Podcasts about Phishing

Act of attempting to acquire sensitive information by posing as a trustworthy entity

  • 2,089PODCASTS
  • 5,221EPISODES
  • 32mAVG DURATION
  • 1DAILY NEW EPISODE
  • Jul 23, 2025LATEST
Phishing

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about Phishing

Show all podcasts related to phishing

Latest podcast episodes about Phishing

Cyber Security Headlines
Sharepoint hack linked to Chinese groups, NGOs targeted with phishing tactics, engineer admits US missile theft

Cyber Security Headlines

Play Episode Listen Later Jul 23, 2025 6:49


Microsoft links Sharepoint ToolShell attacks to Chinese hackers Russian threat actors target NGOs with new OAuth phishing tactics Silicon Valley engineer admits theft of US missile tech secrets Huge thanks to our sponsor, Nudge Security Nudge Security discovers every SaaS app used in your org, secures configurations, enforces MFA, and manages app-to-app access so you can prevent identity based attacks. Start a free 14-day trial today at NudgeSecurity.com

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Monday July 21st, 2025: Sharepoint Exploited; Veeam Fake Voicemail Phish; Passkey Phishing Attack

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jul 21, 2025 8:05


SharePoint Servers Exploited via 0-day CVE-2025-53770 Late last week, CodeWhite found a new remote code execution exploit against SharePoint. This vulnerability is now actively exploited. https://isc.sans.edu/diary/Critical+Sharepoint+0Day+Vulnerablity+Exploited+CVE202553770+ToolShell/32122/ Veeam Voicemail Phishing Attackers appear to impersonate VEEAM in recent voicemail-themed phishing attempts. https://isc.sans.edu/diary/Veeam%20Phishing%20via%20Wav%20File/32120 Passkey Phishing Attack A currently active phishing attack takes advantage of the ability to use QR codes to complete the Passkey login procedure https://expel.com/blog/poisonseed-downgrading-fido-key-authentications-to-fetch-user-accounts/

Cyber Security Today
NPM Linter Packages Hijacked, Microsoft's China Issue, and AI in Phishing Attacks: Cybersecurity Today:

Cyber Security Today

Play Episode Listen Later Jul 21, 2025 17:06 Transcription Available


In this episode of Cybersecurity Today, host David Shipley discusses several pressing cybersecurity issues. First, popular NPM Linter packages were hijacked via phishing to spread malware, affecting millions of downloads.  Concurrently, Ukrainian CERT uncovers new phishing campaigns tied to APT28 using large language models for command and control. Microsoft discontinues the use of China-based engineers for US Department of Defense systems following a controversial report. Lastly, social engineering, facilitated by AI, becomes a greater threat than zero-day exploits. The episode emphasizes the need for stronger maintainer security, multifactor authentication, and a comprehensive understanding of social engineering risks.  00:00 Introduction - 10 Million Downloads 01:30 NPM Linter Packages Hijacked 05:05 Social Engineering and AI in Cybersecurity 08:57 Microsoft's China-Based Engineers Controversy 12:15 The Real Threat: Social Engineering 16:39 Conclusion and Call to Action

Cyber Crime Junkies
Who Do Hackers Target The Most? Real Truth About Cyber Crime. FBI vs Cyber Crime.

Cyber Crime Junkies

Play Episode Listen Later Jul 20, 2025 30:09 Transcription Available


In this episode of Cyber Crime Junkies, host Dean Mauro explores listener question of who do hackers target the most. He explains the real truth about cyber crime,  recent examples of Cyber crime This year, Small business cyber attacks, and he evaluates FBI IC3 Report 2025Send us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com

The Y in History
Episode 112: A history of Cyberattacks

The Y in History

Play Episode Listen Later Jul 19, 2025 20:19


The first computer virus is believed to have been used in 1969 at the University of Washington Computer Center. A person who has never been named installed a program that came to be known as “RABBITS Virus” on one of the computers. The program began replicating itself until it overwhelmed the computer causing it to shut down. Over the years, the scale and sophistication of cyber attacks has increased and with the advent of AI, digital criminals have jumped on the AI bandwagon and become more lethal.

The Checklist by SecureMac
Checklist 432 - Healthcare Files and Healthcare Phishing

The Checklist by SecureMac

Play Episode Listen Later Jul 18, 2025 17:34


The FBI has issued a warning - phishing with a medical theme is on the rise. The problem is healthcare providers keep losing client info and sending out warnings. What is a patient to do? We'll talk it over on this edition of The Checklist brought to you by SecureMac. Check out our show notes: SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com

Putting the AP in hAPpy
Episode 347: Access Gone Wrong - 4 Times When Employees Exploited Their Access And Colluded With Fraudsters

Putting the AP in hAPpy

Play Episode Listen Later Jul 17, 2025 21:25


Are you performing security audits, so you know who has access to your systems?  Listen to today's episode to for 4 scenarios when employees or contractors used their system access for fraudulent purposes.  Then see how you can get a 5-step plan to perform a system audit.Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:    Webinars: A Security Audit to Protect Vendor Data and Avoid Fraud  Prevent Payments to Internal Fraudsters - Stopping Bad Actors in Your Organization Collusion CasesTD Bank Employee's Bribery Scheme: A $37,000 Fraud That Cost the Bank $72,000  Postal Service says many checks stolen through the mail are done by its own employees  Brazilian police arrest IT worker over $100 million cyber theft Former Banker Arrested for Allegedly Obtaining $2.7 Million in COVID Business-Relief Funds Using Stolen IDs of Disabled Persons Vendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Vendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

Tech Gumbo
Phishing Training Fails, TikTok's Backup Plan, Social Media Age Ban Bill

Tech Gumbo

Play Episode Listen Later Jul 17, 2025 22:06


News and Updates: A Purdue University study found anti-phishing training may be worse than ineffective. Testing 12,000+ fintech employees, researchers saw no reduction in phishing link clicks — and in some cases, trained staff clicked slightly more often. Experts say companies should shift focus from costly training to technical defenses. TikTok is reportedly developing a new U.S.-only app, codenamed “M2,” to sidestep a pending federal ban. The replacement could debut in September as part of a sale to an Oracle-led investor group. Current TikTok would stay active until early 2026 under the tentative plan. The Kids Off Social Media Act (KOSMA) advanced in the U.S. Senate, proposing a ban on social media accounts for kids under 13 and limits on algorithms for users under 17. Critics warn the bill's AI-based age estimation could misidentify millions of users, raising privacy and constitutional concerns.

IBS Intelligence Podcasts
EP896: Taking the fight to fincrime in real time with agentic AI

IBS Intelligence Podcasts

Play Episode Listen Later Jul 17, 2025 10:15


Adam Gable, Senior Product Director, TemenosAgentic AI helps to simplify complex processes by performing automated tasks without human intervention. Temenos unveiled its FCM AI Agent at the Temenos Community Forum (TCF 2025) in Madrid. It is an AI-enhanced compliance engine, enabling a significant reduction in false positives when screening against global and domestic watchlists in real time. Robin Amlôt of IBS Intelligence speaks at TCF 2025 to Adam Gable, Senior Product Director at Temenos about the evolution of the perennial problem of fincrime and the efforts to counter it.

Human-Centered Security
We Regret to Inform You: Your Phishing Training Did Nothing with Ariana Mirian

Human-Centered Security

Play Episode Listen Later Jul 16, 2025 46:52


You click on a link in an email—as one does. Suddenly you see a message from your organization, “You've been phished! Now you need some training!” What do you do next? If you're like most busy humans, you skip it and move on.Researcher Ariana Mirian (and co-authors Grant Ho, Elisa Luo, Khang Tong, Euyhyun Lee, Lin Liu, Christopher A. Longhurst, Christian Dameff, Stefan Savage, Geoffrey M. Voelker) uncovered similar results in their study “Understanding the Efficacy of Phishing Training in Practice.” The solution? Ariana suggests focusing on a more effective fix: designing safer systems.In the episode we talk about:Annual cybersecurity awareness training doesn't reduce the likelihood of clicking on phishing links, even if completed recently. Employees who finished training recently show similar phishing failure rates to those who completed it months ago. The study notes, “Employees who recently completed such training, which has significant focus on social engineering and phishing defenses, have similar phishing failure rates compared to other employees who completed awareness training many months ago.”Phishing simulations combined with training (where companies send out fake phishing emails to employees and, for those who click on the links, lead those employees through training) had little impact on whether participants would click phishing links in the future. Ariana was hopeful about interactive training but found that too few participants engaged with it to draw meaningful conclusions. The type of phishing lure (e.g., password reset vs. vacation policy change) influenced whether users clicked. Ariana warned that certain lures could artificially lower click rates.Ultimately, Ariana suggests focusing on designing safer systems—where the burden is taken off the end users. She recommends two-factor authentication, using phishing-resistant hardware keys (like YubiKeys), and blocking phishing emails before they reach users.This quote from the study stood out to me: “Our results suggest that organizations like ours should not expect training, as commonly deployed today, to substantially protect against phishing attacks—the magnitude of protection afforded is simply too small and employees remain susceptible even after repeated training.”This highlights the need for safer system design, especially for critical services like email, which—and this is important—inherently relies on users clicking links.Ariana Mirian is a senior security researcher at Censys. She completed her PhD at UC San Diego and co-authored the paper, “Understanding the Efficacy of Phishing Training in Practice.”G. Ho et al., "Understanding the Efficacy of Phishing Training in Practice," in 2025 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, 2025, pp. 37-54, doi: 10.1109/SP61157.2025.00076.

Cyber Security with Bob G
Phishing - Don't You Mean Fishing

Cyber Security with Bob G

Play Episode Listen Later Jul 16, 2025 4:37


Video - https://youtu.be/vQWEQ0KGg-UThink “phishing” is just a typo for “fishing”? Think again. In this eye-opening (and slightly witty) guide, we break down the scam that tricks millions — using language so simple, even a 5-year-old or a tech-shy grandparent can understand. Curious? You should be.I used ChatGPT-4o, ScreenPal, and Pictory.ai to put this information together.If you're interested in trying Pictory.ai please use the following link. https://pictory.ai?ref=t015o

PEBCAK Podcast: Information Security News by Some All Around Good People
Episode 216 - Ledger Crypto Phishing Scams, Brazilian Bank Hack, Security Company Hacks Its Customers, Cruise Rules

PEBCAK Podcast: Information Security News by Some All Around Good People

Play Episode Listen Later Jul 14, 2025 50:31


Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Ledger phishing campaigns on the rise https://www.ledger.com/phishing-campaigns-status   Brazilian banks hacked through compromised employee https://www.bleepingcomputer.com/news/security/employee-gets-920-for-credentials-used-in-140-million-bank-heist/  https://cointelegraph.com/news/coin-center-us-treasury-appeal-tornado-cash   Security company hacks customers https://www.bleepingcomputer.com/news/security/man-pleads-guilty-to-hacking-networks-to-pitch-security-services/    New cruise rules 2025 https://legalunitedstates.com/carnival-cruise-new-rules-2025/     Dad Joke of the Week (DJOW)   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Glenn - https://www.linkedin.com/in/glennmedina/ Victor - https://www.linkedin.com/in/victordeluca/

Business of Tech
Rethinking Cybersecurity: Why Traditional MFA Fails and the Future of Phishing-Resistant Solutions with Bob Burke

Business of Tech

Play Episode Listen Later Jul 13, 2025 21:11


Bob Burke, Chief Information Security Officer at Beyond Identity, challenges the effectiveness of traditional multi-factor authentication (MFA) in the evolving landscape of cybersecurity. He argues that legacy MFA solutions, which often rely on out-of-band authorization methods like push notifications or one-time passwords, are no longer sufficient against the rising tide of sophisticated cyber threats. With the advent of services like phishing-as-a-service, attackers can easily bypass these outdated security measures, necessitating a shift towards phishing-resistant authentication methods. Burke emphasizes the need for organizations to adopt solutions that not only enhance security but also consider device posture and trustworthiness.Burke also critiques the current state of FIDO2 and passkeys, acknowledging their potential while highlighting their limitations, particularly in terms of device posture and user experience. He suggests that small to mid-sized businesses (SMBs) should prioritize phishing-resistant solutions that integrate both browser protection and device authentication. Furthermore, he raises concerns about the pricing models of many Software as a Service (SaaS) providers, which often place essential security features behind higher-tier subscriptions, effectively discouraging customers from adopting more secure practices.The conversation shifts to the endpoint detection and response (EDR) market, where Burke notes that while EDR solutions are still necessary, they are evolving into more comprehensive offerings like extended detection and response (XDR). He points out that many of these solutions are priced for enterprise-level organizations, leaving SMBs and mid-market companies struggling to find affordable options. Burke encourages these organizations to seek out solutions that fit their budget while still providing essential security capabilities.Finally, Burke shares insights from his experience with the FedRAMP certification process, emphasizing the importance of building internal security competencies and integrating security into product design from the outset. He advocates for a clear internal compliance program, such as NIST, to guide organizations in their security efforts. As the cybersecurity landscape continues to evolve, Burke warns that the tempo and scope of attacks are increasing, driven by advancements in AI, and urges organizations to reassess their security architectures to stay ahead of emerging threats.  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Putting the AP in hAPpy
Episode 346: A Big IRS Tax Reporting Change Effective For Tax Year 2026 That Can Help Your Team – But Don't Forget About This

Putting the AP in hAPpy

Play Episode Listen Later Jul 10, 2025 14:39


After last week's episode revealing an IRS announcement, once the big, beautiful tax bill was passed there is at least more tax reporting change for Tax Year 2026 that can reduce a huge burden, but there is one more factor to keep in mind.  Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:   Vendor Master File Tip of the Week - IRS 1099-MISC/NEC and 1042-S 2026 Due Dates For TY 2025 Journal of Accountancy - Tax provisions in the One Big Beautiful Bill Act Journal of Accountancy – IRS Staffing, Budget Cuts Threaten 2026 Filing Season, Taxpayer Advocate Says Taxes For Expats – One Big Beautiful Bill – and What it Means for Your Business Vendor Process Training Center > Resource Library for State Research https://training.debrarrichardson.com/resources Customized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

Business of Tech
MSPs Under Pressure: Navigating AI Impersonation, Phishing Exploits, and Ransomware Fallout

Business of Tech

Play Episode Listen Later Jul 9, 2025 16:12


Managed service providers (MSPs) are currently facing unprecedented pressure from clients regarding cybersecurity, with a significant increase in expectations for MSPs to manage their cybersecurity infrastructure. A recent survey revealed that 84% of MSPs report their clients now expect them to handle cybersecurity end-to-end, a notable rise from 65% the previous year. This shift comes as MSPs themselves are under increased scrutiny, with 77% reporting heightened oversight of their security practices. The growing concern over emerging threats, particularly those related to artificial intelligence, has further complicated the landscape, as MSPs find themselves caught between rising client demands and a lack of accountability from cybersecurity vendors.In a related development, a fraudulent impersonator has been using artificial intelligence to mimic the voice and writing style of U.S. Secretary of State Marco Rubio, successfully contacting several high-level officials to manipulate them for sensitive information. This incident highlights the vulnerabilities in secure communication channels and the ease with which attackers can exploit lax data security among government officials. The FBI has issued warnings about ongoing malicious messaging campaigns that utilize AI-generated voice messaging, emphasizing the need for enhanced verification protocols in executive communications.Additionally, attackers have been exploiting Microsoft 365's direct send feature to launch phishing attacks, impacting over 70 organizations. This method allows attackers to send emails that appear to come from legitimate internal addresses, bypassing traditional security measures. Research indicates that conventional phishing awareness training is largely ineffective, with many employees failing to recognize phishing attempts even after training. The study suggests a shift towards interactive training methods, which have proven more effective in reducing the likelihood of falling victim to such scams.Ingram Micro has begun restoring customer ordering capabilities following a ransomware attack that temporarily disabled its systems, but the company's lack of communication during the crisis has raised concerns among partners. The incident serves as a case study in breach communication, highlighting the importance of transparency and effective communication in maintaining trust. Meanwhile, Kaseya has expanded its community investment with the Technology Marketing Toolkit, aimed at enhancing resources for MSPs. However, questions remain about the potential cultural clash and the impact on the independence of the Toolkit's offerings within Kaseya's larger ecosystem. Four things to know today 00:00 MSPs Face Rising Cybersecurity Pressure as Clients Demand Full Protection and Vendors Sidestep Shared Risk04:25 AI Deepfake Impersonates Secretary of State in Sophisticated Attack, Exposing Risks for Executive Security09:17 Ingram Micro Begins System Restoration After Ransomware Attack, But Silence Frustrates12:07 Robin Robins Sells Technology Marketing Toolkit; Joins Kaseya as Strategic Advisor This is the Business of Tech.    Supported by:  https://getnerdio.com/nerdio-manager-for-msp/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Home of Software
24. Cyberkriminalität – Wie schütze ich mein Zuhause im Netz?

Home of Software

Play Episode Listen Later Jul 8, 2025 36:03


Phishing & Co. sind längst im Alltag angekommen – aber wie schützt man sich zuhause am besten? In dieser Folge spricht Luca Sonntag, IT-Experte bei CleverReach, über typische Cyberangriffe, woran man sie erkennt und wie man sich mit einfachen Mitteln davor schützt. Praxisnah, verständlich und direkt umsetzbar! Luca erklärt praxisnah: wie Phishing-Angriffe funktionieren worauf du in verdächtigen E-Mails achten solltest welche einfachen Maßnahmen dein System deutlich sicherer machen Außerdem erfährst du, wie Luca seinen Weg in die IT-Sicherheit gefunden hat – und warum ihn das Thema bis heute fasziniert. Perfekt für alle, die ihr digitales Zuhause besser schützen wollen – ohne technisches Vorwissen. Mehr von uns: » Facebook: https://www.facebook.com/Ashampoo » Instagram: https://www.instagram.com/ashampoo/ » Podcast: https://podcast.ashampoo.com/ __________________________________________________________ Anfragen oder Feedback podcast@ashampoo.com

The Small Business Radio Show
#838 Is the "Get Big Fast" Mentality Hurting Your Business?

The Small Business Radio Show

Play Episode Listen Later Jul 7, 2025 31:25


Segment 1 with Dave Whorton starts at 0:00. The “Get Big Fast” startup era is crumbling. Sky-high valuations, zero profits, and a fixation on rapid scaling have left businesses fragile and the economy unstable. It's time for entrepreneurs to skip the funding rounds and rethink how they approach growth.In his new book "Another Way - Building Companies That Last…and Last…and Last",  former Kleiner Perkins Venture Capitalist Dave Whorton lays out a path forward. After seeing firsthand the risks of speculative growth, he rejected the Silicon Valley unicorn obsession he helped fuel, and now helps entrepreneurs thrive better in our volatile times.Segment 2 with Marcelo Barros starts at 20:28.Phishing attacks are forever changing and getting more creative. What do we need to know as small business owners and how should be educate our team?Marcelo Barros is the Global Director of Hacker Rangers. He is an IT professional with over 30 years of experience and a strong interest in cybersecurity. As the Global Markets Leader at Hacker Rangers, a gamification company, he spearheads the company's expansion into markets outside of Brazil. Before this position, Marcelo dedicated 17 years to IBM, where he worked in cybersecurity, sales, and management, delivering solutions and achieving outcomesBecome a supporter of this podcast: https://www.spreaker.com/podcast/the-small-business-radio-show--3306444/support.

Espresso
Diese E-Mail wirkt wie Phishing – ist aber echt

Espresso

Play Episode Listen Later Jul 7, 2025 9:49


Bei einer seltsamen Absenderadresse denkt sogar ein Cybersecurity-Experte an eine Masche. Doch die E-Mail stammt tatsächlich von der Helvetia. +++ Weiteres Thema: Bratwürste aus Fleisch sind meist krumm, Vegi-Würste gerade. Warum eigentlich? Das Drumherum ist entscheidend.

The Plugged In Show
Episode 293: Jurassic World: Rebirth. Plus, Phishing Scams on Social Media

The Plugged In Show

Play Episode Listen Later Jul 3, 2025 40:26


The Jurassic World: Rebirth film is coming out. Does it look dino-riffic? The Plugged In team looks at the newest installment and the franchise as a whole, letting you in on what you need to know. The team then discusses online phishing scams and how you can be vigilant to protect your and your family. Connect with us! www.ThePluggedInShow.com Connect on Facebook Find us on Instagram EMAIL: team@thepluggedinshow.com PHONE: 800-A-FAMILY (800-262-3459) Read the full review: · Jurassic World: Rebirth · Jurassic World: Dominion · Jurassic World: Fallen Kingdom · Jurassic World · Jurassic Park III · The Lost World: Jurassic Park · Jurassic Park · Jurassic World: Camp Cretaceous · The Beekeeper Check out the Plugged In Blog: · On the Radar: Social Media Phishing Gender Gap with Teens and Tiktok Amber Alerts The Plugged In Tech Guide Focus on the Family with Jim Daly Episode: How Your Family Can Manage Technology Well Part 1 How You Can Make Wise Entertainment Choices for Your Family Donate Now! We'd love to hear from you! Visit our Homepage to leave us a voicemail. If you've listened to any of our podcasts, please give us your feedback.

Putting the AP in hAPpy
Episode 345: What The IRS Just Announced About The FIRE System

Putting the AP in hAPpy

Play Episode Listen Later Jul 3, 2025 7:36


Check out the IRS's announcement about changes to e-filing just before the July 4th holiday! Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:   Vendor Master File Tip of the Week - Demo of the IRS e-News Subscriptions https://youtu.be/Cwy9QDYX-ZM Customized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

North Fulton Business Radio
AI, Cyber Threats, and Your Business with Chris Noles, Beyond Computer Solutions

North Fulton Business Radio

Play Episode Listen Later Jul 2, 2025


AI, Cyber Threats, and Your Business with Chris Noles, Beyond Computer Solutions (North Fulton Business Radio, Episode 880) In this episode of North Fulton Business Radio, host John Ray welcomes back Chris Noles, owner and president of Beyond Computer Solutions, to discuss what every business, large or small, needs to know about modern cybersecurity threats. Chris […] The post AI, Cyber Threats, and Your Business with Chris Noles, Beyond Computer Solutions appeared first on Business RadioX ®.

Cybercrimeology
The Human in_security - deception, weapons, crime & culture

Cybercrimeology

Play Episode Listen Later Jul 1, 2025 27:37


About our guest:Dr. Iain ReidSenior Lecturer in CybercrimeUniversity of Portsmouthhttps://www.port.ac.uk/about-us/structure-and-governance/our-people/our-staff/iain-reid Topics discussed in this episode:How principles of military deception map onto cybersecurityWhy the phrase “the human is the weakest link” oversimplifies riskWhat it's like to research developer perspectives on secure softwareThe psychology of decision-making in phishing attacksHow time pressure influences risky digital behaviourThe limits of “security culture” as an organizational solutionHow cyber deception fits within defence-in-depth Papers or resources mentioned:Reid, I., Okeke-Ramos, A., & Serafin, M. (2024). Exploring the ethics of cyber deception technologies for defensive cyber deception. In P. Bednar, J. Kävrestad, E. Bergström, M. Rajanen, H. V. Hult, A. M. Braccini, A. S. Islind, & F. Zaghloul (Eds.), Proceedings of the 10th International Conference on Socio-Technical Perspectives in Information Systems (STPIS 2024) (pp. 140-148). (CEUR Workshop Proceedings). https://ceur-ws.org/Vol-3857Whaley, B. (2007). Stratagem: deception and surprise in war. Artech.Rowe, N.C., Rrushi, J. (2016). Measuring Deception. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_11Ashenden, D., Ollis, G., & Reid, I. (2022, October). Dancing, not Wrestling: Moving from Compliance to Concordance for Secure Software Development. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (pp. 1-9).Paris Call for Trust and Security in Cyberspacehttps://pariscall.international OtherI would like to thank Dudley the French Bulldog for the invaluable (unavoidable) contribution to this episode.

Retire Smarter
Cybersecurity and Your Retirement: Protecting What You've Built

Retire Smarter

Play Episode Listen Later Jun 26, 2025 36:12


Get your customized planning started by scheduling a no-cost discovery call: http://bit.ly/calltruewealth Retirees are increasingly targeted by cybercriminals — and the scams are getting more sophisticated. From fake emails and stolen phones to account takeovers and SIM card fraud, even cautious investors can be at risk. In this episode, Tyler Emrick, CFA®, CFP®, shares a real story of an attempted security breach involving a True Wealth Design client — and what made the firm catch it before damage was done. You'll learn the most common cybersecurity threats facing retirees, how to secure your financial accounts, and what to do if you think you've been scammed. Plus, we cover smart strategies like using a password manager, enabling two-factor authentication, freezing your credit, and why every retiree should have a Trusted Contact on file. If you've worked hard to build a secure retirement, this episode will help you protect it. Here's some of what we discuss in this episode:

Putting the AP in hAPpy
Episode 344: Another Fraudulent Payment After A BEC Scam Goes to Court – Who Won?

Putting the AP in hAPpy

Play Episode Listen Later Jun 26, 2025 18:23


When it comes to the vendor and buyer and who is responsible when there is a fraudulent payment can depend on the country.  Here is what happened in another court case….Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:   Article:  EFT payments and cybercrime: Court says car buyer is liable to ensure money is paid into the correct account Authentication Free Training Section:  3 Step Vendor Setup & Maintenance Process Workshop Vendor Banking Form Template:  https://debrarrichardson.com/store/vendor-banking-form-template Customized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

Paint The Medical Picture Podcast
Newsworthy Month of Fraud, Waste, and Abuse, Trusty Tip on Phishing Scams, and Samuel Taylor Coleridge's Spark

Paint The Medical Picture Podcast

Play Episode Listen Later Jun 25, 2025 34:02


Welcome to the Paint The Medical Picture Podcast, created and hosted by Sonal Patel, CPMA, CPC, CMC, ICD-10-CM.Thanks to all of you for making this a Top 15 Podcast for 4 Years: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://blog.feedspot.com/medical_billing_and_coding_podcasts/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Sonal's 15th Season starts up and Episode 8 features Newsworthy updates on the month's fraud, waste, and abuse cases. Sonal's Trusty Tip features compliance recommendations on phishing scams.Spark inspires us all to reflect on hopes and aspirations based on the inspirational words of Samuel Taylor Coleridge.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Paint The Medical Picture Podcast now on:Spotify: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://open.spotify.com/show/6hcJAHHrqNLo9UmKtqRP3X⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Apple Podcasts: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://podcasts.apple.com/us/podcast/paint-the-medical-picture-podcast/id153044217⁠7⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Amazon Music: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://music.amazon.com/podcasts/bc6146d7-3d30-4b73-ae7f-d77d6046fe6a/paint-the-medical-picture-podcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Find Paint The Medical Picture Podcast on YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/channel/UCzNUxmYdIU_U8I5hP91Kk7A⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Find Sonal on LinkedIn:⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/sonapate/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠And checkout the website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://paintthemedicalpicturepodcast.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you'd like to be a sponsor of the Paint The Medical Picture Podcast series, please contact Sonal directly for pricing: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠PaintTheMedicalPicturePodcast@gmail.com

STR Daily
Power Plays & Phishing Scams: The New Frontlines of Travel Disruption

STR Daily

Play Episode Listen Later Jun 25, 2025 2:59


In this episode of the STR Daily Podcast, we explore two major forces reshaping the travel and hospitality industry in 2025. First, we break down Airbnb's bold pivot from community-driven platform to political heavyweight—using lobbying, economic reports, and media strategy to battle STR regulations across Europe and the U.S. Then, we turn to the rising wave of cybersecurity threats targeting hotels and travel companies. From AI-generated phishing scams to credential-stuffing attacks, the stakes for digital trust have never been higher.Are you new and want to start your own hospitality business?Join our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Facebook group⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Follow Boostly and join the discussion:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠YouTube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠LinkedIn⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Facebook⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Want to know more about us? Visit our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠website⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Stay informed and ahead of the curve with the latest insights and analysis.

Qubit Podcast
Ma már nem elég a jelszómenedzsment a kiberbűnözés elleni védekezésben (x)

Qubit Podcast

Play Episode Listen Later Jun 23, 2025 46:54


... A podcast elkészítését a Mastercard támogatta.See omnystudio.com/listener for privacy information.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jun 20, 2025 5:46


How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding a new user, it took only two weeks for the new employee to receive somewhat targeted phishing emails. https://isc.sans.edu/diary/How%20Long%20Until%20the%20Phishing%20Starts%3F%20About%20Two%20Weeks/32052 Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone numbers Scammers are placing Google ads that point to legitimate companies sites, but are injecting malicious text into the page advertising fake tech support numbers https://www.malwarebytes.com/blog/news/2025/06/scammers-hijack-websites-of-bank-of-america-netflix-microsoft-and-more-to-insert-fake-phone-number What s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia Targeted attacks are tricking victims into creating app-specific passwords to Google resources. https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia

Stories from the River
Phishing Scams Are Smarter Than Ever — Here's How They're Tricking You

Stories from the River

Play Episode Listen Later Jun 19, 2025 25:32


In this episode of Stories from the River, guest host Tyler Trill, Senior Communications Manager at Broad River Retail, sits down with Broad River Retail's IT experts Robert Ferguson, Associate Director, IT Infrastructure & User Services, and Tim Sobkowiak, Associate Director, Retail Technology & Project Management, to dive into the world of cybersecurity, with a specific focus on phishing attacks.  The discussion breaks down how phishing techniques have evolved from suspicious emails to sophisticated text messages, QR code scams, and AI-powered voice impersonations. Robert and Tim share real-life examples of successful phishing scams, explain why these attacks remain effective, and offer practical advice on how to recognize and respond to threats. Key takeaways include the critical roles of strong passwords, multi-factor authentication, and most importantly, ongoing education for every team member—not just IT. The episode emphasizes that staying safe online is everyone's responsibility, both at work and at home. Listeners will walk away better prepared to spot and stop phishing attempts before they cause harm. Watch this episode on YouTube: https://youtu.be/Aj8A5NqKmq8  Visit https://www.storiesfromtheriver.com for more episodes. Broad River Retail brought this show to you. Visit https://BroadRiverRetail.com                              Follow us on LinkedIn: https://www.linkedin.com/company/broad-river-retail

Putting the AP in hAPpy
Episode 343: Bank Account Ownership Validation Issues > What About Vendors With Different Names?

Putting the AP in hAPpy

Play Episode Listen Later Jun 19, 2025 29:30


There is a common scenario for those Accounts Payable or Vendor teams that can do bank account ownership validations when setting up or changing vendor data: many vendors have legitimate reasons why their bank account holder names do not match their legal name.  So, how are you supposed to know whether this is legitimate or fraudulent?Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:   AVM: 3-Step Vendor Setup and Maintenance Framework to Avoid Fraud, Fines and Bad Vendor Data: https://youtu.be/prvHJ6_Rf58 D&B Business Directory:  https://www.dnb.com OpenCorporates:  https://opencorporates.com/ SEC > EDGAR Database: https://www.sec.gov/edgar/search/#/entityName=USERFUL%2520CORPORATION State Registration Sites:   Vendor Process Training Center > Resource Library Customized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

Cracking Cyber Security Podcast from TEISS
teissTalk: Securing against AI-driven phishing attacks

Cracking Cyber Security Podcast from TEISS

Play Episode Listen Later Jun 19, 2025 44:16


How cyber criminals are using AI tools to scale malicious operationsStreamlining user experience with biometrics or device-based authenticationMaking your organisation cyber resilient and securing critical systems as AI continues to advanceFeaturing: Thom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Derek Hanson, VP Solutions Architecture and Alliances, Yubicohttps://www.linkedin.com/in/derekthansonJay Vinda, Global CISO and Cyber Risk Engineering Lead, Mosaic Insurancehttps://www.linkedin.com/in/jayvindaLee Munson, Principal Research Analyst, Information Security Forumhttps://www.linkedin.com/in/lmunson/

OMAG All Access
Cybersecurity Threats to Oklahoma Municipalities: How to Prepare and Respond (ft. Zach Oubre)

OMAG All Access

Play Episode Listen Later Jun 19, 2025 18:24


Cyberattacks are on the rise—and smaller municipalities are now a top target. In this episode of OMAG All Access, David Dalton, OMAG's Director of Claims, is joined by cybersecurity attorney Zach Oubre of McAfee & Taft to discuss how cities and towns in Oklahoma can protect themselves.Zach shares insights from years of experience helping clients navigate breaches, ransomware events, and phishing scams. Together, they walk through practical steps your municipality can take now—from improving email security to implementing multi-factor authentication and updating system patches.Whether you're a city manager, clerk, or IT professional, this episode offers straightforward advice to reduce your cyber risk and respond quickly when attacks occur.Learn more at www.omag.org

Stories from the River
Phishing Scams Are Smarter Than Ever — Here's How They're Tricking You

Stories from the River

Play Episode Listen Later Jun 19, 2025 25:32


In this episode of Stories from the River, guest host Tyler Trill, Senior Communications Manager at Broad River Retail, sits down with Broad River Retail's IT experts Robert Ferguson, Associate Director, IT Infrastructure & User Services, and Tim Sobkowiak, Associate Director, Retail Technology & Project Management, to dive into the world of cybersecurity, with a specific focus on phishing attacks.  The discussion breaks down how phishing techniques have evolved from suspicious emails to sophisticated text messages, QR code scams, and AI-powered voice impersonations. Robert and Tim share real-life examples of successful phishing scams, explain why these attacks remain effective, and offer practical advice on how to recognize and respond to threats. Key takeaways include the critical roles of strong passwords, multi-factor authentication, and most importantly, ongoing education for every team member—not just IT. The episode emphasizes that staying safe online is everyone's responsibility, both at work and at home. Listeners will walk away better prepared to spot and stop phishing attempts before they cause harm. Watch this episode on YouTube: https://youtu.be/Aj8A5NqKmq8  Visit https://www.storiesfromtheriver.com for more episodes. Broad River Retail brought this show to you. Visit https://BroadRiverRetail.com                              Follow us on LinkedIn: https://www.linkedin.com/company/broad-river-retail

ITSPmagazine | Technology. Cybersecurity. Society
Inside the Mind of the UK's Top Cyber Intelligence Officer: A Ransomware 3.0 Reality Check | An Infosecurity EU 2025 Conversation with William Lyne, Deputy Director and Head of Cyber Intelligence at the UK's National Crime Agency (NCA)

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 16, 2025 17:47


William Lyne of the UK's National Crime Agency joins us live at Infosecurity Europe to talk ransomware, AI threats, and the future of cybercrime disruption.When the UK's top cyber intelligence strategist sits down with you in London, you listen — and you hit record.At Infosecurity Europe 2025, the ITSPmagazine podcast team — Marco Ciappelli and Sean Martin — sat down with William Lyne, Deputy Director and Head of Cyber Intelligence at the UK's National Crime Agency (NCA). This is the guy who not only leads cyber strategy for the NCA, but has also represented the UK at the FBI in the U.S. and now oversees national-level ransomware disruption efforts. It's not just a conversation — it's a rare front-row seat into how one of the world's most serious crime-fighting agencies is tackling ransomware 3.0.The message? Ransomware isn't just a cyber issue. It's a societal one. And it's evolving faster than we're prepared for — unless we change the game.“It went from niche to national threat fast,” Lyne explains. “The tools were always there. It just took a few threat actors to stitch them together.”From banking malware to fully operational cybercrime-as-a-service ecosystems, Lyne walks us through how the underground economy has industrialized. Ransomware isn't just about tech — it's about access, scale, and business models. And most importantly, it's no longer limited to elite coders or closed-door Russian-speaking forums. The barrier to entry is gone, and the dark web is wide open for business.Sean brings up the obvious: “Why does this still feel like we're always reacting?”Lyne responds: “We've shifted. We're going after the ecosystem — the people, the infrastructure, the business model — not just the payload.” That includes disrupting ransomware-as-a-service, targeting marketplaces, and yes, investing in preemptive intelligence.Marco flips the script by comparing today's cyber landscape to something deeply human. “Extortion is nothing new — we've just digitalized it. This is human behavior, scaled by tech.”From there, the conversation takes a future-facing turn. Deepfakes, AI-powered phishing, the commoditization of generative tools — Lyne confirms it's all on their radar. But he's quick to note that cybercriminals aren't bleeding-edge innovators. “They adopt when the ROI is right. But AI-as-a-service? That's coming. And it will reshape how efficient — and damaging — these threats become.”And then the real insight lands:“You can't wait to be a victim to talk to law enforcement. We may already have access to the infrastructure. The earlier we hear from you, the better we can act — and fast.”That kind of operational openness isn't something you heard from law enforcement five years ago. It signals a cultural shift — one where collaboration is not optional, it's essential.William also highlights the NCA's partnerships with private sector firms, academia, and international agencies, including the Kronos operation targeting LockBit infrastructure. These kinds of collaborations prove that when information moves, so does impact.Why does this matter?Because while most cybersecurity media gets stuck in product buzzwords and vendor hype, this is the real stuff — how ransomware groups behave, how law enforcement thinks, and how society can respond. It's not theory. It's strategy, lived on the front lines. 

Putting the AP in hAPpy
Episode 342: Top 2 Reasons Vendors Reach Out to Me About You!

Putting the AP in hAPpy

Play Episode Listen Later Jun 12, 2025 26:10


You may be listening to this podcast to find out what your vendors are doing, but guess what?  Your vendors are reaching out to me to understand what you are doing!  If you want to know the top 2 reasons vendors reach out to me about you (and what you can do to avoid this), then…Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:   IRS W-9 Examples by Tax Classification - What To Look For When Accepting From Your Vendor:  https://training.debrarrichardson.com/course/w9 Do IRS Form W-9s Expire? When Should You Collect a New One? https://debrarrichardson.com/blog/do-irs-form-w-9s-expire-when-should-you-collect-a-new-one?rq=expire Do You Need to Collect the California 587 or 590 Forms When Setting Up New Vendors? https://debrarrichardson.com/blog/do-you-need-to-collect-the-california-587-or-590-forms-when-setting-up-new-vendors?rq=587 Customized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

Risky Business News
Sponsored: Phishing crews have gotten really good at evasion

Risky Business News

Play Episode Listen Later Jun 9, 2025 18:19


In this sponsored interview, Casey Ellis interviews Push Security co-founder and Chief Product Officer Jacques Louw about how good phishing crews have gotten at evading detection. Attackers are hiding their payloads behind legitimate bot-detection tools to stop things like email security gateways from seeing them, as well as locking up phishing pages behind OAuth challenges. Push sees all this because it's installed as a browser plugin and sees what users see. Show notes

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Thursday, June 5th, 2025: Phishing Comment Trick; AWS default logging mode change; Cisco Backdoor Fixed; Infoblox Vulnerability Details Released

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jun 5, 2025 5:26


Phishing e-mail that hides malicious links from Outlook users Jan found a phishing email that hides the malicious link from Outlook users. The email uses specific HTML comment clauses Outlook interprets to render or not render specific parts of the email s HTML code. Jan suggests that the phishing email is intented to not expose users of https://isc.sans.edu/diary/Phishing%20e-mail%20that%20hides%20malicious%20link%20from%20Outlook%20users/32010 Amazon changing default logging from blocking to non-blocking Amazon will change the default logging mode from blocking to non-blocking. Non-blocking logging will not stop the application if logging fails, but may result in a loss of logs. https://aws.amazon.com/blogs/containers/preventing-log-loss-with-non-blocking-mode-in-the-awslogs-container-log-driver/ Cisco Removes Backdoor Cisco fixed a Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-aws-static-cred-FPMjUcm7 Infoblox Vulnerability Details disclosed Details regarding several vulnerabilities recently patched in Infoblox s NetMRI have been made public. In particular an unauthenticated remote code execution issue should be considered critical. https://rhinosecuritylabs.com/research/infoblox-multiple-cves/

Putting the AP in hAPpy
Episode 341: Why the Vendor Confirmation Call is Not A Silver Bullet to Avoid Payment Fraud

Putting the AP in hAPpy

Play Episode Listen Later Jun 5, 2025 23:01


The  confirmation call has long been hailed as a safeguard against fraud. But it's not.  Let's delve into why and what can improve the process.Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:   Get the Vendor Callback Confirmation Toolkit(TM) Today: https://training.debrarrichardson.com/course/callback-confirmation-toolkitCustomized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

Breaking Badness
Beyond the Perimeter: How Attackers Use Domains, Phishing & AI and How to Fight Back

Breaking Badness

Play Episode Listen Later Jun 4, 2025 68:24


Welcome to a special RSAC 2025 episode of the Breaking Badness Cybersecurity Podcast! Today, we delve into the critical role of domains in modern cyber attacks. From sophisticated nation-state operations to AI-powered phishing kits and malicious browser extensions, domains are the foundational infrastructure for threat actors. Host Kali Fencl is joined by four leading cybersecurity experts Joe Slowik, Robert Duncan, John Fokker and Vivek Ramachandran to break down how domains are weaponized and what organizations can do to defend themselves on this ever-evolving frontline

Wallet Watch
Unraveling Card Fraud

Wallet Watch

Play Episode Listen Later Jun 4, 2025 21:09


Phishing remains to be the number one way fraudsters are scamming people into giving away both personal and financial information. In the latest episode of Wallet Watch “Unraveling Card Fraud”, Melissa, Manager of Card Fraud shares ways consumers have given away sensitive financial information like their card and account numbers, not realizing it was a scam until after the fact. She is also sharing safe card practices that could help you better recognize fraud attempts and ways to help keep your personal and financial sensitive information safe and secure. Don't miss out- tune in now!

Paul's Security Weekly
Building Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - Karl Van den Bergh, Tony Anscombe, Eyal Benishti, Nick Carroll, Chad Alessi, Chris Peluso - ESW #409

Paul's Security Weekly

Play Episode Listen Later Jun 2, 2025 98:33


Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-409

Enterprise Security Weekly (Audio)
Building Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - Karl Van den Bergh, Tony Anscombe, Eyal Benishti, Nick Carroll, Chad Alessi, Chris Peluso - ESW #409

Enterprise Security Weekly (Audio)

Play Episode Listen Later Jun 2, 2025 98:33


Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-409

DrZeroTrust
Mammoth Cyber and Zero Trust

DrZeroTrust

Play Episode Listen Later Jun 2, 2025 22:31


In this conversation, Dr. Chase Cunningham and Michael Shieh from Mammoth Cyber discuss the evolution of Zero Trust security, focusing on browser security and AI's role in enhancing security measures. They explore the concept of data-first security, the significance of mobile security, and the future of Zero Trust in the context of increasing cyber threats. Michael emphasizes the need for a browser-centric approach to security, which allows for better control and visibility over user behavior and data access.TakeawaysMammoth Cyber focuses on browser-centric security solutions.The evolution of web applications has increased data leakage risks.AI tools are becoming integral to browser security.Data isolation allows users to access data without downloading it.User productivity should not be hindered by security measures.The attack surface for cyber threats is broader than ever.Browser security is essential for all users, not just enterprises.Phishing training is less effective than implementing browser isolation.Mobile security is crucial as users access company data on personal devices.The future of Zero Trust will heavily involve browser security solutions.

Cyber Security Today
Phishing Scams, DNS Hijacking, and Cybersecurity Leadership Shakeup

Cyber Security Today

Play Episode Listen Later May 28, 2025 11:30 Transcription Available


  In this episode of Cybersecurity Today, host Jim Love explores the intricacies behind phishing emails that cleverly spoof Microsoft addresses, making many fall for scams despite appearing legitimate. Love emphasizes the need for a stringent 'zero trust' approach to counter these advanced tactics. Additionally, the episode delves into the activities of the hacking group Hazy Hawk, which exploits misconfigured DNS records to hijack trusted domains and propagate malware. Organizations are warned about the importance of regular DNS audits to prevent such attacks. The episode also covers the alarming wave of departures at the Cybersecurity and Infrastructure Security Agency (CISA), raising concerns over the agency's effectiveness amid increasing cyber threats. In another segment, Love discusses a sophisticated fraud operation out of Hanoi, where perpetrators manipulated X's Creator Revenue Sharing Program to siphon funds through fraudulent engagement metrics. The need for built-in fraud prevention mechanisms in digital reward systems is stressed. The episode concludes with a call for listener feedback and support. 00:00 Introduction and Overview 00:27 Phishing Scams: Authentic-Looking Emails 02:58 DNS Misconfigurations and Hazy Hawk 05:36 CISA Leadership Exodus 08:16 X's Creator Revenue Sharing Fraud 10:56 Conclusion and Contact Information

Collective Noun Podcast
Phishing with Sam Fischer

Collective Noun Podcast

Play Episode Listen Later May 27, 2025 25:02


Phishing with Sam Fischer

Collective Noun Podcast
May 22: Phishing

Collective Noun Podcast

Play Episode Listen Later May 21, 2025 25:13 Transcription Available


Sam Fischer Joins the show! Summer time Ball Standby list Day Bet Make My Day See omnystudio.com/listener for privacy information.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Monday, May 18th 2025: xorsearch python functions; pwn2own Berlin; senior govt official impersonation; dynamic domain risk

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later May 19, 2025 6:30


xorsearch.py: Python Functions Didier s xorsearch tool now supports python functions to filter output https://isc.sans.edu/diary/xorsearch.py%3A%20Python%20Functions/31858 Pwn2Own Berlin 2025 Last weeks Pwn2Own contest in Berlin allowed researchers to demonstrate a number of new exploits with a large focus on privilege escalation and virtual machine escape. https://www.zerodayinitiative.com/blog/2025/5/17/pwn2own-berlin-2025-day-three-results Senior US Officials Impersonated in Malicious Messaging Campaign The FBI warns of senior US officials being impersonated in text and voice messages. https://www.ic3.gov/PSA/2025/PSA250515 Scattered Spider: TTP Evolution in 2025 Pushscurity provided an update on how Scattered Spider evolved. One thing they noted was that Scattered Spider takes advantage of legit dynamic domain name systems to make detection more difficult https://pushsecurity.com/blog/scattered-spider-ttp-evolution-in-2025/

The CyberWire
Leveling up their credential phishing tactics. [Research Saturday]

The CyberWire

Play Episode Listen Later May 17, 2025 20:46


This week, Dave speaks with Max Gannon of Cofense Intelligence to dive into his team's research on "The Rise of Precision-Validated Credential Theft: A New Challenge for Defenders." Threat actors continuously develop new tactics, techniques, and procedures (TTPs) to bypass existing defenses. When defenders identify these methods and implement countermeasures, attackers adapt or create more sophisticated approaches. This research explores how cybercriminals are leveling up their credential phishing tactics using Precision-Validated Phishing, a technique that leverages real-time email validation to ensure only high-value targets receive the phishing attempt. The research can be found here: The Rise of Precision-Validated Credential Theft: A New Challenge for Defenders⁠⁠⁠⁠⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily Crypto Report
"Binance, Kraken successfully thwart phishing attacks similar to Coinbase" May 17, 2025

Daily Crypto Report

Play Episode Listen Later May 17, 2025 6:56


Today's blockchain and crypto news Binance, Kraken successfully thwart phishing attacks simialar to Coinbase hack World Liberty Financial rebuts Senate Democrat's probe Coinshift's stablecoin tops $100 million in TVL Learn more about your ad choices. Visit megaphone.fm/adchoices

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday, May 7th: Infostealer with Webserver; Android Update; CISA Warning

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later May 7, 2025 6:44


Python InfoStealer with Embedded Phishing Webserver Didier found an interesting infostealer that, in addition to implementing typical infostealer functionality, includes a web server suitable to create local phishing sites. https://isc.sans.edu/diary/Python%20InfoStealer%20with%20Embedded%20Phishing%20Webserver/31924 Android Update Fixes Freetype 0-Day Google released its monthly Android update. As part of the update, it patched a vulnerability in Freetype that is already being exploited. Android is not alone in using Freetype. Freetype is a very commonly used library to parse fonts like Truetype fonts. https://source.android.com/docs/security/bulletin/2025-05-01 CISA Warns of Unsophistacted Cyber Actors CISA released an interesting title report warning operators of operational technology networks of ubiquitous attacks by unsophisticated actors. It emphasizes how important it is to not forget basic security measures to defend against these attacks. https://www.cisa.gov/news-events/alerts/2025/05/06/unsophisticated-cyber-actors-targeting-operational-technology