence-exploit-leads-to-lockbit-ransomwareContact Us: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thedfirreport.com/contact/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Services: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thedfirreport.com/services/⁠⁠⁠⁠⁠

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Musk's DOGE kid has a history with The Com Paragon fires Italy as a spyware customer Thailand cuts power to scam compounds… … and arrests Phobos/8Base Russian cybercrims The CyberCX DFIR report shows non-U2F MFA is well and truly over And much, much more. This week's episode is sponsored by Dropzone.AI. They make an AI SOC analysis platform that relieves your analysts of the necessary but tedious work, so they can focus on the value of human insight. Dropzone's founder and CEO Edward Wu joins to talk about how they approach the problem. This episode is also available on Youtube. Show notes Teen on Musk's DOGE Team Graduated from ‘The Com' – Krebs on Security ACLU Warns DOGE's ‘Unchecked' Access Could Violate Federal Law | WIRED Lawsuit accuses Trump administration of violating federal information security law | The Record from Recorded Future News The Recruitment Effort That Helped Build Elon Musk's DOGE Army | WIRED States prepare privacy lawsuit against DOGE over access to federal data | The Record from Recorded Future News Union groups sue Treasury over giving DOGE access to sensitive data | The Record from Recorded Future News Student group sues Education Department over reported DOGE access to financial aid databases | The Record from Recorded Future News Hackers exploiting bug in popular Trimble Cityworks tool used by local gov'ts | The Record from Recorded Future News DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers - Ars Technica DeepSeek Is a Win for Chinese Hackers - Risky Business Owner of spyware used in alleged WhatsApp breach ends contract with Italy | WhatsApp | The Guardian Another person targeted by Paragon spyware comes forward | TechCrunch Apple fixes security flaw allowing third-party access to locked devices | The Record from Recorded Future News U.S. sanctions bulletproof hosting provider for supplying LockBit infrastructure | CyberScoop Thailand cuts power supply to Myanmar scam hubs | The Record from Recorded Future News 8Base ransomware site taken down as Thai authorities arrest 4 connected to operation | The Record from Recorded Future News Two Russian nationals arrested in takedown of Phobos ransomware infrastructure | The Record from Recorded Future News The Company Man: Binance exec detained in Nigeria breaks his silence | The Record from Recorded Future News Deloitte pays $5M in connection with breach of Rhode Island benefits site | Cybersecurity Dive DFIR - Threat Report 2025 | CyberCX Request a Demo | Dropzone AI

LockBit host sanctioned  A peak at DeepSeek's weak security Sandworm targeting Ukraine with trojanized KMS Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines

LockBit host sanctioned  A peak at DeepSeek's weak security Sandworm targeting Ukraine with trojanized KMS Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines

In this week's Security Sprint, Dave and Andy covered the following topics. Warm Start:   (TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin - Q1 2025. WaterISAC and EPA just published the latest quarterly edition of the National Security Information Sharing Bulletin. The Information Sharing Bulletin (ISB) is intended for water and wastewater utility owners and operators to provide information on priority security and resilience topics, including cybersecurity, physical security, and natural disasters.   Main Topics: Ransomware & Data Breaches: NCC Group releases Annual Cyber Threat Monitor Report 2024. LockBit‘s empire crumbles in the great ransomware reshuffle of 2024. When ransomware kills: Attacks on healthcare facilities New York Blood Center Enterprises Ransomware Attack Update Halcyon - Arcus Media Ransomware Displays Novel Process Targeting, Selective Encryption and Recovery Disruption. LockBit - Persistent TTPs in the Larger Ecosystem;   DeepSeek:  Pentagon scrambles to block DeepSeek after employees connect to Chinese servers Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History.  Satellite images reveal China building war command center in Beijing. Meta's WhatsApp says Israeli spyware company Paragon targeted scores of users. Common Challenges in Cybercrime: 2024 Review by Eurojust and Europol. Cybercrime websites selling hacking tools to transnational organized crime groups seized. Europol: Law enforcement takes down two largest cybercrime forums in the world; The platforms combined had over 10 million users worldwide. Man Arrested On Capitol Hill Said He Wanted To Kill Trump Cabinet Officials, House Speaker: Police. Drones over NJ: Why didn't the FAA admit they authorized the flights? Here's what we know FBI Springfield Advises Caution in Online Relationships. MGM Agrees to Pay $45 Million to Settle Data-Breach Lawsuit.   Quick Hits: The ‘murder gang' of computer whizzkids linked to the killings of a Border Patrol agent and a landlord 3,000 miles apart. The Nashville Attack Displayed Several Hallmarks of Modern Terrorism  FBI PSA - Mail Theft-Related Check Fraud is on the Rise. The FBI and USPIS are warning that check fraud is on the rise, with a significant volume enabled through mail theft. X Phishing | Campaign Targeting High Profile Accounts Returns, Promoting Crypto Scams.  Risky Biz News - Twitter account hacks: Multiple high-profile accounts have been hacked over the past week to promote various memecoins. Chinese and Iranian Hackers Are Using U.S. AI Products to Bolster Cyberattacks. CISA employees told they are exempt from federal worker resignation program⁠. ⁠Alarmed by Chinese hacks, Republicans mute attacks on cybersecurity agency⁠ ⁠Top F.B.I. Agent in New York Vows to ‘Dig In' After Removals at Agency⁠ ⁠Wyden Demands Answers Following Report of Musk Personnel Seeking Access to Highly Sensitive U.S. Treasury Payments System⁠ ⁠Videos Show Massive Anti-ICE Protest Erupt As Demonstrators Take Over LA Highway⁠ ⁠Texas Man Admits to Making Violent Threats Against Sikh Nonprofit Organization⁠. ⁠Watch What You Say: SEC Enforcement Scrutinizes Cybersecurity Incident Disclosures⁠. ⁠Bird flu crisis enters new phase⁠.

Report: ⁠⁠https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware/ Contact Us: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thedfirreport.com/contact/⁠⁠⁠⁠⁠⁠⁠⁠⁠ Services: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thedfirreport.com/services/⁠⁠⁠⁠⁠

In this episode of The Lawyers Weekly Show, brought to you by our sister brand, Cyber Daily, we look back at some of the most notable cyber incidents from the past 12 months and look ahead to what can be expected in the new year. Hosts David Hollingworth and Daniel Croft discuss CrowdStrike's outage and amazing response to the takedown of ransomware giant LockBit, reflect on the Change Healthcare hack, which saw the data of about a third of the population of the United States compromised, the behind-the-scenes maneuvering between greedy ransomware-as-a-service operators, hacker affiliates just wanting to get paid, and a company realising that it really does have to pay an exorbitant ransom. The pair also discuss the takedown of ransomware giant LockBit and the remarkably sassy response of the law enforcement agencies behind the operation, look back at another ransomware operation that turned out to be nothing but an extensive scam, and reflect on July's CrowdStrike outage, both its wide-ranging impact and what turned out to be an excellent and comprehensive response from CrowdStrike itself, before turning the gaze forward to wonder what they might see in 2025. If you like this episode, show your support by  rating us or leaving a review on Apple Podcasts (The Lawyers Weekly Show) and by following Lawyers Weekly on social media: Facebook, Twitter and LinkedIn. If you have any questions about what you heard today, any topics of interest you have in mind, or if you'd like to lend your voice to the show, email editor@lawyersweekly.com.au for more insights!

The FBI successfully hacked approximately 4,200 computers across the U.S. to eliminate the PlugX malware, which has been a tool for state-sponsored hackers in China since 2012. This operation, conducted in collaboration with French law enforcement, marks a proactive approach to combating cyber threats and underscores the importance of government intervention in mitigating advanced persistent threats.Sobel also discusses the ongoing struggles of the LockBit cybercriminal organization following a major takedown last year. The U.S. Justice Department's efforts to dismantle LockBit's infrastructure have left the group reeling, with a significant reduction in their operational capacity. This case serves as a powerful example of how coordinated law enforcement actions can disrupt ransomware-as-a-service operations, providing IT providers with a narrative to educate clients on effective ransomware defense strategies.The episode further explores the dual pressures faced by Chief Information Security Officers (CISOs) regarding the adoption of generative artificial intelligence (AI). While a majority of C-suite executives recognize the potential benefits of generative AI, they also express deep concerns about the associated security risks. The Cybersecurity and Infrastructure Security Agency (CISA) has introduced a new initiative aimed at addressing these vulnerabilities, emphasizing the need for effective risk management strategies as companies increasingly integrate AI technologies into their operations.Finally, Sobel highlights the recent developments from Gradient MSP and Citricom, both of which are addressing critical pain points for managed service providers (MSPs). Gradient MSP has launched a Managed Billing Reconciliation Service to streamline billing processes, while Citricom's acquisition of Televi aims to enhance its cybersecurity offerings. These initiatives reflect the evolving landscape of MSP services, where operational efficiency and robust security measures are paramount for success in a competitive market. Three things to know today00:00 Good News Alert: FBI Crushes PlugX Malware, LockBit Stumbles, and Cybersecurity Gains Momentum06:15 Billing, Breaches, and Bots: How MSPs and AI Security Are Tackling 2025's Biggest Challenges08:58 From Billing to Cybersecurity: Gradient MSP and Cytracom Address Critical MSP Pain Points  Supported by:  https://getnerdio.com/nerdio-manager-for-msp/   All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

A federal judge finds NSO Group liable for hacking WhatsApp. China accuses the U.S. government of cyberattacks. The UK's Operation Destabilise uncovers a vast criminal network. An alleged LockBit developer says he did it for the money. Apache releases a security update for their Tomcat web server. Siemens issues a security advisory for their User Management Component. Italy's data protection authority fines OpenAI $15.6 million. Researchers demonstrate a method to bypass the latest Wi-Fi security protocol. Apple sends potential spyware victims to a nonprofit for help. Our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Hackers supersize their McDonald's delivery orders.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, our guest is Sven Krasser, CrowdStrike's Senior Vice President Data Science and Chief Scientist, talking about balancing AI and human intervention. Selected Reading Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices (Recorded Future) Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets (CyberScoop) Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing (Recorded Future) Suspected LockBit dev faces extradition to the US (The Register) Apache fixes remote code execution bypass in Tomcat web server (Bleeping Computer) Siemens Warn of Critical Vulnerability in UMC (GovInfoSecurity) Italy's Privacy Watchdog Fines OpenAI for ChatGPT's Violations in Collecting Users Personal Data (SecurityWeek) WPA3 Network Password Bypassed via MITM Attack & Social Engineering (CyberSecurityNews.com) Apple Warns Users Of iPhone Spyware Attacks—What You Need To Know (Forbes) McDonald's Delivery App Vulnerability Let Anyone Place an Order for Just $0.01 (CyberSecurityNews.com) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Russian hackers attack Ukraine's state registers. NotLockBit is a new ransomware strain targeting macOS and Windows. Sophos discloses three critical vulnerabilities in its Firewall product. The BadBox botnet infects over 190,000 Android devices. BeyondTrust patches two critical vulnerabilities. Hackers stole $2.2 billion from cryptocurrency platforms in 2024. Officials dismantle a live sports streaming piracy ring. Rockwell Automation patches critical vulnerabilities in a device used for energy control in industrial systems. A new report from Dragos highlights ransomware groups targeting industrial sectors. A Ukrainian national is sentenced to 60 months in prison for distributing the Raccoon Infostealer malware. We bid a fond farewell to our colleague Rick Howard, who's retiring after years of inspiring leadership, wisdom, and camaraderie. The LockBit gang tease what's yet to come.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest segment is bittersweet as we bid farewell to our beloved Rick Howard, who's retiring after years of inspiring leadership, wisdom, and camaraderie. Join us in celebrating his incredible journey, sharing heartfelt memories, and letting him know just how deeply he'll be missed by all of us here at N2K. Selected Reading Ukraine's state registers hit with one of Russia's largest cyberattacks, officials say (The Record) NotLockBit - Previously Unknown Ransomware Attack Windows & macOS (GB Hackers) Critical Sophos Firewall Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News) Botnet of 190,000 BadBox-Infected Android Devices Discovered (SecurityWeek) BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) (SOCRadar) Crypto-Hackers Steal $2.2bn as North Koreans Dominate (Infosecurity Magazine) Massive live sports piracy ring with 812 million yearly visits taken offline (Bleeping Computer) Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems (SecurityWeek) Ransomware Attackers Target Industries with Low Downtime Tolerance (Infosecurity Magazine) Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US (SecurityWeek) NetWalker Ransomware Operator Sentenced For Hacking Hundreds Of Organizations (Cyber Security News) LockBit Admins Tease a New Ransomware Version (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Em 2024, o mundo corporativo enfrentou uma verdadeira epidemia digital. Os ataques de ransomware, que sequestram e bloqueiam dados de empresas, atingiram níveis alarmantes. De acordo com a Apura Cyber Intelligence, mais de mil companhias ao redor do globo foram vítimas desse tipo de crime, com grupos como LockBit liderando o cenário. Para falar sobre esse assunto eu recebo hoje aqui no Podcast Canaltech o Wanderson Castilho, perito em crimes digitais. E mais: Android vai compartilhar localização em casos de emergência no Brasil; entenda; Novo motor híbrido da Toyota pode ameaçar o futuro dos carros elétricos; IA da Meta chega ao Instagram no Brasil; veja como funciona; ChatGPT ganha pastas para organizar conversas; veja como usar; iPhones podem ficar mais caros no mundo todo em 2025. Receba notícias do Canaltech no WhatsApp Entre nas redes sociais do Canaltech buscando por @Canaltech nelas todas Entre em contato pelo nosso e-mail: podcast@canaltech.com.br Entre no Canaltech Ofertas Acesse a newsletter do Canaltech Este episódio foi roteirizado e apresentado por Gustavo Minari. O programa também contou com reportagens de Wendel Martins, André Lourenti Magalhães, Leo Alves e Bruno De Blasi. Edição por Natália Improta. A trilha sonora é uma criação de Guilherme Zomer e a capa deste programa é feita por Erick Teixeira.See omnystudio.com/listener for privacy information.

⁣In this episode of 'The Other Side of the Firewall' podcast, hosts Shannon Tynes and Chris Abacon discuss the recent arrest of Russian hacker Mikhail Pavlovich Matveev, who was linked to major ransomware operations like Hive and Lockbit. They explore the implications of his arrest on international relations and the evolving landscape of cybersecurity, particularly in relation to state-sponsored cybercrime. The conversation speculates on the motivations behind Russia's actions and the potential shifts in their approach to cybercriminals, emphasizing the need for robust public-private partnerships in cybersecurity. Article: Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested https://thehackernews.com/2024/11/wanted-russian-cybercriminal-linked-to.html?fbclid=IwZXh0bgNhZW0CMTAAAR0izp2f5HPpfR69mCB5uIKSCciXVfF5ytDgFSlD4D54CnNhDjIdYpRCNc0_aem_siZVBp6MlCHXhLpFORHMow Please LISTEN

In today's podcast we cover four crucial cyber and technology topics, including: 1.        Bologna FC has data stolen in ransomware attack 2.        Russia arrests notorious malware developer 3.        UK to allow Chinese takeover of scientific firm 4.        UN to investigate undersea cable resiliency I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Pundits predict Trump will overhaul U.S. cybersecurity policy. Experts examine escalating cybersecurity threats facing the U.S. energy sector. Palo Alto Networks patches a pair of zero-days. Akira and SafePay ransomware groups claim dozens of new victims. A major pharmacy group is pressured to pay a $1.3 million ransomware installment. Threat actors are exploiting Spotify playlists and podcasts. An alleged Phobos ransomware admin has been extradited to the U.S. Rapper “Razzlekhan” gets 18 months in prison for her part in the Bitfinex cryptocurrency hack. On today's Threat Vector, David Moulton speaks with Assaf Dahan, Director of Threat Research at Palo Alto Networks' Cortex team, about the rising cyber threat from North Korea.  Swiss scammers send snail mail.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On this segment of Threat Vector, host David Moulton speaks with Assaf Dahan, Director of Threat Research at Palo Alto Networks' Cortex team, about the rising cyber threat from North Korea. To hear the full conversation between David and Assaf, listen to Cyber Espionage and Financial Crime: North Korea's Double Threat, and catch new episodes of Threat Vector every Thursday on your favorite podcast app!  Selected Reading More Spyware, Fewer Rules: What Trump's Return Means for US Cybersecurity (WIRED) How to remove the cybersecurity gridlock from the nation's energy lifelines (CyberScoop) Palo Alto Patches Firewall Zero-Day Exploited in Operation Lunar Peek (SecurityWeek) SafePay ransomware: Obscure group uses LockBit builder, claims 22 victims (SC Media) Akira Ransomware Drops 30 Victims on Leak Site in One Day (SecurityWeek) Gang Shaking Down Pharmacy Group for Second Ransom Payment (GovInfo Security) Spotify abused to promote pirated software and game cheats (Bleeping Computer) Suspected Phobos Ransomware Admin Extradited to US (Infosecurity Magazine) Heather ‘Razzlekhan' Morgan sentenced to 18 months in prison, ending Bitfinex saga (The Record) Now Hackers Are Using Snail Mail In Cyber Attacks—Here's How (Forbes)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Dans un monde de plus en plus dépendant de la technologie, de nouvelles formes de crime émergent, se dissimulant dans l'ombre de nos vies numériques. Des groupes de ransomware comme Lockbit ont poussé l'extorsion cybernétique à des sommets sans précédent durant la pandémie de COVID-19, profitant de systèmes affaiblis par la crise sanitaire et prenant en otage des données en échange de rançons exorbitantes, avec la menace de fuites catastrophiques. Mais qu'est-ce qui motive ces hackers ? Qui sont les victimes prises dans leur filet ? Et surtout, qui se cache derrière Lockbit ? Dans cet épisode, nous plongerons dans l'histoire de Lockbit, un groupe de cybercriminels qui sème la peur parmi les entreprises et les gouvernements du monde entier. Nous explorerons ses origines, ses attaques les plus marquantes et les tactiques employées, tout en suivant le jeu du chat et de la souris entre hackers et autorités. Nos Commanditaires Offre exclusive de NordVPN pour les abonnés de Distorsion https://nordvpn.com/fr/distorsion Juste à temps pour Halloween, la 3e saison de Hantées arrive… le 21 octobre, en exclusivité sur Radio-Canada OHdio.

The Monday Microsegment for the week of October 21st. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.Suspected cyber bandit in data broker breach busted! In Brazil!LockBit dethroned as RansomHub crowned new king of the ransomware arenaAnd Casio races the clock as it struggles in the wake of a ransomware attackAnd Gary Barlet joins us again to talk about election security. Read his piece with the Financial Times: https://www.ft.com/partnercontent/illumio/tackling-election-security-with-zero-trust.htmlHead to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

Western authorities I.D. a key member of Evil Corp. A major U.S. water utility suffers a cyberattack. ODNI warns of influence campaigns targeting presidential and congressional races. A California deepfakes law gets blocked. Europol leads a global effort against human trafficking. Trinity ransomware targets the healthcare industry. Qualcomm patches a critical zero-day in its DSP service. ADT discloses a breach of encrypted employee data. North Korean hackers use stealthy Powershell exploits. On our Threat Vector segment, David Moulton and his guests tackle the pressing challenges of securing Operational Technology (OT) environments.  Machine Learning pioneers win the Nobel Prize.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment In this segment of Threat Vector, David Moulton, Director of Thought Leadership at Palo Alto Networks, hosts cybersecurity experts Qiang Huang Chung hwang, Palo Alto Networks VP of Product Management for Cloud Delivered Security Services, and Michela Menting, Senior Research Director in Digital Security at ABI Research, discuss the pressing challenges of securing Operational Technology (OT) environments.  Join us each Thursday for a new episode of Threat Vector on the N2K CyberWire network. To hear David, Michela and Qiang's full discussion, check it out here.  Selected Reading Police unmask Aleksandr Ryzhenkov as Evil Corp member and LockBit affiliate (The Record) American Water, the largest water utility in US, is targeted by a cyberattack (Associated Press) US Warns of Foreign Interference in Congressional Races (Infosecurity Magazine) US Judge Blocks California's Law Curbing Election Deepfakes (BankInfo Security) Global Police Track Human Traffickers in Online Crackdown (Infosecurity Magazine) Recently spotted Trinity ransomware spurs federal warning to healthcare industry (The Record) Qualcomm patches high-severity zero-day exploited in attacks (Bleeping Computer) ADT says hacker stole encrypted internal employee data after compromising business partner (The Record) North Korean Hackers Employ PowerShell-Based Malware With Serious Evasion Techniques (Cyber Security News) ‘Godfather of AI' shares Nobel Prize in physics for work on machine learning (CNN) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

La policía española detiene al administrador del grupo LockBit, uno de los cabecillas del grupo detrás de un peligroso ransomware. La experta en tecnología Bianca Vaquero nos explica este y otros temas de cibertendencias.

In this bonus episode of The Business of Tech podcast, Brett Leatherman, a senior executive with the FBI, provides insights into the current cybersecurity landscape from a law enforcement perspective. Leatherman highlights the ongoing threat of ransomware targeting businesses, particularly in critical sectors like healthcare and energy. He emphasizes the importance of imposing costs on cybercriminals while also offering substantial assistance to victims of cybercrime.The FBI's success in pushing back against cybercriminals is attributed to their strategic approach of imposing costs on malicious actors while providing assistance to victims. Leatherman discusses a recent operation against the LockBit ransomware group, showcasing the FBI's efforts to disrupt cybercriminal infrastructure and assist affected businesses in decrypting data. By collaborating with international partners and conducting technical operations, the FBI aims to deter cyber adversaries and bring them to justice.Leatherman delves into the process of engaging with the FBI during a cybersecurity incident, emphasizing the importance of establishing a relationship with the local field office before a breach occurs. He outlines the steps MSPs can take before, during, and after a breach, including contacting the FBI, preserving evidence, and collaborating with law enforcement. By sharing insights on contentious information, legal considerations, and post-incident procedures, Leatherman provides valuable guidance for organizations navigating cybersecurity incidents.As cyber threats evolve, Leatherman highlights emerging technologies like artificial intelligence being leveraged by state actors for disinformation campaigns. He underscores the significance of maintaining strong cyber hygiene practices, such as implementing multi-factor authentication, patch management, and software inventory management. By focusing on the basics of cybersecurity and engaging with law enforcement proactively, organizations can enhance their defenses and mitigate the risk of cyberattacks. Leatherman concludes by emphasizing the FBI's role in assisting businesses and encouraging listeners to establish a partnership with their local FBI field office for cybersecurity support. Supported by: https://coreview.com/msp/  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

The FBI is the repossessor of Dispossessor. The NCA collars and extradites a notorious cybercriminal. A German company loses sixty million dollars to business email compromise. DeathGrip is a new Ransomware-as-a-Service (RaaS) platform. Russia blocks access to Signal. NIST publishes post-quantum cryptography standards. DARPA awards $14 million to teams competing in the AI Cyber Challenge. On our Solution Spotlight, N2K President Simone Petrella talks with Lee Parrish, CISO of Newell Brands, about his book "The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security". AI generates impossible code - for knitters and crocheters. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, N2K President Simone Petrella talks with Lee Parrish, CISO of Newell Brands, about his book "The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security" and security relationship management. Coming tomorrow, stay tuned for a special edition with Simone and Lee's full conversation.  Selected Reading FBI strikes down rumored LockBit reboot (CSO Online) Suspected head of prolific cybercrime groups arrested and extradited (National Crime Agency) Orion SA says scammers conned company out of $60 million (The Register) DeathGrip Ransomware Expanding Services Using RaaS Service (GB Hackers) Swiss manufacturer investigating ransomware attack that shut down IT network (The Record) Russia Blocks Signal Messaging App as Authorities Tighten Control Over Information (SecurityWeek) Post-Quantum Cryptography Standards Officially Announced by NIST – a History and Explanation (SecurityWeek) Need to know: NIST finalizes post-quantum encryption standards essential for cybersecurity (N2K CyberWire) NIST Releases First 3 Finalized Post-Quantum Encryption Standards (NIST)   DARPA Awards $14m to Seven Teams in AI Cyber Challenge (Infosecurity Magazine) The AI scams infiltrating the knitting and crochet world - and why it matters for everyone (ZDNET) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A Crowdstrike update takes down IT systems worldwide. A U.S. District Court judge dismissed most charges against SolarWinds. Sophos examines the ransomware threat to the energy sector. European web hosting companies suspend Doppelgänger propaganda. An Australian digital prescription services provider confirms a ransomware attack affecting nearly 13 million. A pair of Lockbit operators plead guilty. N2K's CSO Rick Howard speaks with AWS' CISO Chris Betz about strong security cultures and AI. A look inside the world's largest live-fire cyber-defense exercise.  Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Dave is joined by Andy Ellis, to discuss today's top story on the CrowdStrike-induced Microsoft outage. N2K's CSO Rick Howard recently caught up with AWS' CISO Chris Betz at the AWS re:Inforce 2024 event. They  discuss strong security cultures and AI. You can watch Chris' keynote from the event here. Read Chris' blog post, “How the unique culture of security at AWS makes a difference.” Selected Reading Huge Microsoft Outage Linked to CrowdStrike Takes Down Computers Around the World (WIRED) Counting the Costs of the Microsoft-CrowdStrike Outage (The New York Times) Major Microsoft 365 outage caused by Azure configuration change (Bleeping Computer) Most of SolarWinds hacking suit filed by SEC dismissed (SC Magazine) Ransomware Remains a Major Threat to Energy (BankInfoSecurity) Investigation prompts European hosting companies to suspend accounts linked to Russian disinfo (The Record) MediSecure Data Breach Impacts 12.9 Million Individuals (SecurityWeek) Russians plead guilty to involvement in LockBit ransomware attacks (Bleeping Computer) Inside the world's largest ‘live-fire' cyber-defense exercise (CSO Online) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

LockBit drops files that may or may not be from the Federal Reserve. Progress Software patches additional flaws in MOVEit file transfer software. A popular polyfil open source library has been compromised. DHS starts staffing up its AI Corps. Legislation has been introduced to evaluate the manual operations of critical infrastructure during cyber attacks. Researchers discover a new e-skimmer targeting CMS platforms. A breach at Neiman Marchus affects nearly 65,000 people. South African health services grapple with ransomware amidst a monkeypox outbreak.  Medusa is back. On the Learning Layer, Sam and Joe discuss the CISSP's CAT format and how to walk into test day with confidence. The VA works to clear the backlog caused by the ransomware attack onChange Healthcare. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K's comprehensive CISSP training course, which includes a simulated Computer Adaptive Test (CAT) final exam. Sam and Joe discuss the CISSP's CAT format and how to walk into test day with confidence. Good luck Joe! Selected Reading Lockbit Leaks Files for Evolve Bank & Trust in Its Alleged ‘Federal Reserve' Data Dump (Metacurity) Progress Software warns of new vulnerabilities in MOVEit Transfer and MOVEit Gateway (Cyber Daily) Polyfill supply chain attack hits 100K+ sites (Sansec) Exclusive: DHS hires first 10 AI Corps members (Axios) US House bill seeks to assess manual operations of critical infrastructure during cyber attacks (Industrial Cyber) Caesar Cipher Skimmer targets popular CMS used by e-stores (Security Affairs) Neiman Marcus confirms breach. Is the customer data already for sale? (Malwarebytes) South Africa's national health lab hit with ransomware attack amid mpox outbreak (The Record) New Medusa malware variants target Android users in seven countries (Bleeping Computer) After Crippling Ransomware Attack, VA Is Still Dealing with Fallout, Trying to Pay Providers (Military.com) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

LockBit claims to have hit the Federal Reserve. CDK Global negotiates with BlackSuit to unlock car dealerships across the U.S. Treasury proposes a rule to restrict tech investments in China. An LA school district confirms a Snowflake related data breach. Rafel RAT hits outdated Android devices. The UK's largest plutonium stockpiler pleads guilty to criminal charges of inadequate cybersecurity. Clearview AI settles privacy violations in a deal that could exceed fifty million dollars. North Korean hackers target aerospace and defense firms. Rick Howard previews CSOP Live. Our guest is Christie Terrill, CISO at Bishop Fox, discussing how organizations can best leverage offensive security tactics. Bug hunting gets a little too real. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Christie Terrill, CISO at Bishop Fox, joins to discuss how organizations can leverage offensive security tactics not just as strategies to prevent cyber incidents, but as a critical component of a cyberattack recovery process.  Rick Howard sits down with Dave to share a preview of what's to come at our upcoming CSOP Live event this Thursday, going beyond the headlines with our panel of Hash Table experts for an insightful discussion on emerging industry trends, recent threats and events, and the evolving role of executives in our field.   Selected Reading LockBit claims the hack of the US Federal Reserve (securityaffairs) Why are threat actors faking data breaches? (Help Net Security) CDK Global outage caused by BlackSuit ransomware attack (bleepingcomputer) US proposes rules to stop Americans from investing in Chinese technology with military uses (AP News) Los Angeles Unified confirms student data stolen in Snowflake account hack (bleepingcomputer) Ratel RAT targets outdated Android phones in ransomware attacks (bleepingcomputer) Sellafield Pleads Guilty to Historic Cybersecurity Offenses (Infosecurity Magazine) Sellafield nuclear waste site pleads guilty to IT security breaches (Financial Times) Facial Recognition Startup Clearview AI Settles Privacy Suit (SecurityWeek) New North Korean Hackers Attack Aerospace and Defense Companies (cybersecuritynews) Spatial Computing Hack (Ryan Pickren) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices