Podcasts about Malware

While our team is out on winter break, please enjoy this episode of Only Malware in the Building. Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join ⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠⁠DISCARDED⁠, along with  ⁠⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠⁠Qintel⁠⁠⁠⁠⁠⁠⁠⁠⁠, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full ⁠video⁠ edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.

Aujourd'hui revenons sur un sujet qui a passionné les lecteurs cette année et qui pourrait bien vous servir lors des repas de famille.En effet, si entre le fromage et le dessert, on vous demande un conseil simple et gratuit pour sécuriser un smartphone, vous pourrez désormais répondre avec assurance.Un petit redémarrage quotidienIl faut le redémarrer tous les jours. Et derrière cette astuce qui peut sembler anodine se cache en réalité une protection efficace contre des menaces de plus en plus sophistiquées.L'actualité récente de cette année l'a encore prouvé avec WhatsApp, qui a révélé une campagne de piratage utilisant un logiciel nommé Graphite, développé par la société Paragon Solutions.Le plus effrayant dans cette affaire, c'est la méthode utilisée. Il s'agit de l'attaque dite "zéro clic". Concrètement, la victime reçoit une pièce jointe, comme un simple PDF, et sans même avoir besoin de cliquer dessus ou de l'ouvrir, son téléphone est compromis.L'attaquant peut alors lire les messages, même chiffrés, à l'insu de l'utilisateur.Concurrence marketing entre les vendeurs de logiciels espionsDans cette affaire spécifique, WhatsApp a identifié environ 90 utilisateurs ciblés. Cela peut sembler peu, mais c'est probablement l'arbre qui cache la forêt.Car il existe désormais une véritable concurrence marketing entre les vendeurs de logiciels espions.Alors, quelles sont les conséquences pour vous et comment se protéger ? Et bien il faut traiter votre smartphone comme un ordinateur.Dès qu'un correctif est disponible chez Apple ou Google, installez-leC'est là que notre conseil du début prend tout son sens. Beaucoup de ces attaques, comme le tristement célèbre Pegasus, résident uniquement dans la mémoire vive de l'appareil et ne s'installent pas comme des fichiers classiques.Par conséquent, redémarrer votre téléphone quotidiennement permet, en théorie, de vider la mémoire et d'effacer le logiciel malveillant.Bien sûr, cela ne vous empêche pas d'être réinfecté par la suite. Mais cela complique considérablement la tâche des attaquants. Et dès qu'un correctif est disponible chez Apple ou Google, installez-le. C'est la seule façon de combler les vulnérabilités que ces logiciels exploitent.Le ZD Tech est sur toutes les plateformes de podcast ! Abonnez-vous !Hébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.

In this episode, James sits down with Silas Cutler, Principal Security Researcher at Census and founding member of Oni Scans, to explore his unconventional journey through threat intelligence and malware analysis. What happens when your first day as a SOC analyst takes down a Fortune 500 company—and Anonymous gets the credit? From accidentally causing international headlines to going undercover in ransomware gangs, Silas has built a career on creative problem-solving and community building. He's become Facebook friends with hackers he investigates, created Malshare (a community malware repository), and founded B-Sides Pyongyang—a security conference celebrating "Missile Industry Day" that started as a joke but attracted 490 attendees.

In this encore presentation of Unspoken Security Episode 32 (originally published on 3 April 2025), host AJ Nash sits down with Chris Birch, an intelligence practitioner with nearly 30 years of experience, to discuss the ever-evolving landscape of social engineering. Chris's unique perspective comes from leading teams that actively engage with threat actors, turning the tables on those who typically exploit vulnerabilities.Chris details how social engineering is simply human manipulation, a skill honed from birth. He explains how attackers leverage fear and greed, the fastest and cheapest ways to manipulate individuals. He also dives into how attacks have evolved, highlighting the dangers of increasingly sophisticated tactics like deepfakes and the blurring lines between legal and illegal applications of social engineering.The conversation also explores the crucial role of organizational culture in cybersecurity. Chris emphasizes that awareness, not just education, is key to defense. He advocates for sharing threat intelligence widely within organizations and across industries, empowering everyone to become a sensor against social engineering attempts. Chris also shares a surprising personal fear, offering a lighthearted end to a serious discussion.Send us a textSupport the show

In today's episode, we dig into the Electronic Frontier Foundation's annual Breachies, highlighting some of the year's most avoidable, eye-opening, and sometimes head-shaking data breaches. From companies collecting far more data than they need to third-party missteps and quiet misconfigurations, the Breachies offer a revealing look at how familiar privacy failures keep repeating—and why they matter for users. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's we have a CyberWire holiday favorite: The 12 Days of Malware — with Dave and a lineup of cybersecurity friends gleefully rewriting The 12 Days of Christmas to celebrate malware, mishaps, and life online, one verse at a time. Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Jason Taule, CISO, Luminis Health, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com. All links and the video of this episode can be found on CISO Series.com

Kurz vorm Weihnachtsfest beglücken wir Euch mit ein paar aufmunternden Themen: verstörte AI-Systeme, die versuchen eine Firma zu führen, das Ende von Windows 10, neue Malware und ein paar Gedanken zum kommenden AI- und Drohnenkrieg. Das wiegt Euch sicherlich behutsam in den Schlaf. Frohe Weihnachten.

Recent Windows updates break RemoteApp connections France arrests threat actors for installing malware on Italian ferry Senate Intel chair urges safeguard against open-source software threats  Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Security training fails when it's generic. Adaptive's platform personalizes training and runs deepfake simulations across email, SMS, voice, and video. And with Adaptive's AI Content Creator, you can drop in a breaking threat or compliance doc and instantly turn it into interactive, multilingual training – no designers, no delays. Learn more at adaptivesecurity.com. Find the stories behind the headlines at CISOseries.com.

O episódio apresenta uma longa entrevista com Maria Cristina Santos, autodidata em computação, analista de malware, estudante de Direito e entusiasta de segurança digital, que relata sua trajetória iniciada pela curiosidade após um vírus no primeiro computador, passando por sua atuação de cerca de dez anos no fórum Linha Defensiva, onde ajudou milhares de usuários e enfrentou desafios marcantes como trojans bancários brasileiros. Ela discute erros recorrentes dos usuários, especialmente a engenharia social, oferece dicas práticas de segurança digital (como evitar Wi-Fi público e usar senhas fortes), analisa criticamente o papel da inteligência artificial, mais como facilitadora de ataques do que de defesa, comenta ameaças atuais como ransomware, reflete sobre questões de privacidade, compartilha histórias curiosas de análise de malware e aborda os desafios de gênero na área de tecnologia. Ao final, deixa um recado claro para quem está começando, especialmente mulheres: a chave para conquistar espaço na tecnologia é estudar continuamente, se qualificar e não ter medo de ocupar esse campo.Entrevistadoras: Fernanda Santos e Andreia Vasconcelos Farias Episódio 133 do Emílias Podcast - Mulheres na ComputaçãoEdição: Carolina Ferreira

Referências do EpisódioSonicWall SMA1000 appliance local privilege escalation vulnerabilityCVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day ExploitedSonicWall warns of actively exploited flaw in SMA 100 AMCUAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web ManagerCISA Adds Three Known Exploited Vulnerabilities to CatalogOperation ForumTroll continues: Russian political scientists targeted using plagiarism reportsGachiLoader: Defeating Node.js Malware with API TracingRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Christmas holiday cybercrime is back in focus—but this time, Reimagining Cyber goes deeper than scams and suspicious messages. In a previous episode, we explored the holiday threat landscape from the victim's point of view: phishing emails, fake delivery notices, and gift-card fraud. In this episode, cybersecurity expert Tyler Moffitt shift perspectives to what most people never see—the malware and criminal infrastructure that make those scams possible in the first place.The conversation dives into info stealers as the foundation of modern cybercrime, including a new malware-as-a-service offering dubbed “SantaStealer.” Tyler explains how stolen credentials and session tokens quietly enable account takeovers, fraud, and abuse at scale—often weeks before any scam ever reaches a user's inbox. You'll also learn why these threats spike during the holidays, how attackers bypass MFA without phishing, and what defenders should be prioritizing beyond traditional email security.If the last episode covered what holiday scams look like, this one explains how they're powered—and why the real compromise often happens long before anyone realizes they've been targeted.It's 5 years since Reimagining Cyber began. Thanks to all of our loyal listeners!As featured on Million Podcasts' Best 100 Cybersecurity Podcasts Top 50 Chief Information Security Officer CISO Podcasts Top 70 Security Hacking Podcasts This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best! Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

⬥EPISODE NOTES⬥Modern application development depends on open source packages moving at extraordinary speed. Paul McCarty, Offensive Security Specialist focused on software supply chain threats, explains why that speed has quietly reshaped risk across development pipelines, developer laptops, and CI environments.JavaScript dominates modern software delivery, and the npm registry has become the largest package ecosystem in the world. Millions of packages, thousands of daily updates, and deeply nested dependency chainsഴ് often exceeding a thousand indirect dependencies per application. That scale creates opportunity, not only for innovation, but for adversaries who understand how developers actually build software.This conversation focuses on a shift that security leaders can no longer ignore. Malicious packages are not exploiting accidental coding errors. They are intentionally engineered to steal credentials, exfiltrate secrets, and compromise environments long before traditional security tools see anything wrong. Attacks increasingly begin on developer machines through social engineering and poisoned repositories, then propagate into CI pipelines where access density and sensitive credentials converge.Paul outlines why many existing security approaches fall short. Vulnerability databases were built for mistakes, not hostile code. AppSec teams are overloaded burning down backlogs. Security operations teams rarely receive meaningful telemetry from build systems. The result is a visibility gap where malicious code can run, disappear, and leave organizations unsure what was touched or stolen.The episode also explores why simple advice like “only use vetted packages” fails in practice. Open source ecosystems move too fast for manual approval models, and internal package repositories often collapse under friction. Meanwhile, attackers exploit maintainer accounts, typosquatting domains, and ecosystem trust to reach billions of downstream installations in a single event.This discussion challenges security leaders to rethink how software supply chain risk is defined, detected, and owned. The problem is no longer theoretical, and it no longer lives only in development teams. It sits at the intersection of intellectual property, identity, and delivery velocity, demanding attention from anyone responsible for protecting modern software-driven organizations.⬥GUEST⬥Paul McCarty, NPM Hacker and Software Supply Chain Researcher  | On LinkedIn: https://www.linkedin.com/in/mccartypaul/⬥HOST⬥Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥RESOURCES⬥LinkedIn Post: https://www.linkedin.com/posts/mccartypaul_i-want-to-introduce-you-to-my-latest-project-activity-7396297753196363776-1N-TOpen Source Malware Database: https://opensourcemalware.comOpenSSF Scorecard Project: https://securityscorecards.dev⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

⬥EPISODE NOTES⬥Modern application development depends on open source packages moving at extraordinary speed. Paul McCarty, Offensive Security Specialist focused on software supply chain threats, explains why that speed has quietly reshaped risk across development pipelines, developer laptops, and CI environments.JavaScript dominates modern software delivery, and the npm registry has become the largest package ecosystem in the world. Millions of packages, thousands of daily updates, and deeply nested dependency chainsഴ് often exceeding a thousand indirect dependencies per application. That scale creates opportunity, not only for innovation, but for adversaries who understand how developers actually build software.This conversation focuses on a shift that security leaders can no longer ignore. Malicious packages are not exploiting accidental coding errors. They are intentionally engineered to steal credentials, exfiltrate secrets, and compromise environments long before traditional security tools see anything wrong. Attacks increasingly begin on developer machines through social engineering and poisoned repositories, then propagate into CI pipelines where access density and sensitive credentials converge.Paul outlines why many existing security approaches fall short. Vulnerability databases were built for mistakes, not hostile code. AppSec teams are overloaded burning down backlogs. Security operations teams rarely receive meaningful telemetry from build systems. The result is a visibility gap where malicious code can run, disappear, and leave organizations unsure what was touched or stolen.The episode also explores why simple advice like “only use vetted packages” fails in practice. Open source ecosystems move too fast for manual approval models, and internal package repositories often collapse under friction. Meanwhile, attackers exploit maintainer accounts, typosquatting domains, and ecosystem trust to reach billions of downstream installations in a single event.This discussion challenges security leaders to rethink how software supply chain risk is defined, detected, and owned. The problem is no longer theoretical, and it no longer lives only in development teams. It sits at the intersection of intellectual property, identity, and delivery velocity, demanding attention from anyone responsible for protecting modern software-driven organizations.⬥GUEST⬥Paul McCarty, NPM Hacker and Software Supply Chain Researcher  | On LinkedIn: https://www.linkedin.com/in/mccartypaul/⬥HOST⬥Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥RESOURCES⬥LinkedIn Post: https://www.linkedin.com/posts/mccartypaul_i-want-to-introduce-you-to-my-latest-project-activity-7396297753196363776-1N-TOpen Source Malware Database: https://opensourcemalware.comOpenSSF Scorecard Project: https://securityscorecards.dev⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

In this episode of Cybersecurity Today, host David Shipley discusses significant developments in the cybersecurity landscape. Apple releases security updates to address two actively exploited WebKit vulnerabilities. Scammers manipulate AI-powered search tools to recommend fake support numbers, reflecting a growing security risk. Bitdefender uncovers malware hidden in torrent subtitles for the movie 'One Battle After Another.' Lastly, an AI named Artemis outperforms human penetration testers in a Stanford hacking experiment, highlighting the evolving role of AI in cybersecurity. Also included are insights on the implications of these events for future cybersecurity challenges. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:52 Apple's Urgent Security Updates 03:24 AI-Powered Scams: A Growing Threat 06:59 Malware Hidden in Torrents 10:03 AI Outperforms Human Pen Testers 13:25 Conclusion and Contact Information

Join us for this week's Defender Fridays as we explore the reality of AI-powered malware threats with Randy Pargman, Senior Director of Threat Detection at Proofpoint.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.In this episode, Randy challenges the hype around AI-powered polymorphic malware and examines how threat actors actually operate in practice. He discusses why defenders should focus on real-world threats rather than theoretical sophisticated attacks.Key Topics:The gap between AI malware hype and practical realityWhy threat actors prefer simple, effective methods over sophisticated techniquesThe prevalence of legitimate RMM tools in modern attacksBuilding practical detection strategies for actual threatsLessons from physical security that apply to cybersecurity defenseRandy Pargman is Senior Director of Threat Detection at Proofpoint, where he leads detection engineering, sandbox development, and threat actor tracking initiatives. Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

In this episode of Unspoken Security, host AJ Nash sits down with Zoë Rose, SecOps Manager at Canon EMEA. They explore the real-world barriers to building effective incident response programs and discuss why so many organizations struggle to move beyond reactive firefighting.Zoë shares her perspective from both consulting and in-house roles, pointing out that most incident response teams are overwhelmed, under-resourced, and stuck dealing with basics that never get fixed. She explains why expensive tools and new technology often miss the mark when organizations skip foundational work—like asset inventories, clear policies, and tuned alerts. Zoë urges listeners to focus on practical steps, such as documenting processes, improving communication, and building trust between technical teams and business leaders.Throughout the conversation, Zoë breaks down how real change happens: by investing in people, closing skills gaps, and fostering a culture where mistakes drive learning instead of blame. The episode ends with a reminder that effective security is not about quick fixes or flashy tools, but about honest assessment, teamwork, and steady improvement.Send us a textSupport the show

Tens of thousands of New Zealanders have been sent an unprecedented email from our National Cyber Security Centre. It's emailed 26,000 addresses warning malicious software, called Lumma Stealer, could have infected their devices. It's designed to steal sensitive information - and some stolen passwords are connected to Government agency systems and bank accounts. Aura Information Manager, Patrick Sharp, says international partners revealed the threat to our cyber security centre. He explained that presumably means an agency's uncovered a trove of stolen data and alerted the NCSC about the email addresses of concern. LISTEN ABOVESee omnystudio.com/listener for privacy information.

-Shortly after rumors of a deal between the two media giants broke, Netflix has announced it is buying Warner Bros., HBO and HBO Max for approximately $82.7 billion. If approved, the deal will take place after Warner Bros. has disentangled itself from both its legacy cable -Hackers with links to China reportedly successfully infiltrated a number of unnamed government and tech entities using advanced malware. As reported by Reuters, cybersecurity agencies from the US and Canada confirmed the attack, which used a backdoor known as “Brickstorm” to target organizations using the VMware vSphere cloud computing platform -Russia's federal agency for monitoring and censoring mass media, has blocked access to Snapchat and FaceTime in the country, Bloomberg reports, citing Russian news service Interfax. The bans were reportedly put in place because the platforms were used "to organize and carry out terrorist acts,” and commit fraud Learn more about your ad choices. Visit podcastchoices.com/adchoices

Episodio 883 de Contralínea En Vivo conducido por Nancy Flores y Aníbal García: -FGR investiga presunto soborno a Peña Nieto de empresas ligadas al ‘malware' Pegasus- Transmisión 09 de julio de 2025 CONTRALÍNEA EN VIVO se transmite de lunes a viernes a partir de las 10:00hrs (hora del centro de México) a través de Facebook live, YouTube y Telegram. La MESA DE ECONOMÍA POLÍTICA se trasmite todos los lunes a partir de las 14:00hrs. Nuestro programa de análisis, AMÉRICA INSUMISA, se trasmite los martes a partir de las 14hrs. AGENDA DE SEGURIDAD NACIONAL es los miércoles a partir de las 14:00hrs Estamos en Facebook, YouTube, Twitter, TikTok, Instagram, Whatsapp y Telegram como Contralínea. Escúchanos en Spotify, Apple Podcast e Ivoox como Contralínea Audio.

SmartTube Android App Compromise The key a developer used to sign the Android YouTube player SmartTube was compromised and used to publish a malicious version. https://github.com/yuliskov/SmartTube/issues/5131#issue-3670629826 https://github.com/yuliskov/SmartTube/releases/tag/notification Two Years, 17K Downloads: The NPM Malware That Tried to Gaslight Security Scanners Over the course of two years, a malicious NPM package was updated to evade detection and has now been identified, in part, due to its attempt to bypass AI scanners through prompt injection. https://www.koi.ai/blog/two-years-17k-downloads-the-npm-malware-that-tried-to-gaslight-security-scanners Stored XSS Vulnerability via SVG Animation, SVG URL, and MathML Attributes Angular fixed a store XSS vulnerability. https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49

Danny Jenkins — Founder of ThreatLocker and the Zero-Trust RevolutionDanny Jenkins is the CEO of ThreatLocker, the leading cybersecurity company that he built alongside his wife. Hosts Jack Clabby of Carlton Fields, P.A., and Kayley Melton of the Cognitive Security Institute follow Danny's journey from a scrappy IT consultant to leading one of the fastest-growing cybersecurity companies in the world.Danny shares the moment everything changed: watching a small business nearly collapse after a catastrophic ransomware attack. That experience reshaped his mission and ultimately sparked the creation of ThreatLocker. He also reflects on the gritty early days—cold-calling from his living room, coding through the night, and taking on debt before finally landing their first $5,000 customer.Danny explains the origins of Zero Trust World, his passion for educating IT teams, and why adopting a hacker mindset is essential for modern defenders.In the Lifestyle Polygraph, Danny relates his early “revenge tech” against school bullies, the place he escapes to when celebrating big wins, and the movie franchise he insists is absolutely a Christmas classic.Follow Danny on LinkedIn: https://www.linkedin.com/in/dannyjenkins/ 00:00 Introduction to Cybersecurity and ThreatLocker02:26 The Birth of ThreatLocker: A Personal Journey05:42 The Evolution of Zero Trust Security08:35 Real-World Impact of Cyber Attacks11:25 The Importance of a Hacker Mindset14:46 The Role of SOC Teams in Cybersecurity17:34 Building a Culture of Security20:23 Hiring for Passion and Skill in Cybersecurity23:44 Understanding Zero Trust: Trust No One26:32 Lifestyle Polygraph: Personal Insights and Fun29:41 Conclusion and Future of ThreatLocker

Im Podcast kränkelt's: Bei Cloudflare gab es einen dreistündigen Schluckauf, der Co-Host hat Hustenanfälle und Würmer befielen mal wieder NPM. Christopher und Sylvester schauen sich ausgiebig an, was die zweite Ausgabe der Javascript-Schadsoftware "Sha1-Hulud" anders macht als die erste und befassen sich auch noch einmal mit "Glassworm", einem Thema der letzten Folgen. Dort ist im Nachhinein unklar, ob es sich tatsächlich um einen Wurm handelt oder vielleicht eher ein Botnet, wie Christopher mutmaßt. Doch auch der dreistündige Ausfall bei Cloudflare steht auf der Tagesordnung - mit ungewohnt viel Lob der Hosts! - und ob Whatsapp wirklich das größte Datenleck der Geschichte hatte, ergründen die beiden heise-Redakteure ebenfalls. - Cloudflare zum Ausfall am 18. November: https://blog.cloudflare.com/18-november-2025-outage/ - Threema zum WhatsApp-Scraping: https://threema.com/de/blog/whatsapp-datenleck-2025 - Trend Micros technische Analyse von Shai Hulud 2.0: https://www.trendmicro.com/en_us/research/25/k/shai-hulud-2-0-targets-cloud-and-developer-systems.html - Expel zu Cache Smuggling: https://expel.com/blog/cache-smuggling-when-a-picture-isnt-a-thousand-words/ - Folgt uns im Fediverse: - @christopherkunz@chaos.social - @syt@social.heise.de

Given the spate of recent npm news stories, we've arranged a topical show with software supply-chain security researcher and npm hacker Paul McCarty (find Paul on bsky https://bsky.app/profile/6mile.githax.com) . Paul is currently a researcher with Safety (https://getsafety.com/) and has a background in security including work at John Deere, Boeing, Regence Blue Cross/Blue Shield, NASA Jet Propulsion Lab, the US Army, and the Queensland Government. He's also spent twenty some odd years helping startups with security practices, and is a maintainer of the Open Source Malware project. In addition, Paul has been long time friend of the show, contributing his insights to the Absolute AppSec community slack in addition to frequently writing up his research at the SourceCode RED blog: https://sourcecodered.com/blog.

It's time to dive into the history of Gmail... but it didn't start with Google at all... In fact, it started very differently... Purrfectly, some might say. On this episode we discuss the strange phenomenon of Garfield Mail, the original Gmail. Then we pitch some ideas for making email better, reminisce about products from Google's past, get into movies in the MouthGarf Report, and play a rousing game of I See What You Did There.Sources:https://gizmodo.com/the-original-gmail-was-garfield-mail-1822970617https://historyandmystery.org/interesting-history/the-first-gmail-was-associated-with-garfield-the-cat/https://www.cracked.com/article_28656_4-wtf-tales-from-early-days-internet.htmlPlease give us a 5 star rating on Apple Podcasts! Want to ask us a question? Talk to us! Email debutbuddies@gmail.comListen to the archives of Kelly and Chelsea's awesome horror movie podcast, Never Show the Monster.Get some sci-fi from Spaceboy Books.Get down with Michael J. O'Connor and the Cold Family and check out his new compilation The Best of the Bad Years 2005 - 2025Next time: First Presidential Convention in Arkansas 

Jacques Boschung, CEO of Halborn, sat down with me at Chainlink SmartCon to discuss how the firm is helping institutions to secure their crypto and blockchain applications.Brought to you by

Please enjoy this encore of Only Malware in the Building. Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is ⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠⁠⁠⁠DISCARDED⁠⁠⁠⁠⁠. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by her co-hosts ⁠⁠⁠⁠⁠N2K Networks⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠Keith Mularski⁠⁠⁠⁠, former FBI cybercrime investigator and now Chief Global Ambassador at ⁠⁠⁠⁠Qintel⁠⁠⁠⁠. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we explore what makes information sharing actually work. From public-private partnerships to actionable intelligence, our guests discuss how organizations can prioritize, process, and operationalize shared cyber threat data to stay ahead of emerging risks. Plus, catch Dave, Selena, and Keith on their road trip adventure in our video on ⁠⁠YouTube⁠⁠ — full of laughs, unexpected detours, and plenty of sleuthing! Learn more about your ad choices. Visit megaphone.fm/adchoices

What happens when malware stops behaving like malware and starts behaving more like a living digital organism. In this episode of The Healthier Tech Podcast, we break down Google's latest discovery: malicious software that can rewrite its own code using artificial intelligence while it is already running on your device. This one shift turns a predictable threat into something far more flexible and far harder to detect. We walk through how traditional malware works and why this new generation breaks every rule cybersecurity has relied on for decades. You will learn what makes self-modifying code so disruptive and why Google calls this a new phase of artificial intelligence abuse. You will hear about Promptflux, the first known malware that asks an artificial intelligence model to rewrite it in real time. We also explore four other experimental malware families highlighted in Google's report, including versions designed to steal files, open backdoors, gather system data, and search for passwords. Each one shows how hackers are beginning to use artificial intelligence to scale their attacks. This episode explains, in simple language, how these threats operate and why they matter for everyday users who want healthier, safer relationships with their devices. We cover how Google and DeepMind are trying to counter this trend and what this new category of evolving malware means for digital wellness, privacy, and personal tech hygiene. If you care about digital safety, tech balance, or keeping your devices healthy, this is a must-listen. This episode connects the dots between cybersecurity and wellness in a way that is clear, practical, and relevant for anyone who uses technology daily. For more episodes on digital wellness, healthy tech habits, and staying informed in a fast moving tech world, make sure to subscribe and tune in. This episode is brought to you by Shield Your Body—a global leader in EMF protection and digital wellness. Because real wellness means protecting your body, not just optimizing it. If you found this episode eye-opening, leave a review, share it with someone tech-curious, and don't forget to subscribe to Shield Your Body on YouTube for more insights on living healthier with technology.

In this episode, the host addresses a previous mistake in naming a company involved in a breach, correcting SitusAMC for Ascensus, and extends apologies. Key topics include US banks assessing a breach fallout from financial tech vendor SitusAMC, ransomware group CioP targeting Broadcom through Oracle's vulnerabilities, a new malware campaign hiding in Blender 3D models named SteelC, supply chain attacks in the JavaScript ecosystem through NPM packages with Shai-Hulud malware, and a phishing scam using lookalike domains to deceive Microsoft account holders. Listeners are reminded to manually type URLs to avoid phishing scams, and are informed about the Thanksgiving weekend schedule change. 00:00 Introduction and Apology 01:26 Cybersecurity Headlines 02:13 US Banks Data Theft Incident 03:44 Broadcom and Oracle ERP Breach 05:29 Blender Malware Campaign 07:45 Shai-Hulud NPM Package Attack 09:41 Phishing Campaign Targeting Microsoft Accounts 11:39 Final Thoughts and Thanksgiving Wishes

In this episode of Unspoken Security, host AJ Nash sits down with CharlotteGuiney, Cyber Threat Intelligence Manager at Toyota Financial Services. Theyexplore what it takes to build threat intelligence programs that work for bothsecurity teams and the wider business. Charlotte cuts through the noise,stressing that buy-in is step one—and that it's often the hardest step. Sheshares how understanding internal customers and their priorities leads toearly wins, which are key to building trust and showing the value ofintelligence.Charlotte explains that not every organization needs the same level ofmaturity. Small companies might only need basic monitoring, while largerenterprises face more complex challenges. She notes that successfulprograms link intelligence to business needs, not just security threats. Thisapproach helps teams prioritize what matters most and communicate risk inways business leaders understand.The conversation also dives into the future of threat intelligence. Charlottesees a growing role for automation and AI, especially for basic tasks, butbelieves people are still needed to bridge gaps and build relationships acrossthe business. She closes with a reminder to keep things in perspective,echoing a lesson from her childhood at clown camp: sometimes you need tostep back and find humor, even in serious work.Send us a textSupport the show

AWS outage botnet smacks 28 countries LLMs help malware authors evade detection Anthropic questioned over Claude espionage Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problem—it's a human one.   That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization.   With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of HRM+ today at knowbe4.com.

???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — Stressed about lithium batteries04:59 - Shai-Hulud malware leaks secrets on GitHub – BHIS - Talkin' Bout [infosec] News 2025-17-2405:57 - Story # 1: Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub11:19 - Story # 2: CrowdStrike catches insider feeding information to hackers15:50 - Story # 3: Fidelity sues Broadcom over access to key software to avoid outages22:17 - Story # 4: NetApp sues former CTO for alleged data breach26:49 - Story # 5: CrowdStrike Research: Security Flaws in DeepSeek-Generated Code Linked to Political Triggers36:05 - Story # 6: A major Cloudflare outage took down large parts of the internet - X, ChatGPT and more were affected, but all recovered now37:11 - Story # 6b: Cloudflare outage on November 18, 202541:43 - Story # 7: Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt46:35 - Story # 8: This Hacker Conference Installed a Literal Antivirus Monitoring System51:10 - Story # 10: Microsoft to integrate Sysmon directly into Windows 11, Server 202556:41 - Story # 9: Crypto and Carcasses: Undercover Sting Recovers $700K in Bitcoin Miners, Foils $75K Frozen Turkey Heist

CISA warns of spyware targeting messaging apps. CodeRED, this is not a test. Infostealer campaign spreads via malicious Blender files. Shai-Hulud's second coming. Real estate finance firm SitusAMC investigates breach. Dartmouth College discloses Oracle EBS breach. Dave Bittner is joined by Tim Starks, Senior reporter from CyberScoop, to discuss the Trump administration's upcoming cyber strategy. And tis the season for deals — and digital deception. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Dave Bittner is joined by Tim Starks, Senior reporter from CyberScoop, to discuss the Trump administration's upcoming cyber strategy. Read Tim's piece on the topic “Completed draft of cyber strategy emphasizes imposing costs, industry partnership”. Selected Reading ​​Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications​ (CISA) CodeRED cyber attack leaves emergency notification system down, exposes user data (First Alert 4) Morphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious .blend Files (Morphisec) Shai-Hulud's Second Coming: NPM Malware Attack Evolved (Checkmarx) SitusAMC confirms breach of client data after cyberattack (The Register) Clop's Oracle EBS rampage reaches Dartmouth College (The Register) 2025 Retail Holiday Threat Report: Scams and Impersonation Attacks Targeting Retailers (BforeAI) The data privacy costs of Black Friday bargains: 100 Black Friday apps analyzed (Comparitech) 2025 Ransomware Holiday Risk Report (Semperis) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Word Notes. Malware, in the guise of ransomware, that destroys data rather than encrypts. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pseudoransomware⁠ Audio reference link: “⁠Some Men Just Want to Watch the World Burn | the Dark Knight⁠,” by YouTube, 2 November 2019.

Please enjoy this encore of Word Notes. Malware, in the guise of ransomware, that destroys data rather than encrypts. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/pseudoransomware⁠ Audio reference link: “⁠Some Men Just Want to Watch the World Burn | the Dark Knight⁠,” by YouTube, 2 November 2019. Learn more about your ad choices. Visit megaphone.fm/adchoices

The rise of artificial intelligence (AI) in cyber attacks is prompting small and medium-sized businesses (SMBs) to adopt managed detection and response (MDR) services and explore autonomous security operations centers (SOCs). Research from TechAisle indicates that awareness of MDR among SMBs increased from 39% in 2023 to 61% in 2025, with 89% of mid-market firms prioritizing cyber resilience. This shift is driven by the need for effective security operations that do not rely on in-house expertise, as AI-driven threats evolve faster than traditional defenses can respond.A report from UpGuard highlights the prevalence of shadow AI, revealing that 68% of security leaders use unauthorized AI tools, with 90% of them bypassing corporate governance. This disconnect between security protocols and employee behavior underscores the need for organizations to adapt their governance strategies. Additionally, a significant cyber attack attributed to a Chinese state-sponsored group demonstrated AI's capability to autonomously conduct reconnaissance and data exfiltration, marking a shift in threat actor tactics.Retail executives are increasingly concerned about their employees' ability to identify genuine cyber threats, with 44% reporting a rise in cyber attacks. Despite this awareness, only 25% feel prepared for AI-driven incidents. The report emphasizes the necessity for retailers to adopt a resilience-focused approach, including improved application security and identity controls, to mitigate risks associated with sophisticated cyber threats. This highlights a broader trend across industries where reliance on employee training alone is insufficient to combat evolving threats.For Managed Service Providers (MSPs), these developments present both challenges and opportunities. The increasing complexity of cyber threats necessitates a shift towards operational models that prioritize continuous verification and behavioral analysis over traditional detection methods. MSPs can leverage this moment to guide organizations in developing effective cybersecurity strategies that address the preparedness gap, ensuring that clients are equipped to handle the evolving landscape of AI-driven attacks. Four things to know today00:00 AI-Powered Attacks Accelerate as SMB Security Transitions Toward Autonomous SOC Models, Exposing a Governance Gap Around Shadow AI06:43 Retail Executives Report Rising AI-Driven Threats and Low Preparedness, Underscoring the Shift from User Training to Resilience08:50 Stealthier North Korean Campaigns and a Fragmented Ransomware Ecosystem Signal Rising Detection Challenges for MSPs11:49 Cork's New Vantage Platform Targets Unified MSP Risk Validation — But Its Visibility Metrics Demand Scrutiny This is the Business of Tech.     Supported by:  https://mailprotector.com/mspradio/

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Google's Threat Intelligence Group has observed a significant shift in 2025, threat actors are no longer using AI to just speed up operations, they are now integrating LLMs directly into the malware.Unit 42 has identified a previously undocumented Android spyware family, named LandFall, discovered during an investigation into iOS exploit chains involving malicious DNG images.Microsoft's November Patch Tuesday rollout includes fixes for over 60 vulnerabilities, one of which is a zero-day privilege escalation flaw in the Windows kernel that has already been exploited in the wild.Former executive at L3Harris Trenchant, Peter Williams, has pleaded guilty in U.S. federal court to selling 8 trade secrets valued at over 1.3 million to a Russian-based software broker involved in the zero-day exploit market.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

What really happens during a cyber attack? Not the Hollywood version — the real one. The kind businesses experience every single day when a single compromised password, phishing email, or zero-day vulnerability ignites a full-scale crisis.In this full episode, we take you inside the anatomy of a real data breach with digital first responders from NetGain Technologies — the cybersecurity professionals who live inside ransomware events, Business Email Compromise (BEC) incidents, and wire-fraud attacks every week.You'll see how attacks start, how fast they spread, what attackers do once they're inside your email, and the exact steps that decide whether a company recovers… or collapses.What You'll Learn: • How a phishing email turns into credential theft and internal compromise • Why Business Email Compromise (BEC) is now the #2 most expensive breach type • The tricks attackers use to hide inside inboxes and impersonate executives • How wire transfer fraud really happens — and how the 2-person rule stops it • What zero-days look like in the wild (and why patches aren't enough) • The role of MFA, phishing-resistant MFA, email controls, and layered security • Why backups must be immutable, air-gapped, and isolated • How incident response teams contain malware without destroying evidence • When to call cyber insurance, law enforcement, and breach counsel • The IR playbook: detection → containment → communication → forensics → recovery • Why every business — no matter how small — IS a target⌚ CHAPTERS 00:00 – Intro: What BEC Really Looks Like Today 03:42 – How One Email Starts the Attack Chain 11:20 – Why Finance Teams Are Target #1 19:05 – The Social Engineering Playbook 27:48 – Live Breakdown of a Real BEC Incident 38:22 – What Happens During Wire Fraud Recovery 46:10 – Technical Controls That Actually Work 55:36 – How to Build a No-NonsSend us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show

As AI systems start rewriting their own code and sanitising negative news about themselves, the line between control and autonomy is blurring. In this episode of TechMagic, hosts Cathy Hackl and Lee Kebler explore the unsettling rise of AI self-management, Google's growing edge over OpenAI through real-world data, and the “AI slop spiral” threatening to degrade the entire internet. They also examine malware that now uses AI to rewrite its own code, an alarming glimpse into adversarial AI. The episode also includes Cathy's exciting interview with Myles Slayton, CEO of Cerca Dating, to explore how mutual-based dating is redefining online connections through trust and community. From Gen Z's new dating habits to the irreplaceable value of human imperfection, this episode dives deep into what's next for both AI and authenticity.Come for the tech, and stay for the magic!Myles Slayton BioMyles Slayton is the 23-year-old Co-founder and CEO of Cerca Dating, a mutuals-based dating app revolutionizing how Gen Z approaches online dating. A Georgetown University graduate, Miles founded Circa to address the fatigue and safety concerns plaguing traditional dating applications. With a mission to connect users through trusted friend networks rather than algorithms, Cerca has rapidly scaled to approximately 100,000 users while maintaining a healthy 60%+ female user base.Myles Slayton on LinkedInKey Discussion Topics: 00:00:00 Intro00:06:09 ChatGPT's Automatic Headline Sanitization Exposed00:14:32 The "Dog Eating Its Own Barf" Problem in AI Training00:18:02 Google Wins the AI War with Real-World Data Access00:24:23 OnlyFans Monetization Model & Vylit App Launch00:26:19 The Death of Traditional Dating Apps00:32:02 Circa: The Mutuals-Based Dating App Revolution00:33:21 Cuffing Season 2.0 and Gen Z Dating Trends00:39:15 Trust, Safety & Reputation-Based Dating00:43:50 Why AI Cannot Replicate Human Chemistry00:49:06 Roblox Abuse Lawsuit and Platform Safety Issues00:53:33 AI-Powered Malware Rewriting Its Own Code00:55:03 TEDx Atlanta and the Future of Creativity00:57:50 "Humanity is the Moat Around the Machines"00:58:50 Cathy's Gulf States Roadshow & CES 2025 Plans01:01:4 What We're Watching: Pluribus & The Spatial Race01:02:16 Key Takeaways & Final Thoughts Hosted on Acast. See acast.com/privacy for more information.

This week we have AI-Obfuscating Malware, China Influence Ops, and Meta's Fraud Fortune, Jason Wood, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-527

This week we have AI-Obfuscating Malware, China Influence Ops, and Meta's Fraud Fortune, Jason Wood, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-527

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

Happy Halloween from the team at N2K Networks! We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video ⁠here⁠. Lyrics I was coding in the lab late one night when my eyes beheld an eerie sight  for my malware threat score began to rise  and suddenly to my surprise... It did the Mash  It did the Malware Mash  The Malware Mash  It was a botnet smash  It did the Mash  It caught on 'cause of Flash  The Malware Mash  It did the Malware Mash From the Stuxnet worm squirming toward the near east  to the dark web souqs where the script kiddies feast  the APTs left their humble abodes  to get installed from rootkit payloads.  They did the Mash  They did the Malware Mash  The Malware Mash  It was an adware smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They did the Malware Mash The botnets were having fun  The DDoS had just begun  The viruses hit the darknet,  with ransomware yet to come.  The keys were logging, phishing emails abound,  Snowden on chains, backed by his Russian hounds.  The Shadow Brokers were about to arrive  with their vocal group, "The NotPetya Five." They did the Mash  They played the Malware Mash The Malware Mash  It was a botnet smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They played the Malware Mash Somewhere in Moscow Vlad's voice did ring  Seems he was troubled by just one thing.  He opened a shell then shook his fist  and said, "Whatever happened to my Turla Trojan twist."  It's now the Mash  It's now the Malware Mash  The Malware Mash  And it's a botnet smash  It's now the Mash  It caught on 'cause of Flash  The Malware Mash  It's now the Malware Mash Now everything's cool, Vlad's a part of the band  And the Malware Mash is the hit of the land.  For you, defenders, this mash was meant to  when you get to my door, tell them Creeper sent you. Then you can Mash  Then you can Malware Mash  The Malware Mash  And be a botnet smash  It is the Mash  Don't you dare download Flash  The Malware Mash  Just do the Malware Mash Learn more about your ad choices. Visit megaphone.fm/adchoices

Happy Halloween from the team at N2K Networks! We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video ⁠here⁠. Lyrics I was coding in the lab late one night when my eyes beheld an eerie sight  for my malware threat score began to rise  and suddenly to my surprise... It did the Mash  It did the Malware Mash  The Malware Mash  It was a botnet smash  It did the Mash  It caught on 'cause of Flash  The Malware Mash  It did the Malware Mash From the Stuxnet worm squirming toward the near east  to the dark web souqs where the script kiddies feast  the APTs left their humble abodes  to get installed from rootkit payloads.  They did the Mash  They did the Malware Mash  The Malware Mash  It was an adware smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They did the Malware Mash The botnets were having fun  The DDoS had just begun  The viruses hit the darknet,  with ransomware yet to come.  The keys were logging, phishing emails abound,  Snowden on chains, backed by his Russian hounds.  The Shadow Brokers were about to arrive  with their vocal group, "The NotPetya Five." They did the Mash  They played the Malware Mash The Malware Mash  It was a botnet smash  They did the Mash  It caught on 'cause of Flash  The Malware Mash  They played the Malware Mash Somewhere in Moscow Vlad's voice did ring  Seems he was troubled by just one thing.  He opened a shell then shook his fist  and said, "Whatever happened to my Turla Trojan twist."  It's now the Mash  It's now the Malware Mash  The Malware Mash  And it's a botnet smash  It's now the Mash  It caught on 'cause of Flash  The Malware Mash  It's now the Malware Mash Now everything's cool, Vlad's a part of the band  And the Malware Mash is the hit of the land.  For you, defenders, this mash was meant to  when you get to my door, tell them Creeper sent you. Then you can Mash  Then you can Malware Mash  The Malware Mash  And be a botnet smash  It is the Mash  Don't you dare download Flash  The Malware Mash  Just do the Malware Mash

A Texas telecom confirms a nation-state attack. A global outage disrupts Azure and Microsoft 365 services.  Malicious npm packages steal sensitive data from Windows, Linux, and macOS systems.  Hacktivists have breached multiple critical infrastructure systems across Canada. Major chipmakers spill the TEE. TP-Link home routers fall under federal scrutiny. Cloud Atlas targets Russia's agricultural sector. Israel's cloud computing deal with Google and Amazon allegedly includes a secret “winking mechanism.”The FCC tamps down on overseas robocalls. Mike Anderson, from Netskope, discusses why CIOs should think like HR leaders when considering Agentic AI. Danes Draw the line at digital doppelgängers.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Mike Anderson, Netskope's Chief Digital and Information Officer, to discuss why CIOs must think like HR leaders when considering Agentic AI. Selected Reading US company with access to biggest telecom firms uncovers breach by nation-state hackers (Reuters) Huge Microsoft outage hit 365, Xbox, and beyond — deployment of fix for Azure breakdown rolled out (Tom's Hardware) Malicious NPM packages fetch infostealer for Windows, Linux, macOS (Bleeping Computer) Canada says hacktivists breached water and energy facilities (Bleeping Computer) New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel (Ars Technica) U.S. agencies back banning top-selling home routers on security grounds (The Washington Post) Cloud Atlas hackers target Russian agriculture sector ahead of industry forum (The Record) Revealed: Israel demanded Google and Amazon use secret ‘wink' to sidestep legal orders (The Guardian) FCC adopts new rule targeting robocalls (The Record) Denmark to tackle deepfakes by giving people copyright to their own features (The Guardian) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, Chris and Hector dive into a wild mix of cyber chaos — from 3,000 malware-laced YouTube videos to a former L3 Harris exec accused of selling U.S. cyber weapons to Russia for crypto. They break down the “YouTube Ghost Network,” insider espionage, and why agentic AI browsers might be your next biggest threat. Join our new Patreon! ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

Using Syscall() for Obfuscation/Fileless Activity Fileless malware written in Python can uses syscall() to create file descriptors in memory, evading signatures. https://isc.sans.edu/diary/Using%20Syscall%28%29%20for%20Obfuscation%20Fileless%20Activity/32384 AWS Outages AWS has had issues most of the day on Monday, affecting numerous services. https://health.aws.amazon.com/health/status Time Server Hack China reports a compromise of its time standard servers. https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html

TikTok Videos Promoting Malware InstallationTikTok Videos Promoting Malware Installation Tiktok videos advertising ways to obtain software like Photoshop for free will instead trick users into downloading https://isc.sans.edu/diary/TikTok%20Videos%20Promoting%20Malware%20Installation/32380 Google Ads Advertise Malware Targeting MacOS Developers Hunt.io discovered Google ads that pretend to advertise tools like Homebrew and password managers to spread malware https://hunt.io/blog/macos-odyssey-amos-malware-campaign Satellite Transmissions are often unencrypted A large amount of satellite traffic is unencrypted and easily accessible to eavesdropping https://satcom.sysnet.ucsd.edu

Eclypsium researchers Jesse Michael and Mickey Shkatov to share their work on "BadCam - Now Weaponizing Linux Webcams." Eclypsium researchers disclosed “BadCam,” a set of vulnerabilities in certain Lenovo USB webcams that run Linux and do not validate firmware signatures, allowing attackers to reflash the devices and turn them into BadUSB-style tools. An adversary who supplies a backdoored camera or who gains remote code execution on a host can weaponize the webcam to emulate human-interface devices, inject keystrokes, deliver payloads, and maintain persistence — even re-infecting systems after OS reinstalls. The findings were presented at DEF CON 2025, Lenovo issued updated firmware/tools in coordination with SigmaStar, and researchers warn the same vector could affect other Linux-based USB peripherals, underscoring the need for firmware signing and stronger device attestation. The research can be found here: BadCam: Now Weaponizing Linux Webcams Learn more about your ad choices. Visit megaphone.fm/adchoices