Podcasts about Malware

  • 1,755PODCASTS
  • 6,894EPISODES
  • 38mAVG DURATION
  • 1DAILY NEW EPISODE
  • Oct 28, 2025LATEST
Malware

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about Malware

Show all podcasts related to malware

Latest podcast episodes about Malware

WCCO Tech Talk
Protecting Your Computer From Malicious Forces

WCCO Tech Talk

Play Episode Listen Later Oct 26, 2025 38:33


Doug Swinhart and Steve Thomson take your calls on those nagging computer problems. Several questions ask how to protect your tech from malware and other malicious actors. Also, they tackle the latest on some widespread breaches and discuss what to look for when buying a printer.

Cyber Security Headlines
Russian hackers replace malware with new tools, Windows updates cause login issues, campaign targets high-profile servers

Cyber Security Headlines

Play Episode Listen Later Oct 22, 2025 8:03


Russian state hackers replace burned malware with new tools Recent Windows updates cause login issues on some PCs Sophisticated campaign targets servers of high-profile organizations Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats — stop them with ThreatLocker.

Hoje no TecMundo Podcast
Usa EXTENSÕES no CHROME? CUIDADO! Tem Malware RUSSO e Whatsapp vulnerável! Meteoros no Brasil e mais!

Hoje no TecMundo Podcast

Play Episode Listen Later Oct 21, 2025 12:16


Você usa extensões no Chrome? CUIDADO! Mais de 130 delas estão deixando o WhatsApp vulnerável; Google identificou três novas famílias de malware russo criadas por hackers, quais são e como se proteger? Atualização de emergência do Windows 11 corrige problemas de recuperação; Que horas será a chuva de meteoros no Brasil? Veja horário e como assistir! O Pix travou, GPT-6 vai chegar logo? o Brasil estreitou laços com a Índia e a Netflix perdeu ações, será que ela vai de arrasta? Vem com a gente que aqui damos notícias de tecnologia 24h!

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Tuesday, October 21st, 2025: Syscall() Obfuscation; AWS down; Beijing Time Attack

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Oct 20, 2025 9:17


Using Syscall() for Obfuscation/Fileless Activity Fileless malware written in Python can uses syscall() to create file descriptors in memory, evading signatures. https://isc.sans.edu/diary/Using%20Syscall%28%29%20for%20Obfuscation%20Fileless%20Activity/32384 AWS Outages AWS has had issues most of the day on Monday, affecting numerous services. https://health.aws.amazon.com/health/status Time Server Hack China reports a compromise of its time standard servers. https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html

Cyber Security Today
Critical Security Alerts: TikTok Malware & Europol's SIM Farm Takedown

Cyber Security Today

Play Episode Listen Later Oct 20, 2025 14:42 Transcription Available


In this episode of Cybersecurity Today, host David Shipley covers the latest developments in cyber threats and law enforcement victories. Topics include: cybercriminals using TikTok videos to disseminate malware through click-fix attacks, Europol shutting down a massive SIM farm powering 49 million fake online accounts, and Microsoft's emergency patch release for a critical ASP.NET Core vulnerability rated 9.9 in severity. The episode also highlights community efforts in raising cybersecurity awareness. 00:00 Introduction and Headlines 00:23 TikTok Malware Campaign 03:43 Europol's Major SIM Farm Bust 07:45 Microsoft's Critical ASP.NET Core Vulnerability 11:55 Community Shoutouts and Conclusion

Backup Central's Restore it All
The ArcGIS Hack That Turned Backups Into a Malware Repository

Backup Central's Restore it All

Play Episode Listen Later Oct 20, 2025 25:18 Transcription Available


This episode examines a sophisticated ArcGIS hack that remained undetected for 12 months. The threat group Flax Typhoon compromised an ArcGIS server by exploiting weak credentials and deploying a malicious Java extension that functioned as a web shell. The attack highlights critical failures in traditional security approaches: the malware was backed up along with legitimate data, signature-based detection tools completely missed the custom code, and the lack of multi-factor authentication made the initial breach possible. Curtis and Prasanna discuss why behavioral detection is now mandatory, how password length trumps complexity, and the importance of cyber hygiene practices like regular system audits and extension management. They also cover ReliaQuest's recommendations for preventing similar attacks, including automated response playbooks and monitoring for anomalous behavior. If you're running public-facing applications or managing any IT infrastructure, this episode provides actionable lessons you can't afford to ignore.https://reliaquest.com/blog/threat-spotlight-inside-flax-typhoons-arcgis-compromise

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Monday, October 20th, 2025: Malicious Tiktok; More Google Ad Problems; Satellite Insecurity

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Oct 19, 2025 6:14


TikTok Videos Promoting Malware InstallationTikTok Videos Promoting Malware Installation Tiktok videos advertising ways to obtain software like Photoshop for free will instead trick users into downloading https://isc.sans.edu/diary/TikTok%20Videos%20Promoting%20Malware%20Installation/32380 Google Ads Advertise Malware Targeting MacOS Developers Hunt.io discovered Google ads that pretend to advertise tools like Homebrew and password managers to spread malware https://hunt.io/blog/macos-odyssey-amos-malware-campaign Satellite Transmissions are often unencrypted A large amount of satellite traffic is unencrypted and easily accessible to eavesdropping https://satcom.sysnet.ucsd.edu

The CyberWire
Smile for the malware. [Research Saturday]

The CyberWire

Play Episode Listen Later Oct 18, 2025 28:12


Eclypsium researchers Jesse Michael and Mickey Shkatov to share their work on "BadCam - Now Weaponizing Linux Webcams." Eclypsium researchers disclosed “BadCam,” a set of vulnerabilities in certain Lenovo USB webcams that run Linux and do not validate firmware signatures, allowing attackers to reflash the devices and turn them into BadUSB-style tools. An adversary who supplies a backdoored camera or who gains remote code execution on a host can weaponize the webcam to emulate human-interface devices, inject keystrokes, deliver payloads, and maintain persistence — even re-infecting systems after OS reinstalls. The findings were presented at DEF CON 2025, Lenovo issued updated firmware/tools in coordination with SigmaStar, and researchers warn the same vector could affect other Linux-based USB peripherals, underscoring the need for firmware signing and stronger device attestation. The research can be found here: BadCam: Now Weaponizing Linux Webcams Learn more about your ad choices. Visit megaphone.fm/adchoices

Research Saturday
Smile for the malware.

Research Saturday

Play Episode Listen Later Oct 18, 2025 28:12


Eclypsium researchers Jesse Michael and Mickey Shkatov to share their work on "BadCam - Now Weaponizing Linux Webcams." Eclypsium researchers disclosed “BadCam,” a set of vulnerabilities in certain Lenovo USB webcams that run Linux and do not validate firmware signatures, allowing attackers to reflash the devices and turn them into BadUSB-style tools. An adversary who supplies a backdoored camera or who gains remote code execution on a host can weaponize the webcam to emulate human-interface devices, inject keystrokes, deliver payloads, and maintain persistence — even re-infecting systems after OS reinstalls. The findings were presented at DEF CON 2025, Lenovo issued updated firmware/tools in coordination with SigmaStar, and researchers warn the same vector could affect other Linux-based USB peripherals, underscoring the need for firmware signing and stronger device attestation. The research can be found here: BadCam: Now Weaponizing Linux Webcams Learn more about your ad choices. Visit megaphone.fm/adchoices

DailyCyber The Truth About Cyber Security with Brandon Krieger
Reverse Engineering, AI, and the Economics of Malware with Danny Quist| DailyCyber 277 ~Watch Now ~

DailyCyber The Truth About Cyber Security with Brandon Krieger

Play Episode Listen Later Oct 18, 2025 65:22


AI, Reverse Engineering & the Economics of Malware | Danny Quist | DailyCyber 277 ~ Watch Now ~In this episode of DailyCyber, I sit down with Danny Quist, Chief Technology Officer at PolySwarm, to unpack the intersection of AI, reverse engineering, and cybersecurity economics.Danny brings nearly two decades of experience leading research and analysis teams at Redacted, Bechtel, MIT Lincoln Laboratory, and Los Alamos National Laboratory. As a Ph.D. in Computer Science and educator at New Mexico Tech, he bridges deep technical expertise with practical guidance for cybersecurity professionals. 

Infosec Decoded
Malware on Blockchains

Infosec Decoded

Play Episode Listen Later Oct 17, 2025 16:50


Infosec Decoded Season 5 #82: Malware on BlockchainsWith sambowne@infosec.exchangeLinks: https://samsclass.info/news/news_101725.htmlRecorded Fri, Oct 17, 2025

Unspoken Security
Redefining National Security

Unspoken Security

Play Episode Listen Later Oct 16, 2025 56:14


In this episode of Unspoken Security, host A.J. Nash sits down with LaurenZabierek, Senior Vice President for the Future of Digital Security at theInstitute for Security and Technology. Together, they examine how thetraditional view of national security often overlooks the people it seeks toprotect. Lauren shares why national security must move beyond militaryand government, and instead focus on the everyday risks that affecteveryone—whether that's cybersecurity, healthcare, or even climate safety.Lauren makes a strong case for widening the lens on security. She explainswhy protecting people requires new thinking and fresh policies, not justmore funding for defense. She also describes the need for face-to-faceconnections and open dialogue to rebuild trust and unity in a fracturedworld.The conversation turns to software and the Secure by Design movement.Lauren outlines how changing incentives for software companies can leadto safer products. She draws on lessons from automotive and aviationsafety to show paths forward, and encourages listeners to help drivedemand for secure technology across all industries.Send us a textSupport the show

Le monde de la cyber
[Tour de France Cyber] Toulouse, terre du numérique et de l'innovation

Le monde de la cyber

Play Episode Listen Later Oct 14, 2025 47:45


Depuis quelques semaines, je suis partie à la découverte de l'écosystème cyber de ma nouvelle région : l'Occitanie ☀️Et quel bonheur d'être si bien accueillie et de découvrir les événements cyber locaux comme ici à au Festival du numérique et de l'innovation d'Occitanie !J'ai eu la chance de m'entretenir avec quatre personnalités autour du micro du podcast :

Engadget
Malware apps posing as free VPNs are on the rise

Engadget

Play Episode Listen Later Oct 13, 2025 6:11


A recent report on the Klopatra malware operation shows hackers taking advantage of a surge in VPN use. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Microsoft Threat Intelligence Podcast
Threat Landscape Update: Ransomware-as-a-Service and Advanced Modular Malware

Microsoft Threat Intelligence Podcast

Play Episode Listen Later Oct 8, 2025 30:31


In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Tori Murphy, Anna Seitz, and Chuong Dong to break down two threats: the modular backdoor PipeMagic and Medusa ransomware. They discuss how PipeMagic disguises itself as a ChatGPT desktop app to deliver malware, its sophisticated modular design, and what defenders can do to detect it.   The team also explores Medusa's evolution into a ransomware-as-a-service model, its use of double extortion tactics, and the broader threat landscape shaped by ransomware groups, social engineering, and the abuse of legitimate tools.   In this episode you'll learn:       Why modular malware is harder to detect and defend against  How attackers abuse vulnerable drivers to disable security tools  Why leak sites play a central role in ransomware operations  Some questions we ask:      How did Microsoft researchers uncover PipeMagic in the wild?  Why do ransomware groups often borrow names and themes from mythology?  What initial access techniques are commonly associated with Medusa attacks?    Resources:   View Anna Seitz on LinkedIn  View Chuong Dong on LinkedIn    View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider    The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

Hacking Humans
When malware goes bump in the night.

Hacking Humans

Play Episode Listen Later Oct 7, 2025 49:38


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is ⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠, ⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠ and ⁠⁠⁠Keith Mularski⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠Qintel⁠⁠⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this spooky special episode, our hosts ponder which threat actor, malware, or campaign name would be the most terrifying — from the spectral stealth of GhostRAT silently haunting your systems, to the deceptively sweet lure of ILoveYou that once spread chaos across the globe. Along the way, they share some of their favorite “ghost stories” from the cyber underworld — legendary incidents and infamous operations that still haunt defenders today — and explore why these names and their real-world impacts have left such lasting scars on the digital landscape. Plus, we've cooked up a fun, mystery-solving video to accompany this episode — complete with spooky clues, masked sleuths, and a few laugh-out-loud moments that fans of classic cartoon detectives will appreciate. Check it out on YouTube and see if you can unmask the culprit!

Only Malware in the Building
When malware goes bump in the night.

Only Malware in the Building

Play Episode Listen Later Oct 7, 2025 49:38


Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is ⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠, ⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠ ⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠ and ⁠⁠⁠Keith Mularski⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠Qintel⁠⁠⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this spooky special episode, our hosts ponder which threat actor, malware, or campaign name would be the most terrifying — from the spectral stealth of GhostRAT silently haunting your systems, to the deceptively sweet lure of ILoveYou that once spread chaos across the globe. Along the way, they share some of their favorite “ghost stories” from the cyber underworld — legendary incidents and infamous operations that still haunt defenders today — and explore why these names and their real-world impacts have left such lasting scars on the digital landscape. Plus, we've cooked up a fun, mystery-solving video to accompany this episode — complete with spooky clues, masked sleuths, and a few laugh-out-loud moments that fans of classic cartoon detectives will appreciate. Check it out on YouTube and see if you can unmask the culprit!

LINUX Unplugged
635: The Texas Linux Fest Special

LINUX Unplugged

Play Episode Listen Later Oct 6, 2025 90:03 Transcription Available


Our cross-continent race to Texas Linux Fest culminates into fantastic meat, meetups, and more.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Legacy
Fraud Detection and Digital Marketing In the age of AI

Legacy

Play Episode Listen Later Oct 6, 2025 20:46


Ready to shield your digital marketing efforts from the pervasive threat of ad fraud? Join us as we sit down with Rich Kahn, the visionary co-founder and CEO of Anura. With over two decades of expertise, Rich takes us through his journey of identifying a critical gap in the market and developing a robust ad fraud solution. From bots to malware, discover how Anura innovatively tackles fraudulent activities, significantly safeguarding advertisers' investments. Rich unpacks the sophisticated nature of ad fraud, especially with the rise of AI, and highlights the staggering financial implications that call for urgent attention. This episode promises to equip you with the knowledge to better understand and combat ad fraud, enhancing your ROI in the competitive landscape of digital marketing. Moreover, we navigate the complexities of pricing SaaS solutions, shedding light on the balance between development costs and competitive pricing. Rich shares invaluable insights into the strategic pricing journey, from establishing credibility with initial low prices to the importance of ROI in setting rates. As we explore the ever-evolving fraud detection landscape, Rich emphasizes the necessity of standardized approaches and the potential industry growth. With only a fraction of websites employing fraud detection solutions, we delve into the future risks that digital marketing expenditures face. Tune in to learn more about Anura's groundbreaking work and its pivotal role in the ongoing battle against ad fraud. Don't miss this opportunity to stay ahead of the curve in effectively managing your digital marketing investments. Timestamps 00:00:01 - Introduction and Welcome to Business Legacy Podcast   00:00:45 - Introduction to Rich Kahn and Anura's Origins   00:02:15 - Rich Kahn's Early Days and the Genesis of Anura   00:03:30 - Understanding Ad Fraud: Bots, Malware, and Human Actors   00:05:10 - The Role of AI in Fraud Detection and Challenges Faced   00:06:45 - Financial Impacts of Ad Fraud on Digital Marketing   00:09:03 - Introduction to Pricing Strategies for SaaS Solutions   00:10:00 - Balancing Development Costs and Competitive Pricing   00:11:30 - Importance of ROI in SaaS Pricing Models   00:12:45 - Grassroots Approach to Building an Initial Client Base   00:14:15 - Enhancing Fraud Detection Accuracy and Industry Challenges   00:15:30 - Importance of Standardization in Fraud Detection   00:16:45 - Anura's Commitment to Accuracy and Reliability   00:18:00 - Growth Potential in Fraud Detection and Industry Insights   00:19:30 - Parallels Between Digital Marketing Expenditure and the Dot-Com Bubble   00:20:45 - Conclusion and Final Thoughts from Rich Kahn   00:21:30 - Where to Find More Information About Anura   Episode Resources: Connect with Rich here and find more out about fraud with an ebook and guides:  https://www.anura.io/ Legacy Podcast: For more information about the Legacy Podcast and its co-hosts, visit businesslegacypodcast.com. Leave a Review: If you enjoyed the episode, leave a review and rating on your preferred podcast platform. For more information: Visit businesslegacypodcast.com to access the shownotes and additional resources on the episode.

Hoje no TecMundo Podcast
VAZAMENTO: Disney+, HBO, McDonald's e mais! Malware em ZIP, Hackers em FALSO Teams e Peaky Blinders!

Hoje no TecMundo Podcast

Play Episode Listen Later Oct 3, 2025 15:21


Hackers utilizam falso Teams para ter acesso remoto a computadores; Malware se esconde em arquivos zip para roubar dados; Site criminoso vai expor dados de clientes Disney, HBO, McDonald's, Cisco e outras empresas; Não é só metanol: cervejaria paralisada por ataque de ransomware e Netflix anuncia sequência de Peaky Blinders!

Unspoken Security
Security Awareness for the Connected Generation

Unspoken Security

Play Episode Listen Later Oct 2, 2025 62:07


In this episode of Unspoken Security, host A.J. Nash sits down with Marley Salveter, Director of Marketing at Unspoken Security. They explore how digital privacy and security awareness look different for younger generations who have grown up in a world where sharing personal data is routine, not a choice. Marley shares her perspective on adapting to life online, where building a personal brand and protecting personal information often overlap for today's professionals.Marley explains how her generation views data privacy as an accepted tradeoff, not a conscious decision, and why traditional corporate security training rarely feels relevant. She discusses the real risks of living in public—how threats feel less urgent until they get personal and why the rapid response of tech platforms can mask the lasting impact of breaches. She and A.J. dig into the challenge of communicating security risks to a connected generation that rarely sees tangible consequences.Together, they reflect on how open conversations bridge generational gaps and why storytelling and relatable dialogue help people internalize security lessons. Marley argues that making security personal is key to lasting change—especially for those building their careers and brands in the public eye.Send us a textSupport the show

Cyber Security Headlines
China-linked group linked to new malware, 2024 VMware zero-day still exploited, iOS fixes a bevy of glitches

Cyber Security Headlines

Play Episode Listen Later Oct 1, 2025 8:28


China-Linked Group Hits Governments With Stealth Malware Chinese hackers exploit VMware zero-day since October 2024 Apple's iOS fixes a bevy of glitches Huge thanks to our sponsor, Nudge Security The SaaS supply chain is a hot mesh. As your workforce introduces new SaaS apps and integrations, hidden pathways are created that attackers can exploit to gain access to core business systems. That's exactly what happened in the Drift breach, and it will happen again. But, all is not lost. Nudge Security gives you the visibility and control you need to stop these attacks. Within minutes of starting a free trial, you'll discover every SaaS app and integration in your environment, map your SaaS supply chain, and identify risky OAuth grants that could be exploited.  The best part? Nudge Security alerts you of breaches impacting your 3rd and 4th party SaaS providers. That's right, even 4th party! So, you can take action quickly to limit the ripple effects. Learn how Nudge can help you secure your entire SaaS ecosystem at nudgesecurity.com/supplychain  

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Tuesday, September 30th, 2025: Apple Patch; PAN Global Protect Scans; SSL.com signed malware

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Sep 30, 2025 5:06


Apple Patches Apple released patches for iOS, macOS, and visionOS, fixing a single font parsing vulnerability https://isc.sans.edu/diary/Apple%20Patches%20Single%20Vulnerability%20CVE-2025-43400/32330 Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400). Our honeypots detected an increase in scans for a Palo Alto Global Protect vulnerability. https://isc.sans.edu/diary/Increase%20in%20Scans%20for%20Palo%20Alto%20Global%20Protect%20Vulnerability%20%28CVE-2024-3400%29/32328 Nimbus Manticore / Charming Kitten Malware update Checkpoint released a report with details regarding a new Nimbus Manticore exploit kit. The malware in this case uses valid SSL.com-issued certificates. https://research.checkpoint.com/2025/nimbus-manticore-deploys-new-malware-targeting-europe/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Monday, September 29th, 2025: Convert Timestamps; Cisco Compromises; GitHub Notification Phishing

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Sep 29, 2025 8:36


Converting Timestamps in .bash_history Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format. https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324 Cisco ASA/FRD Compromises Exploitation of the vulnerabilities Cisco patched last week may have bone back about a year. Cisco and CISA have released advisories with help identifying affected devices. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices Github Notification Phishing Github notifications are used to impersonate YCombinator and trick victims into installing a crypto drainer. https://www.bleepingcomputer.com/news/security/github-notifications-abused-to-impersonate-y-combinator-for-crypto-theft/

The Cliff Ravenscraft Show - Mindset Answer Man
794 - Can You Still Get Paid to Blog in 2025? With Megan Porta of Eat Blog Talk

The Cliff Ravenscraft Show - Mindset Answer Man

Play Episode Listen Later Sep 29, 2025 45:14


Over the past few years, I've heard several people suggest that "blogging is dead." However, one of my favorite coaching clients earns her primary income from her blog and also hosts retreats and an annual conference for an entire community of food bloggers who earn an income from their blogging efforts. So I invited my client, Megan Porta, and asked her the question, "Can you still make money blogging in 2025?" Short answer: Yes. It's doable. It looks different than it did a decade ago. It requires real passion, patience, and a focus on what serves readers right now. Below are thorough show notes to meet you exactly where you are. If you want to start or revive a blog as a real income stream, these notes double as a step-by-step primer. What This Episode Covers Why blogging still pays when you pair patience with passion Megan has seen brand-new bloggers “crushing it.” The difference now is you cannot fake it. Your readers and Google both know when you do. Authenticity wins. The fastest realistic path to first income Join a quality ad network once your traffic qualifies. We name the two big players and their current thresholds. We also discuss why Google SEO and Pinterest are still the two traffic pillars that move the needle. Niching way down to win Broad “everything” blogs struggle today. Specific sub-niches serve specific people and get rewarded. Think “vegan cakes” instead of “vegan.” The love for your topic has to show up in every post. The collaboration playbook for early momentum Smart email list swaps. Contributing value inside the right Facebook groups without spamming. How one helpful post can put a niche creator “on the map” in months. Income beyond ads Digital products. Memberships. Sponsorships. How to think about affiliate income post-HCU and what still works if you are selective. Platform and tech choices that save you pain Why WordPress.org with solid hosting is still the move. Why a VPS and proactive security matter. Real-world cautionary tales about updates, backups, and malware. Key Takeaways and Insights 1) Yes, you can still get paid to blog. The bar is higher. If you bring patience and genuine expertise, you can absolutely build an income today. People starting in the last year or two are succeeding. The difference is the landscape. Authenticity and user value must drive your strategy. 2) Niche inside the niche Winning examples are laser-specific. Pick a tight segment of a larger category, then become unmistakably helpful to that reader. This is how you break through and build trust. 3) Traffic plan: SEO and Pinterest first To qualify for premium ad networks, prioritize traffic that comes from search and Pinterest. Current thresholds discussed in the episode: Mediavine at roughly 50,000 sessions per month and Raptive at roughly 100,000 pageviews per month. Build to those numbers, then let ad RPMs start compounding. 4) Collaboration without spam Use email list collaborations. Show up consistently inside large, topic-relevant Facebook groups. Earn trust by answering questions with real substance. This moves traffic quickly when your niche is dialed in. 5) Create on-topic, helpful content Google's Helpful Content updates pushed bloggers to stay tightly aligned with user intent. Keep posts on point for your niche. Tangential personal stories and off-topic content dilute perceived expertise and can hurt discoverability. 6) Monetization mix that works in 2025 Display Ads once you hit network thresholds. This becomes semi-passive as your library grows. Digital Products as quick wins: ebooks, guides, weekly prep plans. These are simple to produce and match your audience's immediate needs. Memberships if your audience is invested. Price points in food niches commonly range from about 5 to 20 dollars per month, often for ad-free experiences or exclusive content. Tech options include WordPress setups and hosted communities such as Circle, Skool, Slack, Discord, Mighty Networks, and niche tools like Member Kitchens. Sponsorships when you can articulate your audience's value. Niche reach can beat raw follower counts if you understand a sponsor's acquisition economics and lifetime value. Affiliate Income is trickier after recent updates. It can still work at higher commissions or with premium offers. Treat it as a supplemental play, not your core plan. 7) Stack the tech in your favor Choose WordPress.org for full control, proven SEO flexibility, and extensibility. Invest in good hosting. A VPS with strong uptime guarantees is worth it. Expect to pay roughly 89 to 150 dollars per month for reliability that protects your revenue. Treat security and backups as non-negotiables. Plugins and themes require regular updates. Malware exploits often come from simple neglect. Have a pro who can restore fast. This avoids losing days or weeks or years of content. Practical Playbook Phase 1. Choose a narrow niche and validate demand List ten posts your ideal reader would save today. Ensure all are tightly aligned with one outcome your niche cares about. Keep stories and extras on-topic so Google sees topical authority. Phase 2. Protect the asset Run WordPress.org on a reliable VPS and keep everything updated. Assign backups and security to a pro so you do not risk outages or data loss. Phase 3. Build a traffic engine Publish high-quality posts that answer exact questions your audience asks. Optimize for search and create Pinterest assets for each post. Aim for Mediavine or Raptive thresholds to unlock ad revenue. Phase 4. Accelerate through collaboration Join large, relevant Facebook groups. Contribute substantial answers that stand on their own. Start tasteful email list collaborations for quick, qualified traffic. Phase 5. Layer monetization Add an easy digital product that solves a specific use case. Test a simple membership once engagement is strong. Pitch sponsors when you can quantify your audience's fit and value. About My Guest Megan Porta has been blogging since 2010 and runs Eat Blog Talk, a podcast and community that supports food bloggers who want to grow and monetize. She is a strong voice for focus, patience, and authenticity in a space that has evolved dramatically. Resources Mentioned Megan's sites: PipAndEbby.com and EatBlogTalk.com. Megan welcomes follow-up questions at megan@eatblogtalk.com. Ad networks: Mediavine, Raptive, once you meet their traffic thresholds. Community and membership tools: Circle, Skool, Slack, Discord, Mighty Networks, Member Kitchens. Platform: WordPress.org with quality hosting and a VPS. I'm Here To Help! If you want help in building your own online business, send me a short note about your business dream and where you feel stuck. I will point you to the most useful next step, whether that is a free resource, a workshop, or coaching with me. My email is cliff@cliffravenscraft.com.

Destination Linux
437: NVIDIA & Intel's AI Alliance, Steam Malware, and Linux CUDA

Destination Linux

Play Episode Listen Later Sep 29, 2025 73:02


Destination Linux, DL 437, Linux Podcast, Open Source, Linux News, NVIDIA, Intel, AI Alliance, CUDA on Linux, Ubuntu CUDA, Steam Malware, Gaming Security, Trojan Virus, Vivaldi AI, Privacy Concerns, Scapy, Network Tool, Linux Community, Open Source

Moneycontrol Podcast
4838: Inside the $500 billion AI compute race, JLR's cybersecurity breach puts TCS on the spotlight and Dune-inspired malware is targeting Indian startups | MC Tech3

Moneycontrol Podcast

Play Episode Listen Later Sep 26, 2025 7:14


In today's Tech3 from Moneycontrol, we break down the half-trillion dollar AI compute arms race as tech giants lock in chips, data centres, and cloud deals. We look at Jaguar Land Rover's major cyberattack that has put Tata Consultancy Services under intense scrutiny. Plus, India's CERT-In warns of “Shai Hulud,” a Dune-inspired malware campaign targeting startups and developers, and foodtech startup Curefoods secures a Rs 160 crore pre-IPO round from Binny Bansal.

TechLinked
Android for PC, Snapdragon X2 Elite EXTREME, Steam malware + more!

TechLinked

Play Episode Listen Later Sep 25, 2025 10:02


Timestamps: 0:00 Tune in to CakeLinked 0:18 Android on PC confirmed 1:29 Snapdragon X2 Elite, X2 Elite Extreme 2:17 Steam distributed malware 3:28 Nvidia and OpenAI investment, Stargate data centers 5:18 CookUnity! 6:28 QUICK BITS INTRO 6:42 Microsoft's microfluidic chip cooling 7:11 Vehicle-to-grid pilot program 7:55 Logitech K980 solar-powered keyboard 8:37 Origin Code fan-cooled DDR5 kits NEWS SOURCES: https://linustechtips.com/topic/1623492-android-for-pc-snapdragon-x2-elite-extreme-steam-malware-more-techlinked-september-24-2025/ Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Briefing
September 24, 2025 - Cyber Briefing

Cyber Briefing

Play Episode Listen Later Sep 24, 2025 9:19


If you like what you hear, please subscribe, leave us a review and tell a friend!Recent cyber incidents show a surge in attacks targeting both public and private sectors. Threat actors exploited vulnerabilities in software like GeoServer and Pandoc, leading to breaches in U.S. federal agencies and cloud environments. Malware campaigns, such as BadIIS, spread via SEO poisoning, while SonicWall and Boyd Gaming faced rootkits and data breaches, respectively. Security firms like Cloudflare successfully mitigated record-breaking DDoS attacks, and Mozilla introduced safeguards allowing Firefox add-on developers to roll back problematic updates. Law enforcement, including the Secret Service, has intervened to dismantle telecom threats impacting global operations like the UN.

PEBCAK Podcast: Information Security News by Some All Around Good People
Episode 226 - Jeremy Clarkson Hacked, AI Phishing Traps, Rise of Linux Desktop Malware, Taco Bell's Robot Revolution

PEBCAK Podcast: Information Security News by Some All Around Good People

Play Episode Listen Later Sep 22, 2025 54:47


Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Jeremy Clarkson hacked https://www.thesun.co.uk/news/36577873/jeremy-clarkson-farmers-dog-pub-computer-hackers/ https://www.ladbible.com/entertainment/celebrity/jeremy-clarkson-farmers-dog-pub-hacked-27000-002780-20250907   AI-powered phishing confusion https://malwr-analysis.com/2025/08/24/phishing-emails-are-now-aimed-at-users-and-ai-defenses/   Rise of Linux Desktop malware https://www.cloudsek.com/blog/investigation-report-apt36-malware-campaign-using-desktop-entry-files-and-google-drive-payload-delivery https://www.bleepingcomputer.com/news/security/apt36-hackers-abuse-linux-desktop-files-to-install-malware/   Companies experiment with replacing humans with AI https://www.wsj.com/articles/taco-bell-rethinks-future-of-voice-ai-at-the-drive-through-72990b5a  https://www.miaminewtimes.com/news/la-quinta-investigating-miamis-viral-remote-receptionist-23748941  https://www.ambscallcenter.com/blog/remote-receptionist-guide   Dad Joke of the Week (DJOW)   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/ Daren - https://www.linkedin.com/in/daren-schneider/

The Audit
Cybersecurity News: Grok AI Hijacked for Malware, Wi-Fi Heart Rate Hacks, Starlink Competition

The Audit

Play Episode Listen Later Sep 22, 2025 14:39 Transcription Available


Cybercriminals are exploiting X's Grok AI to bypass ad protections and spread malware to millions—while researchers discover your home Wi-Fi can now monitor your heart rate. This week's news breakdown covers the attack vectors you need to know about. Join co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem as they dive into the latest cybersecurity developments that could impact your organization tomorrow. From social media malvertising to biometric data harvesting through everyday devices, these aren't distant threats—they're happening now. Key Topics Covered:  How cybercriminals are weaponizing Grok AI for malvertising campaigns Why 10-15% of employees access risky content at work (and what to do about it)  Wi-Fi devices that can detect heart rates from 10 feet away—privacy implications  Amazon's Project Kuiper vs. Starlink: What 1GB satellite internet means for security  Practical defenses: YubiKeys, browser isolation, and network redundancy strategies Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers critical insights to help protect your business. Like, share, and subscribe for more in-depth security discussions! #cybersecurity #infosec #grok #malware #starlink #wifi #privacy #ITsecurity 

The Other Side Of The Firewall
Aerospace Attack, AI Malware & Synthetic Identities

The Other Side Of The Firewall

Play Episode Listen Later Sep 22, 2025 57:47


In this episode, Ryan Williams Sr. and Shannon Tynes discuss recent cybersecurity news, including a cyberattack on Collins Aerospace that disrupted flights at major European airports. They discuss the implications of AI in cybersecurity, particularly the emergence of AI-generated malware. The conversation shifts to the growing threat of synthetic identities in the finance sector, highlighting the challenges they pose. The hosts also share personal updates and insights on pop culture, including movies and series they are currently watching. Article: Cyberattack on Collins Aerospace disrupts flights at Heathrow, other European airports https://industrialcyber.co/transport/cyberattack-on-collins-aerospace-disrupts-flights-at-heathrow-other-european-airports/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExZ3VDa0YzNDkzR0IzeW9JbgEenbBLUTcs5cdMjI9yFGekTrVbXytgeFhLaxfLP-z7N7MAeujuz_gIbJiDcow_aem_ovDnjq4_7VyNjzj96IGbAQ First-ever AI-powered ‘MalTerminal' Malware Uses OpenAI GPT-4 to Generate Ransomware Code https://cybersecuritynews.com/first-ever-ai-powered-malterminal-malware/amp/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExZ3VDa0YzNDkzR0IzeW9JbgEencaQtTwkpmB5SRb8akQ4V6qZ4d8xEI7UMPogihOsmDsylm_t4AfcaEMnWwU_aem_pzYbuurHzL22zUnJkyPJXQ Plastic People, Plastic Cards: Synthetic Identities Plague Finance & Lending Sector https://www.darkreading.com/cybersecurity-operations/synthetic-identities-finance-lending-sector?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExZ3VDa0YzNDkzR0IzeW9JbgEeLdvkEoHqglNj3DpqyM2H29XNx_YG_b_CXgkJ1-Z_OX8BJBbaFFELtBCgZW8_aem_AbjtVG6MyRVqtG0jaCxrig Buy the guide: www.theothersideofthefirewall.com Please LISTEN

Noticentro
¡Cuidado! Detectan estafa con códigos QR

Noticentro

Play Episode Listen Later Sep 21, 2025 1:31


Aseguran bidones y bomba de hidrocarburo en Sonora  Pipa de gas vuelca en Hidalgo, no hay fuga ni heridos  Más información en nuestro Podcast

Unspoken Security
They're Hacking the People!

Unspoken Security

Play Episode Listen Later Sep 18, 2025 43:01


In this episode of Unspoken Security, host AJ Nash welcomes Ivan Novikov, CEO of Wallarm, to discuss the fundamental shifts in API security. They explore how APIs have evolved from internal tools to the public-facing backbone of mobile apps, IoT, and AI. This change has dramatically expanded the threat surface, making traditional security methods obsolete.Ivan explains why older approaches, like signature-based detection and RegEx, fail against modern attacks. He details Wallarm's unique solution: a real-time decompiler that analyzes the actual payload of API requests. This technique allows for deep inspection of complex and nested data formats, identifying malicious code that standard tools miss.The conversation also looks to the future, examining the security risks posed by the rapid adoption of AI agents. Ivan concludes with a stark comparison between physical and cyber threats. In the digital world, attacks are constant and aggressive. Success depends less on the tools you have and more on who you are and how you use them.Send us a textSupport the show

Out of the Woods: The Threat Hunting Podcast
S3 Ep43: Invasion of the Modular Malware

Out of the Woods: The Threat Hunting Podcast

Play Episode Listen Later Sep 18, 2025 56:54


*Threat Hunting Workshop: Hunting for Persistence - Level 2 September 24, 2025 | 12:00 - 1:00 PM ET Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-workshop-16-hunting-for-persistence-level-2 ---------- Top Headlines: Jamf Threat Labs | Learn about ChillyHell, a modular Mac backdoor: https://www.jamf.com/blog/chillyhell-a-modular-macos-backdoor/ SecureList | Malicious MCP servers used in supply chain attacks: https://securelist.com/model-context-protocol-for-ai-integration-abused-in-supply-chain-attacks/117473/?web_view=true Bitdefender Blog | EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company: https://www.bitdefender.com/en-us/blog/businessinsights/eggstreme-fileless-malware-cyberattack-apac welivesecurity | Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass: https://www.welivesecurity.com/en/eset-research/introducing-hybridpetya-petya-notpetya-copycat-uefi-secure-boot-bypass/ ---------- Stay in Touch! Twitter: https://twitter.com/Intel471Inc LinkedIn: https://www.linkedin.com/company/intel-471/ YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg Discord: https://discord.gg/DR4mcW4zBr Facebook: https://www.facebook.com/Intel471Inc/

RCN Digital
iPhone 17, Nano Banana, la gira de Oasis, Lady Gaga y el nuevo malware

RCN Digital

Play Episode Listen Later Sep 12, 2025 27:32


Un “código fantasma” descubierto por la NASA. La gira de Oasis genera records en turismo. Lo nuevo de Apple: iPhone 17, sus nuevos AirPods y Apple Watch. Nanobana, la nueva herramienta de edición con IA integrada en Gemini. Ucademy, la edutech que ayudan a los jóvenes a estudiar en el exterior.

RCN Digital
iPhone 17, Nano Banana, la gira de Oasis, Lady Gaga y el nuevo malware

RCN Digital

Play Episode Listen Later Sep 12, 2025 27:32 Transcription Available


Un “código fantasma” descubierto por la NASA. La gira de Oasis genera records en turismo. Lo nuevo de Apple: iPhone 17, sus nuevos AirPods y Apple Watch. Nanobana, la nueva herramienta de edición con IA integrada en Gemini. Ucademy, la edutech que ayudan a los jóvenes a estudiar en el exterior.

HeroicStories
Can Malware Survive If I Reset My PC?

HeroicStories

Play Episode Listen Later Sep 6, 2025 10:06


Worried a reset won't wipe out malware? While it's technically possible for some infections to survive, it's extremely rare. Learn where malware can hide, which reset options are safest, and the extra steps you can take to ensure a truly clean and secure Windows reinstall.

The CyberWire
Hot sauce and hot takes: An Only Malware in the Building special. [OMITB]

The CyberWire

Play Episode Listen Later Sep 2, 2025 36:37


Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join ⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠DISCARDED⁠, along with ⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠⁠⁠, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full ⁠video⁠ edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hacking Humans
Hot sauce and hot takes: An Only Malware in the Building special. [OMITB]

Hacking Humans

Play Episode Listen Later Sep 2, 2025 36:37


Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join ⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠DISCARDED⁠, along with ⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠⁠⁠, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full ⁠video⁠ edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.

Random but Memorable
How to build a career in cybersecurity with Heath Adams | JOB HUNT BOT FATIGUE

Random but Memorable

Play Episode Listen Later Sep 2, 2025 68:29


Want to work in cybersecurity but don't know where to begin? Or just curious what it takes to break into the field? This week, we're joined by the internet's very own Heath Adams, better known as The Cyber Mentor. He demystifies the application process and what it takes to build a career in cybersecurity – no matter your background.

The Gate 15 Podcast Channel
Weekly Security Sprint EP 125. Hostile Events, AI driven Ransomware, and more!

The Gate 15 Podcast Channel

Play Episode Listen Later Sep 2, 2025 18:42


In this week's Security Sprint, Dave and Andy covered the following topics:Main Topics:Annunciation Catholic Church Attack • Minneapolis Suspect Knew Her Target, but Motive Is a Mystery• Shooter who opened fire on Minneapolis Catholic school posted rambling videos• Robin Westman: Minneapolis gunman was son of church employee• Robin Westman posted a manifesto on YouTube prior to Annunciation Church shooting• Minneapolis school shooter wrote “I am terrorist” and “Kill yourself” in Russian on weapon magazines and listened to Russian rappers• Minneapolis Catholic Church shooter mocked Christ in video before attack• Minneapolis school shooter 'obsessed with idea of killing children', authorities say• Minnesota Mass Shooter Steeped in Far-Right Lore, White Nationalist Murderers• In Secret Diaries, the Church Shooter's Plans for Mass Murder• Minneapolis church shooting search warrants reveal new details and evidence• 'There is no message': The search for ideological motives in the Minneapolis shooting• Minneapolis Church Shooting: Understanding the Suspect's Video• More Of Minnesota Shooter's Writings Uncovered: ‘Gender And Weed F***ed Up My Head'• Classmates say Minnesota school shooter gave Nazi salutes and idolized school shootings back in middle schoolHoax Active Shooter Reports• More than a dozen universities have been targeted by false active shooter reports• This Is the Group That's Been Swatting US Universities• FBI urges students to be vigilant amid wave of swatting hoaxesAI & Cyber Threats • The Era of AI-Generated Ransomware Has Arrived• Researchers flag code that uses AI systems to carry out ransomware attacks & First known AI-powered ransomware uncovered by ESET Research • Anthropic: Detecting and countering misuse of AI: August 2025• A quick look at sextortion at scale: 1,900 messages and 205 Bitcoin addresses spanning four yearsCountering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System• FBI warns Chinese hacking campaign has expanded, reaching 80 countries• Allied spy agencies blame 3 Chinese tech companies for Salt Typhoon attacks• UK NCSC: UK and allies expose China-based technology companies for enabling global cyber campaign against critical networksQuick Hits:• Storm-0501's evolving techniques lead to cloud-based ransomware • Why Hypervisors Are the New-ish Ransomware Target• FBI Releases Use-of-Force Data Update• Denmark summons US envoy over report on covert American ‘influence operations' in Greenland• Falsos Amigos• Surge in coordinated scans targets Microsoft RDP auth servers• Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424• Citrix patches trio of NetScaler bugs – after attackers beat them to it• U.S., Japan, and ROK Join Mandiant to Counter North Korean IT Worker Threats• US sanctions fraud network used by North Korean ‘remote IT workers' to seek jobs and steal money• H1 2025 Malware and Vulnerability Trends • The FDA just overhauled its COVID vaccine guidance. Here's what it means for you• 25 August 2025 NCSC, AFOSI, ACIC, NCIS, DCSA, FBI, ED, NIST, NSF bulletin • DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says• Blistering Wyden letter seeks review of federal court cybersecurity, citing ‘incompetence,' ‘negligence'• Email Phishing Scams Increasingly Target Churches

Thinking Crypto Interviews & News
The Hidden Dangers of Crypto Exchanges and Wallets Revealed! with Ido Ben-Natan

Thinking Crypto Interviews & News

Play Episode Listen Later Aug 29, 2025 36:23 Transcription Available


Ido Ben-Natan, co-founder and CEO of Blockaid, joined me to discuss how Blockaid is helping to secure billions of dollars in crypto.Topics: - Blockaid's security services for exchanges, wallets and more - Blockaid secured $50 million in Series B funding - Common attacks, hacks, and scams in crypto - Will AI Agents be a threat to crypto? - Gemini and Hashgraph integration - The future of crypto security Show Sponsor -

Destination Linux
434: Pebble Watch is Back! North Korea's Rootkit Malware! & Happy Birthday Linux!

Destination Linux

Play Episode Listen Later Aug 29, 2025 91:29


video: https://youtu.be/TtyYWQczQMw In this episode of Destination Linux, we explore everything from nostalgic tech making a comeback to cutting-edge security threats. Join us as we dive into the revival of the Pebble smartwatch, Google's latest Pixel devices and policies, Linux turning 34 with a surprising floppy disk update, and a deep dive into North Korean rootkit tactics with Sandfly Security's Craig Rowland. Plus, we've got community feedback, a handy software pick, and plenty of laughs along the way. Sponsored by Sandfly Security: the revolutionary agentless platform designed for Linux. Visit https://destinationlinux.net/sandfly to experience security that's not just effective but gives you peace of mind. No agents. No downtime. Just cutting-edge protection. Forum Discussion Thread (https://destinationlinux.net/forum) Download as MP3 (https://aphid.fireside.fm/d/1437767933/32f28071-0b08-4ea1-afcc-37af75bd83d6/b63beb51-4239-47df-a7d4-60f304b9e0f6.mp3) Support the show by becoming a patron at tuxdigital.com/membership (https://tuxdigital.com/membership) or get some swag at tuxdigital.com/store (https://tuxdigital.com/store) Hosted by: Ryan (DasGeek) = dasgeek.net (https://dasgeek.net) Jill Bryant = jilllinuxgirl.com (https://jilllinuxgirl.com) Michael Tunnell = michaeltunnell.com (https://michaeltunnell.com) Chapters: 00:00:00 Intro 00:02:14 Community Feedback: AI, Overtraining & Hallucinations 00:08:15 Swiss Army Knife Energy 00:13:14 Security Scoop with Sandfly Security 00:34:40 Pebble Watch Returns: Open-Source Revival 00:40:25 Pixel Watch 4: AI Perks, Polished? 00:47:31 Pixel 10 & Fold: Hardware Hype, Privacy Gripes 01:00:11 Linux Turns 34 01:03:56 Jill's First Distro: Slackware on 24 Floppies 01:05:56 Ryan's First Distro 01:08:52 Michael's First Distro 01:12:53 Floppy Disk Driver: Surprise Patch Update 01:15:37 Google AI: Helpful or Snoopy? 01:25:32 Software Pick: Wordbook 01:27:47 Support the Show 01:30:04 Outro Links: Community Feedback https://destinationlinux.net/comments (https://destinationlinux.net/comments) https://destinationlinux.net/forum (https://destinationlinux.net/forum) Security Scoop with Sandfly Security https://sandflysecurity.com/blog/leaked-north-korean-linux-stealth-rootkit-analysis (https://sandflysecurity.com/blog/leaked-north-korean-linux-stealth-rootkit-analysis) https://phrack.org/issues/72/7_md#article (https://phrack.org/issues/72/7_md#article) https://destinationlinux.net/sandfly (https://destinationlinux.net/sandfly) Pebble Watch Returns: Open-Source Revival https://repebble.com/ (https://repebble.com/) Pixel Watch 4: AI Perks, Polished? https://store.google.com/product/pixelwatch4?hl=en-US (https://store.google.com/product/pixel_watch_4?hl=en-US) Linux Turns 34 https://9to5linux.com/happy-34th-birthday-linux (https://9to5linux.com/happy-34th-birthday-linux) Floppy Disk Driver: Surprise Patch Update https://www.phoronix.com/news/Linux-Floppy-Disk-Cleanups-2025 (https://www.phoronix.com/news/Linux-Floppy-Disk-Cleanups-2025) https://youtu.be/4q4haMhvqCs (https://youtu.be/4q4haMhvqCs) Software Pick: Wordbook https://flathub.org/apps/dev.mufeed.Wordbook (https://flathub.org/apps/dev.mufeed.Wordbook) Support the Show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)

Business of Tech
AI Malware Detection by Microsoft; Rising Phishing Threats; Gartner's Urgent AI Integration Call

Business of Tech

Play Episode Listen Later Aug 27, 2025 14:54


Microsoft has launched Project IR, an advanced AI capable of reverse-engineering malware with a remarkable 90% accuracy rate. This autonomous agent utilizes a combination of large language models and specialized cybersecurity tools to identify threats effectively, achieving a low false positive rate of just 2%. Recent tests demonstrated its capability to analyze thousands of unclassified files and accurately flag a significant majority as malicious. However, as cybersecurity technology advances, so do the tactics of cybercriminals, with a notable increase in phishing attacks targeting managed service providers (MSPs), which now account for over half of all phishing incidents.The rise of AI-powered phishing and social engineering tactics has been highlighted in a recent Acronis report, revealing that 52% of phishing attacks are aimed at MSPs. Additionally, new research indicates that AI browsers may inadvertently assist scammers, as they can overlook red flags that human users would typically catch. A survey from One Password further emphasizes the challenges organizations face with the rapid adoption of AI tools, with many lacking visibility and control over these applications, leading to potential security vulnerabilities.Gartner has issued a warning to corporate leaders, stating that they have a limited timeframe to integrate AI agents into their operations or risk falling behind competitors. Despite the urgency, Gartner also acknowledges that a significant percentage of AI projects fail, raising concerns about the pressure vendors may place on businesses to adopt these technologies hastily. Meanwhile, XAI's claims regarding its Grok 2.5 model being open-sourced have been criticized as misleading, as the licensing terms impose restrictions that contradict open-source principles.In the realm of cybersecurity solutions, companies like SonicWall and VMware are introducing new tools and technologies to enhance security and operational efficiency. SonicWall has launched a new generation of firewalls with a unique cyber warranty, while VMware is focusing on ARM architecture to meet the growing demand for energy-efficient servers. However, the podcast emphasizes the importance of cutting through vendor noise and focusing on solutions that genuinely improve business operations, rather than getting caught up in marketing hype.Three things to know today 00:00 Microsoft's Project Ire Shows AI Can Catch Malware, But Attacks on MSPs Are Rising Faster06:36 AI Urgency, Open-Washing, and Federal Adoption: Sorting Hype From Reality10:09 From Billing Fixes to Firewalls and VMware's Arm Gamble: What Really Matters for MSPs   Supported by:  https://getnerdio.com/  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

LINUX Unplugged
629: Arch Enemies

LINUX Unplugged

Play Episode Listen Later Aug 25, 2025 78:19 Transcription Available


Arch is under fire, two weeks and counting. We'll break down the mess, and share a quick fix. Plus, the killer new apps we've just added to our homelabs.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

The CyberWire
When malware plays pretend. [Research Saturday]

The CyberWire

Play Episode Listen Later Aug 9, 2025 20:30


Nicolás Chiaraviglio, Chief Scientist from Zimperium's zLabs, joins to discuss their work on "Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed." Zimperium's zLabs team has been tracking an evolving banker trojan dubbed DoubleTrouble, which has grown more sophisticated in both its distribution and capabilities. Initially spread via phishing sites impersonating European banks, it now uses malicious APKs hosted in Discord channels, and boasts features like screen recording, keylogging, UI overlays, and app blocking—all while heavily abusing Android's Accessibility Services. Despite advanced obfuscation and dynamic evasion techniques, Zimperium's on-device detection tools have successfully identified both known and previously unseen variants, helping protect users from credential theft, financial fraud, and device compromise. Complete our annual ⁠⁠audience survey⁠⁠ before August 31. The research can be found here: ⁠Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed Learn more about your ad choices. Visit megaphone.fm/adchoices

Tech News Weekly (MP3)
TNW 399: OpenAI Announces GPT-5 - Chat GPT-5 Has Arrived

Tech News Weekly (MP3)

Play Episode Listen Later Aug 7, 2025 62:48


Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit