Podcasts about Phishing

Cyberangriffe sind längst keine Ausnahme mehr – besonders nicht für den Mittelstand. In dieser Folge spricht Jonas Rashedi mit Dr. Marc Atkins von Vodafone Business, der das neue Cyber Security Center leitet. Gemeinsam schauen sie auf typische Risiken, reale Fälle und praktikable Schutzmaßnahmen. Marc erklärt, wie Phishing-Angriffe ablaufen, warum Awareness der erste Schritt ist – und was passiert, wenn man gar nichts merkt. Er bringt konkrete Beispiele mit: von Samstags-Attacken, die nachts erkannt und automatisch isoliert werden, bis hin zu alten Betriebssystemen, die im Onboarding entdeckt werden. Was hilft? Endpoint-Schutz, Firewall-Monitoring, Managed Detection & Response – und vor allem: ein Partner, der mitdenkt. Eine Folge, die zeigt, dass Sicherheit machbar ist – wenn man sie ernst nimmt. MY DATA IS BETTER THAN YOURS ist ein Projekt von BETTER THAN YOURS, der Marke für richtig gute Podcasts. Du möchtest gezielt Werbung im Podcast MY DATA IS BETTER THAN YOURS schalten? Zum Kontaktformular: https://2frg6t.share-eu1.hsforms.com/2ugV0DR-wTX-mVZrX6BWtxg Zum LinkedIn-Profil von Marc: https://www.linkedin.com/in/dr-marc-atkins-669108a7/ Zur Homepage von Vodafone: https://www.vodafone.de Zu allen wichtigen Links rund um Jonas und den Podcast: https://linktr.ee/jonas.rashedi 00:00 Vorstellung & Einstieg 08:00 Bedrohungslage & falsche Wahrnehmung 16:00 Phishing & Faktor Mensch 24:00 Stillstand, Schäden & Reputationsrisiken 30:00 MDR, SIEM, SOAR & Notfallroutinen 40:00 NIS2, Meldepflichten & Prozesse 48:00 Fachkräftemangel & Diversity in Security-Teams

Herzlich willkommen zum SKYTALE Podcast Ausgabe 64. Zum letzten Mal in diesem Jahr wollen wir Sie an dieser Stelle über Betrügereien, Bedrohungen und alte und neue kriminelle Maschen in der IT- und Kommunikations-Sicherheit, aber auch im täglichen Alltag informieren. Unsere Themen heute unter anderem: Vorsicht bei Kündigungen, Versicherungen gegen Phishing, USB-Sticks für Geheimagenten, KI als Sicherheitsrisiko und vieles mehr. SKYTALE Online-Akademie für IT-Sicherheit Alle bisher erschienenen Podcasts Folge direkt herunterladen

Chris and Hector break down how trust itself has become the attack vector. From AI powered SEO poisoning that tricks users into infecting their own machines, to a leaked GitHub token that exposed Home Depot systems for nearly a year, they unpack the latest breaches, indictments, and regulatory failures shaping the cyber landscape. They talk community, accountability, and why copying random terminal commands might be the most dangerous habit in tech right now. Join our new Patreon! ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

Holidays are the best times for cybercriminals – they know we are busy trying to get out of the office and all they need is the information we typically include in an Out of Office automated email reply.  Don't give it to them – use these best practices to not let your absence lead to payment fraud. Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:     Mailguard Article: 

Send us a textCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvHeadlines say the talent shortage is easing, yet nearly half of UK businesses still lack basic cyber skills. That disconnect sets the stage for a frank, practical tour through what actually reduces risk—no buzzwords required. We open with real takeaways from the UK's international cyber skills initiatives and move quickly to the daily decisions that shape resilience: encryption in the cloud, least privilege by default, and how to keep role-based access control from collapsing under credential creep.We make the identity layer tangible. Single sign-on can simplify life and lower password reuse, but it also centralizes risk. We share how to counterbalance SSO with MFA, conditional access, and strong monitoring. Cloud-based IAM accelerates deployment and gives flexibility, yet brings ongoing costs and integration challenges with legacy systems; outsourcing introduces a loss of control that must be offset by airtight requirements, auditability, and vendor transparency. Phishing remains the most reliable social engineering vector, so security awareness training isn't optional—it's the routine that turns policy into behavior.Zero trust becomes manageable when you stop treating it like a switch and start treating it like a program. We outline a phased path: define protect surfaces, segment by sensitivity, apply continuous verification where the impact is highest, and expand deliberately. Vendor access deserves the same precision: NDAs for legal guardrails, least privilege for scope, monitoring for assurance, and scheduled reviews to remove stale permissions. Along the way, we talk mentorship, pro bono work, and competitions as concrete ways to grow talent while delivering real security outcomes.We also road-test your knowledge with a focused Domain 1.9 CISSP question set, reinforcing the core ideas with scenario-based reasoning. If you're preparing for the CISSP or leading a security program, you'll walk away with a clear playbook: encrypt by default, minimize access, verify continuously, and measure what matters. If this resonates, subscribe, share with a teammate, and leave a review so others can find the show.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Mmathebe Zvobwo, Director of Market. Development, Truecaller South Africa spoke to Clarence Ford. Views and News with Clarence Ford is the mid-morning show on CapeTalk. This 3-hour long programme shares and reflects a broad array of perspectives. It is inspirational, passionate and positive. Host Clarence Ford’s gentle curiosity and dapper demeanour leave listeners feeling motivated and empowered. Known for his love of jazz and golf, Clarrie covers a range of themes including relationships, heritage and philosophy. Popular segments include Barbs’ Wire at 9:30am (Mon-Thurs) and The Naked Scientist at 9:30 on Fridays. Thank you for listening to a podcast from Views & News with Clarence Ford Listen live on Primedia+ weekdays between 09:00 and 12:00 (SA Time) to Views and News with Clarence Ford broadcast on CapeTalk https://buff.ly/NnFM3Nk For more from the show go to https://buff.ly/erjiQj2 or find all the catch-up podcasts here https://buff.ly/BdpaXRn Subscribe to the CapeTalk Daily and Weekly Newsletters https://buff.ly/sbvVZD5 Follow us on social media: CapeTalk on Facebook: https://www.facebook.com/CapeTalk CapeTalk on TikTok: https://www.tiktok.com/@capetalk CapeTalk on Instagram: https://www.instagram.com/ CapeTalk on X: https://x.com/CapeTalk CapeTalk on YouTube: https://www.youtube.com/@CapeTalk567See omnystudio.com/listener for privacy information.

In this episode of Cybersecurity Today, host Jim Love discusses a range of pressing cybersecurity threats. The show covers the escalating React2Shell vulnerability, which has led to widespread automated exploitation campaigns involving crypto miners and back doors. Additionally, Jim reports on the Black Force phishing kit, which bypasses multifactor authentication and is gaining traction among cybercriminals. Microsoft OAuth consent attacks are also highlighted, with users being tricked into granting access to their accounts. Finally, the episode touches on PornHub's data breach involving the Shiny Hunters cybercrime group and the importance of patching vulnerabilities and being cautious during the holiday season. 00:00 Introduction and Sponsor Message 00:22 React2Shell Vulnerability Deep Dive 03:46 Black Force Phishing Toolkit 05:44 Microsoft OAuth Consent Phishing 07:29 PornHub Data Breach by Shiny Hunters 10:21 Holiday Cybersecurity Tips and Final Thoughts

How has GenAI turned phishing Into a speed war? And what should we do about it? Let's find out with your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

US turns to private firms in cyber offensive Microsoft updates cause queuing failures Phishing campaign delivers Phantom stealer Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Attackers don't need malware anymore; they need trust. Tip: set a simple passphrase for high-risk actions, like wire requests or "urgent" account recovery – especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deepfake and vishing simulations so employees practice this before it's real. Learn more at adaptivesecurity.com.  

Farms today run more digital systems than ever before — GPS-guided equipment, grain accounting software, cloud-connected records, automated livestock and irrigation controls, and online financial tools. And that shift has put agriculture squarely into the Top 10 most-targeted industries for cyberattacks.In this episode, we sit down with Chris Sherman, founder of TechSupport.Farm, who specializes in helping farmers and ag businesses protect their operations from online threats. Chris breaks down why farms are becoming major hacker targets, the attacks he sees most often, and the simple ways producers can safeguard their data, their money, and their equipment.We explore real farm-level risks such as:Phishing emails disguised as invoices, USDA notices, or dealer updatesRansomware that locks up grain software, field maps, GPS data, or entire farm serversExtortion scams demanding bitcoinAttempts to infiltrate connected systems like grain dryers, feed mills, and irrigation controlsChris explains where farm data actually lives — on equipment, in cloud systems, or in software platforms — and what farmers need to understand about data ownership, platform security, and privacy.Then we move into practical, easy-to-apply cybersecurity steps every farm can start today:Creating strong password policies (12+ characters)Using password managersTurning on two-factor authenticationUpgrading email security with spam and phishing filtersSeparating home WiFi from business and equipment WiFiTracking who has login accessKeeping offline backups of critical filesTraining your family and employees to spot digital red flagsChris also shares real-world stories from farms he's helped — the scams that worked, the ones that were caught in time, and the mistakes he sees repeated across operations of all sizes.Whether you run a large operation or a small family farm, cybersecurity is now part of running the business. This episode will help you protect what you've built, stay ahead of threats, and keep hackers out of your data, your money, and your equipment. Want Farm4Profit Merch? Custom order your favorite items today!https://farmfocused.com/farm-4profit/ Don't forget to like the podcast on all platforms and leave a review where ever you listen! Website: www.Farm4Profit.comShareable episode link: https://intro-to-farm4profit.simplecast.comEmail address: Farm4profitllc@gmail.comCall/Text: 515.207.9640Subscribe to YouTube: https://www.youtube.com/channel/UCSR8c1BrCjNDDI_Acku5XqwFollow us on TikTok: https://www.tiktok.com/@farm4profitllc Connect with us on Facebook: https://www.facebook.com/Farm4ProfitLLC/ Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Tato epizoda přináší od masivního zneužívání zranitelnosti React2Shell, přes novou generaci phishingových útoků využívajících umělou inteligenci a obcházení vícefaktorového ověřování, až po bizarní, ale reálný případ z Evropy, kde policie zadržela „cestovatele“ s kufrem plným hackerské a špionážní techniky.

This might be obvious, but security is not all domain admin dancing and maximum pwnage. Sometimes, despite my best efforts, a security project does a faceplant. Today's episode focuses on a phishing campaign that had plenty of "bites" but got immediately shut down – for reasons I still don't understand.

Temas: Ingeniería Social, Deepfakes, Guerra Híbrida, Guerra Cognitiva, Desinformación Sintética, Ciberseguridad 2026, Manipulación Electoral, Algoritmos Sesgados, Clonación de Voz, Phishing con IA, Identidad Digital, NATO Innovation Hub. Emisión: 04/12/2025 Temporada 11 Episodio 33 Abstract: ¿Crees que controlas tus decisiones? Piénsalo dos veces. En este episodio de investigación profunda, destapamos los documentos y predicciones que marcan el 2026 como el año cero de la Guerra Cognitiva. No hablamos de ciencia ficción: hablamos de tecnologías militares desplegadas contra civiles. Descubre: ✔️ Por qué la OTAN considera tu cerebro el nuevo campo de batalla. ✔️ La verdad sobre la "Internet Muerta": ¿Estás discutiendo con bots? ✔️ Deepfakes en tiempo real: El fin de la evidencia en video. ✔️ Cómo los algoritmos están siendo diseñados para la corrupción silenciosa. Ellos tienen la tecnología, pero nosotros tenemos la información. Acompáñame a ver lo que la "Mano Invisible" no quiere que veas. 🔔 Suscríbete y enciende la campana para no perderte ningún capítulo de este viaje al futuro más inmediato. Mónica Maciel y Salvador Gaviño Romero ponen sobre la mesa del misterio las historias, los fenómenos y un acercamiento a la verdad. Conviértete en miembro de este canal para disfrutar de ventajas: https://www.youtube.com/channel/UCovCkTauWfbvVYKbYjAYw1w/join Gracias por Suscribirte: https://www.youtube.com/user/recetarioelajo?sub_confirmation=1 Follow en Twitter: https://x.com/recetarioelajo Like en FB:https://www.facebook.com/recetarioelajo/ WEB: http://www.elajoproducciones.com Podcast Ivoox: https://go.ivoox.com/sq/2458 Ajófono:(+52) 56.100.56.1.56 (MX) Ajomail: elajo.producciones@gmail.com #Misterio3 Animación Intro El Ajo Producciones: Cortesía El Último Escriba Animación Intro Misterio 3: Cortesía El Último Escriba Animación Intraterreno: Cortesía El Último Escriba Música Fondo: Kevin Macleod https://incompetech.com/music/royalty-free/ Copyright Disclaimer! Title 17, US Code (Sections 107-118 of the copyright law, Act 1976): All media in this video is used for purpose of review & commentary under terms of fair use. All footage, & images used belong to their respective companies. Fair use is a use permitted by copyright statute that might otherwise be infringing. ***** Enlaces de Interés ***** Anacrónico ¡Ya Disponible! : https://a.co/d/8Z5OABJ PODCAST Dante: https://www.youtube.com/watch?v=rZkE2IKIJVc Dante Vanzetti spotify: https://open.spotify.com/artist/08MlOZSrQ6psjZbZWEVCgH?si=j6fSsfBATw-HwwjInMyOCg Dante Vanzetti YT: https://youtu.be/N8BJxFrRbGQ?si=ACbIH2GEOQoVzbkK Yasfer Cuadrante Mágico: https://yasferlvx.wixsite.com/arcano-obscuro-radio Marcos Urbex: https://youtube.com/@markoz320?si=qH2JyDW1gX2ohDH_ Mónica Canal Misterio: https://youtube.com/@proyectoguionenblancomiste3209?si=xt2T2iYtlIlwag-f Canal Vladimir Chargoy: https://www.youtube.com/@vladimirchargoy1711 TEMAS: 0:00:00 Antesala 0:05:00 Inicio 0:09:00 Anuncios y Riesgos 1:20:00 Herramientas 1:45:00 Leyes y Lógicas 2:00:00 Guerra Cognitiva, DaaS, IBR, Captura Algoritmica, Colapso de Identidad, IA Emocional 3:08:00 Saludos

"Spear phishing is a direct attack." Connect With Our SponsorsGreyFinch - https://greyfinch.com/jillallen/A-Dec - https://www.a-dec.com/orthodonticsSmileSuite - https://getsmilesuite.com/ Summary In this conversation, Gary Salman, CEO of Black Talon Security, discusses the critical importance of cybersecurity in the dental and orthodontic fields. He shares insights on the evolution of cyber threats, particularly focusing on social engineering and phishing attacks. Gary emphasizes the need for comprehensive training for dental staff to recognize and prevent these threats. He also highlights the significance of understanding cyber risk ratings and the role of AI in enhancing cybersecurity measures. The discussion concludes with practical advice for practices to safeguard patient data and navigate the complexities of modern cybersecurity challenges. Connect With Our Guest Black Talon Security - https://www.blacktalonsecurity.com/ Takeaways Gary has over 33 years of experience in dental technology.He emphasizes the importance of cybersecurity in practices.Social engineering is a major threat, often leading to phishing attacks.Training staff is crucial as 60% of cyber attacks result from human error.Spear phishing is a targeted attack that can compromise email accounts.Antivirus software may not detect legitimate software used by hackers.Cybersecurity requires a proactive approach, similar to healthcare.Understanding cyber risk ratings is essential for practices.AI can enhance cybersecurity but requires due diligence.Practices must be aware of their vulnerabilities and take action.Chapters 00:00 Introduction02:02 Gary Salman's Background and Black Talon Security06:33 Understanding Social Engineering Attacks14:14 Preventative Measures and Training25:58 Understanding Cyber Risk in Dental Practices27:52 The Importance of Cyber Risk Ratings28:19 Known Exploitable Vulnerabilities and Network Security33:13 AI in Healthcare: Benefits and Risks36:09 Best Practices for Using AI in Practices38:49 Final Thoughts and Contact Information Episode Credits:  Hosted by Jill AllenProduced by Jordann KillionAudio Engineering by Garrett LuceroAre you ready to start a practice of your own? Do you need a fresh set of eyes or some advice in your existing practice?Reach out to me- www.practiceresults.com.    If you like what we are doing here on Hey Docs! and want to hear more of this awesome content, give us a 5-star Rating on your preferred listening platform and subscribe to our show so you never miss an episode.    New episodes drop every Thursday!   

If you are getting ready for tax reporting for Tax Year 2025 and need the important things to know or do regarding the 1099-NEC, the 1099-MISC and the 1042-S – this podcast episode is for you! Starting with two that you don't have to worry about (yet) then three that you do.  Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:    IRS Draft Forms:  https://www.irs.gov/draft-tax-formsIRS Published Forms:  https://www.irs.gov/forms-instructions-and-publications IRS Publication 5903: IRIS App for TCC Tutorial and IRIS Application for TCCIRS Publication 5911: IR App for TCC Tutorial and IR Application for TCCCustomized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionFree Download:  Vendor Validation Reference List with Resource Links https://debrarrichardson.com/vendor-validation-downloadVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

nanoKVM Vulnerabilities The nanoKVM device updates firmware insecurely; however, the microphone that the authors of the advisory referred to as undocumented may actually be documented in the underlying hardware description. https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in-sipeed-nanokvm Ghostframe Phishing Kit The Ghostframe phishing kit uses iFrames and random subdomains to evade detection https://blog.barracuda.com/2025/12/04/threat-spotlight-ghostframe-phishing-kit WatchGuard Advisory WatchGuard released an update for its Firebox appliance, fixing ten vulnerabilities. Five of these are rated as High. https://www.watchguard.com/wgrd-psirt/advisories

Please enjoy this encore of Word Notes. The use of similar-looking characters in a phishing URL to spoof a legitimate site. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/homograph-phishing⁠ Audio reference link: “⁠Mission Impossible III 2006 Masking 01⁠,” uploaded by DISGUISE MASK, 28 July 2018.

Please enjoy this encore of Word Notes. The use of similar-looking characters in a phishing URL to spoof a legitimate site. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/homograph-phishing⁠ Audio reference link: “⁠Mission Impossible III 2006 Masking 01⁠,” uploaded by DISGUISE MASK, 28 July 2018. Learn more about your ad choices. Visit megaphone.fm/adchoices

Dr. Steve Mancini: https://www.linkedin.com/in/dr-steve-m-b59a525/Marco Ciappelli: https://www.marcociappelli.com/Nothing Has Changed in Cybersecurity Since War Games — And That's Why We're in Trouble"Nothing has changed."That's not what you expect to hear from someone with four decades in cybersecurity. The industry thrives on selling the next revolution, the newest threat, the latest solution. But Dr. Steve Mancini—cybersecurity professor, Homeland Security veteran, and Italy's Honorary Consul in Pittsburgh—wasn't buying any of it. And honestly? Neither was I.He took me back to his Commodore 64 days, writing basic war dialers after watching War Games. The method? Dial numbers, find an open line, try passwords until one works. Translate that to today: run an Nmap scan, find an open port, brute force your way in. The principle is identical. Only the speed has changed.This resonated deeply with how I think about our Hybrid Analog Digital Society. We're so consumed with the digital evolution—the folding screens, the AI assistants, the cloud computing—that we forget the human vulnerabilities underneath remain stubbornly analog. Social engineering worked in the 1930s, it worked when I was a kid in Florence, and it works today in your inbox.Steve shared a story about a family member who received a scam call. The caller asked if their social security number "had a six in it." A one-in-nine guess. Yet that simple psychological trick led to remote software being installed on their computer. Technology gets smarter; human psychology stays the same.What struck me most was his observation about his students—a generation so immersed in technology that they've become numb to breaches. "So what?" has become the default response. The data sells, the breaches happen, you get two years of free credit monitoring, and life goes on. Groundhog Day.But the deeper concern isn't the breaches. It's what this technological immersion is doing to our capacity for critical thinking, for human instinct. Steve pointed out something that should unsettle us: the algorithms feeding content to young minds are designed for addiction, manipulating brain chemistry with endorphin kicks from endless scrolling. We won't know the full effects of a generation raised on smartphones until they're forty, having scrolled through social media for thirty years.I asked what we can do. His answer was simple but profound: humans need to decide how much they want technology in their lives. Parents putting smartphones in six-year-olds' hands might want to reconsider. Schools clinging to the idea that they're "teaching technology" miss the point—students already know the apps better than their professors. What they don't know is how to think without them.He's gone back to paper and pencil tests. Old school. Because when the power goes out—literally or metaphorically—you need a brain that works independently.Ancient cultures, Steve reminded me, built civilizations with nothing but their minds, parchment, and each other. They were, in many ways, a thousand times smarter than us because they had no crutches. Now we call our smartphones "smart" while they make us incrementally dumber.This isn't anti-technology doom-saying. Neither Steve nor I oppose technological progress. The conversation acknowledged AI's genuine benefits in medicine, in solving specific problems. But this relentless push for the "easy button"—the promise that you don't have to think, just click—that's where we lose something essential.The ultimate breach, we concluded, isn't someone stealing your data. It's breaching the mind itself. When we can no longer think, reason, or function without the device in our pocket, the hackers have already won—and they didn't need to write a single line of code.Subscribe to the Redefining Society and Technology podcast. Stay curious. Stay human.My Newsletter? Yes, of course, it is here: https://www.linkedin.com/newsletters/7079849705156870144/ Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Chinese threat actors deploy Brickstorm malware. The critical React2Shell vulnerability is under active exploitation. Cloudflare's emergency patch triggered a brief global outage. Phishing kits pivot to fake e-commerce sites. The European Commission fines X(Twitter) €120 million for violating the Digital Services Act. Predator spyware has a new bag of tricks. A Russian physicist gets 21 years in prison for cybercrimes. Twin brothers are arrested for allegedly stealing and destroying government data. Our guest is Blair Canavan, Director of Alliances - PKI & PQC Portfolio from Thales, discussing post quantum cryptography. Smart toilet encryption claims don't hold water.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on our Industry Voices segment, we are joined by Blair Canavan, Director of Alliances - PKI & PQC Portfolio from Thales, discussing post quantum cryptography (PQC). Listen to Blair's full conversation here. Selected Reading Chinese hackers used Brickworm malware to breach critical US infrastructure (TechRadar) React2Shell critical flaw actively exploited in China-linked attacks (BleepingComputer) Cloudflare blames today's outage on emergency React2Shell patch (Bleeping Computer) SMS Phishers Pivot to Points, Taxes, Fake Retailers (Krebs on Security) Threat Spotlight: Introducing GhostFrame, a new super stealthy phishing kit (Barracuda) EU issues €120 million fine to Elon Musk's X under rules to tackle disinformation  (The Record) Predator spyware uses new infection vector for zero-click attacks (Bleeping Computer) Russian scientist sentenced to 21 years on treason, cyber sabotage charges (The Record) Twins with hacking history charged in insider data breach affecting multiple federal agencies (Cyberscoop) ‘End-to-end encrypted' smart toilet camera is not actually end-to-end encrypted (TechCrunch)- kicker Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Gregor MacGregor verkauft seinen Landsleuten einen Traum: Grundstücke im paradiesischen "Poyais" in Südamerika - das aber ein unbewohnbarer Sumpf ist. Der dreiste Betrüger stirbt am 4.12.1845. Von Christoph Tiemann.

As you are busy with year-end and increased volumes of vendor adds and changes – you may be ready to reduce your vendor process activities by outsourcing your vendor payments next year, with a bonus of reducing payment fraud risk.  How?Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:    Customized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionFree Download:  Vendor Validation Reference List with Resource Links https://debrarrichardson.com/vendor-validation-downloadVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

El programa 2790 de Radiogeek, les habló de varios temas importantes. Google hoy confirmo que podemos utilizar Circle to search, para encontrar enlaces fraudulentos, ademas confirma un nuevo sistema de actualizaciones en Android, por otro lado tenemos que OpenAI, confirma que ChatGPT no tiene publicidad, al menos paga y que solo son sugerencias y por ultimo Google Keep empieza la migración hacia Google task. Toda esta información la pueden encontrar desde nuestra web www.infosertec.com.ar o bien desde el canal de Telegram/Whastapp, o Instagram. Esperamos sus comentarios.

European authorities take down an illegal cryptomixer. An Australian man is sentenced for running an airport evil twin WiFi campaign. Researchers unmask a Scattered LAPSUS$ Hunters impresario. CISA flags a cross-site scripting flaw in OpenPLC ScadaBR. A major South Korean retailer suffers a data breach affecting over 33 million customers. Threat actors abuse digital calendar subscription features. New York's new hospital cybersecurity mandates may raise the bar nationwide. Scammers target Cyber Monday shoppers. Monday business brief. Ann Johnson speaks with Microsoft's Amy Hogan-Burney on the Afternoon Cyber Tea segment. Google gets caught reheating someone else's holiday recipe.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, ⁠Daily Briefing⁠, and you'll never miss a beat. And be sure to follow CyberWire Daily on ⁠LinkedIn⁠. Afternoon Cyber Tea segment Afternoon Cyber Tea host Ann Johnson speaks with Amy Hogan-Burney, Corporate Vice President of Customer Trust and Security at Microsoft, about how Microsoft Is redefining global cyber defense. Ann and Amy discuss Microsoft's evolving approach to combating global cybercrime and the importance of collaboration across the private and public sectors. You can listen to their full conversation here and catch new episodes of Afternoon Cyber Tea every other Tuesday on your favorite podcast app.  Selected Reading Cryptomixer crypto laundering service taken down by law enforcement (Help Net Security) Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison (Bleeping Computer) Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters' (Krebs on Security) U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog (Security Affairs) Data breach hits 'South Korea's Amazon,' potentially affecting 65% of country's population (The Record) Threat Actors Exploit Calendar Subscriptions for Phishing and Malware (Infosecurity Magazine) New York Hospital Cyber Rules to 'Raise the Bar' Nationwide (GovInfo Security) Over 2,000 Fake Shopping Sites Spotted Before Cyber Monday (Hackread) Guardio secures $80 million in new funding. (N2K Pro Business Briefing) Google deletes X post after getting caught using a ‘stolen' AI recipe infographic (Bleeping Computer) Share your feedback.What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

I am joined once again by Phil Meyer to review the most important and relevant announcements from Microsoft Ignite. Plenty around AI but also a few other gems you may have overlooked, so sit back and listen in as we focus on what you should be paying attention to. Resources Explore the tools, communities, and content mentioned in this episode: CIAOPS Need to Know Podcast: https://ciaops.podbean.com/  CIAOPS Blog: https://blog.ciaops.com/  CIAOPS Labs: https://blog.ciaopslabs.com/  CIAOPS Brief: https://blog.ciaops.com/tag/cia-brief/  Join the Teams Shared Channel: https://blog.ciaops.com/2022/07/29/join-my-teams-shared-channel/  CIAOPS Merch Store: https://my-store-c5d877-2.creator-spring.com/  Become a Patron: https://www.ciaopspatron.com/  Direct Support: https://ko-fi.com/ciaops  Get Your M365 Questions Answered: https://blog.ciaops.com/2025/06/11/get-your-m365-questions-answered-via-email-2/  Test Your Microsoft 365 Speed: https://blog.ciaops.com/2025/07/21/test-your-microsoft-365-speed-in-seconds-for-free/  CIAOPS Email list - https://bit.ly/cia-email   Announcements Flight School: Mastering Copilot for IT Pros – https://blog.ciaops.com/2025/11/14/flight-school-mastering-copilot-for-it-pros/  CIAOPS Academy deprecation notification – https://blog.ciaops.com/2025/11/10/ciaops-academy-deprecation-notification/  Show Notes Microsoft 365 powered by Work IQ: Built to Support How You Work – https://www.youtube.com/watch?v=ve66gLVYaRw Synced Passkeys in Microsoft Entra for Phishing-resistant MFA – https://www.youtube.com/watch?v=36nIaSBJ7_U Ignite'25 Spotlight: Announcing Microsoft Baseline security mode – https://techcommunity.microsoft.com/blog/microsoft_365blog/ignite%E2%80%9925-spotlight-announcing-m… Introducing Microsoft 365 Copilot Business: Empowering Small and Medium Businesses with AI – https://techcommunity.microsoft.com/blog/microsoft365copilotblog/introducing-microsoft-365-copilot-… Future-Proofing Your Channel Business: Strategies for Asia Partners - Future-Proofing Your Channel Business: Strategies for Asia Partners | PBRK440 - https://www.youtube.com/watch?v=xvwZYUbVW08 Question - https://youtu.be/xvwZYUbVW08?t=2604  

Apple Podcasts App = Latest Phishing Method! by Nick Espinosa, Chief Security Fanatic

The Intersection of Espionage Techniques and Cybersecurity Threats This episode explores the parallels between espionage and cybersecurity, particularly focusing on social engineering tactics used in both domains. Hosted by Jim Love, the podcast features insights from Neil Bisson, a retired intelligence officer from CSIS, and David Shipley, CEO of Beauceron Security. They discuss the vulnerabilities in human behavior that can be exploited, the similarity between human intelligence operations and phishing attacks, and how AI is transforming the landscape of social engineering. Practical advice on recognizing and mitigating these threats is also provided. The episode underscores the importance of empathy, skepticism, and continuous education in defending against sophisticated cyber threats. 00:00 Introduction and Sponsor Message 00:25 Linking Espionage and Cybersecurity 01:06 The Role of Social Engineering in Cyber Attacks 02:25 Guest Introductions: Neil Bisson and David Shipley 03:24 Recruitment Tactics in Intelligence 05:56 Phishing vs. Intelligence Recruitment 07:48 AI's Role in Modern Social Engineering 10:45 Building Trust and Rapport in Intelligence 16:19 Ethical Considerations in Intelligence Work 20:01 Future of Cybersecurity and Social Engineering 24:31 The Art of Subtle Manipulation 26:01 Clandestine Tactics and Voluntary Information 26:24 Incremental Trust Building 26:46 Psychological Manipulation and Cult Recruitment 27:34 Human Connection and Vulnerability 28:53 AI and Social Engineering 30:25 The Threat of AI in Recruitment 33:20 Emotional Manipulation in Espionage 36:19 Defending Against Manipulation 38:12 Empathy and Information as Defense 45:49 Final Thoughts and Audience Engagement

Our digital lives are under attack from every direction. Cyber Crisis author Eric Cole breaks down the threats and shows how to stay one step ahead!Full show notes and resources can be found here: jordanharbinger.com/1247What We Discuss with Dr. Eric Cole:Cyberattacks now happen constantly as AI automates phishing and vulnerability scanning against individuals, small businesses, and major institutions.Criminal operations abroad run like full corporations — thousands of employees, millions in revenue, and no risk of prosecution due to weak or nonexistent extradition.Critical infrastructure often uses outdated, insecure systems, allowing adversaries inside power grids and networks long before an attack becomes visible.Devices, apps, and "free" tools routinely track conversations and behavior — even smart speakers have been used as evidence after recording private moments.You can dramatically reduce your risk by treating security like investing: assess the benefit vs. the exposure, minimize downside, and adopt simple, deliberate habits.And much more...And if you're still game to support us, please leave a review here — even one sentence helps! Sign up for Six-Minute Networking — our free networking and relationship development mini course — at jordanharbinger.com/course!Subscribe to our once-a-week Wee Bit Wiser newsletter today and start filling your Wednesdays with wisdom!Do you even Reddit, bro? Join us at r/JordanHarbinger!This Episode Is Brought To You By Our Fine Sponsors: Momentous: 20% off first order: livemomentous.com, code JORDAN20Signos: $10 off select programs: signos.com, code JORDANFactor: 50% off first box: factormeals.com/jordan50off, code JORDAN50OFFProgressive Insurance: Free online quote: progressive.comHomes.com: Find your home: homes.comSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Welcome to Mastering Cyber with Host Alissa (Dr Jay) Abdullah, PhD, SVP & Deputy CSO at Mastercard, and former White House technology executive. Listen to this weekly one-minute podcast to help you maneuver cybersecurity industry tips, terms, and topics. Buckle up, your 60 seconds of cyber starts now! Sponsored by Mastercard: https://mastercard.us/en-us.html

Use of CSS stuffing as an obfuscation technique? Phishing sites stuff their HTML with benign CSS code. This is likely supposed to throw of simple detection engines https://isc.sans.edu/diary/Use%20of%20CSS%20stuffing%20as%20an%20obfuscation%20technique%3F/32510 Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day Early exploit attempts for the vulnerability were part of Searchlight Cyber s research effort https://www.securityweek.com/critical-oracle-identity-manager-flaw-possibly-exploited-as-zero-day/ ClamAV Cleaning Signature Database ClamAV will significantly clean up its signature database https://blog.clamav.net/2025/11/clamav-signature-retirement-announcement.html

Year-end generosity is a perfect storm for cybercrime—and most nonprofits don't see the danger until after the damage is done. We talk with Alex Brown, Director of Business Development at Richey May, about why the busiest time of your fundraising year is also one of the most hazardous for your systems, donors, and reputation.Alex explains how attackers watch for holiday chaos: staff on vacation, rushed year-end gifts, last-minute tax receipts, and overloaded inboxes. “Attackers know you're not paying as much attention,” he warns, “so you have to be a little extra diligent this time of year.” From fake donation pages to altered bank details, the tactics are increasingly sophisticated—and AI is making fraudulent emails and voice calls nearly impossible to spot by eye or ear alone.The conversation walks through your “front door” risks, starting with your website and WordPress plugins, then moving into infrastructure scanning tools, outdated software, and weak admin logins. Alex shows why role-based access matters: if every staffer can see and change everything, one compromised account can expose your entire donor database and even your bank relationships.He also tackles the human side of cybersecurity. Alex explains phishing and vishing in plain language, and why urgency (“this is a one-time exception,” “we need this code right now”) is such a powerful pressure tactic. He urges leaders to replace fear and punishment with ongoing micro-training and a culture where people feel safe admitting, “I clicked something weird.” Silence is exactly what attackers are counting on.Finally, the episode turns to donor communication. Nonprofits must be crystal clear about how they will and will not contact supporters—what domains they use, which links are legitimate, and what information they will never request by phone, text, or email. Clear expectations protect donors and preserve trust, even if attackers try to impersonate your brand.This is not a technical luxury; it's a governance and stewardship issue. If your organization depends on digital generosity, you also depend on digital safety. 00:00:00 Why year end giving is peak cyber risk for nonprofits 00:02:24 From audit firm to cyber team The Ritchie May story 00:06:03 Your website as the front door and WordPress plugin dangers 00:09:21 Infrastructure scanning tools and the cost of skipping updates 00:11:13 Donor data as gold role based access and endpoints explained 00:15:01 AI tools laptops at desks and unsafe workarounds 00:18:51 Phishing vishing and how attackers hijack email and voice 00:25:12 Cybersecurity is everyone's responsibility and micro training 00:27:35 Why punishment backfires and reporting mistakes matters 00:29:59 Setting clear donor communication rules to prevent fraud 00:31:33 Final thoughts and Julia's personal cyber to do list  #TheNonprofitShow #NonprofitCybersecurity #DonorTrustFind us Live daily on YouTube!Find us Live daily on LinkedIn!Find us Live daily on X: @Nonprofit_ShowOur national co-hosts and amazing guests discuss management, money and missions of nonprofits! 12:30pm ET 11:30am CT 10:30am MT 9:30am PTSend us your ideas for Show Guests or Topics: HelpDesk@AmericanNonprofitAcademy.comVisit us on the web:The Nonprofit Show

Jessica Wynn uncovers Black Friday's dark secrets — fake discounts, cheaper products, and manufactured urgency — on this week's Skeptical Sunday.Welcome to Skeptical Sunday, a special edition of The Jordan Harbinger Show where Jordan and a guest break down a topic that you may have never thought about, open things up, and debunk common misconceptions. This time around, we're joined by writer and researcher Jessica Wynn!Full show notes and resources can be found here: jordanharbinger.com/1245On This Week's Skeptical Sunday:Black Friday "deals" are often illusions. Many retailers quietly raise prices weeks before, then discount back to regular prices, creating fake savings that trigger dopamine responses rather than actual financial benefits.Tiered manufacturing means bargains are literally inferior products. Companies create cheaper versions of items specifically for Black Friday sales, using plastic instead of metal parts and downgraded components you won't notice until they fail.The shopping frenzy is engineered chaos. Retailers deliberately create urgency and scarcity to exploit loss aversion, where the pain of missing a discount feels greater than the pleasure of getting the item itself.Scammers weaponize Black Friday urgency. Phishing sites, fake URLs, and fraudulent sellers exploit the fast-paced nature of Black Friday sales to steal personal information and payment details from rushed shoppers.You can outsmart the system by planning ahead. Create a wishlist of genuinely needed items before sales begin, compare model numbers, check price histories with tools like CamelCamelCamel, and only buy what you already planned to purchase.Connect with Jordan on Twitter, Instagram, and YouTube. If you have something you'd like us to tackle here on Skeptical Sunday, drop Jordan a line at jordan@jordanharbinger.com and let him know!Connect with Jessica Wynn at Instagram and Threads, and subscribe to her newsletters: Between the Lines and Where the Shadows Linger!And if you're still game to support us, please leave a review here — even one sentence helps! Sign up for Six-Minute Networking — our free networking and relationship development mini course — at jordanharbinger.com/course!Subscribe to our once-a-week Wee Bit Wiser newsletter today and start filling your Wednesdays with wisdom!Do you even Reddit, bro? Join us at r/JordanHarbinger!This Episode Is Brought To You By Our Fine Sponsors: Uncommon Goods: 15% off: uncommongoods.com/jordanUplift: Special offer: upliftdesk.com/jordanApretude: Learn more: Apretude.com or call 1-888-240-0340Land Rover Defender: landroverusa.comSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

You thought phishing was just an email problem? Oh sweet summer child. This episode dives into the new frontier of cyber shenanigans: LinkedIn. That's right — the land of business jargon, inspirational posts, and awkward endorsements is now a playground for scammers sliding into your DMs like they're networking for the dark web. Get ready to learn why accepting that too-good-to-be-true board invitation from "a company in South America" might end with malware, not margaritas. More info at HelpMeWithHIPAA.com/536

In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity events. CloudFlare faced significant outages affecting major platforms like Amazon and YouTube, along with continued issues for Microsoft 365 users. NordVPN warned of a surge in fake shopping websites as Black Friday approaches, with phishing attempts climbing 36% between August and October. An AI transcription tool caused a privacy breach at an Ontario hospital, leading to a privacy probe. Finally, Salesforce is investigating a data theft wave linked to Gainsight, illustrating the risks of OAuth token misuse. The episode is supported by Meter, a network infrastructure provider. 00:00 Introduction and Sponsor Message 00:44 CloudFlare Outages and Their Impact 02:34 Surge in Fake Shopping Websites 04:56 AI Privacy Breach at Ontario Hospital 08:41 Salesforce Data Theft Investigation 11:26 Conclusion and Sponsor Message

In this conversation, I discuss the evolving landscape of cybersecurity, particularly the impact of #ai on #cyberattacks. I highlight a recent AI-driven #cybersecurity campaign, its implications for businesses, and the importance of robust cybersecurity measures. The discussion also covers vendor security in the financial sector, lessons learned from a ransomware attack in Nevada, government cybersecurity strategies, and the recent Cloudflare outage. The conversation concludes with insights into new threat intelligence tools and the need for continuous vigilance in cybersecurity practices.TakeawaysAI models have become genuinely helpful for cybersecurity operations.The first documented case of a large-scale cyber attack executed with minimal human intervention has emerged.Businesses must take cybersecurity seriously as threats become more commoditized.Phishing training alone is insufficient as a cybersecurity control.Lateral movement and privilege escalation are critical cybersecurity vulnerabilities.Government strategies need to focus on shaping adversary behavior and public-private partnerships.The recent Cloudflare outage highlights systemic issues in internet infrastructure.New threat intelligence tools are emerging to help organizations stay secure.Cybersecurity is a shared responsibility that requires vigilance from all stakeholders.The landscape of cyber threats is evolving rapidly, necessitating continuous adaptation.

Get ready for busy year end by building a checklist to avoid global payment fraud.  Don't forget to download your free checklist template!Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:    On-Demand Webinar to Get Checklist:  Build Your Checklist to Avoid Global Payment Fraud At Busy Year-End - In 5 StepsCustomized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionFree Download:  Vendor Validation Reference List with Resource Links https://debrarrichardson.com/vendor-validation-downloadVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

Secure sign-in across all your devices without relying on passwords or extra apps using passkeys in Microsoft Entra. Register, sync, and use passkeys with just your device's camera and biometrics, making authentication seamless, fast, and phishing-resistant. As an admin, control who uses which passkey type, streamline recovery with Verified ID, and automatically remediate risk in real time. Jarred Boone, Identity Security Senior Product Manager, shows how users can access work apps safely, confidently, and efficiently while reducing help desk overhead. ► QUICK LINKS:  00:00 - Passkeys in Microsoft Entra ID 01:19 - Register your passkey 02:12 - Authenticate into apps & services 03:34 - Sync passkeys on updated devices 04:16 - Configure passkeys as an admin 05:51 - Account recovery 07:18 - Conditional Access policies 07:53 - Wrap up ► Link References Check out https://aka.ms/PasskeysInEntra  ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

“If the computer gets smarter than me… is that a problem?” Joe Rockey and Father Boniface Hicks tackle the fear narrative around AI by comparing it to other powerful tools (cars, planes) that required strong safeguards—not panic. They explore why AI lacks moral intuition, how optimization without ethics can harm, and why deepfakes and spoofing demand new habits of verification. The conversation lands in the three lenses: honesty about our fears (self), charity through wiser trust and presence (others), under a living relationship with God that anchors what's real.Key IdeasPower needs guardrails: like aviation checklists and redundancies, AI calls for safety, oversight, and clear human control.Limits of machines: AI optimizes; it doesn't intuit, repent, or take responsibility—persons do.Edge cases matter: “no-win” moments (e.g., deer vs. car) reveal why human moral criteria must shape algorithms.Deception risk: voice/video/text imitation raises the bar for validation; adopt healthy skepticism and confirm identity more often.Back to reality: prioritize embodied relationships and parish life; let the Church help form attention, virtue, and trust.Links & References (none explicitly cited in this episode)CTA If this helped, please leave a review or share this episode with a friend.Questions or thoughts? Email FatherAndJoe@gmail.comTags Father and Joe, Joe Rockey, Father Boniface Hicks, artificial intelligence, AI fear, safety and safeguards, aviation analogy, self-driving cars, edge cases, moral intuition, ethics, deepfakes, identity verification, phishing, deception, truth, discernment, prudence, attention, presence, relationships, parish life, Church, spiritual formation, responsibility, human dignity, technology as tool, relationship with God, relationship with self, relationship with others, Benedictine spirituality, Catholic podcast, practical spirituality

Hacking, Ransomware Attack, Phishing, Spyware, Network Intrusion, Data Theft-Breach. Jeff Kiple, owner/founder of Kelpie Security, LLC discusses with Lincoln and Mark what businesses and organizations face in a connected world and how to help protect vital business records and more.

As Accounts Payable or Vendor team members we know that fraud risk is high in email.  Is there a way that you can tell which email addresses are risky? And is that sufficient to manage fraud risk?Keep listening. Check out my website www.debrarrichardson.com if you need help implementing authentication techniques, internal controls, and best practices to prevent fraudulent payments, regulatory fines or bad vendor data. Check out the Vendor Process Training Center for 116+ hours of weekly live and on-demand training for the Vendor team. Links mentioned in the podcast + other helpful resources:    AVM Framework:  3 Step Vendor Setup and Maintenance Process Workshop https://training.debrarrichardson.com/course/vendoronboardingworkshopFree Training:  Plug Up the Gaps in Your Vendor Process https://training.debrarrichardson.com/course/gapsImprove the Confirmation Call:  Vendor Callback Confirmation Toolkit(TM)https://training.debrarrichardson.com/course/callback-confirmation-toolkitCustomized Vendor Validations Session: https://debrarrichardson.com/vendor-validation-sessionFree Download:  Vendor Validation Reference List with Resource Links https://debrarrichardson.com/vendor-validation-downloadVendor Process Training Center - https://training.debrarrichardson.comCustomized Fraud Training:  https://training.debrarrichardson.com/customized-fraud-training Free Live and On-Demand Webinars: https://training.debrarrichardson.com/webinarsVendor Master File Clean-Up:  https://www.debrarrichardson.com/cleanupYouTube Channel:  https://www.youtube.com/channel/UCqeoffeQu3pSXMV8fUIGNiw More Podcasts/Blogs/Webinars www.debrarrichardson.comMore ideas?  Email me at debra@debrarrichardson.com Music Credit:  www.purple-planet.com

In this episode of Cybersecurity Today, host David Shipley covers the latest threats in the cybersecurity landscape. Highlights include the emergence of the quantum root redirect (QRR) phishing kit, a sophisticated automated phishing platform targeting Microsoft 365 credentials across 90 countries. The hospitality industry is also being hit with a new 'click fix' phishing campaign, compromising booking systems and targeting hotel guests. Researchers discover new vulnerabilities in ChatGPT, exposing private data via indirect prompt injection attacks. Additionally, the University of Pennsylvania confirms a massive data breach, highlighting the risks of not implementing comprehensive MFA protocols. Stay informed with the latest cybersecurity news and insights to protect your organization. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Introduction and Sponsor Message 00:46 Quantum Root Redirect: A New Phishing Threat 03:47 Click Fix Phishing Attacks on Hotels 07:58 ChatGPT Vulnerabilities and AI Security Risks 11:37 University of Pennsylvania Data Breach 15:12 Conclusion and Call to Action

Miles Davis, Jimmy Buffet, 10/8 time, Lost Phones, Phishing, Whisper Leak, Quantum Route Redirect, AI Galore, Rob Allen, and more on the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/how-a-ransomware-gang-encrypted-nevada-governments-systems/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-528

Miles Davis, Jimmy Buffet, 10/8 time, Lost Phones, Phishing, Whisper Leak, Quantum Route Redirect, AI Galore, Rob Allen, and more on the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/how-a-ransomware-gang-encrypted-nevada-governments-systems/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/swn-528

Live from Authenticate 2025, Jeff Steadman and Jim McDonald sit down with Dr. Tina Srivastava, an IDPro board member and co-founder of Badge Inc., for a crucial discussion on the rapidly evolving landscape of identity and authentication.Tina shares her insights on the conference, the evolution from physical hacks to sophisticated AI-driven threats like supercharged phishing, and the current challenges facing the industry. The conversation delves into the complexities of synced Passkeys, the critical vulnerability of account recovery processes, and the slow pace of regulation in keeping up with technology.As a board member for IDPro, Tina highlights the immense value of the practitioner-focused community, the supportive culture within its Slack channels, and makes an exciting announcement about the creation of new member-driven committees to shape the future of the organization. They explore the concept of the "AI arms race" and why identity professionals cannot afford to wait for the next big thing, emphasizing that collaboration and information sharing through communities like IDPro are essential to staying ahead of adversaries.Connect with Tina: https://www.linkedin.com/in/tina-s-8291438a/Find out more about IDPro: https://www.idpro.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapters00:00 Introduction and Greetings00:16 Highlights from Authenticate 202501:39 FIDO Feud Rematch Discussion03:17 Guest Introduction: Tina Srivastava03:46 Conference Insights and AI Challenges06:16 Regulatory Environment and Passkeys09:11 Phishing and AI Supercharged Attacks12:28 QR Codes and Accessibility Issues13:09 The Importance of Phishing Resistant Authentication22:24 IDPro Community and Practitioner Support25:18 Community Support and Engagement26:26 IDPro's Role in Identity Events27:48 Future Directions for IDPro29:19 Introducing Committees in IDPro30:39 AI and Identity Verification37:07 The Importance of Information Sharing45:35 Public Speaking and Personal Growth50:58 Conclusion and Final ThoughtsKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Tina Srivastava, IDPro, Authenticate 2025, Passkeys, AI, Artificial Intelligence, Cybersecurity, Phishing, Deepfakes, Authentication, Account Recovery, Biometrics, Identity and Access Management, IAM, NIST, Regulation, Identity Verification, Synced Passkeys, FIDO Alliance

CISA says cooperation between federal agencies and the private sector remains steady. Long-standing Linux kernel vulnerability in active ransomware campaigns confirmed. A Chinese-linked group targets diplomatic organizations in Hungary, Belgium, and other European nations. A government contractor breach exposes data of over 10 million Americans. Luxury fashion brands fall victim to impersonation scams. Phishing shifts from email to LinkedIn. Advocacy groups urge the FTC to block Meta from using chatbot interactions to target ads. A man pleads guilty to selling zero-days to the Russians. Emily Austin, Principal Security Researcher at Censys, discusses why nation state attackers continue targeting critical infrastructure. When M&S went offline, shoppers hit ‘Next'. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Emily Austin, Principal Security Researcher at Censys, as she discusses why nation state attackers continue targeting critical infrastructure. Selected Reading Cyber info sharing ‘holding steady' despite lapse in CISA 2015, official says (The Record) CISA: High-severity Linux flaw now exploited by ransomware gangs (Bleeping Computer) CISA and NSA share tips on securing Microsoft Exchange servers (Bleeping Computer) UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities (Arctic Wolf) More than 10 million impacted by breach of government contractor Conduent (The Record) Luxury Fashion Brands Face New Wave of Threats in Lead-up to 2025 Holiday Shopping Season (BforeAI) LinkedIn phishing targets finance execs with fake board invites (Bleeping Computer) Coalition calls on FTC to block Meta from using chatbot interactions to target ads, personalize content (The Record) Ex-L3Harris exec pleads guilty to selling zero-day exploits to Russian broker (CyberScoop) Business rival credits cyberattack on M&S for boosting profits (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Phishing with Invisible Characters in the Subject Line Phishing emails use invisible UTF-8 encoded characters to break up keywords used to detect phishing (or spam). This is aided by mail clients not rendering some characters that should be rendered. https://isc.sans.edu/diary/A%20phishing%20with%20invisible%20characters%20in%20the%20subject%20line/32428 Apache Tomcat PUT Directory Traversal Apache released an update to Tomcat fixing a directory traversal vulnerability in how the PUT method is used. Exploits could upload arbitrary files, leading to remote code execution. https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog BIND9 DNS Spoofing Vulnerability A PoC exploit is now available for the recently patched BIND9 spoofing vulnerability https://gist.github.com/N3mes1s/f76b4a606308937b0806a5256bc1f918

Bilingual Phishing for Cloud Credentials Guy observed identical phishing messages in French and English attempting to phish cloud credentials https://isc.sans.edu/diary/Phishing%20Cloud%20Account%20for%20Information/32416 Kaitai Struct WebIDE The binary file analysis tool Kaitai Struct is now available in a web only version https://isc.sans.edu/diary/Kaitai%20Struct%20WebIDE/32422 WSUS Emergency Update Microsoft released an emergency patch for WSUS to fix a currently exploited critical vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287 Network Security Devices Endanger Orgs with 90s-era Flaws Attackers increasingly use simple-to-exploit network security device vulnerabilities to compromise organizations. https://www.csoonline.com/article/4074945/network-security-devices-endanger-orgs-with-90s-era-flaws.html

Today Justin sits down with Aidan Raney. Aidan is the founder of Farnsworth Intelligence, a digital intelligence service, which he founded after unmasking a phishing network online which was harvesting credentials from unwitting Facebook users on a massive scale. Aidan is here to discuss his work at the forefront of digital intelligence, and in particular, his interactions with North Korean IT workers attempting to infiltrate American companies employing remote workers. Connect with Aidan:farnsworthintelligence.comGet the OSINT Newsletter: osintinsider.comConnect with Spycraft 101:Get Justin's latest book, Murder, Intrigue, and Conspiracy: Stories from the Cold War and Beyond, here.spycraft101.comIG: @spycraft101Shop: shop.spycraft101.comPatreon: Spycraft 101Subtack: spycraft101.substack.comFind Justin's first book, Spyshots: Volume One, here.Check out Justin's second book, Covert Arms, here.Download the free eBook, The Clandestine Operative's Sidearm of Choice, here.KruschikiThe best surplus military goods delivered right to your door. Use code SPYCRAFT101 for 10% off!Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the show

Is there anything real left on the internet? Neil deGrasse Tyson and co-hosts Chuck Nice and Gary O'Reilly explore deepfakes, scams, and cybercrime with the Director of Threat Research at Bitdefender, Bogdan Botezatu. ​​Scams are a trillion-dollar industry; keep your loved ones safe with Bitdefender: https://bitdefend.me/90-StarTalkNOTE: StarTalk+ Patrons can listen to this entire episode commercial-free here: https://startalkmedia.com/show/deepfakes-and-the-war-on-truth-with-bogdan-botezatu/Thanks to our Patrons Bubbalotski, Oskar Yazan Mellemsether, Craig A, Andrew, Liagadd, William ROberts, Pratiksha, Corey Williams, Keith, anirao, matthew, Cody T, Janna Ladd, Jen Richardson, Elizaveta Nikitenko, James Quagliariello, LA Stritt, Rocco Ciccolini, Kyle Jones, Jeremy Jones, Micheal Fiebelkorn, Erik the Nerd, Debbie Gloom, Adam Tobias Lofton, Chad Stewart, Christy Bradford, David Jirel, e4e5Nf3, John Rost, cluckaizo, Diane Féve, Conny Vigström, Julian Farr, karl Lebeau, AnnElizabeth, p johnson, Jarvis, Charles Bouril, Kevin Salam, Alex Rzem, Joseph Strolin, Madelaine Bertelsen, noel jimenez, Arham Jain, Tim Manzer, Alex, Ray Weikal, Kevin O'Reilly, Mila Love, Mert Durak, Scrubbing Bubblez, Lili Rose, Ram Zaidenvorm, Sammy Aleksov, Carter Lampe, Tom Andrusyna, Raghvendra Singh Bais, ramenbrownie, cap kay, B Rhodes, Chrissi Vergoglini, Micheal Reilly, Mone, Brendan D., Mung, J Ram, Katie Holliday, Nico R, Riven, lanagoeh, Shashank, Bradley Andrews, Jeff Raimer, Angel velez, Sara, Timothy Criss, Katy Boyer, Jesse Hausner, Blue Cardinal, Benjamin Kedwards, Dave, Wen Wei LOKE, Micheal Sacher, Lucas, Ken Kuipers, Alex Marks, Amanda Morrison, Gary Ritter Jr, Bushmaster, thomas hennigan, Erin Flynn, Chad F, fro drick, Ben Speire, Sanjiv VIJ, Sam B, BriarPatch, and Mario Boutet for supporting us this week. Subscribe to SiriusXM Podcasts+ to listen to new episodes of StarTalk Radio ad-free and a whole week early.Start a free trial now on Apple Podcasts or by visiting siriusxm.com/podcastsplus. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Today's tour tries to clarify some myths and legends. Order the official Cabinet of Curiosities book by clicking here today, and get ready to enjoy some curious reading!See omnystudio.com/listener for privacy information.