Podcasts about Ransomware

Discover how Anthropic's secretive red team and the MITRE ATT&CK framework are mapping the chilling rise of malicious AI use, revealing cyber threats that now move faster than defenders can respond. Was a U.S. law firm right to pay a $20 million ransom. Could Cisco have yet another SD-WAN 0-day in the wild. Why is it so difficult to author secure PHP code. Teens use "WeedHack" to spy and attack each other. Researchers create the first AI-enabled Internet worm. Google Chrome pops-up "Shop with confidence." What... The discovered and irresponsibly disclosed HTTP/2 Bomb. What Anthropic learns from their past year of Claude abuse: It's bad Show Notes - https://www.grc.com/sn/SN-1082-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com for Security Now outsystems.com/twit guardsquare.com doppel.com cyberhoot.com/securitynow

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this special edition of CyberWire Daily's 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner consider the tactics, trends, and turning points that shaped the threat landscape over the last decade of ransomware. Ransomware has evolved from small-scale extortion and opportunistic attacks to sprawling, sophisticated, organized crime and state-sponsored attacks. Cryptocurrency plays a pivotal role in enabling ransomware's growth by providing untraceable payment methods. Join us as we explore key incidents like WannaCry and NotPetya, the shift from street crime to organized and nation-state cyber threats, and AI's impact on the future of ransomware. Learn more about your ad choices. Visit megaphone.fm/adchoices

Email: bidemiologunde@gmail.comIn this episode, host Bidemi Ologunde examines a February 2026 vehicle hit-and-run and a March 2026 municipal ransomware incident through the lens of investigative technique. What clues survive after a crash scene is disturbed? What can cyber incident responders learn from accident reconstruction? How does the military concept of a "target indicator" help analysts notice what someone did, failed to do, or accidentally revealed? This episode explores how small details, disciplined timelines, and careful public reporting can turn fragments into accountability.

Research Review Journal https://assets.contentstack.io/v3/assets/blt83c410d686aa5f84/blt3cff46f63887f83e/research-review-journal https://www.sans.edu/cyber-research Analysis of a Year of Files Uploaded to DShield Sensors https://isc.sans.edu/diary/Analysis%20of%20a%20Year%20of%20Files%20Uploaded%20to%20DShield%20Sensors/33026 The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN https://amibeingpwned.com/blog/urban-vpn-postmessage-command-injection Silent Ransom Group Impersonating IT Personnel through Social Engineering https://www.ic3.gov/CSA/2026/260526.pdf

What can you learn from a Cybersecurity professional? $ BTC 73,686 Block Height 951,540 Today's guest on the show is Luke Dewolf, author of "Defending Bitcoin," who discusses cybersecurity challenges for critical infrastructure, including Bitcoin, drawing parallels between industrial control systems and the Bitcoin network. Key Topics: Luke's background in critical infrastructure and cybersecurity "Defending Bitcoin" book and its motivations Real-world examples of cyberattacks (Stuxnet, NotPetya/Maersk) Ransomware and Bitcoin's association with it Individual Bitcoin security best practices (hardware wallets, full nodes, social engineering awareness) The CIA triad (Confidentiality, Integrity, Availability) in cybersecurity and Bitcoin The "arbitrary data" debate, Ordinals, Runes, OpReturn, and BIP-110 Bitcoin's layered defenses: policy, miners, and consensus Soft forks versus hard forks The future of Bitcoin security, AI, and adoption challenges BTC Hell conference Connect with Luke and find out more about the book! https://defendingbitcoin.com/ https://bitcoininfinitystore.com/ X - @lukedewolf NOSTR - npub1fk8h6g8zhftw8c7pga2zjd84p2z949up5lc3qdchm9v4m0q7mwws7jcwld Check out my book ‘Choose Life' - https://bitcoinbook.shop/search?q=prince Pleb Service Announcements: Join 20 thousand Bitcoiners on @cluborange https://signup.cluborange.org/co/princey CONFERENCES: BTC PRAGUE - 11th - 13th June 2026 http://btcprg.me/BITTEN - Use code BITTEN for - 10% BTC HEL - 25th - 26th September 2026. - Helsinki https://btchel.com/ Use code BITTEN for - 10% My First Bitcoin. https://myfirstbitcoin.org/ Shills and Mench's: BITBOX - SELF CUSTODY YOUR BITCOIN - www.bitbox.swiss/bitten Use Code BITTEN THE MEETUP BREAKDWON - BITCOIN EVENTS UK - https://www.themeetupbreakdown.com/ SWAN BITCOIN - www.swan.com/bitten PLEBEIAN MARKET - BUY AND SELL STUFF FOR SATS; https://plebeian.market/ @PlebeianMarket ZAPRITE - https://zaprite.com/bitten - Invoicing and accounting for Bitcoiners - Save $40 SATSBACK - Shop online and earn back sats! https://satsback.com/register/5AxjyPRZV8PNJGlM ALL FURTHER LINKS HERE - FOR DISCOUNTS AND OFFERS - https://vida.page/princey - https://linktr.ee/princey21m

Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs https://isc.sans.edu/diary/Reconstructing%20an%20Akira%20Ransomware%20Kill%20Chain%20from%20Perimeter%20and%20Endpoint%20Logs/33024 Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault https://phishu.net/blogs/blog-vaultjacking-phishing-the-google-password-manager-vault-in-the-phishu-framework.html From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities https://www.microsoft.com/en-us/security/blog/2026/05/26/poisoned-search-results-gpu-mining-cryptojacking-campaign-abusing-screenconnect-microsoft-net-utilities/

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

#SecurityConfidential #DarkRhiinoSecurityMurphy John is the Chief Growth Officer at StorX Network, where he focuses on scaling decentralized data storage solutions and building strategic partnerships. Passionate about data security and privacy, Murphy works at the intersection of decentralization and distributed ledger technology (DLT), helping organizations rethink how data is stored, protected, and accessed globally. His work centers on enabling more secure, resilient, and privacy-first data infrastructure for the future.00:00 Intro01:17 Our Guest02:50 Shifting from On-premise to Cloud Computing09:30 Compliance and Data Privacy in Decentralized systems11:22 Data Recovery13:10 Ransomware and Data security15:31 AI on Cybersecurity19:25 Mindset Challenges in adopting technology26:01 Egress Cost Awareness33:15 Budgeting for Data backup Solutions35:00 More about John

AI is putting ransomware on steroids, and on this week's episode of Feds At the Edge we examine several approaches to reducing the impact of malicious actors through advanced protection strategies and smarter cybersecurity budgeting.   Michael Dent, Retired CISO with Fairfax County, shares how he takes cybersecurity training to the next level with what he calls "Challenge Point," rewarding employees for identifying signs of potential attacks. Glendon Schmitz, Virginia State Corporation Commission, discusses the importance of showing leadership the direct financial impact of an attack when seeking successful budget approval. Akamai Technologies' Douglas Holland explores the emotional tactics malicious actors use to pressure unsuspecting users into complying with urgent requests.   Tune in on your favorite podcast platform for more on this and ransomware-as-a-service, the long-term effects on public trust, leadership accountability, and the growing need for initiative-taking governance and budgeting.  

PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli Geoff White goes where organized crime and technology cross, and he comes back with stories. In this one he announces his newest BBC series — the rise and fall of the Conti ransomware gang — and we get into the thing underneath all of it: how you make a crime nobody can see feel real to people who will never see it.

A dangerous new Microsoft Exchange zero-day is being actively exploited, ransomware gangs are adopting nation-state-style tactics, two fired contractors were caught deleting U.S. government databases after accidentally recording themselves on Microsoft Teams, and Fortinet has patched critical remote code execution flaws. In this episode of Cybersecurity Today, David Shipley breaks down four major cybersecurity stories that security teams need to know. Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security  Microsoft has confirmed active exploitation of a new Exchange Server zero-day, CVE-2026-42897, affecting Exchange Server 2016, Exchange Server 2019, and Exchange Subscription Edition. There is currently no patch, only mitigations through the Exchange Emergency Mitigation Service, with some trade-offs for Outlook Web App users. Security researcher Marcus Hutchins highlights an unusually disciplined ransomware affiliate operation using tradecraft more commonly associated with nation-state attackers, including a custom SentinelOne endpoint detection and response (EDR) killer and a stripped-down toolset designed to leave fewer forensic traces. In one of the more astonishing insider threat stories of the week, former OPEX Corporation contractors Muneeb and Sohaib Akhtar were allegedly caught deleting 96 U.S. government databases after leaving a Microsoft Teams recording running. Also in this episode: Fortinet has released urgent patches for critical unauthenticated remote code execution vulnerabilities in FortiAuthenticator (CVE-2026-44277) and FortiSandbox (CVE-2026-26083). If you're responsible for enterprise security, patch management, incident response, or cyber risk, this is one you need to see. Chapters: 00:00 Sponsor Message 00:24 Headlines Intro 00:49 Ransomware Nation-State Discipline 04:18 Exchange Zero-Day Mitigation 07:01 Fired Contractors Caught Recording 09:21 Fortinet Critical Vulnerabilities 11:07 Wrap Up and Sign Off 11:38 Sponsor Deep Dive Ad #Cybersecurity #MicrosoftExchange #ZeroDay #Ransomware #Fortinet #CyberAttack #Infosec #DavidShipley #CybersecurityToday

What would you do if ransomware told you not only that your data was gone — but that it was encrypted with a quantum-safe algorithm and you have 72 hours to pay? That's not a hypothetical anymore. In this live news episode of The Audit, co-hosts Joshua Schmidt, Eric Brown, and Nick Mellum are joined by IT Audit Labs member Bill Harris for a rapid-fire breakdown of the week's most important cybersecurity stories — and a few conversations that went places nobody expected. 

How safe is our data from internal threats? This week, Technology Now dives into the world of confidential computing. We ask why regular encryption when data is at rest or in transit might not be enough, we explore how confidential computing works to keep our data safer, and we examine why this concept is so important in the first place. Dr Nigel Edwards, Director of the Security Lab at HPE Labs, tells us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Sam Jarrell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations.About Nigel:https://www.linkedin.com/in/nigel-edwards-170591/

In this episode of Unspoken Security, host AJ Nash sits down with Dan O'Day, Senior Consulting Director at Unit 42 by Palo Alto Networks. Dan shares key findings from the 2026 Global Incident Response Report, built from over 750 real-world cyber incidents, covering four major threat trends reshaping the security landscape.Dan breaks down how AI is compressing attack timelines at a dramatic rate. The fastest incidents now move from access to full impact in just 72 minutes, down from 285 minutes the year prior. Attackers are no longer breaking in. They are logging in, using stolen credentials, tokens, and API keys to move laterally and avoid detection. Identity is now the dominant attack surface, playing a material role in nearly 90% of Unit 42's investigations.The conversation closes on a note of cautious optimism. Dan argues that over 90% of breaches stem from preventable gaps, meaning security is solvable. He outlines three priorities for defenders: empowering the SOC to act at machine speed, treating identity as the new perimeter, and securing the entire software supply chain from the first line of code to cloud runtime.Download the Unit 42 Global Incident Response Report 2026 here: https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?utm_source=linkedin&utm_medium=social&utm_campaign=na&utm_content=pa001134 Send us Fan MailSupport the show

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

Thwarting AI-enabled ransomware-as-a-service attacksIdentifying security gaps whilst focusing on speed of detection and containment of novel vulnerabilitiesBuilding and leading organisational resilience to defend against advanced extortion campaignsThom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Tiago Rosado, Chief Information Security Officer, Asitehttps://www.linkedin.com/in/tiagorosado/Tom Ellis-Aziz, Chief Executive Officer, FendOpshttps://www.linkedin.com/in/tomasellis-aziz/Mike Gillespie, CEO & Founder, Advent IMhttps://www.linkedin.com/in/adventimmikegillespie/Fred Streefland, Global CISO, Check Point Softwarehttps://www.linkedin.com/in/fredstreefland/

Got a question or comment? Message us here!MuddyWater is blurring the line between ransomware and espionage... using Chaos ransomware as a decoy to distract defenders while quietly stealing data and maintaining persistence. In this episode, we break down how this tactic works, what SOC teams should watch for, and how to detect the hidden activity beneath the noise.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

In this episode of The Gate 15 Interview, Andy Jabbour speaks with Allan Liska. Allan Liska, threat intelligence analyst at Recorded Future, has more than 15 years of experience in information security and has worked as both a security practitioner and an ethical hacker. Through his work at Symantec, iSIGHT Partners, FireEye, and Recorded Future, Allan has helped countless organizations improve their security posture using more effective intelligence. He is the author of “The Practice of Network Security, Building an Intelligence-Led Security Program”, “Securing NTP: A Quickstart Guide” and the co-author of “DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.”, and "Ransomware: Understand. Prevent. Recover." Allan on LinkedInAllan on BlueskyAllan on Substack (Ransomware)Green Archer Comics Allan Liska's cybersecurity books on Amazon! The Gate 15 Interview EP 55. Allan Liska, Ransomware Sommelier. Threats, mental health, comic books and Diet Dr. Pepper. (18 Feb 2025)“I think we're in a rough time right now… we need to be more empathetic and more compassionate” – Allan LiskaIn the podcast, Allan and Andy discuss: Ransomware, Recorded Future, cybersecurity, and comics!Anti-Ransomware Day, 3rd party ransomware risk, and the expanding ransomware ecosystemIABs, scams, BEC, and other threatsThoughts on AI and LLMsThe value of networking!Green Archer Comics! and where you can meet Allan: Comic Logic (17 May), Big Lick Comic Con NOVA (30-31 May) Sleuthcon (05 Jun)We play Three Questions! and talk, Green Arrow, The White Desert, and some rapid-fire comic word associationAnd more!

In our World Password Day Special, we're digging into credentials, identity, and authentication  — and where security is  heading next.

On this week's Tech Nation, what is ransomware? And is it still going strong?Moira speaks with King's College London Professor of Political Economy, Anja Shortland, about her book “Dark Screens: Hackers and Heroes in the Shadowy World of Ransomware.” Then, Dr. Jonas Hannestad & Dr. Joanne Taylor discuss how Gain Therapeutics is taking a new approach to treating Parkinson's by targeting the disease itself. And, Dr. Daniel Kraft shares how he thinks the future of healthcare could be more like a Waymo

In this week's Security Sprint, Dave and Andy covered the following topics:Opening:• Summary Playbook: AI Risk Management Checklist for Leaders - Gate 15 • Ripple teams up with Crypto ISAC to stop North Korean hackers • Designation: Restrict the Operation of Unmanned Aircraft in Close Proximity to a Fixed Site Facility ; An unpublished Proposed Rule by the Federal Aviation Administration on 05/06/2026 - FAA • Trump admin will push for ‘long-term' reauthorization of key cyber data-sharing law • FEMA Review Council Releases Final Report - DHS • Ranking Member Thompson Statement on FEMA Review Council Report - House Homeland Security Committee Democrats Main Topics:Ransomware! International Anti-Ransomware Day 2026: Kaspersky shares insights into ransomware trends and tactics - Kaspersky - 12 May 2026. • Weekly ransomware & data leak landscape - eCrime.ch • Q1 2026 Ransomware Report: Fewer Groups, Higher Impact - Check Point Research • Ransomware roundup: April 2026 - Comparitech • Arete's 2025 Annual Crimeware Report Operationalizes Cyber Intelligence and Incident Response Data • Global ransomware statistics 2026: the data behind the rising threat • Gentlemen ransomware reportedly hit by… ransomware CI Fortify: Strengthening Resilience Across Critical Infrastructure - CISA - 05 May 2026 This initiative outlines CISA efforts to strengthen resilience across critical infrastructure sectors through targeted guidance tools and collaborative programs. America's Most Critical Lifeline- Water! AI-Assisted ICS Attack on Water Utility - Dragos - 07 May 2026 Dragos reports that threat actors used artificial intelligence tools during an intrusion involving a water utility environment to support reconnaissance, scripting, and operational targeting activity. • WaterISAC H2OSecCon!! 02 June 2026• WaterISAC: TLP:GREEN Physical Security Case Study: Water Treatment Plant Insider Threat Incident • Polish intelligence warns hackers attacked water treatment facility United States Counterterrorism Strategy - The White House - 06 May 2026 The White House released its 2026 counterterrorism strategy, outlining priorities focused on homeland protection, cartel and transnational gang threats, jihadist organizations, violent secular political groups, state sponsors, and weapons of mass destruction risks. o Perspective: Selective Threats — A Counterterrorism Strategy Built on Politics - HSToday - 11 May 2026 - Analysis/Commentary. HSToday argues that political considerations are shaping counterterrorism priorities in ways that can distort threat assessment and operational focus. o Trump counterterrorism strategy targets ‘violent left-wing extremists' with ‘transgender ideology' o Trump Releases New 'Counterterrorism Strategy' With Fresh Focus on Cartels and Antifa o Trump's counterterrorism strategy puts focus on left-wing ‘violent secular groups' o Trump signs new counterterrorism strategy that focuses on hemispheric threats o US says migration has made Europe an ‘incubator' for terrorism in new counter-terrorism strategy o Ranking Member Thompson Statement on Trump Administration's Counterterrorism "Strategy" Quick Hits:• One in Eight Workers Has Sold Their Corporate Logins • El Niño to fuel Pacific hurricane season, increase risks for California, Hawaii, Mexico • ClickFix! Clipboard to Encryption: The Critical Role of ClickFix in Ransomware Campaigns • ClickFix! ClickFix distributing Vidar Stealer via WordPress targeting Australian infrastructure • ClickFix! ClickFix campaign uses fake macOS utilities lures to deliver infostealers • Between Intent and Capability: Assessing the Lack of Iranian Attacks on the U.S. Homeland • The Canvas Hack Is Disrupting Schools and Universities Across the Country • OT Cybersecurity Lessons Learned from the Frontlines • English Language Video Attributed to Al-Qaeda in the Arabian Peninsula Calls for Lone Wolf Attacks in the West

A cybersecurity line just got crossed. Google has now confirmed the first known case of hackers using artificial intelligence to build a working zero-day exploit that bypasses two-factor authentication. At the same time, Instructure the company behind Canvas, used by over 9,000 schools worldwide appears to have quietly paid a ransom after ShinyHunters stole 275 million student and teacher records and defaced hundreds of school login pages. And if you think these attacks are rare, new data from BlackFog says otherwise: 90% of ransomware attacks this quarter were never publicly disclosed. Most breaches never make headlines. On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre break down three stories that reveal where cybercrime is heading next and why most organizations are less prepared than they think. This Week's Cybersecurity Breakdown 1. Canvas / Instructure Data Breach & Apparent Ransom Payment One of the largest education-sector breaches in recent memory: 275 million records allegedly stolen 3.65 TB of data taken from roughly 8,800+ schools Harvard, Stanford, Columbia, Duke, UNC, and other institutions impacted ~330 Canvas login portals defaced with ransomware messages Instructure later announced it had “reached an agreement” with attackers 2. AI Builds the First Confirmed Zero-Day Exploit Google's Threat Intelligence Group confirmed a major escalation: AI used to create a working zero-day exploit Attack specifically targeted two-factor authentication protections Signals a shift in offensive cyber capabilities previously associated with nation-state actors AI is no longer just assisting attackers it's helping build the attacks themselves 3. BlackFog Q1 2026 Report The Hidden Ransomware Crisis The public only sees a fraction of what's happening: 2,160 undisclosed ransomware attacks vs. 264 disclosed Only 1 in 9 attacks becomes public Average ransom demands surpassed $1 million Data stolen in 96% of incidents before encryption Backups alone are no longer enough The Bottom Line Cybersecurity is entering a new phase. AI is accelerating offensive capabilities Ransomware groups are operating in the shadows And organizations are quietly paying attackers to keep breaches out of public view This isn't just a technology problem anymore. It's an operational reality every business leader needs to understand. Support the show: buymeacoffee.com/securitysquawk Subscribe for weekly breakdowns of ransomware, cybercrime, AI threats, and executive-level cybersecurity strategy.

Today's Headlines: The Iran war is very much back on — Trump threatened Iran with "one big glow," called the exchange of fire "just a love tap," and bragged about sinking small boats, while US intelligence confirmed Iran still has about 70% of its missiles intact despite Trump claiming it's down to 18-19%. Gas prices have hit $4.50 a gallon — up over 50% since the war started — with CEOs warning that consumer spending is collapsing and everyone is borrowing to get by. Shell, meanwhile, posted $7 billion in Q1 profits, more than double the previous quarter, which seems fine. As if the war weren't enough to worry about, on the redistricting beat, Tennessee signed a new map eliminating the state's one Democratic seat by splitting Memphis into four suburban districts, Alabama passed their gerrymandering legislation while tornado sirens blared and the building flooded, and Mississippi is planning their own special session in a Jim Crow-era capitol that's been a museum for years. On top of that, Marco Rubio announced new sanctions on Cuba's state-owned industries and military conglomerate, while the State Department quietly beefs up disaster preparedness in South Florida in anticipation of further Cuba hostilities. Somehow Kash Patel is in the news again, he reportedly ordered polygraphs for over two dozen staff to find out who talked to The Atlantic about his drinking, while launching a criminal leak investigation against the reporter he's also suing for $250 million. Elsewhere, Trump's 10% tantrum tariff was ruled illegal by the Court of International Trade, Elon Musk was formally summoned by the French government to cooperate in their X investigation after skipping a voluntary interview — with Trump's DOJ calling it a "criminally charged criminal proceeding" — and Kalshi raised a billion dollars bringing its valuation to $22 billion, which means someone should probably check if their headquarters exists. And finally, a ransomware attack on Canvas knocked out coursework for students at over 3,000 schools, which is either a crisis or the greatest thing ever depending on your GPA. Resources/Articles mentioned: Axios: Iran and U.S. exchange fire in Strait of Hormuz Bloomberg: Consumers Are ‘Running Out of Money' and Cutting Back, CEOs Warn Bloomberg: Consumers Are ‘Running Out of Money' and Cutting Back, CEOs Warn NYT: Shell Reports Nearly $7 Billion Profit After Oil Prices Surged Amid U.S.-Iran War WaPo: U.S. intelligence says Iran can outlast Trump's Hormuz blockade for months Axios: Rubio announces new Cuba sanctions Mother Jones: After SCOTUS Destroyed the Voting Rights Act, Southern States Rush to Pass Jim Crow Voting Maps WVLT: TN governor signs new congressional map into law, dividing Memphis and marking end of special session The New Republic: Alabama Republicans Vote to Pass New Map as Tornado Sirens Blare The Guardian: Mississippi house to hold redistricting session at Jim Crow era capitol MS Now: Kash Patel ordered polygraphs of more than two dozen members of his team, sources say NYT: Trade Court Rules Trump's 10% Global Tariff Is Illegal WSJ: Elon Musk Summoned to France to Face Criminal Charges NYT: Kalshi, The Prediction Market, Is Now Valued At $22B  WSJ: Harvard, Berkeley and Thousands of Schools Suffer Cyber Outage Subscribe to the Betches News Room and join the Morning Announcements group chat. Go to: betchesnews.substack.com Morning Announcements is produced by Sami Sage and edited by Grace Hernandez-Johnson Learn more about your ad choices. Visit megaphone.fm/adchoices

Are we ready for emerging cybersecurity threats in the world of AI? This week, Technology Now looks at how AI has changed the world of cybersecurity for both the good and the bad. We ask how AI is harnessed by attackers to try and gain access to our systems while also exploring how AI can be used defensively too. David Hughes, SVP SASE Security, HPE Networking, tells us more. This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Sam Jarrell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations.About David: https://www.linkedin.com/in/david-hughes-42751636/Sources: https://www.totalassure.com/blog/cyber-attack-statistics-by-year-2020-2025

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

CISA warns CopyFail is under active exploitation. Attackers compromise installers for a widely used disk imaging utility. MuddyWater masks cyberespionage as ransomware. Attackers spread malware through a fake OpenClaw plugin. Researchers ID a new Linux RAT. Vimeo blames a third party provider for a recent breach. Palo Alto's Captive Portal is under attack. The FTC settles with a data broker over location sharing. A former Conti gang member gets jail time. Our guest is Dov Yoran, CEO of Command Zero, discussing how cybersecurity teams are fighting AI with AI. Geotargeting turns creepy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Dov Yoran, CEO of Command Zero, discussing how cybersecurity teams are fighting AI with AI. Selected Reading Attackers are cashing in on fresh 'CopyFail' Linux flaw (The Register) Hackers compromise Daemon Tools in global supply-chain attack, researchers say (The Record) Iranian APT Intrusion Masquerades as Chaos Ransomware Attack (SecurityWeek) Malicious OpenClaw Skill Targets DeepSeek Agentic AI Workflows (Cyber Press) Sophisticated Quasar Linux RAT Targets Software Developers (SecurityWeek) ShinyHunters claims dump puts 119K Vimeo emails in the wild (The Register) Palo Alto Networks warns of firewall RCE zero-day exploited in attacks (Bleeping Computer) FTC bans data broker Kochava from selling sensitive location info (The Record) Conti, Akira Affiliate Sentenced to 102 Months in Prison for Ransomware and Extortion Operations Targeting over 50 Organizations (TechNadu) A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory (CyberScoop) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

How secure is your Active Directory infrastructure? While at Zero Trust World in Orlando, Richard chatted with Spencer Alessi about his work helping companies secure Active Directory, making it more difficult for black hats to exploit it for lateral moves during a breach attempt. Spencer talks about the increasing speed of these exploits, making it much harder to block them after the fact, so it's best to make AD too difficult to target. Jake Hildreth's Locksmith tools are a great place to start - free and open source. There are also Microsoft tools and Spencer's own AD Security Resource Kit to help evaluate your AD infrastructure and lock it down! Links Locksmith Enhanced Security Admin Environment Active Directory Security Resource Kit Recorded March 4, 2026

Got a question or comment? Message us here!Qilin ransomware is deploying a malicious DLL to disable EDR tools before encryption begins. In this #SOCBrief, we break down how the attack works, what to look for, and how defenders can respond. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

What if ransomware did not begin with criminals, but with curiosity? In this episode of Breaking Math, Autumn and Noah talk with Anja Shortland, professor of political economy at King's College London and author of Dark Screens. This conversation explores how playful hacking evolved into professionalized cybercrime, why ransomware gangs operate like morally questionable internet startups, how cryptocurrency made ransomware scalable, and why hospitals, governments, universities, and critical infrastructure remain especially vulnerable. We also dig into the mathematics behind encryption, asymmetric cryptography, game theory, negotiation, cyber insurance, and the uncomfortable trade-offs between freedom, privacy, and regulation. Chapters 00:00 The origins of ransomware and early hacker culture 02:13 The evolution of ransomware attacks since 2013 03:14 The paradox of cybercriminals as entrepreneurs 06:19 Early hackers: Steve Jobs and Wozniak as pioneers 12:34 The moral and legal landscape of hacking and cybercrime 13:39 The importance of cybersecurity awareness for individuals 15:03 The arms race: attackers vs defenders and the role of math 16:02 The technological innovations behind ransomware 19:21 Asymmetric encryption and cryptocurrency in ransomware 20:53 Bitcoin and the dark web: enabling cybercrime 22:45 The impact of AI on future cyber threats and defenses 34:07 The future of ransomware and cybersecurity challenges Follow Anja Shortland on LinkedIn (https://uk.linkedin.com/in/anja-shortland-53133b231)Book (https://amzn.to/4d6pB4X) Follow Breaking Math on Substack (https://breakingmath.substack.com/) Twitter (https://x.com/breakingmathpod) X (https://www.instagram.com/breakingmathmedia/) Bluesky (https://bsky.app/profile/breakingmath.bsky.social) Website (https://www.breakingmath.io/) Follow Noah onInstagram (https://www.instagram.com/profnoahgian/)Twitter (https://x.com/ProfNoahGian)Bluesky (https://bsky.app/profile/profnoahgian.bsky.social)Follow Autumn on X (https://x.com/1autumn_leaf) Bluesky (https://bsky.app/profile/1autumnleaf.bsky.social) Instagram (https://www.instagram.com/1autumnleaf/) Substack (https://substack.com/@1autumnleaf) email: breakingmathpodcast@gmail.com

Unlocking the Future of Quantum: Insights from Dr. Katrina Rosseini. Join us as Dr. Rod Berger converses with cybersecurity expert and emerging tech innovator, Dr. Katrina Rosseini, about the impact of AI, quantum computing, and the evolving technology landscape on society, security, and education. Discover how curiosity and diverse experiences shape the pioneers of tomorrow and what we need to do today to prepare. Main Topics Covered: Dr. Rosseini's journey into emerging technologies and the role of curiosity The influence of immigrant background and family stories on her career Critical infrastructure security and the importance of cybersecurity in hospitals The evolution and potential of quantum computing and its connection to AI The impact of emerging tech on global security, including encryption and cyber warfare How continuous updates and AI training sharpen skills and prepare us for technological advances The disruptive potential of quantum and AI in industries like drug discovery and logistics Challenges and opportunities in redefining higher education for a digital future The importance of early STEM education and creative approaches to tech training for future generations Insights into the pace of innovation in China and the necessity for a proactive educational system Timestamps: 00:00 - Introduction to the podcast and Dr. Katrina Rosseini's background 00:56 - The importance of broad, deep approaches in emerging tech 01:50 - Dr. Rosseini's career path from hospitals to critical infrastructure 02:20 - Curiosity as the key driver into emerging technologies 03:28 - Behavioral science, tech, and education 04:07 - Growing up in an immigrant household and early questions about economics and technology 05:06 - Ransomware attacks on hospitals and their implications 05:49 - Dr. Rosseini's doctoral research on critical infrastructure vulnerabilities 06:28 - The rapid evolution of AI and its societal impact 07:04 - Overcoming obstacles as a woman in tech 08:26 - Her parents' immigrant story and their influence 09:26 - The legacy of courage and sacrifice in family history 11:07 - The necessity of engaging with emerging tech in education 12:25 - Opportunities for young people in the emerging tech landscape 13:22 - The value of diverse experiences and internal fulfillment 14:22 - Reinventing oneself in the era of AI and emerging tech 15:42 - The importance of perspective in technological change 16:16 - Using curiosity to stay sharp and adaptable 17:02 - Changing perceptions of aging and personal growth 17:42 - The synergy between AI and quantum computing 18:57 - Demystifying quantum computing and its future impact 21:34 - Quantum's role in medicine, physics, and logistics 22:38 - Quantum as a bridge to future innovations 23:26 - Misinformation and realistic timelines for quantum advancements 24:58 - The security challenges of quantum and AI convergence 26:12 - Quantum encryption and post-quantum cryptography 28:48 - How AI supercharges quantum potential and its risks 30:34 - Preparing your brain for rapid technological evolution 31:21 - Disruption in transportation and security through emerging tech 33:43 - The future of continuous authentication and biometric security 34:57 - The fascinating neural networks of octopuses as a metaphor 35:59 - Educating the next generation for the quantum era 36:14 - Rethinking higher education in an accelerated, technology-driven world 38:44 - The global race in quantum education and innovation 39:43 - The need for creative, practical tech training from early education 40:12 - Overcoming societal and institutional barriers to innovation 41:09 - Final thoughts on embracing curiosity and human potential Resources & Links: Light Leap AI Dr. Katrina Rosseini's LinkedIn (if available) Quantum Computing Explained (example book on Amazon) Connect with Dr. Katrina Rosseini: LinkedIn Twitter Special Thanks: N2N Services | Light Leap AI

In this week's Security Sprint Dave and Andy covered the following topics:Opening• Homeland Security Funding Bill Passed, Includes Money for CISA • Browser Extensions and Shadow AI: Unmanaged Threats to Privacy — Gate 15• Data Centers, Telecommunications Networks, and Space-Based Systems: Modernizing DHS's SRMA Role for the Communications and IT Sectors — House Committee on Homeland Security• New Cybersecurity Guide Targets Rising Threats to Food and Agriculture SMBs • Maine Law Requires Hospitals to Enact Cybersecurity PlansMain TopicsNew FTC Data Show People Have Lost Billions to Social Media Scams - Federal Trade Commission - 23 Apr 2026 The Federal Trade Commission reported that consumers have lost billions of dollars to scams originating on social media platforms, with fraudsters leveraging impersonation, investment schemes, and romance scams to exploit user trust. Take9! 9 Seconds For A Safer World. Cyber threats are everywhere. And getting sneakier. What can you do to protect yourself, your community and our nation? New 2026 ‘IOCTA' highlights sophisticated tactics and emerging challenges in the digital landscape – Europol unveils comprehensive analysis of evolving cybercrime threats - Europol - 28 Apr 2026 Europol released its 2026 Internet Organised Crime Threat Assessment, warning that encryption, proxies, artificial intelligence, dark web marketplaces, cryptocurrencies, fraud ecosystems, ransomware, and child sexual exploitation are expanding the cybercrime landscape. Global Encryption Coalition (GEC). The Global Encryption Coalition (GEC) was founded in 2020 by the Center for Democracy & Technology, Global Partners Digital and the Internet Society and now has over 350 members. Gate 15 is a proud member of the GEC. Ransomware! Weekly ransomware & data leak landscape; A seven-day view of claim activity, leak escalation, actor concentration, sector shifts, and supporting news context from eCrime.ch. — eCrime.ch — 26 Apr 2026. The eCrime weekly report provides a seven-day analysis of ransomware claim activity, data leak site postings, actor concentration, and sector targeting trends. • NCC Group Monthly Threat Pulse - Review of March 2026 • Ransomware and Cyber Extortion in Q1 2026 - ReliaQuest Presidential Message on National Hurricane Preparedness Week - The White House - 03 May 2026 This message encourages Americans in hurricane-prone areas to prepare before the season by protecting property, building emergency plans, assembling supplies, and monitoring forecasts and evacuation routes. It emphasizes local and state frontline roles while describing federal support for response and recovery. • Hurricane Preparedness - NOAA • Summer forecast 2026: Heat, severe storms to shape the season as El Niño develops, strengthens - AccuWeather• 2026 Hurricane Awareness Webinars - NOAA Quick Hits• Email threat landscape: Q1 2026 trends and insights — Microsoft Security Blog • Tycoon2FA disruption impact• QR code phishing attacks• CAPTCHA tactics• Malicious payloads• Business email compromise• Defending against email threats• Microsoft Defender detections• Alert - AL26-008 - Vulnerability affecting cPanel and WebHost Manager (WHM) - CVE-2026-41940 - Canadian Centre for Cyber Security • Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks • To recover your files kindly send 0.1 BTC to… ransom note appears on websites • The cPanel Situation Is… - • cPanel authentication bypass vulnerability CVE-2026-41940 exploited • Over 40,000 Servers Compromised in Ongoing cPanel Exploitation • Cole Allen's journey from Caltech grad to accused gunman in D.C. attack • Footage shows White House correspondents' dinner suspect 'casing' hotel: US attorney • Washington Hilton says it was using Secret Service protocols on night of attack

A major U.S. payment processor just got hit by ransomware, again. TSYS, one of the largest payment processors in the country, has been attacked by the Everest ransomware group for the second time in five years. Industry experts warned this was coming. It happened anyway. At the same time, ShinyHunters claims it stole 275 million records from Instructure, the company behind Canvas, the learning platform used by over 9,000 schools. Names, student IDs, and billions of private messages between students and teachers are now at risk. And in healthcare, regulators just fined four companies $1.165 million for ransomware-related failures, not because they were hacked, but because they ignored basic security requirements that have been in place since 2003. In one case, attackers sat inside a network for 16 months undetected. These aren't advanced attacks. These are failures to do the fundamentals. This Week's Cybersecurity Breakdown 1. TSYS Ransomware Attack (Everest Group) A repeat breach at a major payment processor: Systems encrypted and data exfiltrated Second major incident in five years Also impacts Fiserv Raises serious questions about systemic risk in payment infrastructure 2. Instructure / Canvas Data Breach (ShinyHunters) Massive education sector exposure: 275 million records allegedly stolen Student data, IDs, and private communications compromised Root cause: Salesforce misconfiguration Potential impact across 9,000+ schools 3. HHS HIPAA Fines for Ransomware Failures Regulatory enforcement is accelerating: $1.165 million in fines across four companies Failure to complete required security risk assessments One breach went undetected for 16 months OCR has now completed 19 ransomware investigations with the same pattern The Bottom Line These attacks aren't breaking through defenses. They're walking through doors that were never closed. Misconfigurations Missing risk assessments Known vulnerabilities left unpatched This isn't a technology problem. It's an execution problem. Support the show: buymeacoffee.com/securitysquawk Subscribe for weekly breakdowns of real-world cyber threats, ransomware attacks, and executive-level security insights.

Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as malware and removed them from Windows systems, breaking trust chains and causing widespread application failures. The issue was traced to a faulty detection signature (Trojan:Win32/CertyAgent), now fixed in update version 1.449.430.0.  At the same time, DigiCert confirmed a separate security incident where attackers compromised support systems and used internal tools to issue valid code-signing certificates. At least 60 certificates were revoked, including 27 linked to the Zong Stealer malware campaign.  Meanwhile, a critical cPanel vulnerability (CVE-2026-41940) is being actively exploited. Attackers used the flaw as a zero-day since February, compromising at least 44,000 servers and deploying new SORI ransomware using ChaCha20 and RSA-2048 encryption.  Also in this episode: The Linux "Copyfail" privilege escalation bug is now confirmed exploited and added to CISA's Known Exploited Vulnerabilities list A 10/10 critical vulnerability (CVE-2026-37541) in Open Vehicle Monitoring System could allow remote code execution in connected car environments This episode breaks down how these attacks work, why patch timing matters, and where organizations are most exposed right now. Cybersecurity Today would like to thank Material Security for supporting this podcast.  Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365.  Contact them at  material[dot]security  Suggested Chapters (for retention and SEO) 00:00 Microsoft Defender deletes trusted certificates 02:20 DigiCert breach and stolen code-signing certificates 05:20 cPanel zero-day exploited, 44,000 servers compromised 08:40 Linux Copyfail vulnerability now actively exploited 10:40 Critical flaw in open-source car software  

Network segmentation to prevent ransomware isn't just a nice-to-have — the UCSF ransomware attack proves it's what separates a contained incident from a catastrophe. UCSF got hit. Their segmented network kept the damage from spreading across their entire operation. That's the difference we're talking about in this episode.Dr. Mike Saylor — my co-author on Learning Ransomware Response and Recovery — joins me and Prasanna to break down exactly how network segmentation works, why it matters for ransomware defense, and how to start doing it without breaking everything in the process. (Not that I've ever done that. Much.)We cover what segmentation actually is, how VLANs make it manageable, the "need to talk" principle, and where microsegmentation fits in — and when it becomes overkill. We also get into the complexity trap: more rules and more layers don't automatically mean more protection. Sometimes they mean nobody can troubleshoot anything when the house is on fire.If you're an IT admin trying to make the case for better network architecture, or you just want to understand what would actually stop ransomware from ripping through your environment, this is the episode.Chapters:00:00:00 — Intro00:01:40 — Welcome & Guest Introductions00:05:17 — Case Study: UCSF Ransomware Attack00:08:13 — What Is Network Segmentation?00:12:32 — VLANs Explained00:19:50 — The Need to Talk Principle00:30:54 — Complexity vs. Security00:31:09 — Microsegmentation00:38:55 — Action Items: Where to Start00:42:05 — Monitoring VLAN Traffic

Spring E-Cycle Show with Matt Service of Environmental Office Solutions. Ad Blocking needs with Win 11, Agentic AI deletes Database in 9 seconds, Your Dental Records are getting leaked, Ransomware negotiator going to jail, Website software management exploit

The Cheat Sheet is The Murder Sheet's segment breaking down weekly news and updates in some of the murder cases we cover. In this episode, we'll talk about cases from Washington, D.C., Connecticut, and Florida.Tim Heidecker's statement on the purchase of InfoWars: https://www.yahoo.com/entertainment/celebrity/articles/tim-heidecker-releases-first-statement-181500352.htmlThe Texas Tribune's report on Alex Jones's sustained defamation of Sandy Hook victim families: https://www.texastribune.org/2022/10/12/alex-jones-sandy-hook-shooting/NPR's report on the lawsuits against Alex Jones: https://www.npr.org/2022/08/03/1115414563/alex-jones-sandy-hook-caseBritannica's entry on the murders of students and educators at the Sandy Hook Elementary School: https://www.britannica.com/event/Sandy-Hook-Elementary-School-shootingThe Washington Post's report on ChatGPT's role in the mass shooting at Florida State University and the murders of Robert Morales and Tiru Chabba and the case against Phoenix Ikner: https://www.yahoo.com/news/articles/chatgpt-allegedly-advised-florida-state-shooter-when-and-where-to-strike-194338484.htmlRead about the jury that got time off in the Max Emerson murder case against Jaime Macedo at NBC: https://www.nbcwashington.com/news/local/catholic-u-murder-trial-jury-deliberations-may/4094151/Read more about the Emerson murder case at NBC: https://www.nbcwashington.com/news/local/defense-in-catholic-u-murder-trial-can-call-detective-pulled-from-case-judge-says/4080934/Tech Radar's article on former Federal Bureau of Investigation cyber division deputy Cynthia Kaiser's comments on ransomware attacks: https://www.techradar.com/pro/security/felony-murder-law-does-not-require-that-a-defendant-pull-the-trigger-ex-fbi-chief-calls-for-ransomware-attackers-to-face-homicide-charges-if-attacks-lead-to-deathsCheck out our upcoming book events and get links to buy tickets here: https://murdersheetpodcast.com/eventsPre-order our book on Delphi here: https://bookshop.org/p/books/shadow-of-the-bridge-the-delphi-murders-and-the-dark-side-of-the-american-heartland-aine-cain/21866881?ean=9781639369232Or here: https://www.simonandschuster.com/books/Shadow-of-the-Bridge/Aine-Cain/9781639369232Or here: https://www.amazon.com/Shadow-Bridge-Murders-American-Heartland/dp/1639369236Join our Patreon here! https://www.patreon.com/c/murdersheetSupport The Murder Sheet by buying a t-shirt here: https://www.murdersheetshop.com/Check out more inclusive sizing and t-shirt and merchandising options here: https://themurdersheet.dashery.com/Send tips to murdersheet@gmail.com.The Murder Sheet is a production of Mystery Sheet LLC.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

In this episode of Unspoken Security, host A.J. Nash sits down with Cynthia Kaiser, SVP at Halcyon's Ransomware Research Center. They explore how ransomware grew from a niche crime into a business, and why security teams now face faster attacks, extortion, and a threat landscape that blurs crime and state activity.Cynthia traces the shift from early encryption schemes to double and triple extortion, then explains how professional crews use access brokers, deepfakes, and AI-assisted phishing to move in hours, not weeks. She also breaks down how Russian-speaking groups, Iranian actors, and state-linked operations use cybercrime for profit, cover, and pressure.She argues that defenders still need the basics: harden identity, patch fast, assume breach, and build response plans that include PR. Cynthia closes with a blunt point: ransomware and fraud are not side issues. They hit hospitals, businesses, and families every day in ways nation-state threats often do not.Send us Fan MailSupport the show

In this episode, we break down the FBI's latest Internet Crime Report naming healthcare as the top ransomware target, OCR's four new HIPAA settlements totaling over $1 million, and the Medtronic data extortion incident affecting millions of records. We also examine findings from Paubox's Healthcare Email Security Maturity Index, which reveals critical gaps in AI-based defenses despite rising AI-driven attacks, and discuss what these trends mean for your organization's security posture.

All links and images can be found on CISO Series Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Heath Renfrow, co-founder, Fenix24. In this episode: Knowing which systems to save first Recovery is a business conversation, not an IT ticket Not all systems are created equal Recovery knowledge as a governed asset A huge thanks to our sponsor, Fenix24   Fenix24 is the world's leading breach recovery firm, providing rapid ransomware restoration, full asset visibility, and threat informed hardening. Alongside expert recovery services, Fenix24 delivers ongoing managed protection that secures backups, infrastructure, and critical controls, helping organizations stay resilient, recoverable, and prepared for modern cyber threats. Learn more at fenix24.com.

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

“It's like wrecking a car to steal a pair of sunglasses. The sunglasses are the ransom. The damage to the car is fifty to seventy-five billion dollars a year.” — Anja Shortland Cybercrime is booming. Ransomware attacks — where criminal gangs encrypt your servers and hold your data hostage until you pay — cost victims somewhere between fifty and seventy-five billion dollars a year in damage. The hackers themselves pocket around a billion. As Anja Shortland, professor of political economy at King's College London and author of Dark Screens: Hackers and Heroes in the Shadowy World of Ransomware, puts it: “it's like wrecking a car to steal a pair of sunglasses.” The sunglasses are the ransom. The wrecked car is the damage to the rest of us. Shortland is an expert in extortive crime — transactions where a legal entity has to make a deal with a criminal group under conditions of zero trust. She has studied kidnap for ransom, Somali piracy, art theft, and now the booming business of ransomware. What fascinates her is not the crime itself but the institutions that emerge in the space between the legal world and the criminal underworld: the insurance companies that price the risk, the negotiators who manage the transaction, the norms that make it possible for a corporation to pay a criminal gang and actually get its data back. In Russia, hacking Westerners isn't even a crime. In North Korea, it's an actual department with a small army of government employees. In Iran, it's a foreign policy. Criminality, Shortland thus argues, is defined by whoever holds power. The game-changer, she argues, is cryptocurrency. Without it, ransomware doesn't work — you can't move money anonymously at scale without it. Regulate cryptocurrency, and you take the profit motive out of most of what she studies. The irony is that the current American administration is amongst the most crypto-friendly in history. Meanwhile, AI — specifically Anthropic's Claude Mythos, the hacking model that was leaked rather than released — is about to give criminals tools that only well-resourced banks and corporations can currently deploy defensively. So cybercrime will continue to boom. Expect a pile-up of wrecked cars on our information highway.Five Takeaways •       We Know You Can Pay a Million: The title of the UK edition of Shortland's book is the most revealing line in ransomware. Criminal gangs don't pick ransom figures arbitrarily. They spend weeks inside the victim's systems, studying cash flow, cash reserves, and insurance coverage, before setting a demand on the painful side of affordable. The victim usually pays — because the alternative is losing access to patient records, customer data, or patents permanently. The hackers know this. The negotiation that follows is, in Shortland's framing, a transaction between parties with zero trust and one thing in common: both want a deal. •       In Russia, It's Not a Crime: Ransomware is not a uniform global crime. In Russia, theft and extortion directed at Westerners is not considered a criminal act. In North Korea, hacking is organised as a government department — a state revenue stream, not a criminal enterprise. The line between crime and legitimacy is drawn by whoever holds power. This complicates any enforcement response: you cannot extradite a North Korean government employee. You cannot prosecute a Russian hacker in a Russian court. The only effective levers are diplomatic, financial, and technical — and all three are currently being weakened. •       Insurance Orders Criminality: Shortland's most counterintuitive argument: insurance companies are not passive bystanders in ransomware. They are active market-makers. By pricing the risk, they create the conditions under which a corporation can make a rational decision to pay. By negotiating on behalf of victims, they create norms — what a fair ransom looks like, what proof of decryption looks like, what happens if the hackers don't deliver. Insurance, in Shortland's telling, is what makes the criminal market function. Most people think insurance is boring. They are not thinking about this. •       Cryptocurrency Is the Real Game-Changer: Ransomware as a profitable business model did not exist before cryptocurrency. Without the ability to move money anonymously at scale, without blockchain verification that payment has been received, the transaction between criminal and victim cannot be completed. Regulate cryptocurrency — apply the anti-money-laundering frameworks that govern wire transfers and bank accounts — and you take the profit motive out of most of what Shortland studies. The irony: the current American administration is among the most crypto-friendly in history, and the president's own family has direct financial interests in the sector. •       Claude Mythos and the Asymmetric AI Problem: Anthropic's Claude Mythos — the AI model built to find software vulnerabilities, which was leaked rather than formally released — is the next phase of this war. The defensive use case is real: a well-resourced bank can use it to find and fix its vulnerabilities before attackers do. The problem is asymmetry. A large financial institution can deploy Claude Mythos defensively. Wiltshire County Council, a local hospital, a dental practice, a legal firm — the soft targets that ransomware gangs prefer — cannot. The hackers will eventually get it. The debate about who should be allowed to use it, and under what conditions, has not happened. That is what worries Shortland most. About the Guest Anja Shortland is a Professor of Political Economy at King's College London and the author of Dark Screens: Hackers and Heroes in the Shadowy World of Ransomware (Princeton University Press, 2025; US edition April 2026) and Kidnap: Inside the Ransom Business. She was a member of the Ransomware Task Force. References: •       Dark Screens: Hackers and Heroes in the Shadowy World of Ransomware by Anja Shortland (Princeton University Press, US edition April 2026). •       Steven Levy, Hackers: Heroes of the Computer Revolution (1984) — referenced in the interview as the origin story of hacking culture. •       Episode 2885: Keith Teare on Adulting — the week Anthropic's Claude Mythos was discussed; the Shortland interview is the companion piece on what it means in practice. About Keen On America Nobody asks more awkward questions than the Anglo-American writer and filmmaker Andrew Keen. In Keen On America, Andrew brings his pointed Transatlantic wit to making sense of the United States — hosting daily interviews about the history and future of this now venerable Republic. With nearly 2,900 episodes since the show launched on TechCrunch in 2010, Keen On America is the most prolific intellectual interview show in the histo...

Lawfare Book Review Editor Jonathan Cedarbaum sits down with Anja Shortland, professor of political economy at King's College London, to discuss her new book, "Dark Screens: Hackers and Heroes in the Shadowy World of Ransomware." The book offers a history of the development of ransomware into perhaps the most important form of cyber crime, costing the global economy $75 billion a year. In the book, Shortland depicts the evolving strategies of ransomware organizations and the efforts by governments and corporations to defend themselves from this often crippling type of cyber attack. Shortland and Cedarbaum talk about the emergence of organized criminal groups specializing in digital extortion over the past 15 years, some of their most spectacular hacks, how target organizations have worked to make themselves more resilient to ransomware attacks, and how governments have sought to disrupt ransomware groups.To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also support Lawfare by making a one-time donation at https://givebutter.com/lawfare-institute.Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.

So you've been hacked… Now what?!

Send us Fan MailA talk with Dr Anya Shortland about the economics of ransomware and the gray-zone institutions that let extortion markets function when nobody can truly enforce trust. We dig into how cyber insurance quietly becomes a form of governance, why data leaks change the game, and what national security risks emerge as everything gets connected. • criminal markets that sit between legal firms and underworld gangs • insurance as governance through protocols, repeat play, and incident response packages • why victims amplify risk when they throw money at crises • the origin story of early ransomware and the transaction costs that made it fail • step-by-step ransomware mechanics from phishing to exfiltration to encryption • how gangs price ransoms by reading cash flow and insurance certificates • leak sites, privacy regulation, and third-party liability as bargaining leverage • why cyber insurance is fragmented and slow to enforce security standards • deductibles, coverage caps, and market hardening that push better cybersecurity • AI-enabled phishing and the asymmetric arms race between attackers and defenders • state-linked ransomware, impunity jurisdictions, and critical infrastructure threats • efficiency versus resilience in smart cities and the Internet of Things Anja Shortland at Kings College LondonShortland's book, Dark Screens:  https://www.amazon.com/Dark-Screens-Hackers-Shadowy-Ransomware/dp/1541705750Shortland's first TAITC episode: "Deals with shadows"Links mentioned in podcast:Alex Danco's pirate puzzlePete Leeson's book, The Invisible HookDavid Deutsch's book, The Beginning of InfinityIf you have questions or comments, or want to suggest a future topic, email the show at taitc.email@gmail.com !You can follow Mike Munger on Twitter at @mungowitz 

Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Simple 6 signup link https://simple6.co/r/CFUR98   CISA orders immediate patching for Windows Defender Zero Day https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-microsoft-defender-flaw-exploited-in-zero-day-attacks/ https://x.com/k1rallik/status/2044844102127165912?s=20    Ransomware negotiator pleads guilty to helping ransomware gangs https://www.bleepingcomputer.com/news/security/former-ransomware-negotiator-pleads-guilty-to-blackcat-attacks/   Hairdryer used to win Polymarket bet https://www.engadget.com/big-tech/someone-allegedly-used-a-hairdryer-to-rig-polymarket-weather-bets-155312411.html  https://www.cnbc.com/2026/04/23/doj-soldier-polymarket-bets-venezuela-maduro.html   Apple patches Signal notification bug https://www.bleepingcomputer.com/news/security/apple-fixes-ios-bug-that-retained-deleted-notification-data/   AI is training on data from dead companies https://www.forbes.com/sites/annatong/2026/04/16/ais-new-training-data-your-old-work-slacks-and-emails/   Best NES games https://nekorandom.com/2022/07/04/fun-fact-why-mike-tyson-was-replaced-in-punch-out/   Dad Joke of the Week (DJOW)   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/

This episode features Jeremiah Baker discussing emerging cybersecurity threats, specifically how AI is being weaponized by cybercriminals. He highlights the use of AI to accelerate and automate scams, using a specific example of internal chat breaches leading to extortion. The conversation emphasizes the evolving landscape of cybersecurity and the need to stay informed about new tactics.Key TakeawaysAI is being used to automate and accelerate cyber scams: Criminals are using AI to rapidly sift through data and identify vulnerabilities.Ransomware-like extortion is on the rise: Threat actors are going beyond encrypting data and are now leveraging sensitive information for financial gain.Internal communication tools are a ripe target: Compromised admin accounts in internal chat platforms provide access to a wealth of sensitive data.Compromising conversations are being weaponized: AI can quickly analyze chat logs to identify conversations that can be used for blackmail.Financial extortion can target individual executives: Cybercriminals may directly target individuals with compromising information gathered from corporate systems.Our guest is an experienced cybersecurity professional focused on emerging threat vectors. They provide deep insights into how artificial intelligence is changing the game for both attackers and defenders.---Sponsored by CPF Coaching LLC - http://cpf-coaching.comThe Breaking into Cybersecurity: It's a conversation about what they did before, why they pivoted into cyber, what the process was they went through, how they keep up, and advice/tips/tricks along the way.The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership, as well as tips/tricks/advice from cybersecurity leaders.Check out our books:The Cybersecurity Advantage - https://leanpub.com/the-cybersecurity-advantageDevelop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level https://amzn.to/3443AUIHack the Cybersecurity Interview: Navigate Cybersecurity Interviews with Confidence, from Entry-level to Expert roleshttps://www.amazon.com/Hack-Cybersecurity-Interview-Interviews-Entry-level/dp/1835461298/Hacker Inc.: Mindset For Your Careerhttps://www.amazon.com/Hacker-Inc-Mindset-Your-Career/dp/B0DKTK1R93/---About the hosts:Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and encouraging more people to enter the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/Download a free copy of her book at magnetichiring.com/bookChristophe Foulon focuses on helping secure people and processes, drawing on a solid understanding of the technologies involved. He has over ten years of experience as an Information Security Manager and Cybersecurity Strategist. He is passionate about customer service, process improvement, and information security. He has significant expertise in optimizing technology use while balancing its implications for people, processes, and information security, through a consultative approach.https://www.linkedin.com/in/christophefoulon/Find out more about CPF-Coaching at https://www.cpf-coaching.com

Stop Using VSS as a Backup Before Ransomware Deletes Your Shadow CopiesRansomware deletes shadow copies using your own built-in Windows tools against you — and if VSS was your backup plan, you just found out the hard way that it wasn't. In this episode, W. Curtis Preston (Mr. Backup), Prasanna Malaiyandi, and Dr. Mike Saylor break down exactly what shadow copies are, why they don't qualify as a real backup, and how attackers are weaponizing vssadmin to wipe your recovery options before you even know you're under attack.If you've got Windows systems and you've been thinking "eh, we've got shadow copies," this episode is for you. We cover the history of VSS — what it was actually designed for, why it became a crutch, and why using it as your primary backup strategy is a bad idea on multiple levels. Performance, the 3-2-1 rule, and the fact that one attacker with admin rights can delete every single copy in seconds. We also get into the living off the land angle: how attackers do recon on your shadow copies, how they use them to scope out valuable data before going full ransomware, and what you can actually do to detect and respond to this behavior using EDR tools.The bottom line: VSS is a great tool. It was just never meant to be your backup. Get a real one.Chapters:0:00 — Intro1:39 — Welcome & Book Talk3:26 — What Are Shadow Copies and Why Do People Use Them as Backups?9:14 — Performance Problems with VSS as a Backup10:19 — Living Off the Land: How Ransomware Uses VSS Against You12:36 — Can You Monitor or Lock Down VSS Admin?14:26 — Why Shadow Copies Fail the 3-2-1 Rule (They're Not a Backup)18:01 — How to Protect Yourself: Configuring Your EDR21:31 — The Local Admin Problem and Security Culture27:00 — Virtualization, Snapshots, and Shadow Copies29:00 — Final Thoughts: Just Don't Do That

Malware that disables a system in exchange for a ransom, usually by encrypting the system's data until the user pays for the decryption key. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/ransomware⁠ Audio reference link: ⁠https://watch.amazon.com/detail?gti=amzn1.dv.gti.d6a9f744-47b0-ac70-aa56-b31fd0f58482&territory=US&ref_=share_ios_season&r=web

On today's EM Morning Brief, CISA adds eight actively exploited vulnerabilities to the Known Exploited Vulnerabilities Catalog with a May 11 federal remediation deadline. FEMA major disaster declarations for Montana, Idaho, and Oregon tied to December 2025 storms were published in the Federal Register, opening Public Assistance funding. Super Typhoon Sinlaku recovery continues across Guam and the CNMI under active federal emergency and public-health emergency determinations. Red Flag Warnings span the Plains, Southwest, and High Plains with critical fire weather peaking midweek, and the Hawaiian Volcano Observatory revises its Kilauea Episode 45 forecast window to April 21 through 26. State updates cover Texas flash flooding, Wisconsin tornado recovery, Oklahoma wildfire containment, and the ongoing response to the Minidoka Memorial Hospital cyber incident in Idaho. EM Morning Brief is your concise daily update on national and state-by-state emergency management news. Produced by Sitch Radio, an EOC Voices podcast.Key Takeaways• CISA KEV update: Eight new actively exploited CVEs added April 20 (PaperCut, JetBrains TeamCity, Kentico, Quest KACE, Zimbra, three Cisco SD-WAN Manager). Federal patch deadline May 11.• FEMA declarations published: Major Disaster Declarations for Montana (DR-4901), Idaho (DR-4905), and Oregon formally appear in the Federal Register, opening Public Assistance for December 2025 storm damage.• Sinlaku recovery: Federal emergency declarations and HHS public-health emergency remain in effect for Guam and the CNMI. Power and water restoration on Saipan, Tinian, and Rota may take weeks.• Kilauea Episode 45: HVO revises the lava-fountaining forecast window to Tuesday, April 21 through Sunday, April 26. Summit remains paused but inflating.• Fire weather: Red Flag Warnings active across Colorado, Kansas, Nebraska, New Mexico, Oklahoma, South Dakota, and Wyoming. Wednesday expected to be most dangerous day of the week.• Texas flash flooding: Flash Flood Warning along San Antonio to New Braunfels corridor; SAFD reports nine water rescues. Houston metro sees localized urban flooding with rainfall rates up to three inches per hour.• Wisconsin storm response: SEOC Update 4 reports 28 resource requests and continued coordination with county and tribal emergency managers following confirmed April 14 tornadoes and flood damage.• Idaho hospital cyber incident: Minidoka Memorial Hospital restores imaging services April 19. Blackwater ransomware group claims April 17 and threatens data publication after April 24.• April 17 tornado cleanup: NWS confirms a high-end EF-2 in Lena, Illinois; EF-1 tornadoes in Jo Daviess County, Illinois and Washington County, Iowa; and an EF-2 in Rochester, Minnesota with two injuries.SponsorsThe NIMS Store - https://thenimsstore.com/SourcesCISA• CISA Alert — Eight new KEV entries (April 20, 2026) — PaperCut, JetBrains TeamCity, Kentico Xperience, Quest KACE SMA, Zimbra, and three Cisco Catalyst SD-WAN Manager CVEs; federal patch deadline May 11, 2026• CISA — Known Exploited Vulnerabilities Catalog — Authoritative catalog of actively exploited CVEsFEMA• Federal Register — Montana Major Disaster Declaration (DR-4901-DR) — Public Assistance Only for December 9-11, 2025 severe storms and flooding• Federal Register — Idaho Major Disaster Declaration (DR-4905-DR) — Public Assistance Only for December 16-18, 2025 straight-line winds• Federal Register — Oregon Major Disaster Declaration — Public Assistance Only for December 15-21, 2025 storms and landslides• FEMA — DR-4901-MT page — Montana disaster assistance details and deadlines• FEMA — Emergency Declaration for Guam — April 17, 2026 press release on Super Typhoon Sinlaku supportNIFC and wildland fire• NIFC — National Fire News — April 20, 2026 daily national fire activity summary• NICC — Incident Management Situation Report — Daily SITREP from the National Interagency Coordination Center• InciWeb — Incident Information System — Active wildland-fire and incident recordsUSGS and volcano• USGS — Kīlauea Volcano Updates — HVO summit eruption status and Episode 45 forecast window• HVO Volcano Notice — April 19, 2026 — Revised Episode 45 timing: April 21 to April 26 window• USGS — Significant Earthquakes 2026 — Catalog of significant events including the April 20 M7.4 near Miyako, JapanNOAA/NWS• NOAA Storm Prediction Center — Day 1 Convective Outlook — National severe-weather risk areas• NOAA SPC — Fire Weather Outlook — Red Flag / critical fire-weather areasHHS/CDC• HHS ASPR — Public Health Emergency: CNMI and Guam / Typhoon Sinlaku — April 17, 2026 determination by the Secretary• CDC HAN — Medetomidine Advisory — Prior HAN on illicit-drug-supply risk (context)DHS• DHS — National Terrorism Advisory System — NTAS bulletin page (no new bulletin in the last 24 hours)FAA• FAA — Daily Air Traffic Report — Weather-related delays and advisories• FAA — National Airspace System Status — Real-time airport and NAS statusAlabama• NWS Birmingham — Regional fire-weather and forecastAlaska• Alaska Earthquake Center — Adak M4.7 — April 20, 2026 Aleutian event, no tsunamiArizona• NWS SPC — Fire Weather Outlook — Red Flag conditions across the SouthwestArkansas• Arkansas Division of Emergency Management — State-level EM updatesCalifornia• Cal Fire — Incidents — Active incident list and evacuation informationColorado• BoulderCAST — This Week in Colorado Weather (April 20, 2026) — Red Flag timing and wind outlookFlorida• Florida State Watch Office — Florida Division of Emergency Management situation reports• NWS Miami — Hazardous Weather Outlook — South Florida severe and marine hazardsHawaii• Hawai‘i County — Emergency Proclamation (April 2026) — Severe weather and concurrent hazards proclamation• HVO — Kīlauea Notice April 19, 2026 — Episode 45 revised windowIdaho• DataBreaches.net — Minidoka Memorial Hospital update (April 20, 2026) — Imaging services restored; Blackwater leak deadline April 24• Comparitech — Blackwater claim and hospital impact — Ransomware claim and hospital response• Idaho Office of Emergency Management — State-level disaster and mitigation updatesIllinois• NWS Quad Cities — April 17, 2026 event summary (updated April 20) — Confirmed EF-2 and EF-1 tornadoes across western Illinois• WQAD — April 17 tornado outbreak recap — Damage assessments and local impactIndiana• NWS Indianapolis — Freeze Warning — East-central and southeast IndianaIowa• NWS Quad Cities — April 17 event summary (updated April 20) — Washington County EF-1 detailsKansas• NWS SPC — Fire Weather Outlook — Red Flag areas across southern PlainsMinnesota• NWS — April 17 Tornadoes (updated April 20) — Rochester EF-2 and regional damageMississippi• WLOX — April showers? More like April drought — Dry-pattern context and rainfall totalsMontana• FEMA — DR-4901 designated areas — County eligibility for Public AssistanceNebraska• KGFW — Red Flag Warning for central Nebraska — Noon to 9 p.m. Monday critical fire weatherNevada• NWS SPC — Fire Weather Outlook — Southwest wind and fire-weather detailsNew Mexico• KRTN — Schwachheim Fire Update, April 20, 2026 — Local fire-line assessmentOhio• NWS Wilmington — Freeze Warning (April 20, 2026) — Southern Ohio overnight freezeOklahoma• Oklahoma Department of Agriculture — Fire Situation Report (April 20, 2026) — Lightning Roll and Sunny Fire containmentOregon• Federal Register — Oregon Major Disaster Declaration — Public Assistance Only for December 2025 storms and landslidesSouth Dakota• Men's Journal — Red Flag Warnings across the High Plains — South Dakota, Nebraska, and Kansas zones through Monday eveningTexas• NWS San Antonio / Texas Storm Chasers — Flash Flood Warning along the San Antonio to New Braunfels corridor• Click2Houston — Houston severe threat, April 20, 2026 — Two to three inches per hour and heightened crash riskUtah• Snoflo — Utah snowpack status — Statewide snowpack near 32 percent of normalWashington• FEMA — Disasters and Other Declarations — Washington December 2025 winter-storm declarationWest Virginia• WCHS — Freeze Warning remains in effect for most of West Virginia — Monday night through Tuesday morningWisconsin• Wisconsin Emergency Management — SEOC Update 4 (April severe storms and flooding) — Resource requests and ongoing state coordination• WTMJ — Governor Evers state of emergency — April 15, 2026 declarationWyoming• NWS SPC — Fire Weather Outlook — High Plains critical fire-weather patternGuam• FEMA — Emergency Declaration for Guam — April 17, 2026 press release• Stars and Stripes — DoD schools to reopen, port operations (April 20, 2026) — Recovery status update from GuamCommonwealth of the Northern Mariana Islands• Isla Public — FEMA damage assessment after Sinlaku landfall — Published April 19, 2026• HHS ASPR — Public Health Emergency: CNMI and Guam — Secretary's April 17 determination This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe