Podcasts about Malware

Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join ⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠DISCARDED⁠, along with ⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠⁠⁠, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full ⁠video⁠ edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building. Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join ⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠DISCARDED⁠, along with ⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠⁠⁠, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full ⁠video⁠ edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.

Want to work in cybersecurity but don't know where to begin? Or just curious what it takes to break into the field? This week, we're joined by the internet's very own Heath Adams, better known as The Cyber Mentor. He demystifies the application process and what it takes to build a career in cybersecurity – no matter your background.

Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join ⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠DISCARDED, along with  ⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠⁠, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full video edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.

Ido Ben-Natan, co-founder and CEO of Blockaid, joined me to discuss how Blockaid is helping to secure billions of dollars in crypto.Topics: - Blockaid's security services for exchanges, wallets and more - Blockaid secured $50 million in Series B funding - Common attacks, hacks, and scams in crypto - Will AI Agents be a threat to crypto? - Gemini and Hashgraph integration - The future of crypto security Show Sponsor -

Im Krimi wird das Testament oft vor den versammelten Erben verlesen. Die Realität sieht anders aus. Erbrechtsspezialist Oliver Willimann erklärt die wichtigsten Punkte zur Testamentseröffnung. +++ Weiteres Thema: Vorsicht vor Mails mit angehängten Rechnungen. Darin könnte Malware versteckt sein.

Microsoft has launched Project IR, an advanced AI capable of reverse-engineering malware with a remarkable 90% accuracy rate. This autonomous agent utilizes a combination of large language models and specialized cybersecurity tools to identify threats effectively, achieving a low false positive rate of just 2%. Recent tests demonstrated its capability to analyze thousands of unclassified files and accurately flag a significant majority as malicious. However, as cybersecurity technology advances, so do the tactics of cybercriminals, with a notable increase in phishing attacks targeting managed service providers (MSPs), which now account for over half of all phishing incidents.The rise of AI-powered phishing and social engineering tactics has been highlighted in a recent Acronis report, revealing that 52% of phishing attacks are aimed at MSPs. Additionally, new research indicates that AI browsers may inadvertently assist scammers, as they can overlook red flags that human users would typically catch. A survey from One Password further emphasizes the challenges organizations face with the rapid adoption of AI tools, with many lacking visibility and control over these applications, leading to potential security vulnerabilities.Gartner has issued a warning to corporate leaders, stating that they have a limited timeframe to integrate AI agents into their operations or risk falling behind competitors. Despite the urgency, Gartner also acknowledges that a significant percentage of AI projects fail, raising concerns about the pressure vendors may place on businesses to adopt these technologies hastily. Meanwhile, XAI's claims regarding its Grok 2.5 model being open-sourced have been criticized as misleading, as the licensing terms impose restrictions that contradict open-source principles.In the realm of cybersecurity solutions, companies like SonicWall and VMware are introducing new tools and technologies to enhance security and operational efficiency. SonicWall has launched a new generation of firewalls with a unique cyber warranty, while VMware is focusing on ARM architecture to meet the growing demand for energy-efficient servers. However, the podcast emphasizes the importance of cutting through vendor noise and focusing on solutions that genuinely improve business operations, rather than getting caught up in marketing hype.Three things to know today 00:00 Microsoft's Project Ire Shows AI Can Catch Malware, But Attacks on MSPs Are Rising Faster06:36 AI Urgency, Open-Washing, and Federal Adoption: Sorting Hype From Reality10:09 From Billing Fixes to Firewalls and VMware's Arm Gamble: What Really Matters for MSPs   Supported by:  https://getnerdio.com/  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Arch is under fire, two weeks and counting. We'll break down the mess, and share a quick fix. Plus, the killer new apps we've just added to our homelabs.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

If you like what you hear, please subscribe, leave us a review and tell a friend!

In this first-ever English-language episode of the My Precious Data Podcast, Eddy Willems, international cybersecurity expert, sits down with Luis Corrons, longtime friend and Global Security Evangelist at GEN (formerly AVAST). With decades of experience between them, they explore the shifting cybersecurity landscape — from the early days of antivirus to today's AI-driven threats and misinformation campaigns.What to expect:A look back at the evolution of cybersecurity over the last 25 yearsHow GEN is adapting to modern cyber threatsThe role of user trust, awareness, and digital ethicsReal-world challenges in protecting users at a global scaleA candid discussion between two veteran cyber evangelistsMemorable quotes:“Cybersecurity is no longer just about protection. It's about trust, resilience, and digital responsibility.” — Eddy Willems“We're not just fighting malware anymore. We're up against disinformation, deepfakes, and AI-generated attacks.” — Luis Corrons“We need to empower users, not just shield them.” — Luis CorronsWhether you're a cybersecurity professional, policymaker, or simply interested in how the digital world is evolving, this episode offers valuable global insights with a personal touch.

Data alone does not persuade. For data-driven leaders, learning totranslate numbers into a compelling narrative is a critical skill. In thisepisode of Unspoken Security, host AJ Nash speaks with Salvatore Manzi, aleadership communications coach, about the strategies technical leaderscan use to create influence. Salvatore explains why leaders must learn tomake meaning over metrics to connect with teams, stakeholders, andcustomers.Salvatore shares practical frameworks to improve communication. Heintroduces the "You then me" principle, which prioritizes acknowledging the other person's view to build rapport. He also shows how using simplemetaphors and a little appreciation can make complex dataunderstandable. These techniques disarm a room before you need tocorrect someone or present a counter-argument, ensuring your message lands effectively.The conversation also covers imposter syndrome and the uniquecommunication hurdles women face in the tech industry. AJ and Salvatorediscuss the power of authenticity and the need for allies who activelyamplify other voices. They explore how simple shifts in body language andmindset can build the confidence needed to overcome these challenges and ensure your voice is heard.Send us a textSupport the show

Das ist das KI-Update vom 20.08.2025 unter anderem mit diesen Themen: Russische Angreifer setzen LLMs für Malware ein Studie warnt vor "Anti-Human-Bias" Laut Turing-Preisträger Sutton läuft KI-Industrie in die falsche Richtung und KI-Chatbots von Meta und Character.ai im Visier der Justiz Links zu allen Themen der heutigen Folge findet Ihr hier: https://heise.de/-10553011 https://www.heise.de/thema/KI-Update https://pro.heise.de/ki/ https://www.heise.de/newsletter/anmeldung.html?id=ki-update https://www.heise.de/thema/Kuenstliche-Intelligenz https://the-decoder.de/ https://www.heiseplus.de/podcast https://www.ct.de/ki Eine neue Folge gibt es montags, mittwochs und freitags ab 15 Uhr.

In this episode, we're continuing a series focused on malware from the IJIS Institute's Cybersecurity Working Group and their JusticeGuardian series—this time, the group dives into the topic of cyber threat actors, the people who are behind the creation and distribution of malware. We once again welcome back host Larry Zorio, Chair of the Cybersecurity Working Group, along with returning member Jeramy Cooper-Leavitt. Together, they discuss what motivates them, why they are using malware, what the actors gain from it, and more.

In this exclusive interview, a former ransomware hacker reveals the shocking truth behind a devastating supply chain attack that brought a major organization to its knees. From the initial breach to the final ransom demand, our insider shares never-before-heard secrets about the tactics, techniques, and procedures used to pull off the heist. You won't want to miss this rare glimpse into the dark world of cybercrime.Send us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show

Send us a textSergey Novikov shares his fascinating journey from early days at Kaspersky Lab through his evolution as a malware analyst and cybersecurity expert, offering unique insights into the changing threat landscape and ethical considerations of security research.• Started at Kaspersky in 2002 when it was a small startup with fewer than 100 employees• Applied mathematics background led to research correlating human epidemic models with computer virus propagation• Worked as a "woodpecker" malware analyst detecting threats 24/7• Became part of Kaspersky's elite Global Research and Analysis Team (GREAT)• Team took pride in identifying APTs regardless of national origin to protect customers worldwide• Described security researchers as "paleontologists" uncovering complex digital threats• Participated in analysis of sophisticated threats like Stuxnet requiring specialized knowledge• Left Kaspersky in 2022 after Russia-Ukraine conflict began• Transitioned to pharmaceutical industry cybersecurity before joining CyberProof• Observes modern threats have blurred lines between nation-state actors, cybercriminals and hacktivists• Believes cybersecurity professionals must maintain perpetual learning mindset• Recommends self-learning and hands-on experience for aspiring security researchers• Notes AI is enabling more agile, automated attacks rather than quantum computing threatsConnect with Sergey on LinkedIn or visit cyberproof.com to learn more about their security services and research blog.Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

Nicolás Chiaraviglio, Chief Scientist from Zimperium's zLabs, joins to discuss their work on "Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed." Zimperium's zLabs team has been tracking an evolving banker trojan dubbed DoubleTrouble, which has grown more sophisticated in both its distribution and capabilities. Initially spread via phishing sites impersonating European banks, it now uses malicious APKs hosted in Discord channels, and boasts features like screen recording, keylogging, UI overlays, and app blocking—all while heavily abusing Android's Accessibility Services. Despite advanced obfuscation and dynamic evasion techniques, Zimperium's on-device detection tools have successfully identified both known and previously unseen variants, helping protect users from credential theft, financial fraud, and device compromise. Complete our annual ⁠⁠audience survey⁠⁠ before August 31. The research can be found here: ⁠Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed Learn more about your ad choices. Visit megaphone.fm/adchoices

Nicolás Chiaraviglio, Chief Scientist from Zimperium's zLabs, joins to discuss their work on "Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed." Zimperium's zLabs team has been tracking an evolving banker trojan dubbed DoubleTrouble, which has grown more sophisticated in both its distribution and capabilities. Initially spread via phishing sites impersonating European banks, it now uses malicious APKs hosted in Discord channels, and boasts features like screen recording, keylogging, UI overlays, and app blocking—all while heavily abusing Android's Accessibility Services. Despite advanced obfuscation and dynamic evasion techniques, Zimperium's on-device detection tools have successfully identified both known and previously unseen variants, helping protect users from credential theft, financial fraud, and device compromise. Complete our annual ⁠⁠audience survey⁠⁠ before August 31. The research can be found here: ⁠Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed Learn more about your ad choices. Visit megaphone.fm/adchoices

Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit

Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit

Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit

Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit

Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit

In this episode of Unspoken Security, host AJ Nash welcomes Mark Freedman, Principal and CEO of Rebel Global Security, to discuss a major shift in the global threat landscape. The primary national security concern has moved from counter-terrorism to interstate strategic competition. This change requires a new security model, especially for the private sector.Mark explains that companies are now players on a geopolitical battlefield, facing sophisticated threats from nation-states. Yet, many organizations operate in silos. Legal teams track sanctions while cybersecurity teams react to technical threats. They often miss the strategic connection between the two, which creates significant vulnerabilities.To close these gaps, AJ and Mark explore the need for an integrated intelligence function within businesses. They discuss how even a single empowered person, tasked with understanding the geopolitical environment, can connect various teams. This strategic view helps companies build a more resilient and proactive defense in a complex world.Send us a textSupport the show

Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit

Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit

Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit

Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is ⁠⁠⁠Selena Larson⁠⁠⁠, ⁠⁠⁠Proofpoint⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠DISCARDED⁠⁠⁠. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠N2K Networks⁠⁠⁠ ⁠⁠⁠Dave Bittner⁠⁠⁠ and ⁠⁠Keith Mularski⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠Qintel⁠⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our three hosts discuss several articles covering a new wave of social engineering attacks tied to the so-called Contagious Interview campaign. In this operation, threat actors linked to North Korea are reportedly posing as tech recruiters to trick job seekers into downloading malware. The discussion highlights updates to two malware strains—BeaverTail and InvisibleFerret—that have been retooled with cross-platform capabilities and new data theft features, raising fresh concerns about how targeted individuals could become a gateway into larger organizational networks. You can find the links to the stories here: Lazarus Group Infostealer Malwares Attacking Developers In New Campaign Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware North Korean State Sponsored Supply Chain Attack on Tech Innovation Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam

Microsoft and Google among most affected as zero day exploits jump 46% Vietnamese hackers use PXA Stealer, hit 4,000 IPs and steal 200,000 passwords globally New Plague Linux malware stealthily maintains SSH access Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is ⁠⁠⁠Selena Larson⁠⁠⁠, ⁠⁠⁠Proofpoint⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠DISCARDED⁠⁠⁠. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠N2K Networks⁠⁠⁠ ⁠⁠⁠Dave Bittner⁠⁠⁠ and ⁠⁠Keith Mularski⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠Qintel⁠⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our three hosts discuss several articles covering a new wave of social engineering attacks tied to the so-called Contagious Interview campaign. In this operation, threat actors linked to North Korea are reportedly posing as tech recruiters to trick job seekers into downloading malware. The discussion highlights updates to two malware strains—BeaverTail and InvisibleFerret—that have been retooled with cross-platform capabilities and new data theft features, raising fresh concerns about how targeted individuals could become a gateway into larger organizational networks. You can find the links to the stories here: Lazarus Group Infostealer Malwares Attacking Developers In New Campaign Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware North Korean State Sponsored Supply Chain Attack on Tech Innovation Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

In this episode of 'Cybersecurity Today,' host Jim Love covers several significant cybersecurity incidents. Hackers disrupt all Aeroflot flights, causing massive delays in Russia. The women-only dating app 'Tea' faces a second serious data leak, exposing 1.1 million private messages. A game on Steam named 'Camia' is found to contain three types of malware, including Info Stealers and a Backdoor. Additionally, researchers discover that OpenAI's GPT-4 agent can bypass CAPTCHAs, raising concerns about the future of this security measure. 00:00 Introduction and Headlines 00:28 Tea App's Major Data Breaches 02:29 Aeroflot Cyber Attack Disrupts Flights 04:22 Malware Found in Steam Game 06:27 OpenAI's GPT-4 Bypasses Captchas 08:59 Conclusion and Final Thoughts

Das Domain Name System - kurz DNS - ist einer der Grundpfeiler des modernen Internet. Umso wichtiger, dass es zuverlässige und unfälschbare Informationen liefert. Dabei hilft DNSSEC - die DNS Security Extensions. Was das ist, was es kann, wie man es aktiviert und was man davon hat, erklärt den Hosts in dieser Folge ein Gast: DNSSEC-Experte Peter Thomassen arbeitet seit Jahren an vorderster Front bei verschiedenen Gremien mit und entwickelt die Sicherhetismerkmale von DNS weiter. Er kümmert sich besonders um Automatisierung - ein Thema, bei dem DNSSEC anderen großen Ökosystemen wie dem CA-Kosmos noch hinterherhinkt. - https://desec.io/ - Malware in TXT Records: https://arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records/ - Post-Quantum DNSSEC Testbed & Feldstudie: https://pq-dnssec.dedyn.io/ - DS-Automatisierung: RFC 7344, 8078, 9615 - IETF-Draft: "Dry run DNSSEC" - ICANN SSAC Report zu DS-Automatisierung (SAC126): https://itp.cdn.icann.org/en/files/security-and-stability-advisory-committee-ssac-reports/sac-126-16-08-2024-en.pdf - Automatisierungs-Guidelines für Registrierungsstellen (Entwurf): https://datatracker.ietf.org/doc/draft-shetho-dnsop-ds-automation/ - Folgt uns im Fediverse: @christopherkunz@chaos.social @syt@social.heise.de Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort

Things get worse in the Tea dating app breach. CISA adds three vulnerabilities to its Known Exploited Vulnerabilities catalog. Researchers uncover a critical flaw in Google's AI coding assistant. A Missouri Health System agrees to a $9.25 million settlement over claims it used web tracking tools. “Sploitlight” could let attackers bypass Apple's TCC framework to steal sensitive data. Malware squeaks its way into a mouse configuration tool. Threat actors hide the Oyster backdoor in popular IT tools. The FBI nabs over $2.4 million in Bitcoin from the Chaos ransomware gang. Our guest is Jaeson Schultz, Technical Leader for Cisco Talos Security Intelligence & Research Group, to talk about their work on the security of PDF files.  The unintended privacy paradox of data brokers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Jaeson Schultz, Technical Leader for Cisco Talos Security Intelligence & Research Group, to talk about their work on "PDFs: Portable documents, or perfect deliveries for phish?" Selected Reading A Second Tea Breach Reveals Users' DMs About Abortions and Cheating (404 Media) CISA warns of active exploitation of critical PaperCut flaw, mandates immediate patching (Beyond Machines) CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine (Infosecurity Magazine) Researchers flag flaw in Google's AI coding assistant that allowed for ‘silent' code exfiltration (CyberScoop) Health System Settles Web Tracker Lawsuit for Up to $9.25M (GovInfo Security) Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data (Bleeping Computer) Endgame Gear mouse config tool infected users with malware (Bleeping Computer) Oyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO Poisoning (GB Hackers) FBI Seizes $2.4m in Crypto from Chaos Ransomware Gang (Infosecurity Magazine) Hundreds of registered data brokers ignore user requests around personal data (CyberScoop) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Join The Full Nerd gang as they talk about the latest PC hardware topics. In this episode the gang and Nathan Edwards, senior reviews editor at The Verge, discuss malware sneaking into Steam games, endgame keyboards, and more. And of course we answer your questions live! Links: - Malware sneaks onto Steam: https://www.pcworld.com/article/2859145/malware-sneaks-onto-steam-for-the-third-time-in-2025.html - How to build the best keyboard in the world: https://www.theverge.com/tech/686441/norbauer-seneca-keyboard-creator Join the PC related discussions and ask us questions on Discord: https://discord.gg/SGPRSy7 Follow the crew on X: @AdamPMurray @BradChacos @MorphingBall @WillSmith ============= Follow PCWorld! Website: http://www.pcworld.com X: https://www.x.com/pcworld =============

video: https://youtu.be/ucGrNLdsql0 Comment on the TWIL Forum (https://thisweekinlinux.com/forum) This week in Linux, we've got a bit of bad news from Intel as they abruptly ended Clear Linux out of no where and Arch Linux warned users that malware was found in the AUR. It's not all bad this week though because Wayback is back on the show with the first preview release for keeping X11 desktops alive in our future Wayland powered world. Plus according to one source, Linux usage is even higher than we already thought it was. A couple of episodes ago I reported that we broke the 5% threshold on the US desktop market based on StatCounter data but according to one source it's already climbed passed 6%. What source you ask? The analytics of U.S. federal government websites. Speaking of governments, GitHub is trying to get EU lawmakers to scale Germany's Sovereign Tech Fund into a EU wide program to fund critical open‑source projects. Also for some more good news, we're so close to hitting 100,000 subscribers on the channel, if you want to help please consider subscribing. All of this and more on This Week in Linux, the weekly news show that keeps you up to date with what's going on in the Linux and Open Source world. Now let's jump right into Your Source for Linux GNews! Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/9569f728-fb28-4753-a28e-d12956e5a3b9.mp3) Support the Show Become a Patron = tuxdigital.com/membership (https://tuxdigital.com/membership) Store = tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 Intro 01:56 Intel is Shutting Down Clear Linux 05:44 Linux hits 6% U.S. Government Website Analytics 08:29 GitHub Wants the EU to Fund Open Source 13:56 Sandfly Security, agentless Linux security [ad] 16:02 Arch Linux finds Malware in the AUR 18:34 Wayback 0.1 Released 21:10 NVIDIA Bringing CUDA To RISC-V 22:06 Unofficial GUI for Lossless Scaling's Frame Generation on Linux 23:08 Outro Links: Intel is Shutting Down Clear Linux https://community.clearlinux.org/t/all-good-things-come-to-an-end-shutting-down-clear-linux-os/10716 (https://community.clearlinux.org/t/all-good-things-come-to-an-end-shutting-down-clear-linux-os/10716) https://www.omglinux.com/intel-clear-linux-os-discontinued-2025/ (https://www.omglinux.com/intel-clear-linux-os-discontinued-2025/) Linux hits 6% U.S. Government Website Analytics https://www.gamingonlinux.com/2025/07/according-to-one-source-linux-hits-over-6-desktop-user-share/ (https://www.gamingonlinux.com/2025/07/according-to-one-source-linux-hits-over-6-desktop-user-share/) https://analytics.usa.gov/ (https://analytics.usa.gov/) GitHub Wants the EU to Fund Open Source https://github.blog/open-source/maintainers/we-need-a-european-sovereign-tech-fund/ (https://github.blog/open-source/maintainers/we-need-a-european-sovereign-tech-fund/) https://www.omgubuntu.co.uk/2025/07/github-eu-open-source-funding (https://www.omgubuntu.co.uk/2025/07/github-eu-open-source-funding) https://www.sovereign.tech/news/celebrating-two-years-of-empowering-public-digital-infrastructure (https://www.sovereign.tech/news/celebrating-two-years-of-empowering-public-digital-infrastructure) https://en.wikipedia.org/wiki/SovereignTechAgency (https://en.wikipedia.org/wiki/Sovereign_Tech_Agency) https://github.com/ossf/wg-securing-critical-projects/tree/main/Initiatives/Identifying-Critical-Projects/Version-1.1 (https://github.com/ossf/wg-securing-critical-projects/tree/main/Initiatives/Identifying-Critical-Projects/Version-1.1) Sandfly Security, agentless Linux security [ad] https://thisweekinlinux.com/sandfly (https://thisweekinlinux.com/sandfly) Arch Linux finds Malware in the AUR https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/7EZTJXLIAQLARQNTMEW2HBWZYE626IFJ/ (https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/7EZTJXLIAQLARQNTMEW2HBWZYE626IFJ/) Wayback 0.1 Released https://wayback.freedesktop.org/news/2025/07/23/wayback-0.1-released/ (https://wayback.freedesktop.org/news/2025/07/23/wayback-0.1-released/) https://wayback.freedesktop.org/ (https://wayback.freedesktop.org/) NVIDIA Bringing CUDA To RISC-V https://riscv.org/ecosystem-news/2025/07/nvidia-to-bring-cuda-platform-support-to-the-risc-v/ (https://riscv.org/ecosystem-news/2025/07/nvidia-to-bring-cuda-platform-support-to-the-risc-v/) https://dataconomy.com/2025/07/21/nvidias-cuda-platform-now-officially-supports-risc-v-cpus/ (https://dataconomy.com/2025/07/21/nvidias-cuda-platform-now-officially-supports-risc-v-cpus/) Unofficial GUI for Lossless Scaling's Frame Generation on Linux https://www.gamingonlinux.com/2025/07/theres-now-an-unofficial-gui-for-lossless-scalings-frame-generation-on-linux/ (https://www.gamingonlinux.com/2025/07/theres-now-an-unofficial-gui-for-lossless-scalings-frame-generation-on-linux/) https://github.com/Caliel666/lsfg-vk-ui (https://github.com/Caliel666/lsfg-vk-ui) Support the show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)

In this episode of Unspoken Security, host AJ Nash speaks with Dr. Peter Garraghan, CEO and CTO of Mindgard. They discuss the real-world security risks of artificial intelligence. Peter starts with a simple point: AI is just software, and software is easy to break. He urges businesses using AI to step back and truly understand its vulnerabilities.Peter draws parallels between the current AI boom and past technology cycles like cloud computing. While AI feels revolutionary, the security risks are not new. Threats like data poisoning and prompt injection are modern versions of classic cybersecurity problems. The danger is that AI's human-like interface makes it easy to anthropomorphize, causing users to overlook fundamental security flaws.To manage these risks, Peter advises companies to treat AI like any other software. This means applying the same rigorous security controls, testing protocols, and incident response playbooks. Instead of creating a separate process for AI, organizations should find the gaps in their current security posture and update them. This practical approach helps businesses secure AI systems effectively.Send us a textSupport the show

This episode covers a month of record growth and strategic shifts, celebrating new customer wins and diving into our marketing strategies. We share project updates, including bucketAV's multi-engine scan, and highlight key AWS topics: simplified AMI deletion and generating SDKs for API Gateway. Tune in for insights, wins, and fails!

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Richard Boscovich and Derek Richardson from Microsoft's Digital Crimes Unit to unpack the global takedown of Lumma Stealer, one of the world's largest infostealer malware operations. They discuss how creative legal tools like RICO and centuries-old trespass laws, deep collaboration with global partners, and innovative technical strategies came together to seize 2,300 domains and protect nearly 400,000 victims. The episode explores how the DCU is shifting toward persistent, cost-imposing disruption of cybercrime as a service, and what this means for defenders everywhere.    In this episode you'll learn:       How Microsoft took down one of the world's largest infostealer malware operations  The global partnerships with Europol, Japan, and private companies in cyber takedowns  What happens to stolen victim data during a takedown operation    Some questions we ask:      How did you first identify Lumma as a high-priority threat?  Is persistent disruption now the new normal for DCU operations?  Do you see more operations like this coming from DCU in the future?    Resources:   View Richard Boscovich on LinkedIn   View Sherrod DeGrippo on LinkedIn   Disrupting Lumma Stealer: Microsoft Leads Global Action Against Favored Cybercrime Tool    Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks      Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

In this episode of Cyber Crime Junkies, host Dean Mauro explores listener question of who do hackers target the most. He explains the real truth about cyber crime,  recent examples of Cyber crime This year, Small business cyber attacks, and he evaluates FBI IC3 Report 2025Send us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com

In today's episode, host Jim Love covers recent cybersecurity threats, including malware hidden in DNS records, a custom backdoor targeting SonicWall SMA devices, the US military assuming a network compromise after Chinese hackers targeted VPNs and email servers, and a $27 million theft from the BigONE crypto exchange. The show highlights how attackers are using innovative techniques to evade detection and emphasizes the need for increased vigilance in monitoring and securing systems. 00:00 Introduction to Cybersecurity News 00:26 Malware Hidden in DNS Records 02:26 SonicWall Devices Under Attack 04:30 US Military Breach by Chinese Hackers 07:07 $27 Million Crypto Theft 08:58 Conclusion and Listener Engagement

In this engaging conversation, Dr. Eric Cole, a former CIA hacker, shares his unique journey from cybersecurity to personal growth. He discusses the importance of mindset, the realities of privacy in the digital age, and how to make informed decisions. Dr. Cole emphasizes the need for awareness in cybersecurity, especially with the rise of AI, and offers practical advice for individuals to protect themselves. He also explores the parallels between technology and human behavior, advocating for a more mindful approach to both. The discussion culminates in Dr. Cole's vision for the future of cybersecurity and humanity, highlighting the importance of merging these two realms for a safer world.Chapters00:00 From Hacking to Healing: Dr. Eric Cole's Journey02:52 The Cybersecurity Landscape: Risks and Realities05:55 Privacy in the Digital Age: What You Need to Know11:59 Navigating Technology: Tips for Staying Secure18:03 AI: A Double-Edged Sword for Humanity23:53 Breaking Through Limiting Beliefs: The Human Element27:54 Empowering Technical Minds29:07 The Malware of Self-Awareness32:28 The Power of Reflection and Listening33:56 Setting Long-Term Goals for Success37:20 Lessons from High Performers40:22 Teaching Responsibility to the Next Generation47:03 Vision for Cybersecurity and Humanity

Pentagon welcomes Chinese engineers into its environment HazyBeacon: It's not a beer, but it leaves a bitter aftertaste What the world needs now is another framework Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

DShield Honeypot Log Volume Increase Within the last few months, there has been a dramatic increase in honeypot log volumes and how often these high volumes are seen. This has not just been from Jesse s residential honeypot, which has historically seen higher log volumes, but from all of the honeypots that Jesse runs. https://isc.sans.edu/diary/DShield+Honeypot+Log+Volume+Increase/32100 Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware. Koi Security s investigation of a single verified color picker exposed a coordinated campaign of 18 malicious extensions that infected a massive 2.3 million users across Chrome and Edge. https://blog.koi.security/google-and-microsoft-trusted-them-2-3-million-users-installed-them-they-were-malware-fb4ed4f40ff5 RDP Forensics Comprehensive overview of Windows RDP Forensics https://medium.com/@mathias.fuchs/chasing-ghosts-over-rdp-lateral-movement-in-tiny-bitmaps-328d2babd8ec

In this episode of The WillPower Podcast, I sit down with Rich Kahn, the CEO and co-founder of Anura, a leading fraud detection platform designed to eliminate ad fraud and expose malware before it wreaks havoc. Rich shares how his entrepreneurial journey led him to operate an Inc. 5000 company for five consecutive years, and what it takes to build trust and transparency in a world increasingly dominated by digital deception.We dive deep into how Anura helps companies protect their marketing spend, the hidden costs of fraud most businesses don't realize, and what Rich believes every entrepreneur should know about cybersecurity today.If you're building online, running ads, or just want to safeguard your business, this episode is a must-listen.

Columbia University has recently suffered a significant data breach, compromising the personal information of 1.8 million individuals, including social security numbers and financial aid details. The hacker, motivated by political opposition to affirmative action policies, claims to have stolen 460 gigabytes of sensitive data. This incident is part of a troubling trend of politically motivated cyber attacks targeting higher education institutions, particularly following the Supreme Court's decision to bar affirmative action practices in 2023. The limited media coverage of this breach raises concerns about data security and the integrity of academic institutions.In a related development, malware detection has surged by 171% in the first quarter of 2025, according to a report from WatchGuard Technologies. This increase highlights the growing sophistication of cyber threats that are outpacing traditional defenses. The report indicates a staggering 712% rise in new malware threats on endpoints, with the LSASS dumper identified as a leading threat. This trend underscores the need for organizations, especially universities and small businesses, to recognize the escalating risks and adapt their security strategies accordingly.Huntress has announced a collaboration with Microsoft to enhance cybersecurity for businesses, integrating its enterprise-grade solutions with Microsoft environments. This partnership aims to provide essential protections for endpoints and identities, allowing organizations to respond more effectively to cyber threats. Meanwhile, Microsoft is discontinuing the use of its Authenticator app for password storage, prompting users to transition to alternative solutions. This shift emphasizes the need for users to rethink their credential management strategies in light of evolving security practices.The podcast also touches on the implications of recent incidents involving major IT service providers, such as Ingram Micro's ransomware attack, which has raised concerns about vendor trust and supply chain fragility. As vendors face scrutiny following security breaches, the erosion of trust in their products becomes a significant issue for managed service providers (MSPs). Additionally, the discussion includes emerging concepts in artificial intelligence, such as context engineering, and the growing prevalence of AI note-takers in meetings, which raises questions about the balance between technological efficiency and human interaction in the workplace. Four things to know today 00:00 Columbia Breach and Malware Surge Show Why Compliance Alone Fails in Today's Threat Landscape04:19 Huntress and Microsoft Join Forces to Bring Enterprise-Grade Security to SMBs and MSPs07:18 Palo Alto Networks Denies Involvement in Ingram Micro Ransomware Attack08:53 MCP's Universal Plugin Model Could Transform MSP Integration and Governance This is the Business of Tech.    Supported by: https://mspradio.com/engage/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Why does security awareness training so often fail? In this episode of Unspoken Security, host AJ Nash welcomes Living Security CEO Ashley M. Rose to discuss this common issue. They explore how compliance-driven, "check-the-box" training creates a false sense of security. This old model relies on vanity metrics and rituals instead of reducing actual human risk.Ashley presents a better way forward through human risk management. This modern strategy moves beyond simple phishing tests and integrates data from your existing security tools. It provides a full view of employee behavior to identify and address risks proactively. The goal is to make security training engaging and effective, not just another task to ignore.The conversation also covers the nuanced relationship between human risk management and insider threat programs. AJ and Ashley discuss how to empower employees and transform them from a potential liability into an organization's greatest security asset, creating a stronger, more resilient workforce.Send us a textSupport the show

What s My File Name Malware may use the GetModuleFileName API to detect if it was renamed to a name typical for analysis, like sample.exe or malware.exe https://isc.sans.edu/diary/What%27s%20My%20%28File%29Name%3F/32084 Atomic macOS infostealer adds backdoor for persistent attacks Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as 'AMOS') that comes with a backdoor, to attackers persistent access to compromised systems. https://moonlock.com/amos-backdoor-persistent-access HOUKEN SEEKING A PATH BY LIVING ON THE EDGE WITH ZERO-DAYS At the beginning of September 2024, an attacker repeatedly exploited vulnerabilities CVE-2024- 8190, CVE-2024-8963, and CVE-2024-9380 vulnerabilities to remotely execute arbitrary code on vulnerable Ivanti Cloud Service Appliance devices. https://www.cert.ssi.gouv.fr/uploads/CERTFR-2025-CTI-009.pdf SEO Scams Targeting Putty, WinSCP, and AI Tools Paid Google ads are advertising trojaned versions of popuplar tools like ssh and winscp https://arcticwolf.com/resources/blog-uk/malvertising-campaign-delivers-oyster-broomstick-backdoor-via-seo-poisoning-and-trojanized-tools/

Please enjoy this encore of Only Malware in the Building. Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by ⁠⁠N2K Networks⁠⁠ ⁠⁠Dave Bittner⁠⁠ and our newest co-host, ⁠Keith Mularski⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠Qintel⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss the growing trend of cybercriminals using legitimate remote monitoring and management (RMM) tools in email campaigns as a first-stage payload. They explore how these tools are being leveraged for data theft, financial fraud, and lateral movement within networks. With the decline of traditional malware delivery methods, including loaders and botnets, the shift toward RMMs marks a significant change in attack strategies. Tune in to learn more about this evolving threat landscape and how to stay ahead of these tactics.

Hawaiian Airlines reports a cybersecurity incident. Microsoft updates its Windows Resiliency Initiative after the 2024 CrowdStrike crash. CitrixBleed 2 is under active exploitation in the wild. Researchers disclose a critical vulnerability in Open VSX. Malware uses prompt injection to evade AI analysis. A new report claims Cambodia turns a blind eye to scam compounds. Senators propose a ban on AI tools from foreign adversaries. An NSA veteran is named top civilian at U.S. Cyber Command. Maria Varmazis speaks with Ian Itz from Iridium Communications on allowing IoT devices to communicate directly with satellites. One Kansas City hacker's bold marketing campaign ends with a guilty plea. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Ian Itz, Executive Director at the IoT Line of Business at Iridium Communications. Ian spoke with T-Minus Space Daily host Maria Varmazis on their Deep Space weekend show about how Iridium allows IoT devices, like sensors and trackers, to communicate directly with satellites, bypassing terrestrial infrastructure. We share an excerpt of their conversation on our show today. You can listen to the full conversation on Deep Space. And, be sure to check out T-Minus Space Daily brought to you by N2K CyberWire each weekday on your favorite podcast app. Selected Reading Hawaiian Airlines Hit by Cybersecurity Incident (Infosecurity Magazine) Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage (SecurityWeek) CitrixBleed 2 Vulnerability Exploited (Infosecurity Magazine) Vulnerability Exposed All Open VSX Repositories to Takeover (SecurityWeek) Prompt injection in malware sample targets AI code analysis tools (SC Media) Scam compounds labeled a 'living nightmare' as Cambodian government accused of turning a blind eye (The Record) Bipartisan bill seeks to ban federal agencies from using DeepSeek, AI tools from ‘foreign adversaries' (The Record) NSA's Patrick Ware takes over as top civilian at U.S. Cyber Command (The Record) Man Who Hacked Organizations to Advertise Security Services Pleads Guilty (SecurityWeek) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Katz Stealer in JPG Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA file to load an image that includes embeded a copy of Katz stealer. https://isc.sans.edu/diary/More+Steganography/32044 https://unit42.paloaltonetworks.com/malicious-javascript-using-jsfiretruck-as-obfuscation/ JavaScript obfuscated with JSF*CK is being used on over 200,000 websites to direct victims to malware Expired Discord Invite Links Used for Malware Distribution Expired discord invite links are revived as vanity links to direct victims to malware sites https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/