Podcasts about Malware

The Russian Proton66 is tied to cybercriminal bulletproof hosting services. A new Rust-based botnet hijacks vulnerable routers. CISA budget cuts limit the use of popular analysis tools. A pair of healthcare providers confirm ransomware attacks. Researchers uncover the Scallywag  ad fraud network. The UN warns of cyber-enabled fraud in Southeast Asia expanding at an industrial scale. Fog ransomware resurfaces and points a finger at DOGE. The cybercrime marketplace Cracked relaunches under a new domain. On our Industry Voices segment, Bob Maley, CSO of Black Kite, shares insights on the growing risk of third-party cyber incidents. Taking the scenic route through Europe's digital landscape. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Kim Jones, the new Host of CISO Perspectives podcast, previewing the latest episode where Kim is joined by Larry Whiteside Jr. discussing “Are we a trade or a profession?” Industry Voices On our Industry Voices segment, Bob Maley, CSO of Black Kite, sharing insights on the growing risk of third-party cyber incidents. Selected Reading Many Malware Campaigns Linked to Proton66 Network (SecurityWeek) New Rust Botnet Hijacking Routers to Inject Commands Remotely (Cyber Security News) CISA Issues Warning Against Using Censys, VirusTotal in Threat Hunting Ops (GB Hackers) Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000 (SecurityWeek) Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily (Infosecurity Magazine) $40bn Southeast Asian Scam Sector Growing “Like a Cancer” (Infosecurity Magazine) Fog ransomware notes troll with DOGE references, bait insider attacks (SC World) Reborn: Cybercrime Marketplace Cracked Appears to Be Back (BankInfo Security) Nemesis darknet market founder indicted for years-long “borderless powerhouse of criminal activity” (Cybernews) Digital Weaning Guide from the United States (Dagbladet Information) Two top cyber officials resign from CISA (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

We're on the road to RSAC 2025 — or maybe on a quantum-powered highway — and this time, Sean and I had the pleasure of chatting with someone who's not just riding the future wave, but actually building it.Marc Manzano, General Manager of the Cybersecurity Group at SandboxAQ, joined us for this Brand Story conversation ahead of the big conference in San Francisco. For those who haven't heard of SandboxAQ yet, here's a quick headline: they're a spin-out from Google, operating at the intersection of AI and quantum technologies. Yes — that intersection.But let's keep our feet on the ground for a second, because this story isn't just about tech that sounds cool. It's about solving the very real, very painful problems that security teams face every day.Marc laid out their mission clearly: Active Guard, their flagship platform, is built to simplify and modernize two massive pain points in enterprise security — cryptographic asset management and non-human identity management. Think: rotating certificates without manual effort. Managing secrets and keys across cloud-native infrastructure. Automating compliance reporting for quantum-readiness. No fluff — just value, right out of the box.And it's not just about plugging a new tool into your already overloaded stack. What impressed us is how SandboxAQ sees themselves as the unifying layer — enhancing interoperability across existing systems, extracting more intelligence from the tools you already use, and giving teams a unified view through a single pane of glass.And yes, we also touched on AI SecOps — because as AI becomes a standard part of infrastructure, so must security for it. Active Guard is already poised to give security teams visibility and control over this evolving layer.Want to see it in action? Booth 6578, North Expo Hall. Swag will be there. Demos will be live. Conversations will be real.We'll be there too — recording a deeper Brand Story episode On Location during the event.Until then, enjoy this preview — and get ready to meet the future of cybersecurity.⸻Keywords:sandboxaq, active guard, rsa conference 2025, quantum cybersecurity, ai secops, cryptographic asset management, non-human identity, cybersecurity automation, security compliance, rsa 2025, cybersecurity innovation, certificate lifecycle management, secrets management, security operations, quantum readiness, rsa sandbox, cybersecurity saas, devsecops, interoperability, digital transformation______________________Guest: Marc Manzano,, General Manager of the Cybersecurity Group at SandboxAQMarc Manzano on LinkedIn

At this year's RSAC Conference, the team from ThreatLocker isn't just bringing tech—they're bringing a challenge. Rob Allen, Chief Product Officer at ThreatLocker, joins Sean Martin and Marco Ciappelli for a lively pre-conference episode that previews what attendees can expect at booth #854 in the South Expo Hall.From rubber ducky hacks to reframing how we think about Zero Trust, the conversation highlights the ways ThreatLocker moves beyond the industry's typical focus on reactive detection. Allen shares how most cybersecurity approaches still default to allowing access unless a threat is known, and why that mindset continues to leave organizations vulnerable. Instead, ThreatLocker's philosophy is to “deny by default and permit by exception”—a strategy that, when managed effectively, provides maximum protection without slowing down business operations.ThreatLocker's presence at the conference will feature live demos, short presentations, and hands-on challenges—including their popular Ducky Challenge, where participants test whether their endpoint defenses can prevent a rogue USB (disguised as a keyboard) from stealing their data. If your system passes, you win the rubber ducky. If it doesn't? They (temporarily) get your data. It's a simple but powerful reminder that what you think is secure might not be.The booth won't just be about tech. The team is focused on conversations—reconnecting with customers, engaging new audiences, and exploring how the community is responding to a threat landscape that's growing more sophisticated by the day. Allen emphasizes the importance of in-person dialogue, not only to share what ThreatLocker is building but to learn how security leaders are adapting and where gaps still exist.And yes, there will be merch—high-quality socks, t-shirts, and even a few surprise giveaways dropped at hotel doors (if you resist the temptation to open the envelope before visiting the booth).For those looking to rethink endpoint protection or better understand how proactive controls can complement detection-based tools, this episode is your preview into a very different kind of cybersecurity conversation—one that starts with a challenge and ends with community.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage______________________Keywords: rsac conference, cybersecurity, endpoint, zero trust, rubber ducky, threat detection, data exfiltration, security strategy, deny by default, permit by exception, proactive security, security demos, usb attack, cyber resilience, network control, security mindset, rsac 2025, event coverage, on location, conference____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear's New Malware, and Canada's Anti-Fraud Proposals In this episode of Cybersecurity Today, hosted by David Shipley, we examine several major cybersecurity stories. A whistleblower accuses Elon Musk's team's involvement in a significant cyber breach at the National Labor Relations Board. Administrators face challenges with Microsoft's Mace feature, causing widespread account lockouts over the Easter weekend. The Russian hacking group Cozy Bear targets European diplomats using wine-themed phishing tactics. Canadian Conservative leader Pierre Poilievre proposes stringent measures against online fraud, including hefty fines and criminal charges for companies failing to act against digital scammers. 00:00 Breaking News: Doge and the US Labor Watchdog Cyber Breach 03:30 Microsoft Security Feature Causes Weekend Chaos 06:08 Russian Hackers Target European Diplomats with Wine-Themed Phishing 07:30 Canadian Conservative Leader Proposes Anti-Fraud Measures 09:25 Conclusion and Contact Information

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

Widespread Microsoft Entra lockouts cause by new security feature rollout Malware delivered through diplomatic wine-tasting invites British companies told to hold in-person interviews to thwart North Korea job scammers Huge thanks to our sponsor, Dropzone AI Growing your MSSP client roster while your alerts are multiplying? Dropzone AI works alongside your team, investigating alerts just like your best human analysts would. Our AI SOC Analyst cuts investigation time from an hour to minutes while handling five times more alerts per analyst. Unlike complex SOAR solutions, Dropzone deploys quickly and adapts to your environment without the need for playbooks or coding. Eliminate backlogs, reduce false positives, and deliver the detailed investigations your clients expect. Ready to scale your MSSP without scaling your team? Meet us at booth ESE-60 at RSA. Find the stories behind the headlines at CISOseries.com.

This week, we are joined by Nick Cerne, Security Consultant from Bishop Fox, to discuss "Rust for Malware Development." In pursuit of simulating real adversarial tactics, this blog explores the use of Rust for malware development, contrasting it with C in terms of binary complexity, detection evasion, and reverse engineering challenges. The author demonstrates how Rust's inherent anti-analysis traits and memory safety features can create more evasive malware tooling, including a simple dropper that injects shellcode using lesser-known Windows APIs. Through hands-on comparisons and decompiled output analysis, the post highlights Rust's growing appeal in offensive security while noting key OPSEC considerations and tooling limitations. The research can be found here: Rust for Malware Development Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by Nick Cerne, Security Consultant from Bishop Fox, to discuss "Rust for Malware Development." In pursuit of simulating real adversarial tactics, this blog explores the use of Rust for malware development, contrasting it with C in terms of binary complexity, detection evasion, and reverse engineering challenges. The author demonstrates how Rust's inherent anti-analysis traits and memory safety features can create more evasive malware tooling, including a simple dropper that injects shellcode using lesser-known Windows APIs. Through hands-on comparisons and decompiled output analysis, the post highlights Rust's growing appeal in offensive security while noting key OPSEC considerations and tooling limitations. The research can be found here: Rust for Malware Development Learn more about your ad choices. Visit megaphone.fm/adchoices

Killer, Achim www.deutschlandfunk.de, Computer und Kommunikation

RedTail: Remnux and Malware Management A description showing how to set up a malware analysis in the cloud with Remnux and Kasm. RedTail is a sample to illustrate how the environment can be used. https://isc.sans.edu/diary/RedTail%2C%20Remnux%20and%20Malware%20Management%20%5BGuest%20Diary%5D/31868 Critical Erlang/OTP SSH Vulnerability Researchers identified a critical vulnerability in the Erlang/OTP SSH library. Due to this vulnerability, SSH servers written in Erlang/OTP allow arbitrary remote code execution without prior authentication https://www.openwall.com/lists/oss-security/2025/04/16/2 Brickstorm Analysis An analysis of a recent instance of the Brickstorm backdoor. This backdoor used to be more known for infecting Linux systems, but now it also infects Windows. https://www.nviso.eu/blog/nviso-analyzes-brickstorm-espionage-backdoor https://blog.nviso.eu/wp-content/uploads/2025/04/NVISO-BRICKSTORM-Report.pdf OpenAI GPT 4.1 Controversy OpenAI released its latest model, GPT 4.1, without a safety report and guardrails to prevent malware creation. https://opentools.ai/news/openai-stirs-controversy-with-gpt-41-release-lacking-safety-report

LevelBlue's latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they're accelerating. In this episode of ITSPmagazine's Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.Phishing as a Service and the Surge in Email CompromisesOne of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.Malware Is Smarter, Simpler—and It's Spreading FastMalware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.Ransomware: Faster and More Automated Than EverThe speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.Why This Report MattersRather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue's next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/ResourcesDownload the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdpLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

The RSA Conference has long served as a meeting point for innovation and collaboration in cybersecurity—and in this pre-RSAC episode, ITSPmagazine co-founders Marco Ciappelli and Sean Martin welcome Akamai's Rupesh Chokshi to the conversation. With RSAC 2025 on the horizon, they discuss Akamai's presence at the event and dig into the challenges and opportunities surrounding AI, threat intelligence, and enterprise security.Chokshi, who leads Akamai's Application Security business, describes a landscape marked by explosive growth in web and API attacks—and a parallel shift as enterprises embrace generative AI. The double-edged nature of AI is central to the discussion: while it offers breakthrough productivity and automation, it also creates new vulnerabilities. Akamai's dual focus, says Chokshi, is both using AI to strengthen defenses and securing AI-powered applications themselves.The conversation touches on the scale and sophistication of modern threats, including an eye-opening stat: Akamai is now tracking over 500 million large language model (LLM)-driven scraping requests per day. As these threats extend from e-commerce to healthcare and beyond, Chokshi emphasizes the need for layered defense strategies and real-time adaptability.Ciappelli brings a sociological lens to the AI discussion, noting the hype-to-reality shift the industry is experiencing. “We're no longer asking if AI will change the game,” he suggests. “We're asking how to implement it responsibly—and how to protect it.”At RSAC 2025, Akamai will showcase a range of innovations, including updates to its Guardicore platform and new App & API Protection Hybrid solutions. Their booth (6245) will feature interactive demos, theater sessions, and one-on-one briefings. The Akamai team will also release a new edition of their State of the Internet report, packed with actionable threat data and insights.The episode closes with a reminder: in a world that's both accelerating and fragmenting, cybersecurity must serve not just as a barrier—but as a catalyst. “Security,” says Chokshi, “has to enable innovation, not hinder it.”⸻Keywords: RSAC 2025, Akamai, cybersecurity, generative AI, API protection, web attacks, application security, LLM scraping, Guardicore, State of the Internet report, Zero Trust, hybrid digital world, enterprise resilience, AI security, threat intelligence, prompt injection, data privacy, RSA Conference, Sean Martin, Marco Ciappelli______________________Guest: Rupesh Chokshi, SVP & GM, Akamai https://www.linkedin.com/in/rupeshchokshi/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsAKAMAI:https://itspm.ag/akamailbwc____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageRupesh Chokshi Session at RSAC 2025The New Attack Frontier: Research Shows Apps & APIs Are the Targets - [PART1-W09]____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Ransomware gangs aren't faceless shadows. Jon DiMaggio knows—he's talked to them. In this episode, A.J. Nash sits down with the Chief Security Strategist at Analyst1 to pull back the curtain on the hidden world of cybercriminals. Jon shares how he builds detailed personas, infiltrates ransomware crews like LockBit, and navigates the psychological toll that comes with living a double life.Jon breaks down the tactics behind covert engagements—how ego, language barriers, and criminal alliances can be used to gain access. He also talks through his storytelling process in The Ransomware Diaries and why long-form, evidence-based intelligence reporting still matters. This isn't just threat research—it's human behavior under a microscope.The conversation also dives into attribution, burnout, and the personal risks Jon has faced. He opens up about being targeted, leaning on mental health support, and using fear as fuel. This is a raw, unfiltered look at cyber threat intelligence from the inside.Send us a textSupport the show

xorsearch Update Diedier updated his "xorsearch" tool. It is now a python script, not a compiled binary, and supports Yara signatures. With Yara support also comes support for regular expressions. https://isc.sans.edu/diary/xorsearch.py%3A%20Searching%20With%20Regexes/31854 Shorter Lived Certificates The CA/Brower Forum passed an update to reduce the maximum livetime of certificates. The reduction will be implemented over the next four years. EFF also released an update to certbot introducing profiles that can be used to request shorter lived certificates. https://www.eff.org/deeplinks/2025/04/certbot-40-long-live-short-lived-certs https://groups.google.com/a/groups.cabforum.org/g/servercert-wg/c/bvWh5RN6tYI New Malware Harvesting Data from USB drives and infecting them. Kaspersky is reporting that they identified new malware that not only harvests data from USB drives, but also spread via USB drives by replacing existing documents with malicious files. https://securelist.com/goffee-apt-new-attacks/116139/

The Oxytocin Trap: Disney's Biochemical Hijacking Disney's fairy tales operate as neurochemical warfare. fMRI studies reveal that young girls exposed to Princess media before age seven exhibit 300% higher oxytocin release during romantic scenes—a hormonal hijacking that addicts them to relationship limerence before puberty.

The Oxytocin Trap: Disney's Biochemical Hijacking Disney's fairy tales operate as neurochemical warfare. fMRI studies reveal that young girls exposed to Princess media before age seven exhibit 300% higher oxytocin release during romantic scenes—a hormonal hijacking that addicts them to relationship limerence before puberty. 

Explore actionable strategies for building a robust cyber resilience posture in this insightful episode. From strengthening defenses to improving recovery agility and anticipating future cybersecurity trends, this conversation delivers practical insights to help you stay a step ahead in protecting your digital landscape.

Forecast = Scattered exploits, Mirai storms brewing, and rogue drones dropping malware over Russia. Keep your firewalls up—a vulnerability front is rolling in fast! ‍ On this episode of Storm⚡️Watch, we're bringing you a packed episode that covers the latest in cyber threat intelligence, industry news, and a few stories you won't want to miss. We kick things off with our usual round of introductions and a quick look at the cyber weather, setting the stage for what's happening across the threat landscape. In our first segment, Tod shares his wrap-up from VulnCon 2025, highlighting the key takeaways and emerging trends from this year's conference. From new vulnerability research to the latest in exploit techniques, Tod breaks down what security professionals need to know and what's likely to shape the industry in the coming months. Next up, we sit down with Tracy Z. Maleeff, better known as InfosecSherpa, for an interview that traces her journey from librarian to cybersecurity professional. Tracy shares insights on career pivots, the importance of information literacy in security, and her ongoing work to make the field more accessible. Her story is a must-listen for anyone considering a move into cyber or looking for inspiration from someone who's successfully navigated the transition. We then turn our attention to a headline-grabbing story out of Ukraine, where reports indicate that drones sent into Russian territory are not just for surveillance or kinetic impact—they're also carrying malware designed to infect military systems if captured. This blend of physical and cyber warfare is a stark reminder of how modern conflicts are increasingly fought on multiple fronts, with digital payloads now as critical as traditional munitions. If we need to fill a little extra time, we'll explore some of the more bizarre aspects of hybrid warfare, including reports of weaponized consumer goods—think exploding sex toys and cosmetics—being used as part of psychological and disruption campaigns targeting the West. It's a strange new world where almost anything can be turned into a tool of conflict. We also spotlight recent research from Censys on the Salt Typhoon attacks, which underscore the need for advanced defenses as attackers continue to exploit edge devices and cloud infrastructure. Their findings highlight the importance of proactive monitoring and rapid response to emerging threats. On the GreyNoise front, we've observed a threefold surge in exploitation attempts targeting TVT DVRs, likely linked to Mirai botnet activity. This uptick is a clear signal that attackers are constantly scanning for vulnerable devices to conscript into their botnets, and it's a reminder for defenders to stay vigilant and patch exposed systems. As always, we wrap up with a round of goodbyes and a reminder to subscribe for more insights, interviews, and real-time threat intelligence. Thanks for tuning in to Storm⚡️Watch—where we keep you ahead of the cyber storms. Storm Watch Homepage >> Learn more about GreyNoise >>  

Erweitere dein Wissen über digitale Sicherheit mit Cybersecurity ist Chefsache.In dieser spannenden Episode begrüßt Nico Freitag Dr. Robert Koch, Generalstabsoffizier bei der Bundeswehr. Gemeinsam werfen sie einen kritischen Blick auf die zunehmende Bedeutung des Cyberraums in geopolitischen Konflikten.Robert Koch bringt nicht nur jahrzehntelange Erfahrung aus der Marine, dem Ministerium und der NATO mit, sondern auch fundiertes Know-how aus Forschung und Lehre im Bereich Cybersicherheit.In der Folge diskutieren wir unter anderem:Wie hybride Kriegsführung funktioniert – und warum Cyberangriffe längst Realität sindWarum Deutschland bei der Verteidigung kritischer Infrastrukturen besonders verwundbar istWas die Ukraine aus dem Cyberkrieg gelernt hat – und was wir noch lernen müssenWelche Rolle künstliche Intelligenz und Drohnen in künftigen Konflikten spielenWarum Bildung, Transparenz und Zusammenarbeit der Schlüssel zur digitalen Resilienz sindUnd: Warum Zero Trust allein nicht reicht, um unsere digitale Zukunft zu sichernEin besonderes Augenmerk liegt auf der Rolle der NATO, den aktuellen Schwächen in der europäischen Cybersicherheitsarchitektur und der Notwendigkeit, über politische Ressortgrenzen hinauszudenken.____________________________________________

Erweitere dein Wissen über digitale Sicherheit mit Cybersecurity ist Chefsache.In dieser spannenden Episode begrüßt Nico Freitag Dr. Robert Koch, Generalstabsoffizier bei der Bundeswehr. Gemeinsam werfen sie einen kritischen Blick auf die zunehmende Bedeutung des Cyberraums in geopolitischen Konflikten.Robert Koch bringt nicht nur jahrzehntelange Erfahrung aus der Marine, dem Ministerium und der NATO mit, sondern auch fundiertes Know-how aus Forschung und Lehre im Bereich Cybersicherheit.In der Folge diskutieren wir unter anderem:Wie hybride Kriegsführung funktioniert – und warum Cyberangriffe längst Realität sindWarum Deutschland bei der Verteidigung kritischer Infrastrukturen besonders verwundbar istWas die Ukraine aus dem Cyberkrieg gelernt hat – und was wir noch lernen müssenWelche Rolle künstliche Intelligenz und Drohnen in künftigen Konflikten spielenWarum Bildung, Transparenz und Zusammenarbeit der Schlüssel zur digitalen Resilienz sindUnd: Warum Zero Trust allein nicht reicht, um unsere digitale Zukunft zu sichernEin besonderes Augenmerk liegt auf der Rolle der NATO, den aktuellen Schwächen in der europäischen Cybersicherheitsarchitektur und der Notwendigkeit, über politische Ressortgrenzen hinauszudenken.____________________________________________

This week, we are sharing an episode of our monthly show, Only Malware in the Building. We invite you to join Dave Bittner and cohost Selena Larson as they explore "The new malware on the block." Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are sharing an episode of our monthly show, Only Malware in the Building. We invite you to join Dave Bittner and cohost Selena Larson as they explore "The new malware on the block." Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, we talk about the latest shake-ups in the fake update threat landscape, including two new cybercriminal actors, fresh Mac malware, and the growing challenge of tracking these evolving campaigns. Learn more about your ad choices. Visit megaphone.fm/adchoices

בפרק זה של הפודקאסט "על המשמעות" עו"ד תמיר דורטל מארח את עינת מירון, מומחית סייבר המסייעת לארגונים בהתמודדות עם מתקפות סייבר, לשיחה מרתקת ומטרידה על המציאות שמאחורי הכותרות הנוצצות של "מעצמת הסייבר".השיחה נפתחת בפרשת מוריה אשרף במשרד ראש הממשלה, כמקרה בוחן לכשלים פיזיים שעלולים להפוך בקלות לאירועי סייבר הרסניים, וממשיכה לצלול לעומקם של אירועי סייבר גדולים שהתרחשו בישראל ובעולם. עינת מירון מפרטת את ההשלכות הקשות של מתקפת הסייבר על בית החולים הילל יפה – השבתה של 54 ימים ועלות מוערכת של עשרות מיליוני שקלים למשלם המיסים – ומדגימה כיצד גם ארגונים גדולים ומתוקצבים, כמו חברת הביטוח שירביט (שנסגרה ונמכרה בסכום זעום בעקבות מתקפה) או תאגיד הענק כלורוקס, אינם חסינים.האם ישראל באמת "מעצמת סייבר" או שמא מדובר במיתוג מוצלח שמסתיר פערים מדאיגים בהגנה האמיתית על תשתיות וארגונים? מירון טוענת שהתוקפים, בין אם מדינתיים ובין אם פליליים, תמיד נמצאים צעד אחד לפנינו, מונעים ממוטיבציה גבוהה ופועלים ללא מגבלות, בעוד שהארגונים המותקפים כבולים ברגולציה שלעיתים אינה יעילה (כמו תקן ISO שלא תמיד מיושם כראוי) ובמגבלות תקציב ונהלים. היא אף מותחת ביקורת על מערך הסייבר הלאומי, שלטענתה אינו מסוגל לתת מענה אמיתי לכלל הארגונים במשק.מירון מספקת גם שורה של המלצות מעשיות וצעדים שכל אדם וכל ארגון, קטן כגדול, יכולים וצריכים לנקוט כדי להקשות על התוקפים ולצמצם נזקים פוטנציאליים, כולל חשיבותם של גיבויים (גם פיזיים!), החלפת סיסמאות, שימוש באימות דו-שלבי (2FA) והיערכות לתרחיש שבו המערכות הדיגיטליות פשוט קורסות.00:00:00-00:03:34 הקדמה ופתיחה: מוריה אסרף והחדירה למשרד ראש הממשלה00:03:34-00:06:50 מתקפת הסייבר על בית חולים הלל יפה והשלכותיה00:06:50-00:11:16 כשל בתקינה הבינלאומית ודוגמת חברת Clorox00:11:16-00:14:46 לינקדין כפלטפורמת תקיפה ופרשת פגסוס00:14:46-00:17:57 קשר בין שבת למערך הסייבר ופעילות האקרים00:17:57-00:21:30 ישראל ומעצמות סייבר - מציאות לעומת פוטנציאל00:21:30-00:25:27 הפרצות של חברות הייטק ופינטק ומתקפות סייבר יומיומיות00:25:27-00:29:31 מקרה שירביט והשלכותיו על עובדי מדינה ואנשי ביטחון00:29:31-00:33:18 סיכוני סייבר נלווים - דוגמת הקייטרינג בבית חולים מעייני הישועה00:33:18-00:41:05 תפקיד מערך הסייבר, נהלים לא יעילים והצורך בגיבויים פיזיים00:41:05-00:48:50 המלצות מעשיות לאבטחת מידע00:48:50-00:51:08 סיכום והמלצות נוספות להתנהלות נכונה בעולם הסייבר#פודקאסט #על_המשמעותSupport the show◀️ פרסמו אצלנו - לקבלת הצעת מחיר: פנו לג'ו - 054-236-0136 - https://wa.me/972542360136▶️

Drex covers three critical cybersecurity stories: Oracle's evolving response to two separate breaches affecting healthcare customers, with the company gradually changing its stance from denial to downplaying the significance of compromised data. Next Arizona-based Simon Med imaging practice facing multiple federal class action lawsuits after the Medusa cyber gang stole sensitive information from over 132,000 patients across seven states. Ukraine's innovative cyber warfare tactic of planting malware on drones that are captured by Russian forces, creating a cybersecurity trap when Russians attempt to study or reprogram the devices.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

WhatsApp vulnerability could facilitate remote code execution Spyware targeting Chinese diaspora Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Thanks to our episode sponsor, Nudge Security Nudge Security provides advanced security posture management for Okta, Microsoft 365, Google Workspace, and other critical apps. With Nudge, you'll be alerted of risks like weak or missing MFA, inactive admin accounts, and risky integrations, plus you can automate remediation tasks and on-going identity governance. Start a free 14-day trial today  

President Trump fires the head of NSA and Cyber Command. The Health Sector Coordinating Council asks the White House to abandon Biden-era security updates. Senators introduce bipartisan legislation to help fight money laundering. A critical vulnerability has been discovered in the Apache Parquet Java library. The State Bar of Texas reports a ransomware-related data breach. New Android spyware uses a password-protected uninstallation method. A Chinese state-backed threat group exploits a critical Ivanti vulnerability for remote code execution. Today's guest is Dave Dewalt, Founder and CEO of NightDragon, with the latest trends and outlook from cyber leaders.  Malware masquerades as the tax man. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest is Dave Dewalt, Founder and CEO of NightDragon, sharing 2024 trends and a 2025 outlook. Selected Reading Haugh fired from leadership of NSA, Cyber Command (The Record) Defense Sec Hegseth in Signalgate Pentagon watchdog probe (The Register) HSCC Urges White House to Shift Gears on Health Cyber Regs (BankInfo Security) Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering (The Record) Critical Apache Parquet RCE Vulnerability Lets Attackers Run Malicious Code (Cyber Security News) State Bar of Texas Says Personal Information Stolen in Ransomware Attack (SecurityWeek) New Android Spyware That Asks Password From Users to Uninstall (TechCrunch) Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw (Infosecurity Magazine) Hackers Leveraging URL Shorteners & QR Codes for Tax-Related Phishing Attacks (Microsoft) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of Unspoken Security, host AJ Nash sits down with Chris Birch, an intelligence practitioner with nearly 30 years of experience, to discuss the ever-evolving landscape of social engineering. Chris's unique perspective comes from leading teams that actively engage with threat actors, turning the tables on those who typically exploit vulnerabilities.Chris details how social engineering is simply human manipulation, a skill honed from birth. He explains how attackers leverage fear and greed, the fastest and cheapest ways to manipulate individuals. He also dives into how attacks have evolved, highlighting the dangers of increasingly sophisticated tactics like deepfakes and the blurring lines between legal and illegal applications of social engineering.The conversation also explores the crucial role of organizational culture in cybersecurity. Chris emphasizes that awareness, not just education, is key to defense. He advocates for sharing threat intelligence widely within organizations and across industries, empowering everyone to become a sensor against social engineering attempts. Chris also shares a surprising personal fear, offering a lighthearted end to a serious discussion.Send us a textSupport the show

# Title * HN59 - Microsoft AI Discovers 20 Zero-Day Vulnerabilities in Bootloaders! ## Description

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Podcast: Industrial Cybersecurity InsiderEpisode: The CISO & Talent Crisis: Turnover Meets OT Cybersecurity GapsPub date: 2025-04-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Dino and Craig dive deep into the disturbing talent exodus in cybersecurity. The discussion is sparked by Gartner's prediction that 25% of cybersecurity professionals will leave the field in the next year. They explore the growing gap between IT and OT teams, the lack of CISO influence in executive leadership, and the friction between cybersecurity goals and operational uptime. With real-world anecdotes and hard-hitting insights, they unpack everything from rogue assets and malware in OT environments to the challenges of implementing EDR tools in live production lines. Whether you're a CISO, CIO, or plant manager, this episode offers a candid look at the complex dynamics of securing industrial environments — and how collaboration is the only path forward.Chapters:00:00:00 – Kicking Off with a Brutal Reality Check on Cybersecurity00:01:06 – Gartner Says 25% of Cyber Pros Are Leaving — Here's Why That Matters00:03:15 – IT vs OT: The Culture Clash Still Killing Cyber Progress00:09:35 – Why the Wrong Service Partner Could Be Your Biggest Risk00:14:05 – Malware, Rogue Assets, and the Ugly Truth About Your Plant Floor00:18:22 – Real Strategies for Fixing the IT/OT Disconnect (Without Killing Uptime)00:24:06 – Stop Talking. Start Acting. What Cyber Leaders Need to Do TodayLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity Insider NewsletterDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Blockchain DXB Podcast: AI Takeover Series - April 2nd, 2025

2nd April: Blockchain DXB Podcast

Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss Telephone-Oriented Attack Delivery (TOAD), also known as callback phishing. In this type of attack, an attacker sends a seemingly benign email, often containing an invoice or payment notification, along with a phone number. When the victim calls, they speak with the attacker, who convinces them to install remote access tools, leading to malware installation, phishing, and financial theft. Tune in as we explore how this deceptive tactic works and ways to protect yourself from falling victim to it.

Welcome in! You've entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today's most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York's exclusive upper west side, Selena is joined by N2K Networks Dave Bittner —and our newest totally unbiased co-host, Archy, a highly sophisticated AI robot who swears they have no ulterior motives (but we're keeping an eye on them just in case). Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our hosts discuss Telephone-Oriented Attack Delivery (TOAD), also known as callback phishing. In this type of attack, an attacker sends a seemingly benign email, often containing an invoice or payment notification, along with a phone number. When the victim calls, they speak with the attacker, who convinces them to install remote access tools, leading to malware installation, phishing, and financial theft. Tune in as we explore how this deceptive tactic works and ways to protect yourself from falling victim to it.

Leveraging CNNs and Entropy-Based Feature Selection to Identify Potential Malware Artifacts of Interest This diary explores a novel methodology for classifying malware by integrating entropy-driven feature selection with a specialized Convolutional Neural Network (CNN). Motivated by the increasing obfuscation tactics used by modern malware authors, we will focus on capturing high-entropy segments within files, regions most likely to harbor malicious functionality, and feeding these distinct byte patterns into our model. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Leveraging%20CNNs%20and%20Entropy-Based%20Feature%20Selection%20to%20Identify%20Potential%20Malware%20Artifacts%20of%20Interest/31790 Malware found on npm infecting local package with reverse shell Researchers at Reversinglabs found two malicious NPM packages, ethers-provider2, and ethers-providerz that patch the well known (and not malicious) ethers package to add a reverse shell and downloader. https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell Google Patched Google Chrome 0-day Google patched a vulnerability in Chrome that was already exploited in attacks against media and educational organizations in Russia https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html

New ransomware group claims attack on US Telecom firm WideOpenWest NSA warned of vulnerabilities in Signal app a month before Houthi strike chat New ReaderUpdate malware variants target macOS users Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Top Stories: A CISO warns most Malware has not been created yet, because of AI Students use AI, are they cheating or using a tool to get better grades? Google's Gemini 2.0 Flash can remove watermarks from images causing copyrights concerns

Q&A219: How can you keep your password manager safe from infostealing malware? Do we prefer Debian-based or RedHat-based Linux distros? How do we harden or customize our distros? How can you recreate Qubes' Disposable VMs on a non-Qubes device? Join our next Q&A on Patreon: https://www.patreon.com/collection/415684?view=expanded or XMR Chat: https://xmrchat.com/surveillancepodWelcome to the Surveillance Report Q&A - featuring Techlore & The New Oil answering your questions about privacy and security.❤️ Support us on Patreon: https://www.patreon.com/surveillancepod

Privacy Aware Bots A botnet is using privacy as well as CSRF prevention headers to better blend in with normal browsers. However, in the process they may make it actually easier to spot them. https://isc.sans.edu/diary/Privacy%20Aware%20Bots/31796 Critical Ingress Nightmare Vulnerability ingress-nginx fixed four new vulnerabilities, one of which may lead to a Kubernetes cluster compromise. Note that at the time I am making this live, not all of the URLs below are available yet, but I hope they will be available shortly after publishing this podcast https://www.darkreading.com/application-security/critical-ingressnightmare-vulns-kubernetes-environments https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities https://kubernetes.io/blog/ FBI Warns of File Converter Scams File converters may include malicious ad ons. Be careful where you get your software from. https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam VSCode Extension Includes Ransomware https://x.com/ReversingLabs/status/1902355043065500145

In this episode, Erich and Javvad discuss an AI voice scam, the Steam game PirateFi turning out to be info-stealing malware, HCRG hack/ransomware and a Palo Alto firewall vulnerability. All of this and more!

Today, I'm sharing something deeply personal and serious—my stalker story. For over a year, Timothy C. (we can share his full name soon if need be) has been physically stalking me, and his digital harassment goes back even further. Law enforcement is now involved, but I wanted to update you all in case anything happens to me—so there's no question about who did it. This episode isn't just about my experience; it's also about the reality of stalking, the dangers of obsession, and the importance of taking threats seriously. Stay aware, stay safe, and let's talk about it all, shall we?—https://noblegoldinvestments.com

We've talked in the past about security risks tied to the China-based LLM DeepSeek, but we totally missed one we should have seen coming. We'll tell you more. Plus - a guy in Norway found out he'd killed his kids by asking ChatGPT (spoiler: no he hadn't). We'll talk getting annoybed with hallucinations on this edition of The Checklist, brought to you by SecureMac. Check out our show notes: SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com

Cybersecurity Today: Exploited Vulnerabilities and Innovative Threat Mitigations In this episode of Cybersecurity Today, host Jim Love discusses several pressing cybersecurity issues including the exploitation of a server-side request forgery (SSRF) vulnerability in OpenAI's ChatGPT infrastructure (CVE-2024-27564), leading attackers to redirect users to malicious URLs. He also talks about how researchers at Tiny Hack have made breakthroughs in cracking Akira ransomware using high-powered GPUs, and Malwarebytes' warning about malware embedded in free online file converters. The episode highlights the importance of robust cybersecurity measures, innovative methods to combat ransomware, and cautious internet usage. 00:00 Introduction to Cybersecurity Threats 00:19 Exploiting ChatGPT Vulnerabilities 02:15 Cracking Akira Ransomware 05:01 Malware in Free Online Converters 07:12 Conclusion and Listener Support