Podcasts about nist

Trista and Theresa Nist recap Mel's Golden Bachelor finale and AFR! Theresa brings her own unique perspective to the promise of commitment, and Trista gives her unfiltered opinion on how Cindy was treated! Do the ladies think "MEG" will go the distance?? Plus, Theresa gets candid on some of Trista's burning questions. See omnystudio.com/listener for privacy information.

In this episode, we dive into Microsoft's Zero Trust Assessment - an open-source, automated tool that scans hundreds of Entra ID and Intune settings against NIST, CISA, CIS, and Microsoft's own internal baselines. Discover how it aligns with the Secure Future Initiative, delivers actionable remediation, and turns Zero Trust from theory into measurable reality. Perfect for CISOs, SecOps teams, and anyone tired of spreadsheet audits. Key Takeaways: The Pain of Manual Zero Trust Audits What the Zero Trust Assessment Actually Does Why automate your security assessments What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

As technology evolves, so does our understanding of its strengths and weaknesses.    This week on Feds At the Edge, we break down how artificial intelligence is transforming cybersecurity, where it can meaningfully improve defense, and what agencies should consider before deploying it.     LCDR Ian Roessle, Deputy Director, Center for High Assurance Computer Systems at the Naval Research Laboratory, explains why vulnerabilities don't always translate to real risk and emphasizes knowing your systems inside and out. He also notes that AI can introduce new exposures.    Martin Stanley, AI & Cybersecurity Researcher at NIST, outlines the Assessing Risks and Impacts of AI program, which is designed to help leaders validate and secure AI-enabled systems.     Jarrod Vawdrey, Field Chief Data Scientist at Domino Data Lab, discusses how agencies can move toward AI-driven cyber defense by assessing data readiness, isolating high-value targets, and shifting away from static, rules-based tools.    Tune in on your favorite podcast today as we explore practical guidance for deploying AI in cybersecurity while managing the risks it introduces.      

Lyceum's Cybersecurity Series Part 1: "What You Don't Know CAN Hurt You"   Welcome to Episode 30, Season 9 of A CEO's Virtual Mentor® In this opening installment of Lyceum's new Cybersecurity Series, A CEO's Virtual Mentor® convenes five board members and cybersecurity experts from the Lyceum Circle of Leaders® to confront one of the most elusive challenges in modern governance – understanding what you cannot see. As Stephen Hawking warned, "The greatest enemy of knowledge is not ignorance — it is the illusion of knowledge." That illusion, we learn, is the hidden trap of board cybersecurity oversight. Across four parts, our guests – Jorge Benitez, Brook Colangelo, Michael Crowe, Michael Kehs, and Wendy Thomas – illuminate how directors can move from passive awareness to active preparedness, transforming cybersecurity from a technical checklist into an enterprise discipline rooted in governance, visibility, and human judgment. The program examines why boards miss what matters most, how to see beneath the "hidden surface" of cyber risk, and how disciplined frameworks turn uncertainty into resilience. Through their collective insight, a new picture emerges: cybersecurity not as compliance, but as the continuous practice of foresight. Program Guide A CEO's Virtual Mentor® Episode 30 Lyceum's Cybersecurity Series Part 1: "What You Don't Know CAN Hurt You"   0:00 | Introduction Host Tom Linquist introduces Season 9 and Lyceum's special Cybersecurity Series — the first podcast project to draw on multiple members of the Lyceum Circle of Leaders®. He frames the series' purpose: to help boards confront cybersecurity not as a technical topic, but as a behavioral and governance issue — an invisible domain where the illusion of knowledge endangers oversight itself.   Part 1 — Why the Subject Is Important (4:00 – 16:30) Cybersecurity has evolved from a back-office function to a boardroom imperative. Jorge Benitez recalls establishing Accenture's early information-security practice and how cyber risk became a universal business concern. Mike Crowe contrasts threat motives across industries and stresses that "cybersecurity is everyone's responsibility." Brook Colangelo links cyber vigilance to corporate sustainability and shareholder trust. Michael Kehs reminds boards to get started early; that "by the time you hear the thunder, it's too late to build the ark." Wendy Thomas draws the parallel between today's need for cyber fluency and boards' earlier journey toward financial literacy.  Together, they establish the stakes: what boards don't know can — and will — hurt them.   Part 2 — Visibility (16:50 – 31:20) True oversight requires seeing what lies beneath the surface. Brook Colangelo describes forming a Technology and Cyber Committee and applying the NIST framework to benchmark maturity. Mike Crowe explains hiring "offensive" experts to test defenses before attackers do. Wendy Thomas introduces the streamlined Prevent–Detect–Respond (PDR) model, connecting it to board metrics such as mean time to detect and mean time to respond. She also warns that during crises, boards must remember: "There's no watching the game tape during the game." This segment translates technical language into governance visibility — turning blindness into inquiry.   Part 3 — Risk Management (31:36 – 39:50) Cybersecurity joins the top tier of every board's risk matrix. Mike Crowe situates cyber alongside geopolitical and climate risks. Tom Linquist introduces the "hidden surface problem" — the behavioral bias that limits directors to what is easily seen. Brook Colangelo reframes preparedness as competitive advantage: companies that prove digital trust win customers and revenue. Jorge Benitez observes that the most progressive boards now embed cyber within comprehensive risk frameworks, enabling all directors to engage.  This section bridges oversight and enterprise resilience, urging boards to govern the unseen.   Part 4 — Objectives of the Cybersecurity Series (40:18 – 44:58) The series concludes its first installment by looking ahead. Brook Colangelo highlights how global conflict and artificial intelligence have accelerated the pace and complexity of cyber risk. Wendy Thomas calls for a stronger community of boards that collectively raise the cost of attack. Jorge Benitez encourages continuous learning through peer forums such as the Lyceum Circle of Leaders®. Tom Linquist closes with an invitation to continue the series — a journey from illusion to insight, from defense to resilience.   Total Runtime: ≈ 45 minutes     We would like to express our special thanks to the clients of Lyceum Leadership Consulting that enable us to bring you this podcast.     Informative and Helpful Links   NIST's Cybersecurity Framework: https://www.nist.gov/cyberframework   CISA's Cybersecurity Incident & Vulnerability Response Playbooks: https://www.cisa.gov/sites/default/files/2024-08/Federal_Government_Cybersecurity_Incident_and_Vulnerability_Response_Playbooks_508C.pdf   Your host Thomas B. Linquist is the Founder and Managing Director of Lyceum Leadership Consulting and Lyceum Leadership Productions. Over his 25 years in management and leadership consulting he has served a wide array of corporate clients.  This includes leadership assessment and search for chief executive officers, chief financial officers, chief operating officers and directors of boards.  He holds an MBA from the University of Chicago and over his 35-year career has served in a variety of roles: as an engineer with Shell Oil Company, a banker with ABN AMRO Bank, and as treasurer was the youngest corporate officer in the 150+ year history at Peoples Energy Company in Chicago.  He is an expert on hiring and promotion decisions and leadership development.  Over the course of his search and advisory career, Tom has interviewed thousands of leaders and authored numerous articles exploring group decision-making under uncertainty, board effectiveness, and leadership development.   Join the Lyceum Circle of Leaders®  a community of forward-thinking leaders  dedicated to improving leadership through shared intelligence. Please spread the word among your fellow executives and board colleagues.   Program Disclaimer The only purpose of the podcast is to educate, inform and entertain. The information shared is based on the collection of experiences of each of the guests interviewed and should not be considered or substituted for professional advice. Guests who speak in this podcast express their own opinions, experience and conclusions, and neither The Leadership Lyceum LLC nor any company providing financial support endorses or opposes any particular content, recommendation or methodology discussed in this podcast. Follow Leadership Lyceum on: Our website: www.LeadershipLyceum.com LinkedIn: The Leadership Lyceum LLC Email us: info@LeadershipLyceum.com     This podcast Leadership Lyceum: A CEO's Virtual Mentor® has been a production of The Leadership Lyceum LLC. Copyright 2025. All rights reserved.

In "Scaling Logistics Innovation at Descartes Systems Group", Joe Lynch and Dan Cicerchi, the General Manager of Transportation Management Solutions at Descartes Systems Group, discuss the strategic integration of trustworthy AI to enhance existing core logistics technology and solve practical pain points across the global supply chain. About Dan Cicerchi Dan Cicerchi is the General Manager of Transportation Management Solutions at Descartes Systems Group, where he leads strategy and innovation for one of the industry's most widely adopted logistics technology platforms. A seasoned entrepreneur and logistics tech pioneer, Dan co-founded MacroPoint, a real-time freight visibility solution that transformed how brokers, shippers, and carriers track and manage loads. Following its acquisition by Descartes, he has continued to champion technology that drives efficiency, transparency, and resilience across global supply chains. With decades of experience spanning startup growth and enterprise leadership, Dan is passionate about applying practical AI and automation to solve the freight industry's most pressing challenges. He frequently shares insights on freight visibility, fraud prevention, and the future of transportation management. About Descartes Systems Group Descartes Systems Group is a global leader in providing on-demand, software-as-a-service solutions designed to improve the productivity, performance, and security of logistics-intensive businesses. Headquartered in Waterloo, Ontario, with offices and customers worldwide, Descartes helps shippers, carriers, freight forwarders, and logistics service providers connect, collaborate, and automate across the supply chain. Its portfolio includes transportation management, visibility, customs and regulatory compliance, and e-commerce logistics solutions. By combining deep industry expertise with innovative technology, Descartes enables organizations to streamline operations, reduce costs, and deliver superior customer experiences. Thousands of companies around the world rely on Descartes' logistics network and software to move goods more efficiently, mitigate risk, and stay ahead in an increasingly complex global marketplace. Key Takeaways: Scaling Logistics Innovation at Descartes Systems Group In "Scaling Logistics Innovation at Descartes Systems Group", Joe Lynch and Dan Cicerchi, the General Manager of Transportation Management Solutions at Descartes Systems Group, discuss the strategic integration of trustworthy AI to enhance existing core logistics technology and solve practical pain points across the global supply chain. Trust First: AI adoption in logistics must be built on governance and trust, using frameworks like NIST to ensure data security and accountability. AI Augments, Doesn't Replace: AI is a powerful enhancer for core systems (TMS, visibility), not a standalone replacement. Its primary role is to improve efficiency. Focus on Practical Pain Points: Start AI implementation by targeting tedious manual tasks (e.g., check calls, data entry, carrier onboarding) for rapid, measurable ROI. Stability Over Startups: Partnering with existing, integrated tech vendors (like Descartes) ensures greater stability, expertise, and roadmap alignment than relying on new AI-only startups. Audit Your Current Tech: Before investing in new AI, ensure you are fully utilizing the latest features and integrations of your current mission-critical systems. Build Trust with Staff: Overcome internal resistance by layering AI into current workflows and establishing clear performance baselines (ROI) before deployment. Enhance What Works: The path to resilience is through strategically integrating AI into proven, existing workflows step-by-step, not by chasing every new technology trend. Learn More About Scaling Logistics Innovation at Descartes Systems Group Dan Cicerchi | Linkedin Descartes Systems Group | Linkedin Descartes Systems Group The Logistics of Logistics Podcast If you enjoy the podcast, please leave a positive review, subscribe, and share it with your friends and colleagues. The Logistics of Logistics Podcast: Google, Apple, Castbox, Spotify, Stitcher, PlayerFM, Tunein, Podbean, Owltail, Libsyn, Overcast Check out The Logistics of Logistics on Youtube

Nejtěžší chvíle zažila česká armáda v letech 2014 a 2018. Tehdy při sebevražedných útocích v Afghánistánu zahynulo osm vojáků. Dalšího zavraždil afghánský kolega přímo na spojenecké základně. Pro jejich rodiny v Česku to znamenalo naplnění nejhorších obav. Na svého synovce Martina Marcina, který zahynul při útoku sebevražedného atentátníka, zavzpomínala jeho teta Martina Marie Horová.

Nejtěžší chvíle zažila česká armáda v letech 2014 a 2018. Tehdy při sebevražedných útocích v Afghánistánu zahynulo osm vojáků. Dalšího zavraždil afghánský kolega přímo na spojenecké základně. Pro jejich rodiny v Česku to znamenalo naplnění nejhorších obav. Na svého synovce Martina Marcina, který zahynul při útoku sebevražedného atentátníka, zavzpomínala jeho teta Martina Marie Horová.Všechny díly podcastu Seriál Radiožurnálu můžete pohodlně poslouchat v mobilní aplikaci mujRozhlas pro Android a iOS nebo na webu mujRozhlas.cz.

CMMC 2.0 explained in plain English — what it means for small businesses, defense contractors, and vendors across the DoD supply chain. Learn about Level 1 vs Level 2, self-attestation risks, C3PAO shortages, compliance deadlines, and how to stay audit-ready before 2025.Don't miss out on crucial information about the CMMC 2025 deadline. The Cybersecurity Maturity Model Certification is a vital requirement for businesses dealing with the Department of Defense. If you miss the deadline, you risk losing contracts and facing severe penalties. In this video, we'll explore the consequences of missing the CMMC 2025 deadline and provide valuable insights on how to prepare and stay compliant. Stay ahead of the game and ensure your business is CMMC-ready. Find out what happens if you missed the deadline and learn how to avoid costly mistakes. Tune in now and take the first step towards CMMC compliance. CHAPTERS00:00 – The 4 Letters That Can End Your Business00:15 – CMMC 2.0: Why November 10, 2025 Changes Everything01:35 – Meet the Expert: Frontline View from a CMMC Assessor02:59 – What Is CMMC (In Plain English)?04:20 – FCI vs CUI: The Data That Decides Your Level07:05 – Are You Level 1 or Level 2? How the Flow-Down Really Work10:05 – Why the DoD Stopped “Trusting” Small Contractors11:40 – Supply-Chain Breaches: How Third Parties Take You Down13:00 – Level 1: The 17 “Basic” Controls Everyone Ignores17:00 – The Dangerous Game of Fudging Your Self-Attestation21:15 – Level 2: 110 Controls, SSPs, and the Reality of NIST 800-17123:40 – C3PAO Bottleneck: Why Waiting Means Losing Contracts26:30 – POA&M and the 180-Day “Grace” Trap32:05 – Surprise: Printers, MSPs, and “Non-Defense” Vendors in the Blast Radius35:15 – CMMC Is Not Going Away (And Other Hard Truths)37:05 – Countdown to FallSend us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Support the show

Začátek třetího kola mírových jednání mezi Afghánistánem a Pákistánem narušily ve čtvrtek další ozbrojené střety na společné hranici. Z porušení příměří se obě země obviňují navzájem. Při víc než týden trvajících bojích v polovině října zahynuly na obou stranách desítky až stovky vojáků i civilistů a trvalý mír se od té doby nepodařilo vyjednat.

If you've ever wanted to throw your laptop out the window after yet another "Your password must include a hieroglyph and a drop of unicorn blood" message, you're not alone.  In this episode, we tackle the chaotic circus that is password creation: the rules, the myths, and the mounting frustration of trying to remember if this is the account that wanted a number, a symbol, or your firstborn's dental records. From the rise of passkeys to the surprising sanity of NIST's latest guidance (finally!), we explore how security might actually be getting smarter and less likely to make you cry into your keyboard. More info at HelpMeWithHIPAA.com/534

Microsoft is actively preparing for the future of quantum-safe cryptography to protect against the potential risks posed by scalable quantum computing. The company is collaborating with global regulatory and technical bodies like NIST, IETF, and ISO to develop and align on quantum-safe encryption standards. You can listen to all of the Quantum Minute episodes at https://QuantumMinute.com. The Quantum Minute is brought to you by Applied Quantum, a leading consultancy and solutions provider specializing in quantum computing, quantum cryptography, quantum communication, and quantum AI. Learn more at https://AppliedQuantum.com.

Join host Bobby Brill as he sits down with ServiceNow's AI legal and governance experts to break down the complex world of AI regulations. Andrea LaFontain (Director of AI Legal), Ken Miller (Senior Director of Product Legal), and Navdeep Gill (Staff Senior Product Manager, Responsible AI) explain how organizations can navigate the growing landscape of AI compliance. In this episode, you'll learn about three major regulatory approaches: the risk-based EU AI Act, Colorado's algorithmic discrimination law, and the NIST voluntary framework. The experts discuss practical strategies for complying with multiple regulations simultaneously, using the EU AI Act as a baseline and measuring the delta for new requirements. Key topics covered:- Why proactive compliance matters before regulations fully take effect - How AI Control Tower helps discover and manage AI systems across your enterprise - The exponential math behind AI compliance (vendors, employees, third parties) - Setting up governance policies for high-risk AI use cases - Timeline for major compliance deadlines (Colorado June 2026, EU August 2026) - The real costs of waiting for your first violation Whether you're managing AI deployment, working in compliance, or trying to understand the regulatory landscape, this episode provides actionable insights on building responsible AI governance infrastructure. Guests - Andrea LaFountain -Director, AI Legal Ken Miller - Senior Director, Product Legal Navdeep Gill - Staff Senior Product Manager, Responsible AI Host - Bobby Brill Chapters:00:00 Introduction to AI and Regulations 00:45 Meet the Experts 01:52 Overview of Key AI Regulations 03:03 Compliance Strategies for AI Regulations 07:33 ServiceNow's AI Control Tower 14:02 Challenges and Risks in AI Governance 16:04 Future of AI Regulations 18:34 Conclusion and Final ThoughtsSee omnystudio.com/listener for privacy information.

Join host Bobby Brill as he sits down with ServiceNow's AI legal and governance experts to break down the complex world of AI regulations. Andrea LaFontain (Director of AI Legal), Ken Miller (Senior Director of Product Legal), and Navdeep Gill (Staff Senior Product Manager, Responsible AI) explain how organizations can navigate the growing landscape of AI compliance. In this episode, you'll learn about three major regulatory approaches: the risk-based EU AI Act, Colorado's algorithmic discrimination law, and the NIST voluntary framework. The experts discuss practical strategies for complying with multiple regulations simultaneously, using the EU AI Act as a baseline and measuring the delta for new requirements. Key topics covered:- Why proactive compliance matters before regulations fully take effect - How AI Control Tower helps discover and manage AI systems across your enterprise - The exponential math behind AI compliance (vendors, employees, third parties) - Setting up governance policies for high-risk AI use cases - Timeline for major compliance deadlines (Colorado June 2026, EU August 2026) - The real costs of waiting for your first violation Whether you're managing AI deployment, working in compliance, or trying to understand the regulatory landscape, this episode provides actionable insights on building responsible AI governance infrastructure. Guests - Andrea LaFountain -Director, AI Legal Ken Miller - Senior Director, Product Legal Navdeep Gill - Staff Senior Product Manager, Responsible AI Host - Bobby Brill Chapters:00:00 Introduction to AI and Regulations 00:45 Meet the Experts 01:52 Overview of Key AI Regulations 03:03 Compliance Strategies for AI Regulations 07:33 ServiceNow's AI Control Tower 14:02 Challenges and Risks in AI Governance 16:04 Future of AI Regulations 18:34 Conclusion and Final ThoughtsSee omnystudio.com/listener for privacy information.

Jeff Carney from Darkhorse IT explains everything YOU should know about passwords: See omnystudio.com/listener for privacy information.

It's time for Red Flag on the Date, Mike has the Dirt, we play Over/Under and straightening out the stories from Gerry and Theresa from Golden Bachelor. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

The Space Show Presents Arkisys CEO DAVE BARNHART Sunday, 11-2-25David Barnhart (Dave), CEO of Arkisys and research professor at USC, discussed the company's progress in space operations and their unique business platform called “The Port” in Los Alamitos, Ca, including their work with NASA's Astrobee facility and development of a free-flying space platform called “The Port.” The discussion covered various technical aspects including funding sources, modular space platforms, and navigation systems, while addressing challenges in hiring engineers and developing flexible infrastructure for space servicing. The conversation ended with conversations about future plans including lunar applications, and company security measures. Before ending, Dave highlighted the potential environmental impact of satellite debris and mentioned a USC PhD student's research on the topic presented at the United Nations. I referenced future Space Show programs with Hotel Mars Dr. Kothari and Dr. Roger Lanius on Friday to discuss his new book.CEO Dave discussed his role in managing the Astrobee facility, a robotic free flyer inside the International Space Station. He explained that Arkisys, where he works, had taken over the commercial maintenance and operation of Astrobee which is used for microgravity experiments inside the ISS. The facility allows for testing in full 6 degrees of freedom in a zero-G environment, with capabilities for various payloads and operations lasting about 3 hours per session. Our guest noted that while NASA does not pay for the service, it aligns with his company business model focused on services, and they are responsible for helping customers through the necessary paperwork and procedures to use Astrobee.David went on to discuss the development of his free-flying space platform called “The Port,” which will provide a stable environment for autonomous robotics and payload hosting. He explained that the first flight of key technologies, carried by a 250-kilogram vehicle called the Cutter, is planned for late 2026, with the goal of demonstrating rendezvous capabilities with a port module in a 525-kilometer Sun Sync orbit. Barnhart noted that while there is competition in the space infrastructure and logistics sector, the market for hosted payloads and space servicing is projected to grow significantly, with potential revenue from existing markets like hosted payloads.Barnhart discussed his company's funding, which includes government grants, SBIR, STTR, and contracts from DIU and the Space Development Agency. He explained their development of a modular space platform with propulsion capabilities, including the use of chemical systems and potential partnerships with companies using electric propulsion. Barnhart also addressed the challenges of refueling and connecting different interfaces for their platform, noting that they conducted a study on various interfaces worldwide and are working on creating a flexible system for future growth.David discussed the evolution of his satellite concept from a DARPA challenge focused on modular orbital functions to the development of “satlets” and port modules. He explained how the concept of cellularization led to the creation of scalable, multi-functional satellite components that could be aggregated, addressing the challenge of building cost-effective satellites. Barnhart described his company's current size of 4 full-time employees plus himself, with plans to expand to 10-12 people, and mentioned their upcoming move to a larger facility to accommodate growth and develop a flat floor testing platform for robotic arm movements in space.Barnhart further discussed the challenges of hiring engineers for innovative space projects, noting that while experienced engineers are valuable for technical expertise, they may struggle with new concepts, while less experienced engineers might be more adaptable but lack depth. He emphasized the importance of finding a balance between technical expertise and innovative thinking. Ryan inquired about the potential internal applications of the Astrobee partnership with NASA, to which Barnhart confirmed that the learnings would be applied to Arkisys port module for validation and verification post-launch. Barnhart also explained the company's use of an AI-based system, powered by a large language model, to assist in identifying potential issues with connectivity and safety. He highlighted the flexibility of the port module, which can be reconfigured and expanded in multiple dimensions to meet various customer needs, and emphasized the company's focus on creating a versatile infrastructure for space servicing rather than specializing in a single service like refueling.The team discussed navigation systems for their spaceport module, which includes onboard cameras, GPS, IMU, and a partnership with Fugro for high-precision navigation down to centimeter accuracy using differential GPS and L-band signals. Dave explained their power management strategy, noting they have 500 watts on the cutter and plan for 1,000-1,500 watts on the port module, with power optimization software to manage shared infrastructure. Marshall inquired about lunar applications, to which he confirmed the system could be adapted for lunar and Mars orbits, including potential use as a communications router to handle different frequency standards around the moon.David also discussed the challenges of selecting the right mix of connectors for their first port module to ensure flexibility over the next five years, particularly in light of Europe's space servicing push. He mentioned they have letters of intent from prospective customers and have conducted over 20 tests with 15 different types of customers using a full-scale port module mock-up. Barnhart also addressed cyber and IT theft protection, noting they are NIST certified and going through the audit process for CMMC, with a focus on mitigating attacks from overseas. He explained they are developing software for security, including the ability to encrypt payload data with customer-specific keys, and are allocating 5% of their monthly budget to IT security.David Barnhart discussed the company's approach to satellite connectivity, explaining they are working with AWS ground stations and exploring optical beam communication options. He addressed Marshall's question about interfacing with satellite constellations, noting they are currently independent but considering multiple ground station providers. Our guest responded to David's question about succession planning, confirming they have explored directors and key people insurance and identified Dr. Raul Rugani as a potential successor. Ryan inquired about the company's growth strategy, to which he explained they are focusing on key modularization challenges while being open to partnerships for specialized technologies like robotics, with the goal of creating flexible port modules that can accommodate various capabilities.Dave discussed the challenges and potential solutions for exploring lava tubes on Mars using a modified Ingenuity helicopter, emphasizing the need for a hybrid approach involving both aerial and rover-based systems. He explained the technology behind cave navigation using SLAM and highlighted the importance of energy and data distribution. Barnhart also described the Bosun Locker project, which provides students with 3D printable files to design and test hardware for space applications. Additionally, he addressed the environmental impact of space debris reentering the Earth's atmosphere, noting the potential for nanoparticles to affect the atmosphere's composition and radiation effects.David and Dave discussed the upcoming Thanksgiving holiday and both expressed gratitude to the Space Show team. They encouraged listeners to support the show through donations and subscriptions. David mentioned the next shows will feature Dr. Roger Lanius, then an open lines discussion.Special thanks to our sponsors:Northrup Grumman, American Institute of Aeronautics and Astronautics, Helix Space in Luxembourg, Celestis Memorial Spaceflights, Astrox Corporation, Dr. Haym Benaroya of Rutgers University, The Space Settlement Progress Blog by John Jossy, The Atlantis Project, and Artless EntertainmentOur Toll Free Line for Live Broadcasts: 1-866-687-7223 (Not in service at this time)For real time program participation, email Dr. Space at: drspace@thespaceshow.com for instructions and access.The Space Show is a non-profit 501C3 through its parent, One Giant Leap Foundation, Inc. To donate via Pay Pal, use:To donate with Zelle, use the email address: david@onegiantleapfoundation.org.If you prefer donating with a check, please make the check payable to One Giant Leap Foundation and mail to:One Giant Leap Foundation, 11035 Lavender Hill Drive Ste. 160-306 Las Vegas, NV 89135Upcoming Programs:Broadcast 4457: ZOOM Dr. Roger Launius | Friday 07 Nov 2025 930AM PTGuests: Dr. Roger LauniusZoom: Dr. Launius talks about his new book, “NACA to NASA to Now.”Broadcast 4458 ZOOM Open Lines Discussion | Sunday 09 Nov 2025 1200PM PTGuests: Dr. David LivingstonZoom: Open Lines Discussion Get full access to The Space Show-One Giant Leap Foundation at doctorspace.substack.com/subscribe

Shandy is thrilled to welcome Theresa Nist for an EXCLUSIVE in-studio conversation. You know Theresa as the winner of the mega-hit season 1 of The Golden Bachelor. She wound up engaged to Gerry Turner, their televised wedding was watched by millions, but they announced their divorce only 3 months later. What *really* happened behind the scenes, after the wedding, and after the cameras turned off?In light of Gerry's new tell-all book describing his version of events, Theresa sits down with Shandy for her most raw, unfiltered interview to date. How did it feel for Theresa to learn that Gerry wondered if he should have chosen his runner-up, Leslie? Did she mislead Gerry about quitting her career, did she misrepresent her finances, and did she read "How To Win The Bachelor" during filming, as he claimed in the book? Did she really make Gerry sleep on the sofa?! Theresa is normally very private but could not stay silent in light of the book's many accusations. Do not miss her brutally honest account.Thanks to our sponsors!- Go to https://www.squarespace.com/SHANDY and use code SHANDY for 10% off your first website or domain!- Get up to 40% off your entire order at https://laundrysauce.com/SHANDY (their biggest sale of the year!)- Go to https://mudwtr.com and use code SHANDY to get up to 43% off your entire order, Free Shipping and a Free Rechargeable Frother!More Theresa:- Instagram: https://www.instagram.com/theresa_nist- TikTok: https://www.tiktok.com/@theresa_nistPast Dear Shandy episodes covering Gerry & Theresa:- Love Fest: https://youtu.be/hWCr91mBGb0?si=LOOwxXqEToxIpIBY- Golden Divorce: https://youtu.be/PyiFysUZJMc?si=OzqnEI2Ee4_gm8gSTime Stamps:0:00 - Welcome To Theresa Nist10:08 - Leslie19:32 - Temper22:22 - “East Coast Mentality”27:44 - Finances, Her Work, The Prenup42:18 - Lifestyle45:00 - House Shopping47:50 - Her Home49:26 - Physical Intimacy55:50 - Her Intentions1:05:59 - Her Character1:16:05 - Regrets1:20:18 - Message To GerryIf you have a relationship question, write us at: dearshandy@gmail.comSubscribe and watch the episodes on YouTube! https://bit.ly/SubscribeDearShandyMore Dear ShandyInstagram - https://www.instagram.com/dearshandyFacebook - https://fb.me/dearshandyMore SharleenInstagram - https://www.instagram.com/sharleenjoyntBlog - http://www.alltheprettypandas.comMore AndyInstagram - https://www.instagram.com/machinelevineProduced by Gabrielle Galon - https://www.instagram.com/gabsamillionSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Live from Authenticate 2025, Jeff Steadman and Jim McDonald sit down with Dr. Tina Srivastava, an IDPro board member and co-founder of Badge Inc., for a crucial discussion on the rapidly evolving landscape of identity and authentication.Tina shares her insights on the conference, the evolution from physical hacks to sophisticated AI-driven threats like supercharged phishing, and the current challenges facing the industry. The conversation delves into the complexities of synced Passkeys, the critical vulnerability of account recovery processes, and the slow pace of regulation in keeping up with technology.As a board member for IDPro, Tina highlights the immense value of the practitioner-focused community, the supportive culture within its Slack channels, and makes an exciting announcement about the creation of new member-driven committees to shape the future of the organization. They explore the concept of the "AI arms race" and why identity professionals cannot afford to wait for the next big thing, emphasizing that collaboration and information sharing through communities like IDPro are essential to staying ahead of adversaries.Connect with Tina: https://www.linkedin.com/in/tina-s-8291438a/Find out more about IDPro: https://www.idpro.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapters00:00 Introduction and Greetings00:16 Highlights from Authenticate 202501:39 FIDO Feud Rematch Discussion03:17 Guest Introduction: Tina Srivastava03:46 Conference Insights and AI Challenges06:16 Regulatory Environment and Passkeys09:11 Phishing and AI Supercharged Attacks12:28 QR Codes and Accessibility Issues13:09 The Importance of Phishing Resistant Authentication22:24 IDPro Community and Practitioner Support25:18 Community Support and Engagement26:26 IDPro's Role in Identity Events27:48 Future Directions for IDPro29:19 Introducing Committees in IDPro30:39 AI and Identity Verification37:07 The Importance of Information Sharing45:35 Public Speaking and Personal Growth50:58 Conclusion and Final ThoughtsKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Tina Srivastava, IDPro, Authenticate 2025, Passkeys, AI, Artificial Intelligence, Cybersecurity, Phishing, Deepfakes, Authentication, Account Recovery, Biometrics, Identity and Access Management, IAM, NIST, Regulation, Identity Verification, Synced Passkeys, FIDO Alliance

Live from #DCDVirginia 2025, Alexandra Bromson, Managing Director of Origination at Available Infrastructure, joins JSA TV to discuss the urgent need for national security-grade cyber protection for smart cities and digital infrastructure.In this discussion, Alexandra breaks down the serious risks of "AI Poisoning" where attackers corrupt AI models by feeding them bad data and how it can be used to cause serious risk to operations, safety and reputation.Learn how Available Infrastructure's SanQtum AI platform provides a defense, using a CISA-compliant zero trust architecture, NIST-approved quantum-resilient encryption, and a nationwide fleet of quantum-ready micro data centers to protect the future of AI. #CriticalInfrastructure #Cybersecurity #AIPoisoning

Send us a textA single Windows shortcut can open the door to espionage—and that's exactly where we begin. We break down a fresh LNK exploit campaign to show how hidden command execution and DLL sideloading slip past busy teams, then pivot into the core defense most organizations underuse: disciplined configuration management. From baselines and version control to change boards and rapid rollback, we map the habits and tools that turn chaos into control.We walk through building secure, realistic baselines with CIS Benchmarks and NIST 800‑128, and why “simple and enforceable” beats “perfect and ignored.” You'll hear how least privilege for change stops shadow tweaks, how EDR and application firewalls catch command and control, and how automation with Ansible, SCCM, and Terraform keeps fleets consistent. We spotlight the CMDB as a living source of truth—only valuable if you maintain ownership, automate updates, and report on drift so leadership and risk teams can act.Change governance becomes your stabilizer. A change control board aligns IT, security, operations, risk, and compliance before big moves, while an emergency change advisory board authorizes fast action for zero‑days and incidents with a strict post‑implementation review. We break down the full change lifecycle—request, impact analysis, staging, implementation, verification, CMDB updates—and the common pitfalls to avoid, including undocumented changes, brittle rollbacks, and ignoring post‑change scan results. Expect practical guidance on when to auto‑patch Windows, how to iterate quarterly without overengineering, and what metrics prove progress.If you're aiming to master CISSP Domain 7 or just want fewer outages and faster recovery, this conversation gives you a clear blueprint to reduce attack surface and increase stability. If it helps, share it with a teammate, subscribe for more deep dives, and leave a quick review so we can keep improving for you.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

NIST recently selected a second Key Exchange Module (KEM) among the PQC algorithms, HQC. We explain this code-based algorithm.

First Resonance provides factory orchestration and coordination software for scaling hardware companies. Founded by SpaceX veterans in 2019, the company focused on filling the gap between legacy manufacturing systems and the needs of emerging hard tech startups. In a recent episode of Category Visionaries, we sat down with Karan Talati, CEO & Co-Founder of First Resonance, to learn about the company's journey building Ion—their manufacturing operations platform—and how they're enabling companies scaling from R&D prototypes to production manufacturing across aerospace, defense, nuclear energy, and advanced manufacturing. Topics Discussed: Karan's time at SpaceX during hypergrowth (employee 2,000 to 6,000+) and the transition from single rocket design to production operations Why First Resonance walked away from pursuing legacy aerospace and defense giants The failed PLG experiment and pivot to enterprise sales with product analytics for expansion How the "new space" pattern is repeating in nuclear energy and other hard tech verticals Market expansion from aerospace into nuclear energy over the past three to four years Advanced manufacturing technology convergence enabling electric aviation (battery density, composite manufacturing, 3D printing) AI's role in breaking down knowledge silos between mechanical, electrical, and software engineering Defense contractor security requirements: CMMC, FedRamp, and NIST 800-171 Brand strategy targeting the new manufacturing workforce versus the retiring old guard GTM Lessons For B2B Founders: Kill upmarket plans when your core segment outpaces them: First Resonance planned to move from scale-ups to traditional defense and aviation giants. They didn't execute. Karan found that staying with scaling startups delivered faster growth and higher ROI than "long sales cycles" with customers "averse to modern technology." The lesson isn't about patience with enterprise—it's about recognizing when your initial segment is expanding faster than you can capture it. If your TAM is growing 40%+ annually from customer expansion alone, moving upmarket is a distraction. Test PLG fast, kill it faster in multi-stakeholder environments: First Resonance ran a PLG experiment and "quickly learned it does not" work in manufacturing. The buying process involves "centralized, coordinated, orchestrated, many decision makers, many influencers." But they kept the instrumentation. They use "product utilization and usage and engagement" data to "package subsequent value" for renewals and expansion. The tactical move: instrument your product like PLG, sell like enterprise, and use analytics to drive net dollar retention during annual renewals. Treat cloud service provider status as a wedge, not overhead: As a cloud service provider to defense contractors, First Resonance maintains compliance with CMMC, FedRamp, and NIST 800-171. Rather than viewing this as cost center, Karan noted "regulations are getting easier, not harder" and that this is "a benefit to innovators." For B2B founders selling to regulated industries: invest in compliance infrastructure early, monitor regulatory roadmaps (like FedRamp 20x), and position compliance as competitive moat when competitors can't move as quickly. Pattern match your wedge vertical to adjacent disruption: First Resonance saw their aerospace playbook repeat in nuclear energy "literally in the last three, four years." The pattern: legacy incumbents "too big to fail" but "so large and inertial, so hard to move, that startups are going to have to come in and close that gap." When one vertical shows this pattern, adjacent industries with similar incumbent dynamics are expansion candidates. The key signal: former SpaceX/Tesla talent founding companies in that vertical. Design brand for the incoming generation, not the incumbent buyer: With the old guard "rapidly retiring" and manufacturing becoming "cool," First Resonance built a brand with "bold colors and straight lines" that "combines cybernetic systems with inspiration from the Matrix." Karan explicitly rejected softer design trends: "throw all that out." For technical products in industries with demographic shifts, design for the 30-year-old engineer who will champion your tool, not the 55-year-old executive who signs the contract. Deepen rather than proliferate when customers expand physically: First Resonance doesn't worry about logo count because their customers are "scaling in terms of factory square footage and the number of teams." Their expansion motion: "observe product analytics and customer signals and package subsequent value" for upselling during renewals. The tactic works because aerospace and energy have "a tailwind of decades." For infrastructure software with usage tied to physical operations: if customers are adding factories or production lines, you don't need new logos—you need seat expansion and module attach. // Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co // Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here: https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM    

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

In this episode, Ryan and Henry welcome Paul Depmore for an in-depth discussion tracing his path from the U.S. Marine Corps into commercial and national-level calibration work. Paul shares how his experience evolved through Southwest Research Institute, Transcat, Morehouse, and Applied Technical Services, leading to later support of U.S. Navy calibration programs. Key discussion points include: Transitioning from military to civilian metrology roles Early mentorship and lab culture Piston-gauge and dead-weight tester practices Differences between ASTM E4 / E74 and ISO 376 / 7500 calibrations Managing primary-pressure standards and effective-area verification Collaboration among commercial labs, NIST, and Navy facilities Communication, documentation, and supporting new technicians

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

This week, the GovNavigators welcome Gordon Gillerman, former Director of the Standards Coordination Office at NIST, to talk about how standards and testing programs quietly keep the federal government and the products it relies on running safely and efficiently. Gordon shares how collaboration between government and industry helps ensure innovation, interoperability, and public trust.Show NotesOMB: Circular A-119Data Foundation: 2025 Shutdown RIF Impacts TrackerNSPM-8: Military pay during the shutdown Events on the GovNavigators' RadarCheck out GovExec's new events calendar Oct 27-29: Nvidia's GTC Annual AI Conference  Nov 2-4: National Academy of Public Administration's National Conference 

In this episode of Hashtag Trending, host Jim Love covers the latest in tech news: Microsoft's recent Windows 11 update that disrupted local host functions for developers, Salesforce's ambitious AI agent initiatives at Dreamforce, Google's upcoming Gemini 3.0 Pro rollout with significant AI advancements, Tor browser removing AI features for privacy reasons, and NIST's new advice on password security emphasizing longer passphrases. He also references a popular segment from Cybersecurity Today's weekend show on the Dark Web. 00:00 Introduction and Headlines 00:42 Microsoft's Windows 11 Update Issues 02:42 Salesforce's AI Revolution at Dreamforce 04:44 Google's Gemini 3.0: A Major Upgrade 06:31 Tor Browser Strips AI for Privacy 08:02 NIST's New Password Guidelines 10:09 Conclusion and Listener Engagement

Gareth Davies, Chairman of F3 (First Forensic Forum), joins the Forensic Focus Podcast to explore how a grassroots, vendor-neutral community has helped shape digital forensics in the UK for three decades. He traces F3's origins in the 1990s, when affordable training and tool-agnostic knowledge-sharing were scarce, and explains why the forum still focuses on byte-level, lab-ready techniques over sales pitches. Looking ahead, Gareth previews F3's 2025 conference in Warwickshire (Nov 18–20), the not-for-profit pricing model, and upcoming trainings on UAVs, software-defined radio, implants/biomed devices, smartwatch and vehicle forensics, and video authentication/deepfakes. He also discusses international growth (including interest in an Australian chapter) and an open call for volunteers to help run events and keep training affordable. #DigitalForensics #DFIR #ForensicsTraining #IncidentResponse #VehicleForensics #CryberCrime #DigitalEvidence #DigitalInvestigtion #DigitalEvidence

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive for federal agencies to update their F5 products following a significant breach where hackers accessed source code and undisclosed vulnerabilities. This incident, discovered in August, poses a serious risk to federal networks, as the threat actor could exploit these vulnerabilities to gain unauthorized access and exfiltrate sensitive data. Agencies are required to apply the latest updates by October 22nd and report their F5 deployments by October 29th, highlighting the urgency of addressing these security concerns.In a related development, the National Institute of Standards and Technology (NIST) is encouraging federal agencies to take calculated risks with artificial intelligence (AI) under new federal guidance. Martin Stanley, an AI and cybersecurity researcher, emphasized the importance of risk management in AI deployment, particularly in comparison to more established sectors like financial services. As agencies adapt to this guidance, they must identify high-impact AI applications that require thorough risk management to ensure both innovation and safety.A report from Cork Protection underscores the need for small and medium-sized businesses (SMBs) to adopt a security-first approach in light of evolving cyber threats. Many SMBs remain complacent, mistakenly believing they are not targets for cybercriminals. The report warns that this mindset, combined with the rising financial risks associated with breaches, necessitates a shift towards a security-centric operational model. The cybersecurity services market is projected to grow significantly, presenting opportunities for IT service providers that prioritize security.Apple has announced a substantial increase in its bug bounty program, now offering up to $5 million for critical vulnerabilities. This move reflects the growing importance of addressing security challenges within its ecosystem, which includes over 2.35 billion active devices. The company has previously awarded millions to security researchers, emphasizing its commitment to user privacy and security. As the landscape of cybersecurity evolves, managed service providers (MSPs) are urged to tighten vendor monitoring, incorporate AI risk assessments, and focus on continuous assurance to meet the increasing demands for security. Three things to know today00:00 Cybersecurity Crossroads: F5 Breach, AI Risk, and Apple's $5M Bug Bounty Signal Security Accountability06:44 Nearly a Third of MSPs Admit to Preventable Microsoft 365 Data Loss, Syncro Survey Finds09:22 AI Reality Check: Workers' Overconfidence, Cheaper Models, and Microsoft's Scientific Breakthrough Signal Maturity in the Market This is the Business of Tech.     Supported by:  https://mailprotector.com/mspradio/ 

“Quantum computing is taking the laws of nature — light, heat, entanglement — and turning them into a new kind of computer. When that happens, the way we think about Bitcoin's security will have to change forever.” — Charlie ShremThis week on The Charlie Shrem Show, we go deep into the strangest frontier yet: the intersection of Bitcoin, cryptography, and quantum computing.Charlie sits down with Olivier Roussy Newton, OG Bitcoiner and CEO of BTQ Technologies (NASDAQ: BTQ) — a company building at the edge where photons meet blockchains. From his early exposure to D-Wave's first quantum computers in Canada to raising capital from Chinese state funds (and getting blocked by the CIA's venture arm), Olivier's story tracks the entire rise of the post-quantum security industry.Together, Charlie and Olivier unpack what it really means when we say “the end of ECDSA,” why the U.S. government plans to deprecate Bitcoin's signature standard by 2035, and how quantum systems could make traditional mining obsolete.They explore how the analog world of nature — light, gravity, superconductors — can replace brute-force hashing, how “Boson sampling” could one day stand in for SHA-256, and why the biggest breakthroughs in computing may come from mimicking God's own architecture.Plus, Charlie shares insights from a recent dinner with Dr. Adam Back and his own stealth research into quantum-mining convergence. This episode isn't just about crypto's future — it's about the future of computation itself.Topics Discussed:From Node.js startups to quantum cryptographyWhat happens when the CIA's VC fund blocks your dealWhy the U.S. and China's quantum race matters for BitcoinThe birth of post-quantum cryptography and NIST's standardsHow quantum encryption could replace proof-of-workWhy consensus itself might become irrelevantHow AI's mainstream boom paves the way for quantum adoptionThe analog vs. digital computing paradigm shift Thank you for listening to The Charlie Shrem Show. For more free content and access to over 400 episodes, visit www.CharlieShrem.com. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Trump administration pushed forward Friday with plans to fire federal employees amid the government shutdown, directing reductions-in-force at the Departments of Health and Human Services, Education, and Housing and Urban Development, among other agencies. Prior to and during the current shutdown, the White House repeatedly threatened to lay off additional federal workers in a bid to further its efforts to shrink the size of the government. The Trump administration maintains Democrats are to blame for the shutdown, though Democrats contend that a spending bill from Republicans — who control all levers of power — wouldn't adequately fund health care. Russ Vought, the director of the Office of Management and Budget, posted on X early Friday afternoon that the “RIFs have begun,” without offering additional details. An OMB spokesperson told FedScoop the RIFs began and are “substantial.” In a preview of his discussions with Vought last week, President Donald Trump said in a post to his social media platform that they would target “Democrat Agencies,” calling them “a political SCAM.” According to a court filing from the Trump administration late Friday, at least 4,100 federal workers across eight federal agencies may have been sent RIF notices, with the bulk of the staff reductions at HHS, with 1,100 to 1,200 workers impacted, and the Department of Treasury, with 1,446 workers impacted. Deploying artificial intelligence requires taking on the right amount of risk to achieve a desired end result, a National Institute of Standards and Technology official who worked on its risk management framework for the technology said on a panel last week. While federal agencies, and particularly IT functions, are generally risk averse, risks can't entirely be avoided with AI, Martin Stanley, an AI and cybersecurity researcher at the Commerce Department standards agency, said during a FedInsider panel on “Intelligent Government” last week. Stanley said: “You have to manage risks, number one,” adding that the benefits from the technology are compelling enough that “you have to go looking to achieve those.” Stanley's comments came in response to a question about how the federal government compares to other sectors that have been doing risk management for longer, such as financial services. On that point specifically, he said the NIST AI Risk Management Framework “shares a lot of DNA” with Federal Reserve guidance on algorithmic models in financial services. He said NIST attempted to leverage those approaches and the same plain, simple language. “We talk about risks, we talk about likelihoods, and we talk about impacts, both positive and negative, so that you can build this trade space where you are taking on the right amount of risk to achieve a benefit,” Stanley said. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

CBS EYE ON THE WORLD WITH JOHN BATCHELOR 1900 KYIV THE SHOW BEGINS IN THE DOUBTS THAT CONGRESS IS CAPABLE OF CUTTING SPENDING..... 10-8-25 FIRST HOUR 9-915 HEADLINE: Arab Intellectuals Fail Palestinians by Prioritizing Populism and Victimhood Narrative in Gaza ConflictGUEST NAME: Hussain Abdul-Hussain SUMMARY: John Batchelor speaks with Hussain Abdul-Hussain about Hamas utilizing the power of victimhood to justify atrocities and vilify opponents. Arab and Muslim intellectuals have failed Palestinians by prioritizing populism over introspection and self-critique. Regional actors like Egypt prioritize populist narratives over national interests, exemplified by refusing to open the Sinai border despite humanitarian suffering. The key recommendation is challenging the narrative and fostering a reliable, mature Palestinian government. 915-930 HEADLINE: Arab Intellectuals Fail Palestinians by Prioritizing Populism and Victimhood Narrative in Gaza ConflictGUEST NAME: Hussain Abdul-Hussain SUMMARY: John Batchelor speaks with Hussain Abdul-Hussain about Hamas utilizing the power of victimhood to justify atrocities and vilify opponents. Arab and Muslim intellectuals have failed Palestinians by prioritizing populism over introspection and self-critique. Regional actors like Egypt prioritize populist narratives over national interests, exemplified by refusing to open the Sinai border despite humanitarian suffering. The key recommendation is challenging the narrative and fostering a reliable, mature Palestinian government. 930-945 HEADLINE: Russian Oil and Gas Revenue Squeezed as Prices Drop, Turkey Shifts to US LNG, and China Delays Pipeline GUEST NAME: Michael Bernstam SUMMARY: John Batchelor speaks with Michael Bernstam about Russia facing severe budget pressure due to declining oil prices projected to reach $40 per barrel for Russian oil and global oil surplus. Turkey, a major buyer, is abandoning Russian natural gas after signing a 20-year LNG contract with the US. Russia refuses Indian rupee payments, demanding Chinese renminbi, which India lacks. China has stalled the major Power of Siberia 2 gas pipeline project indefinitely. Russia utilizes stablecoin and Bitcoin via Central Asian banks to circumvent payment sanctions. 945-1000 HEADLINE: UN Snapback Sanctions Imposed on Iran; Debate Over Nuclear Dismantlement and Enrichment GUEST NAME: Andrea Stricker SUMMARY: John Batchelor speaks with Andrea Stricker about the US and Europe securing the snapback of UN sanctions against Iran after 2015 JCPOA restrictions expired. Iran's non-compliance with inspection demands triggered these severe sanctions. The discussion covers the need for full dismantlement of Iran's nuclear program, including both enrichment and weaponization capabilities, to avoid future conflict. Concerns persist about Iran potentially retaining enrichment capabilities through low-level enrichment proposals and its continued non-cooperation with IAEA inspections. SECOND HOUR 10-1015 HEADLINE: Commodities Rise and UK Flag Controversy: French Weather, Market Trends, and British Politics GUEST NAME: Simon Constable SUMMARY: John Batchelor speaks with Simon Constable about key commodities like copper up 16% and steel up 15% signaling strong economic demand. Coffee prices remain very high at 52% increase. The conversation addresses French political turmoil, though non-citizens cannot vote. In the UK, the St. George's flag has become highly controversial, viewed by some as associated with racism, unlike the Union Jack. This flag controversy reflects a desire among segments like the white working class to assert English identity. 1015-1030 HEADLINE: Commodities Rise and UK Flag Controversy: French Weather, Market Trends, and British Politics GUEST NAME: Simon Constable SUMMARY: John Batchelor speaks with Simon Constable about key commodities like copper up 16% and steel up 15% signaling strong economic demand. Coffee prices remain very high at 52% increase. The conversation addresses French political turmoil, though non-citizens cannot vote. In the UK, the St. George's flag has become highly controversial, viewed by some as associated with racism, unlike the Union Jack. This flag controversy reflects a desire among segments like the white working class to assert English identity. 1030-1045 HEADLINE: China's Economic Contradictions: Deflation and Consumer Wariness Undermine GDP Growth ClaimsGUEST NAME: Fraser Howie SUMMARY: John Batchelor speaks with Fraser Howie about China facing severe economic contradictions despite high World Bank forecasts. Deflation remains rampant with frequently negative CPI and PPI figures. Consumer wariness and high youth unemployment at one in seven persist throughout the economy. The GDP growth figure is viewed as untrustworthy, manufactured through debt in a command economy. Decreased container ship arrivals point to limited actual growth, exacerbated by higher US tariffs. Economic reforms appear unlikely as centralization under Xi Jinping continues. 1045-1100 HEADLINE: Takaichi Sanae Elected LDP Head, Faces Coalition Challenge to Become Japan's First Female Prime Minister GUEST NAME: Lance Gatling SUMMARY: John Batchelor speaks with Lance Gatling about Takaichi Sanae being elected head of Japan's LDP, positioning her to potentially become the first female Prime Minister. A conservative figure, she supports visits to the controversial Yasukuni Shrine. Her immediate challenge is forming a majority coalition, as the junior partner Komeito disagrees with her conservative positions and social policies. President Trump praised her election, signaling potential for strong bilateral relations. THIRD HOUR 1100-1115 VHEADLINE: DeepSeek AI: Chinese LLM Performance and Security Flaws Revealed Amid Semiconductor Export Circumvention GUEST NAME: Jack Burnham SUMMARY: John Batchelor speaks with Jack Burnham about competition in Large Language Models between the US and China's DeepSeek. A NIST study found US models superior in software engineering, though DeepSeek showed parity in scientific questions. Critically, DeepSeek models exhibited significant security flaws. China attempts to circumvent US export controls on GPUs by smuggling and using cloud computing centers in Southeast Asia. Additionally, China aims to dominate global telecommunications through control of supply chains and legal mechanisms granting the CCP access to firm data.E V 1115-1130 HEADLINE: DeepSeek AI: Chinese LLM Performance and Security Flaws Revealed Amid Semiconductor Export Circumvention GUEST NAME: Jack Burnham SUMMARY: John Batchelor speaks with Jack Burnham about competition in Large Language Models between the US and China's DeepSeek. A NIST study found US models superior in software engineering, though DeepSeek showed parity in scientific questions. Critically, DeepSeek models exhibited significant security flaws. China attempts to circumvent US export controls on GPUs by smuggling and using cloud computing centers in Southeast Asia. Additionally, China aims to dominate global telecommunications through control of supply chains and legal mechanisms granting the CCP access to firm data. 1130-1145 HEADLINE: Taiwanese Influencer Charged for Threatening President; Mainland Chinese Influence Tactics ExposedGUEST NAME: Mark Simon SUMMARY: John Batchelor speaks with Mark Simon about internet personality Holger Chen under investigation in Taiwan for calling for President William Lai's decapitation. This highlights mainland Chinese influence operations utilizing influencers who push themes of military threat and Chinese greatness. Chen is suspected of having a mainland-affiliated paymaster due to lack of local commercial support. Taiwan's population primarily identifies as Taiwanese and is unnerved by constant military threats. A key propaganda goal is convincing Taiwan that the US will not intervene. 1145-1200 HEADLINE: Sentinel ICBM Modernization is Critical and Cost-Effective Deterrent Against Great Power CompetitionGUEST NAME: Peter Huessy SUMMARY: John Batchelor speaks with Peter Huessy about the Sentinel program replacing aging 55-year-old Minuteman ICBMs, aiming for lower operating costs and improved capabilities. Cost overruns stem from necessary infrastructure upgrades, including replacing thousands of miles of digital command and control cabling and building new silos. Maintaining the ICBM deterrent is financially and strategically crucial, saving hundreds of billions compared to relying solely on submarines. The need for modernization reflects the end of the post-Cold War "holiday from history," requiring rebuilding against threats from China and Russia. FOURTH HOUR 12-1215 HEADLINE: Supreme Court Battles Over Presidential Impoundment Authority and the Separation of Powers GUEST NAME: Josh Blackman SUMMARY: John Batchelor speaks with Josh Blackman about Supreme Court eras focusing on the separation of powers. Currently, the court is addressing presidential impoundment—the executive's authority to withhold appropriated funds. Earlier rulings, particularly 1975's Train v. City of New York, constrained this power. The Roberts Court appears sympathetic to reclaiming presidential authority lost during the Nixon era. The outcome of this ongoing litigation will determine the proper balance between executive and legislative branches. 1215-1230 HEADLINE: Supreme Court Battles Over Presidential Impoundment Authority and the Separation of Powers GUEST NAME: Josh Blackman SUMMARY: John Batchelor speaks with Josh Blackman about Supreme Court eras focusing on the separation of powers. Currently, the court is addressing presidential impoundment—the executive's authority to withhold appropriated funds. Earlier rulings, particularly 1975's Train v. City of New York, constrained this power. The Roberts Court appears sympathetic to reclaiming presidential authority lost during the Nixon era. The outcome of this ongoing litigation will determine the proper balance between executive and legislative branches. 1230-1245 HEADLINE: Space Force Awards Contracts to SpaceX and ULA; Juno Mission Ending, Launch Competition Heats UpGUEST NAME: Bob Zimmerman SUMMARY: John Batchelor speaks with Bob Zimmerman about Space Force awarding over $1 billion in launch contracts to SpaceX for five launches and ULA for two launches, highlighting growing demand for launch services. ULA's non-reusable rockets contrast with SpaceX's cheaper, reusable approach, while Blue Origin continues to lag behind. Other developments include Firefly entering defense contracting through its Scitec acquisition, Rocket Lab securing additional commercial launches, and the likely end of the long-running Juno Jupiter mission due to budget constraints. 1245-100 AM HEADLINE: Space Force Awards Contracts to SpaceX and ULA; Juno Mission Ending, Launch Competition Heats UpGUEST NAME: Bob Zimmerman SUMMARY: John Batchelor speaks with Bob Zimmerman about Space Force awarding over $1 billion in launch contracts to SpaceX for five launches and ULA for two launches, highlighting growing demand for launch services. ULA's non-reusable rockets contrast with SpaceX's cheaper, reusable approach, while Blue Origin continues to lag behind. Other developments include Firefly entering defense contracting through its Scitec acquisition, Rocket Lab securing additional commercial launches, and the likely end of the long-running Juno Jupiter mission due to budget constraints.

VHEADLINE: DeepSeek AI: Chinese LLM Performance and Security Flaws Revealed Amid Semiconductor Export Circumvention GUEST NAME: Jack Burnham SUMMARY: John Batchelor speaks with Jack Burnham about competition in Large Language Models between the US and China's DeepSeek. A NIST study found US models superior in software engineering, though DeepSeek showed parity in scientific questions. Critically, DeepSeek models exhibited significant security flaws. China attempts to circumvent US export controls on GPUs by smuggling and using cloud computing centers in Southeast Asia. Additionally, China aims to dominate global telecommunications through control of supply chains and legal mechanisms granting the CCP access to firm data.E 1959

VHEADLINE: DeepSeek AI: Chinese LLM Performance and Security Flaws Revealed Amid Semiconductor Export Circumvention GUEST NAME: Jack Burnham SUMMARY: John Batchelor speaks with Jack Burnham about competition in Large Language Models between the US and China's DeepSeek. A NIST study found US models superior in software engineering, though DeepSeek showed parity in scientific questions. Critically, DeepSeek models exhibited significant security flaws. China attempts to circumvent US export controls on GPUs by smuggling and using cloud computing centers in Southeast Asia. Additionally, China aims to dominate global telecommunications through control of supply chains and legal mechanisms granting the CCP access to firm data. 1942

Tyler chats with Andrew Black, co-founder and CEO of Kovr.ai and former AWS Emerging Tech lead, about the unsexy work that makes mission software real: turning security and compliance into something fast, predictable, and built into the dev loop. Andrew explains how Kovr.ai reads system docs, maps to NIST 800-53, drafts control implementations, flags gaps, and recommends fixes, so engineers focus on high-judgment problems while AOs and risk owners get reliable packages that move.What's happening on the Second Front:The true Valley of Death, speed and scale in productionAI that automates SSPs, findings, and control mappingHow to make compliance native to CI and CD with JIRA, Jenkins, SIEMWhy fixed-price software and clear architecture matter for customersCulture over strategy, setting weekly “big rocks,” hiring for gritConnect with AndrewLinkedIn: Andrew BlackConnect with TylerLinkedIn: Tyler Sweatt

Major federal cybersecurity programs expire amidst the government shutdown. Global leaders and experts convene in Riyadh for the Global Cybersecurity Forum. NIST tackles removable media. ICE buys vast troves of smartphone location data. Researchers claim a newly patched VMware vulnerability has been a zero-day for nearly a year. ClickFix-style attacks surge and spread across platforms. Battering RAM defeats memory encryption and boot-time defenses. A new phishing toolkit converts ordinary PDFs into interactive lures. A trio of breaches exposes data of 3.7 million across North America. Tim Starks from CyberScoop unpacks a report from Senate Democrats on DOGE. The Lone Star State proves even the internet isn't bulletproof.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Tim Starks, Senior Reporter from CyberScoop, is back and joins Dave to discuss a report from Senate Democrats on the Department of Government Efficiency (DOGE). You can read Tim's article on the subject here. Selected Reading Cyber information-sharing law and state grants set to go dark as Congress stalls over funding (The Record) Live - Global Cybersecurity Forum in Riyadh tackles how technology can shape future of cyberspace (Euronews) NIST Publishes Guide for Protecting ICS Against USB-Borne Threats (SecurityWeek) ICE to Buy Tool that Tracks Locations of Hundreds of Millions of Phones Every Day (404 Media) Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability (SecurityWeek) Don't Sweat the ClickFix Techniques: Variants & Detection Evolution (Huntress) Battering RAM Attack Breaks Intel and AMD Security Tech With $50 Device (SecurityWeek) New MatrixPDF toolkit turns PDFs into phishing and malware lures (Bleeping Computer) 3.7M breach notification letters set to flood North America's mailboxes (The Register) A Bullet Crashed the Internet in Texas (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices