POPULARITY
Categories
Our cross-continent race to Texas Linux Fest culminates into fantastic meat, meetups, and more.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:
In this episode of Unspoken Security, host A.J. Nash sits down with Marley Salveter, Director of Marketing at Unspoken Security. They explore how digital privacy and security awareness look different for younger generations who have grown up in a world where sharing personal data is routine, not a choice. Marley shares her perspective on adapting to life online, where building a personal brand and protecting personal information often overlap for today's professionals.Marley explains how her generation views data privacy as an accepted tradeoff, not a conscious decision, and why traditional corporate security training rarely feels relevant. She discusses the real risks of living in public—how threats feel less urgent until they get personal and why the rapid response of tech platforms can mask the lasting impact of breaches. She and A.J. dig into the challenge of communicating security risks to a connected generation that rarely sees tangible consequences.Together, they reflect on how open conversations bridge generational gaps and why storytelling and relatable dialogue help people internalize security lessons. Marley argues that making security personal is key to lasting change—especially for those building their careers and brands in the public eye.Send us a textSupport the show
China-Linked Group Hits Governments With Stealth Malware Chinese hackers exploit VMware zero-day since October 2024 Apple's iOS fixes a bevy of glitches Huge thanks to our sponsor, Nudge Security The SaaS supply chain is a hot mesh. As your workforce introduces new SaaS apps and integrations, hidden pathways are created that attackers can exploit to gain access to core business systems. That's exactly what happened in the Drift breach, and it will happen again. But, all is not lost. Nudge Security gives you the visibility and control you need to stop these attacks. Within minutes of starting a free trial, you'll discover every SaaS app and integration in your environment, map your SaaS supply chain, and identify risky OAuth grants that could be exploited. The best part? Nudge Security alerts you of breaches impacting your 3rd and 4th party SaaS providers. That's right, even 4th party! So, you can take action quickly to limit the ripple effects. Learn how Nudge can help you secure your entire SaaS ecosystem at nudgesecurity.com/supplychain
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Apple Patches Apple released patches for iOS, macOS, and visionOS, fixing a single font parsing vulnerability https://isc.sans.edu/diary/Apple%20Patches%20Single%20Vulnerability%20CVE-2025-43400/32330 Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400). Our honeypots detected an increase in scans for a Palo Alto Global Protect vulnerability. https://isc.sans.edu/diary/Increase%20in%20Scans%20for%20Palo%20Alto%20Global%20Protect%20Vulnerability%20%28CVE-2024-3400%29/32328 Nimbus Manticore / Charming Kitten Malware update Checkpoint released a report with details regarding a new Nimbus Manticore exploit kit. The malware in this case uses valid SSL.com-issued certificates. https://research.checkpoint.com/2025/nimbus-manticore-deploys-new-malware-targeting-europe/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Converting Timestamps in .bash_history Unix shells offer the ability to add timestamps to commands in the .bash_history file. This is often done in the form of Unix timestamps. This new tool converts these timestamps into a more readable format. https://isc.sans.edu/diary/New%20tool%3A%20convert-ts-bash-history.py/32324 Cisco ASA/FRD Compromises Exploitation of the vulnerabilities Cisco patched last week may have bone back about a year. Cisco and CISA have released advisories with help identifying affected devices. https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices Github Notification Phishing Github notifications are used to impersonate YCombinator and trick victims into installing a crypto drainer. https://www.bleepingcomputer.com/news/security/github-notifications-abused-to-impersonate-y-combinator-for-crypto-theft/
Over the past few years, I've heard several people suggest that "blogging is dead." However, one of my favorite coaching clients earns her primary income from her blog and also hosts retreats and an annual conference for an entire community of food bloggers who earn an income from their blogging efforts. So I invited my client, Megan Porta, and asked her the question, "Can you still make money blogging in 2025?" Short answer: Yes. It's doable. It looks different than it did a decade ago. It requires real passion, patience, and a focus on what serves readers right now. Below are thorough show notes to meet you exactly where you are. If you want to start or revive a blog as a real income stream, these notes double as a step-by-step primer. What This Episode Covers Why blogging still pays when you pair patience with passion Megan has seen brand-new bloggers “crushing it.” The difference now is you cannot fake it. Your readers and Google both know when you do. Authenticity wins. The fastest realistic path to first income Join a quality ad network once your traffic qualifies. We name the two big players and their current thresholds. We also discuss why Google SEO and Pinterest are still the two traffic pillars that move the needle. Niching way down to win Broad “everything” blogs struggle today. Specific sub-niches serve specific people and get rewarded. Think “vegan cakes” instead of “vegan.” The love for your topic has to show up in every post. The collaboration playbook for early momentum Smart email list swaps. Contributing value inside the right Facebook groups without spamming. How one helpful post can put a niche creator “on the map” in months. Income beyond ads Digital products. Memberships. Sponsorships. How to think about affiliate income post-HCU and what still works if you are selective. Platform and tech choices that save you pain Why WordPress.org with solid hosting is still the move. Why a VPS and proactive security matter. Real-world cautionary tales about updates, backups, and malware. Key Takeaways and Insights 1) Yes, you can still get paid to blog. The bar is higher. If you bring patience and genuine expertise, you can absolutely build an income today. People starting in the last year or two are succeeding. The difference is the landscape. Authenticity and user value must drive your strategy. 2) Niche inside the niche Winning examples are laser-specific. Pick a tight segment of a larger category, then become unmistakably helpful to that reader. This is how you break through and build trust. 3) Traffic plan: SEO and Pinterest first To qualify for premium ad networks, prioritize traffic that comes from search and Pinterest. Current thresholds discussed in the episode: Mediavine at roughly 50,000 sessions per month and Raptive at roughly 100,000 pageviews per month. Build to those numbers, then let ad RPMs start compounding. 4) Collaboration without spam Use email list collaborations. Show up consistently inside large, topic-relevant Facebook groups. Earn trust by answering questions with real substance. This moves traffic quickly when your niche is dialed in. 5) Create on-topic, helpful content Google's Helpful Content updates pushed bloggers to stay tightly aligned with user intent. Keep posts on point for your niche. Tangential personal stories and off-topic content dilute perceived expertise and can hurt discoverability. 6) Monetization mix that works in 2025 Display Ads once you hit network thresholds. This becomes semi-passive as your library grows. Digital Products as quick wins: ebooks, guides, weekly prep plans. These are simple to produce and match your audience's immediate needs. Memberships if your audience is invested. Price points in food niches commonly range from about 5 to 20 dollars per month, often for ad-free experiences or exclusive content. Tech options include WordPress setups and hosted communities such as Circle, Skool, Slack, Discord, Mighty Networks, and niche tools like Member Kitchens. Sponsorships when you can articulate your audience's value. Niche reach can beat raw follower counts if you understand a sponsor's acquisition economics and lifetime value. Affiliate Income is trickier after recent updates. It can still work at higher commissions or with premium offers. Treat it as a supplemental play, not your core plan. 7) Stack the tech in your favor Choose WordPress.org for full control, proven SEO flexibility, and extensibility. Invest in good hosting. A VPS with strong uptime guarantees is worth it. Expect to pay roughly 89 to 150 dollars per month for reliability that protects your revenue. Treat security and backups as non-negotiables. Plugins and themes require regular updates. Malware exploits often come from simple neglect. Have a pro who can restore fast. This avoids losing days or weeks or years of content. Practical Playbook Phase 1. Choose a narrow niche and validate demand List ten posts your ideal reader would save today. Ensure all are tightly aligned with one outcome your niche cares about. Keep stories and extras on-topic so Google sees topical authority. Phase 2. Protect the asset Run WordPress.org on a reliable VPS and keep everything updated. Assign backups and security to a pro so you do not risk outages or data loss. Phase 3. Build a traffic engine Publish high-quality posts that answer exact questions your audience asks. Optimize for search and create Pinterest assets for each post. Aim for Mediavine or Raptive thresholds to unlock ad revenue. Phase 4. Accelerate through collaboration Join large, relevant Facebook groups. Contribute substantial answers that stand on their own. Start tasteful email list collaborations for quick, qualified traffic. Phase 5. Layer monetization Add an easy digital product that solves a specific use case. Test a simple membership once engagement is strong. Pitch sponsors when you can quantify your audience's fit and value. About My Guest Megan Porta has been blogging since 2010 and runs Eat Blog Talk, a podcast and community that supports food bloggers who want to grow and monetize. She is a strong voice for focus, patience, and authenticity in a space that has evolved dramatically. Resources Mentioned Megan's sites: PipAndEbby.com and EatBlogTalk.com. Megan welcomes follow-up questions at megan@eatblogtalk.com. Ad networks: Mediavine, Raptive, once you meet their traffic thresholds. Community and membership tools: Circle, Skool, Slack, Discord, Mighty Networks, Member Kitchens. Platform: WordPress.org with quality hosting and a VPS. I'm Here To Help! If you want help in building your own online business, send me a short note about your business dream and where you feel stuck. I will point you to the most useful next step, whether that is a free resource, a workshop, or coaching with me. My email is cliff@cliffravenscraft.com.
Destination Linux, DL 437, Linux Podcast, Open Source, Linux News, NVIDIA, Intel, AI Alliance, CUDA on Linux, Ubuntu CUDA, Steam Malware, Gaming Security, Trojan Virus, Vivaldi AI, Privacy Concerns, Scapy, Network Tool, Linux Community, Open Source
Game Kast, de beste gaming podcast van Tsushima tot Yotei, presenteert: Alle grote aankondigingen tijdens en buiten Tokyo Game Show! GAME KAST is een wekelijkse podcast met Espe, Jerre en jNoxx. Wekelijks gaming nieuws, special guests en reviews van alle games oud en nieuw. 00:00 Intro 00:55 Correcties van vorige week 04:11 Nieuwe Hideo Kojima game 14:27 Wat is Ananta? 24:40 Monster Hunter en Capcom update 29:29 XBOX op Tokyo Game Show 36:25 PlayStation State of Play 1:12:37 The Last of Us Day 1:16:01 Malware op Steam 1:20:43 jNoxx speelt 1:21:37 Espe speelt Ghost of Yotei 1:31:44 Platinum Trophy rewards 1:48:19 Jerre speelt KOOP MERCH: ▶ https://merch.gamekast.be JOIN DE DISCORD: ▶ https://discord.gg/Y6Buz8VCU7 VOLG GAME KAST: ▶ https://www.instagram.com/gamekast/ ▶ https://www.threads.net/@gamekast ▶ https://bsky.app/profile/gamekast.bsky.social ▶ https://www.tiktok.com/@gamekast ▶ https://www.facebook.com/GameKastPodcast ▶ https://gamekast.be Bedankt om te luisteren! En vergeet niet Jerre zijn games te kopen! ▶ Steam: https://store.steampowered.com/app/1248140/Trailer_Trashers/ ▶ Nintendo: https://www.nintendo.be/nl/Games/Nintendo-Switch-download-software/Trailer-Trashers-1740700.html
In today's Tech3 from Moneycontrol, we break down the half-trillion dollar AI compute arms race as tech giants lock in chips, data centres, and cloud deals. We look at Jaguar Land Rover's major cyberattack that has put Tata Consultancy Services under intense scrutiny. Plus, India's CERT-In warns of “Shai Hulud,” a Dune-inspired malware campaign targeting startups and developers, and foodtech startup Curefoods secures a Rs 160 crore pre-IPO round from Binny Bansal.
Referências do EpisódioWEBINAR Black Friday: Cibersegurança pra além do básico, sem esquecer o básicoCVE-2025-20333 - Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution VulnerabilityCVE-2025-20362 - Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access VulnerabilityCVE-2025-20363 - Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution VulnerabilityCisco Event Response: Continued Attacks Against Cisco FirewallsCyber Morning Call - #531 - 25/04/2024DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deceptionMicrosoft blocks Israel's use of its technology in mass surveillance of PalestiniansOlymp Loader: A new Malware-as-a-Service written in AssemblyNew LockBit 5.0 Targets Windows, Linux, ESXiXCSSET evolves again: Analyzing the latest updates to XCSSET's inventoryRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Timestamps: 0:00 Tune in to CakeLinked 0:18 Android on PC confirmed 1:29 Snapdragon X2 Elite, X2 Elite Extreme 2:17 Steam distributed malware 3:28 Nvidia and OpenAI investment, Stargate data centers 5:18 CookUnity! 6:28 QUICK BITS INTRO 6:42 Microsoft's microfluidic chip cooling 7:11 Vehicle-to-grid pilot program 7:55 Logitech K980 solar-powered keyboard 8:37 Origin Code fan-cooled DDR5 kits NEWS SOURCES: https://linustechtips.com/topic/1623492-android-for-pc-snapdragon-x2-elite-extreme-steam-malware-more-techlinked-september-24-2025/ Learn more about your ad choices. Visit megaphone.fm/adchoices
If you like what you hear, please subscribe, leave us a review and tell a friend!Recent cyber incidents show a surge in attacks targeting both public and private sectors. Threat actors exploited vulnerabilities in software like GeoServer and Pandoc, leading to breaches in U.S. federal agencies and cloud environments. Malware campaigns, such as BadIIS, spread via SEO poisoning, while SonicWall and Boyd Gaming faced rootkits and data breaches, respectively. Security firms like Cloudflare successfully mitigated record-breaking DDoS attacks, and Mozilla introduced safeguards allowing Firefox add-on developers to roll back problematic updates. Law enforcement, including the Secret Service, has intervened to dismantle telecom threats impacting global operations like the UN.
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast Please share this podcast with someone you know! It helps us grow the podcast and we really appreciate it! Jeremy Clarkson hacked https://www.thesun.co.uk/news/36577873/jeremy-clarkson-farmers-dog-pub-computer-hackers/ https://www.ladbible.com/entertainment/celebrity/jeremy-clarkson-farmers-dog-pub-hacked-27000-002780-20250907 AI-powered phishing confusion https://malwr-analysis.com/2025/08/24/phishing-emails-are-now-aimed-at-users-and-ai-defenses/ Rise of Linux Desktop malware https://www.cloudsek.com/blog/investigation-report-apt36-malware-campaign-using-desktop-entry-files-and-google-drive-payload-delivery https://www.bleepingcomputer.com/news/security/apt36-hackers-abuse-linux-desktop-files-to-install-malware/ Companies experiment with replacing humans with AI https://www.wsj.com/articles/taco-bell-rethinks-future-of-voice-ai-at-the-drive-through-72990b5a https://www.miaminewtimes.com/news/la-quinta-investigating-miamis-viral-remote-receptionist-23748941 https://www.ambscallcenter.com/blog/remote-receptionist-guide Dad Joke of the Week (DJOW) Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/ Daren - https://www.linkedin.com/in/daren-schneider/
Cybercriminals are exploiting X's Grok AI to bypass ad protections and spread malware to millions—while researchers discover your home Wi-Fi can now monitor your heart rate. This week's news breakdown covers the attack vectors you need to know about. Join co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem as they dive into the latest cybersecurity developments that could impact your organization tomorrow. From social media malvertising to biometric data harvesting through everyday devices, these aren't distant threats—they're happening now. Key Topics Covered: How cybercriminals are weaponizing Grok AI for malvertising campaigns Why 10-15% of employees access risky content at work (and what to do about it) Wi-Fi devices that can detect heart rates from 10 feet away—privacy implications Amazon's Project Kuiper vs. Starlink: What 1GB satellite internet means for security Practical defenses: YubiKeys, browser isolation, and network redundancy strategies Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers critical insights to help protect your business. Like, share, and subscribe for more in-depth security discussions! #cybersecurity #infosec #grok #malware #starlink #wifi #privacy #ITsecurity
In this episode, Ryan Williams Sr. and Shannon Tynes discuss recent cybersecurity news, including a cyberattack on Collins Aerospace that disrupted flights at major European airports. They discuss the implications of AI in cybersecurity, particularly the emergence of AI-generated malware. The conversation shifts to the growing threat of synthetic identities in the finance sector, highlighting the challenges they pose. The hosts also share personal updates and insights on pop culture, including movies and series they are currently watching. Article: Cyberattack on Collins Aerospace disrupts flights at Heathrow, other European airports https://industrialcyber.co/transport/cyberattack-on-collins-aerospace-disrupts-flights-at-heathrow-other-european-airports/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExZ3VDa0YzNDkzR0IzeW9JbgEenbBLUTcs5cdMjI9yFGekTrVbXytgeFhLaxfLP-z7N7MAeujuz_gIbJiDcow_aem_ovDnjq4_7VyNjzj96IGbAQ First-ever AI-powered ‘MalTerminal' Malware Uses OpenAI GPT-4 to Generate Ransomware Code https://cybersecuritynews.com/first-ever-ai-powered-malterminal-malware/amp/?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExZ3VDa0YzNDkzR0IzeW9JbgEencaQtTwkpmB5SRb8akQ4V6qZ4d8xEI7UMPogihOsmDsylm_t4AfcaEMnWwU_aem_pzYbuurHzL22zUnJkyPJXQ Plastic People, Plastic Cards: Synthetic Identities Plague Finance & Lending Sector https://www.darkreading.com/cybersecurity-operations/synthetic-identities-finance-lending-sector?fbclid=IwZXh0bgNhZW0CMTAAYnJpZBExZ3VDa0YzNDkzR0IzeW9JbgEeLdvkEoHqglNj3DpqyM2H29XNx_YG_b_CXgkJ1-Z_OX8BJBbaFFELtBCgZW8_aem_AbjtVG6MyRVqtG0jaCxrig Buy the guide: www.theothersideofthefirewall.com Please LISTEN
Aseguran bidones y bomba de hidrocarburo en Sonora Pipa de gas vuelca en Hidalgo, no hay fuga ni heridos Más información en nuestro Podcast
*Threat Hunting Workshop: Hunting for Persistence - Level 2 September 24, 2025 | 12:00 - 1:00 PM ET Sign Up: https://www.intel471.com/resources/webinars/threat-hunting-workshop-16-hunting-for-persistence-level-2 ---------- Top Headlines: Jamf Threat Labs | Learn about ChillyHell, a modular Mac backdoor: https://www.jamf.com/blog/chillyhell-a-modular-macos-backdoor/ SecureList | Malicious MCP servers used in supply chain attacks: https://securelist.com/model-context-protocol-for-ai-integration-abused-in-supply-chain-attacks/117473/?web_view=true Bitdefender Blog | EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company: https://www.bitdefender.com/en-us/blog/businessinsights/eggstreme-fileless-malware-cyberattack-apac welivesecurity | Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass: https://www.welivesecurity.com/en/eset-research/introducing-hybridpetya-petya-notpetya-copycat-uefi-secure-boot-bypass/ ---------- Stay in Touch! Twitter: https://twitter.com/Intel471Inc LinkedIn: https://www.linkedin.com/company/intel-471/ YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg Discord: https://discord.gg/DR4mcW4zBr Facebook: https://www.facebook.com/Intel471Inc/
In this episode of Unspoken Security, host AJ Nash welcomes Ivan Novikov, CEO of Wallarm, to discuss the fundamental shifts in API security. They explore how APIs have evolved from internal tools to the public-facing backbone of mobile apps, IoT, and AI. This change has dramatically expanded the threat surface, making traditional security methods obsolete.Ivan explains why older approaches, like signature-based detection and RegEx, fail against modern attacks. He details Wallarm's unique solution: a real-time decompiler that analyzes the actual payload of API requests. This technique allows for deep inspection of complex and nested data formats, identifying malicious code that standard tools miss.The conversation also looks to the future, examining the security risks posed by the rapid adoption of AI agents. Ivan concludes with a stark comparison between physical and cyber threats. In the digital world, attacks are constant and aggressive. Success depends less on the tools you have and more on who you are and how you use them.Send us a textSupport the show
First documented case: AI inside the breach.Promptlock marks the first time malware has used AI during execution, not just in preparation. In this Threat Talks deep dive, Rob Maas (Field CTO, ON2IT) sits down with Yuri Wit (SOC Analyst, ON2IT) to break down how it works: a Go loader calling an attacker's LLM in real time, generating fresh payloads that adapt on the fly.This episode strips away sci-fi hype. You'll see the psychology of an adversary that thinks mid-attack—and the Zero Trust defenses that box it in. When AI runs inside the kill chain, malware doesn't just evolve. It crosses into super-malware.(00:00) - — Cold open: “What if malware could think?” (00:18) - — Welcome: Rob Maas & Yuri Wit (00:41) - — First reaction to PromptLock (01:02) - — How attackers already use AI (phishing, coding, negotiations) (03:02) - — Why PromptLock is different: AI during execution (03:35) - — How it works: Go → Ollama → LLM → Lua (06:36) - — Proof-of-concept tells (the Satoshi wallet) (07:55) - — Defense shift: hashes die, behavior wins (10:40) - — Detecting LLM calls: SSL inspection realities (11:26) - — Quick wins: block interpreters (Lua/Python/PowerShell) (12:23) - — Zero Trust moves: default-deny egress & segmentation (12:41) - — What's next: dynamic exploits & on-demand EDR bypass (16:21) - — Timelines & hardware: why adoption could accelerate (18:21) - — Wrap-up & CTA Key Topics Covered• The first documented case of AI inside the breach — why Promptlock changes the game• Promptlock's core loop: calling an LLM mid-attack to generate fresh payloads.• Why hash-based detection breaks against AI-powered malware detection, ever-changing scripts.• Behavioral defense over signatures: EDR/XDR, sandboxing, and SSL inspection.• Zero Trust in practice: block script interpreters, restrict egress, and shrink blast radius.Additional ResourcesON2IT Zero Trust: https://on2it.net/zero-trust/Threat Talks hub: https://threat-talks.com/Ollama (referenced in episode): https://ollama.com/The Rising Threat of Deepfakes: https://youtu.be/gmtZ_aYmQdQGuest & Host Links:Rob Maas, Field CTO, ON2IT: https://www.linkedin.com/in/robmaas83/ Yuri Wit, SOC Specialist, ON2IT: https://www.linkedin.com/in/yuriwit/Click here to view the episode transcript.
Un “código fantasma” descubierto por la NASA. La gira de Oasis genera records en turismo. Lo nuevo de Apple: iPhone 17, sus nuevos AirPods y Apple Watch. Nanobana, la nueva herramienta de edición con IA integrada en Gemini. Ucademy, la edutech que ayudan a los jóvenes a estudiar en el exterior.
Worried a reset won't wipe out malware? While it's technically possible for some infections to survive, it's extremely rare. Learn where malware can hide, which reset options are safest, and the extra steps you can take to ensure a truly clean and secure Windows reinstall.
Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED, along with N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full video edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building. Learn more about your ad choices. Visit megaphone.fm/adchoices
Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED, along with N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full video edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.
Want to work in cybersecurity but don't know where to begin? Or just curious what it takes to break into the field? This week, we're joined by the internet's very own Heath Adams, better known as The Cyber Mentor. He demystifies the application process and what it takes to build a career in cybersecurity – no matter your background.
In this week's Security Sprint, Dave and Andy covered the following topics:Main Topics:Annunciation Catholic Church Attack • Minneapolis Suspect Knew Her Target, but Motive Is a Mystery• Shooter who opened fire on Minneapolis Catholic school posted rambling videos• Robin Westman: Minneapolis gunman was son of church employee• Robin Westman posted a manifesto on YouTube prior to Annunciation Church shooting• Minneapolis school shooter wrote “I am terrorist” and “Kill yourself” in Russian on weapon magazines and listened to Russian rappers• Minneapolis Catholic Church shooter mocked Christ in video before attack• Minneapolis school shooter 'obsessed with idea of killing children', authorities say• Minnesota Mass Shooter Steeped in Far-Right Lore, White Nationalist Murderers• In Secret Diaries, the Church Shooter's Plans for Mass Murder• Minneapolis church shooting search warrants reveal new details and evidence• 'There is no message': The search for ideological motives in the Minneapolis shooting• Minneapolis Church Shooting: Understanding the Suspect's Video• More Of Minnesota Shooter's Writings Uncovered: ‘Gender And Weed F***ed Up My Head'• Classmates say Minnesota school shooter gave Nazi salutes and idolized school shootings back in middle schoolHoax Active Shooter Reports• More than a dozen universities have been targeted by false active shooter reports• This Is the Group That's Been Swatting US Universities• FBI urges students to be vigilant amid wave of swatting hoaxesAI & Cyber Threats • The Era of AI-Generated Ransomware Has Arrived• Researchers flag code that uses AI systems to carry out ransomware attacks & First known AI-powered ransomware uncovered by ESET Research • Anthropic: Detecting and countering misuse of AI: August 2025• A quick look at sextortion at scale: 1,900 messages and 205 Bitcoin addresses spanning four yearsCountering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System• FBI warns Chinese hacking campaign has expanded, reaching 80 countries• Allied spy agencies blame 3 Chinese tech companies for Salt Typhoon attacks• UK NCSC: UK and allies expose China-based technology companies for enabling global cyber campaign against critical networksQuick Hits:• Storm-0501's evolving techniques lead to cloud-based ransomware • Why Hypervisors Are the New-ish Ransomware Target• FBI Releases Use-of-Force Data Update• Denmark summons US envoy over report on covert American ‘influence operations' in Greenland• Falsos Amigos• Surge in coordinated scans targets Microsoft RDP auth servers• Vulnerabilities impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424• Citrix patches trio of NetScaler bugs – after attackers beat them to it• U.S., Japan, and ROK Join Mandiant to Counter North Korean IT Worker Threats• US sanctions fraud network used by North Korean ‘remote IT workers' to seek jobs and steal money• H1 2025 Malware and Vulnerability Trends • The FDA just overhauled its COVID vaccine guidance. Here's what it means for you• 25 August 2025 NCSC, AFOSI, ACIC, NCIS, DCSA, FBI, ED, NIST, NSF bulletin • DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says• Blistering Wyden letter seeks review of federal court cybersecurity, citing ‘incompetence,' ‘negligence'• Email Phishing Scams Increasingly Target Churches
Welcome in! You've entered, Only Malware in the Building — but this time, it's not just another episode. This is a special edition you won't want to miss. For the first time, our hosts are together in-studio — and they're turning up the heat. Literally. Join Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED, along with N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel, as they take on a fiery hot wings challenge while answering personal questions about themselves, their careers, and the stories that shaped them. Think you've seen them tackle malware mysteries before? Wait until you see them sweat. This one's too good for audio alone — you'll want to watch the full video edition to catch every spicy reaction, every laugh, and maybe even a few tears. So grab your milk, get ready to feel the burn, and come join us for this special hot take on Only Malware in the Building.
Ido Ben-Natan, co-founder and CEO of Blockaid, joined me to discuss how Blockaid is helping to secure billions of dollars in crypto.Topics: - Blockaid's security services for exchanges, wallets and more - Blockaid secured $50 million in Series B funding - Common attacks, hacks, and scams in crypto - Will AI Agents be a threat to crypto? - Gemini and Hashgraph integration - The future of crypto security Show Sponsor -
video: https://youtu.be/TtyYWQczQMw In this episode of Destination Linux, we explore everything from nostalgic tech making a comeback to cutting-edge security threats. Join us as we dive into the revival of the Pebble smartwatch, Google's latest Pixel devices and policies, Linux turning 34 with a surprising floppy disk update, and a deep dive into North Korean rootkit tactics with Sandfly Security's Craig Rowland. Plus, we've got community feedback, a handy software pick, and plenty of laughs along the way. Sponsored by Sandfly Security: the revolutionary agentless platform designed for Linux. Visit https://destinationlinux.net/sandfly to experience security that's not just effective but gives you peace of mind. No agents. No downtime. Just cutting-edge protection. Forum Discussion Thread (https://destinationlinux.net/forum) Download as MP3 (https://aphid.fireside.fm/d/1437767933/32f28071-0b08-4ea1-afcc-37af75bd83d6/b63beb51-4239-47df-a7d4-60f304b9e0f6.mp3) Support the show by becoming a patron at tuxdigital.com/membership (https://tuxdigital.com/membership) or get some swag at tuxdigital.com/store (https://tuxdigital.com/store) Hosted by: Ryan (DasGeek) = dasgeek.net (https://dasgeek.net) Jill Bryant = jilllinuxgirl.com (https://jilllinuxgirl.com) Michael Tunnell = michaeltunnell.com (https://michaeltunnell.com) Chapters: 00:00:00 Intro 00:02:14 Community Feedback: AI, Overtraining & Hallucinations 00:08:15 Swiss Army Knife Energy 00:13:14 Security Scoop with Sandfly Security 00:34:40 Pebble Watch Returns: Open-Source Revival 00:40:25 Pixel Watch 4: AI Perks, Polished? 00:47:31 Pixel 10 & Fold: Hardware Hype, Privacy Gripes 01:00:11 Linux Turns 34 01:03:56 Jill's First Distro: Slackware on 24 Floppies 01:05:56 Ryan's First Distro 01:08:52 Michael's First Distro 01:12:53 Floppy Disk Driver: Surprise Patch Update 01:15:37 Google AI: Helpful or Snoopy? 01:25:32 Software Pick: Wordbook 01:27:47 Support the Show 01:30:04 Outro Links: Community Feedback https://destinationlinux.net/comments (https://destinationlinux.net/comments) https://destinationlinux.net/forum (https://destinationlinux.net/forum) Security Scoop with Sandfly Security https://sandflysecurity.com/blog/leaked-north-korean-linux-stealth-rootkit-analysis (https://sandflysecurity.com/blog/leaked-north-korean-linux-stealth-rootkit-analysis) https://phrack.org/issues/72/7_md#article (https://phrack.org/issues/72/7_md#article) https://destinationlinux.net/sandfly (https://destinationlinux.net/sandfly) Pebble Watch Returns: Open-Source Revival https://repebble.com/ (https://repebble.com/) Pixel Watch 4: AI Perks, Polished? https://store.google.com/product/pixelwatch4?hl=en-US (https://store.google.com/product/pixel_watch_4?hl=en-US) Linux Turns 34 https://9to5linux.com/happy-34th-birthday-linux (https://9to5linux.com/happy-34th-birthday-linux) Floppy Disk Driver: Surprise Patch Update https://www.phoronix.com/news/Linux-Floppy-Disk-Cleanups-2025 (https://www.phoronix.com/news/Linux-Floppy-Disk-Cleanups-2025) https://youtu.be/4q4haMhvqCs (https://youtu.be/4q4haMhvqCs) Software Pick: Wordbook https://flathub.org/apps/dev.mufeed.Wordbook (https://flathub.org/apps/dev.mufeed.Wordbook) Support the Show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)
Im Krimi wird das Testament oft vor den versammelten Erben verlesen. Die Realität sieht anders aus. Erbrechtsspezialist Oliver Willimann erklärt die wichtigsten Punkte zur Testamentseröffnung. +++ Weiteres Thema: Vorsicht vor Mails mit angehängten Rechnungen. Darin könnte Malware versteckt sein.
Microsoft has launched Project IR, an advanced AI capable of reverse-engineering malware with a remarkable 90% accuracy rate. This autonomous agent utilizes a combination of large language models and specialized cybersecurity tools to identify threats effectively, achieving a low false positive rate of just 2%. Recent tests demonstrated its capability to analyze thousands of unclassified files and accurately flag a significant majority as malicious. However, as cybersecurity technology advances, so do the tactics of cybercriminals, with a notable increase in phishing attacks targeting managed service providers (MSPs), which now account for over half of all phishing incidents.The rise of AI-powered phishing and social engineering tactics has been highlighted in a recent Acronis report, revealing that 52% of phishing attacks are aimed at MSPs. Additionally, new research indicates that AI browsers may inadvertently assist scammers, as they can overlook red flags that human users would typically catch. A survey from One Password further emphasizes the challenges organizations face with the rapid adoption of AI tools, with many lacking visibility and control over these applications, leading to potential security vulnerabilities.Gartner has issued a warning to corporate leaders, stating that they have a limited timeframe to integrate AI agents into their operations or risk falling behind competitors. Despite the urgency, Gartner also acknowledges that a significant percentage of AI projects fail, raising concerns about the pressure vendors may place on businesses to adopt these technologies hastily. Meanwhile, XAI's claims regarding its Grok 2.5 model being open-sourced have been criticized as misleading, as the licensing terms impose restrictions that contradict open-source principles.In the realm of cybersecurity solutions, companies like SonicWall and VMware are introducing new tools and technologies to enhance security and operational efficiency. SonicWall has launched a new generation of firewalls with a unique cyber warranty, while VMware is focusing on ARM architecture to meet the growing demand for energy-efficient servers. However, the podcast emphasizes the importance of cutting through vendor noise and focusing on solutions that genuinely improve business operations, rather than getting caught up in marketing hype.Three things to know today 00:00 Microsoft's Project Ire Shows AI Can Catch Malware, But Attacks on MSPs Are Rising Faster06:36 AI Urgency, Open-Washing, and Federal Adoption: Sorting Hype From Reality10:09 From Billing Fixes to Firewalls and VMware's Arm Gamble: What Really Matters for MSPs Supported by: https://getnerdio.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
Arch is under fire, two weeks and counting. We'll break down the mess, and share a quick fix. Plus, the killer new apps we've just added to our homelabs.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:
If you like what you hear, please subscribe, leave us a review and tell a friend!
Data alone does not persuade. For data-driven leaders, learning totranslate numbers into a compelling narrative is a critical skill. In thisepisode of Unspoken Security, host AJ Nash speaks with Salvatore Manzi, aleadership communications coach, about the strategies technical leaderscan use to create influence. Salvatore explains why leaders must learn tomake meaning over metrics to connect with teams, stakeholders, andcustomers.Salvatore shares practical frameworks to improve communication. Heintroduces the "You then me" principle, which prioritizes acknowledging the other person's view to build rapport. He also shows how using simplemetaphors and a little appreciation can make complex dataunderstandable. These techniques disarm a room before you need tocorrect someone or present a counter-argument, ensuring your message lands effectively.The conversation also covers imposter syndrome and the uniquecommunication hurdles women face in the tech industry. AJ and Salvatorediscuss the power of authenticity and the need for allies who activelyamplify other voices. They explore how simple shifts in body language andmindset can build the confidence needed to overcome these challenges and ensure your voice is heard.Send us a textSupport the show
In this episode, we're continuing a series focused on malware from the IJIS Institute's Cybersecurity Working Group and their JusticeGuardian series—this time, the group dives into the topic of cyber threat actors, the people who are behind the creation and distribution of malware. We once again welcome back host Larry Zorio, Chair of the Cybersecurity Working Group, along with returning member Jeramy Cooper-Leavitt. Together, they discuss what motivates them, why they are using malware, what the actors gain from it, and more.
In this exclusive interview, a former ransomware hacker reveals the shocking truth behind a devastating supply chain attack that brought a major organization to its knees. From the initial breach to the final ransom demand, our insider shares never-before-heard secrets about the tactics, techniques, and procedures used to pull off the heist. You won't want to miss this rare glimpse into the dark world of cybercrime.Send us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show
Send us a textSergey Novikov shares his fascinating journey from early days at Kaspersky Lab through his evolution as a malware analyst and cybersecurity expert, offering unique insights into the changing threat landscape and ethical considerations of security research.• Started at Kaspersky in 2002 when it was a small startup with fewer than 100 employees• Applied mathematics background led to research correlating human epidemic models with computer virus propagation• Worked as a "woodpecker" malware analyst detecting threats 24/7• Became part of Kaspersky's elite Global Research and Analysis Team (GREAT)• Team took pride in identifying APTs regardless of national origin to protect customers worldwide• Described security researchers as "paleontologists" uncovering complex digital threats• Participated in analysis of sophisticated threats like Stuxnet requiring specialized knowledge• Left Kaspersky in 2022 after Russia-Ukraine conflict began• Transitioned to pharmaceutical industry cybersecurity before joining CyberProof• Observes modern threats have blurred lines between nation-state actors, cybercriminals and hacktivists• Believes cybersecurity professionals must maintain perpetual learning mindset• Recommends self-learning and hands-on experience for aspiring security researchers• Notes AI is enabling more agile, automated attacks rather than quantum computing threatsConnect with Sergey on LinkedIn or visit cyberproof.com to learn more about their security services and research blog.Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast
Nicolás Chiaraviglio, Chief Scientist from Zimperium's zLabs, joins to discuss their work on "Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed." Zimperium's zLabs team has been tracking an evolving banker trojan dubbed DoubleTrouble, which has grown more sophisticated in both its distribution and capabilities. Initially spread via phishing sites impersonating European banks, it now uses malicious APKs hosted in Discord channels, and boasts features like screen recording, keylogging, UI overlays, and app blocking—all while heavily abusing Android's Accessibility Services. Despite advanced obfuscation and dynamic evasion techniques, Zimperium's on-device detection tools have successfully identified both known and previously unseen variants, helping protect users from credential theft, financial fraud, and device compromise. Complete our annual audience survey before August 31. The research can be found here: Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed Learn more about your ad choices. Visit megaphone.fm/adchoices
Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit
Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit
Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit
Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit
Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit
In this episode of Unspoken Security, host AJ Nash welcomes Mark Freedman, Principal and CEO of Rebel Global Security, to discuss a major shift in the global threat landscape. The primary national security concern has moved from counter-terrorism to interstate strategic competition. This change requires a new security model, especially for the private sector.Mark explains that companies are now players on a geopolitical battlefield, facing sophisticated threats from nation-states. Yet, many organizations operate in silos. Legal teams track sanctions while cybersecurity teams react to technical threats. They often miss the strategic connection between the two, which creates significant vulnerabilities.To close these gaps, AJ and Mark explore the need for an integrated intelligence function within businesses. They discuss how even a single empowered person, tasked with understanding the geopolitical environment, can connect various teams. This strategic view helps companies build a more resilient and proactive defense in a complex world.Send us a textSupport the show
Abrar Al-Heeti from CNET joins Mikah Sargent this week on Tech News Weekly! Tesla has been found partially liable for a fatal crash in 2019. Project Ire from Microsoft can autonomously identify malware at scale. Age verification is slowly being rolled out across the internet. And OpenAI announced GPT-5! Abrar discusses Tesla's being found partially liable in a fatal 2019 crash and ordered to pay $243 million in damages. Tesla seeks to appeal the ruling. Mikah shares a new AI model from Microsoft called Project Ire that can analyze and classify malware in software. Age verification is slowly being rolled out to numerous websites that host adult material and harmful content. However, there are concerns with how this is being utilized, which raises privacy concerns for users. And Sabrina Ortiz of ZDNET joins the show to chat with Mikah about everything announced at OpenAI's unveiling of its latest AI model, GPT-5. Hosts: Mikah Sargent and Abrar Al-Heeti Guest: Sabrina Ortiz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security go.acronis.com/twit smarty.com/twit
Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our three hosts discuss several articles covering a new wave of social engineering attacks tied to the so-called Contagious Interview campaign. In this operation, threat actors linked to North Korea are reportedly posing as tech recruiters to trick job seekers into downloading malware. The discussion highlights updates to two malware strains—BeaverTail and InvisibleFerret—that have been retooled with cross-platform capabilities and new data theft features, raising fresh concerns about how targeted individuals could become a gateway into larger organizational networks. You can find the links to the stories here: Lazarus Group Infostealer Malwares Attacking Developers In New Campaign Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware North Korean State Sponsored Supply Chain Attack on Tech Innovation Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam
Things get worse in the Tea dating app breach. CISA adds three vulnerabilities to its Known Exploited Vulnerabilities catalog. Researchers uncover a critical flaw in Google's AI coding assistant. A Missouri Health System agrees to a $9.25 million settlement over claims it used web tracking tools. “Sploitlight” could let attackers bypass Apple's TCC framework to steal sensitive data. Malware squeaks its way into a mouse configuration tool. Threat actors hide the Oyster backdoor in popular IT tools. The FBI nabs over $2.4 million in Bitcoin from the Chaos ransomware gang. Our guest is Jaeson Schultz, Technical Leader for Cisco Talos Security Intelligence & Research Group, to talk about their work on the security of PDF files. The unintended privacy paradox of data brokers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Jaeson Schultz, Technical Leader for Cisco Talos Security Intelligence & Research Group, to talk about their work on "PDFs: Portable documents, or perfect deliveries for phish?" Selected Reading A Second Tea Breach Reveals Users' DMs About Abortions and Cheating (404 Media) CISA warns of active exploitation of critical PaperCut flaw, mandates immediate patching (Beyond Machines) CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine (Infosecurity Magazine) Researchers flag flaw in Google's AI coding assistant that allowed for ‘silent' code exfiltration (CyberScoop) Health System Settles Web Tracker Lawsuit for Up to $9.25M (GovInfo Security) Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data (Bleeping Computer) Endgame Gear mouse config tool infected users with malware (Bleeping Computer) Oyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO Poisoning (GB Hackers) FBI Seizes $2.4m in Crypto from Chaos Ransomware Gang (Infosecurity Magazine) Hundreds of registered data brokers ignore user requests around personal data (CyberScoop) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Join The Full Nerd gang as they talk about the latest PC hardware topics. In this episode the gang and Nathan Edwards, senior reviews editor at The Verge, discuss malware sneaking into Steam games, endgame keyboards, and more. And of course we answer your questions live! Links: - Malware sneaks onto Steam: https://www.pcworld.com/article/2859145/malware-sneaks-onto-steam-for-the-third-time-in-2025.html - How to build the best keyboard in the world: https://www.theverge.com/tech/686441/norbauer-seneca-keyboard-creator Join the PC related discussions and ask us questions on Discord: https://discord.gg/SGPRSy7 Follow the crew on X: @AdamPMurray @BradChacos @MorphingBall @WillSmith ============= Follow PCWorld! Website: http://www.pcworld.com X: https://www.x.com/pcworld =============
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
DShield Honeypot Log Volume Increase Within the last few months, there has been a dramatic increase in honeypot log volumes and how often these high volumes are seen. This has not just been from Jesse s residential honeypot, which has historically seen higher log volumes, but from all of the honeypots that Jesse runs. https://isc.sans.edu/diary/DShield+Honeypot+Log+Volume+Increase/32100 Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware. Koi Security s investigation of a single verified color picker exposed a coordinated campaign of 18 malicious extensions that infected a massive 2.3 million users across Chrome and Edge. https://blog.koi.security/google-and-microsoft-trusted-them-2-3-million-users-installed-them-they-were-malware-fb4ed4f40ff5 RDP Forensics Comprehensive overview of Windows RDP Forensics https://medium.com/@mathias.fuchs/chasing-ghosts-over-rdp-lateral-movement-in-tiny-bitmaps-328d2babd8ec