Malicious software used in ransom demands
POPULARITY
Categories
Send us a textWhat do rock climbing and cybersecurity have in common? For Matthew Panizari, both demand strategy, grit, and constant reevaluation. In this powerful episode recorded at IT Nation Secure 2025, Joey Pinz explores Matthew's frontline experience in digital forensics and incident response.
WE NEED YOU! Our 2025 listener survey is now live, and we'd love to hear from you. Whether you've been with us from episode one or just joined the chaos, your feedback will make the show even better.
Dans ce nouvel épisode, je reçois Carole Sénéchal, en charge de la stratégie cybersécurité pour les PME chez Microsoft au niveau mondial !
Parce que… c'est l'épisode 0x605! Shameless plug 12 au 17 octobre 2025 - Objective by the sea v8 10 au 12 novembre 2025 - IAQ - Le Rendez-vous IA Québec 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2065 Description Dans cet épisode spécial du podcast enregistré lors de l'événement Cyberco, l'animateur reçoit Vicky Desjardins, candidate au doctorat en criminologie à l'Université de Montréal et spécialiste en réponse à incident. Vicky présente les résultats de sa recherche de cinq années sur les rançongiciels, offrant une perspective unique qui combine criminologie et cybersécurité. Parcours et motivation de la recherche Vicky a débuté sa thèse avant la pandémie, cherchant à comprendre pourquoi les défenseurs semblaient toujours surpris et en mode réaction face aux attaques de rançongiciels. Malgré son manque initial d'expertise technique, elle était déterminée à contribuer à résoudre ce problème croissant. L'arrivée du Covid-19 a considérablement amplifié l'ampleur du phénomène qu'elle étudiait. Son expérience dans l'industrie a transformé sa perspective de recherche. Elle a réalisé qu'il existait souvent un fossé important entre la recherche académique et la réalité terrain. Cette prise de conscience l'a amenée à adopter une approche différente, se concentrant non pas sur ce qui change constamment dans les techniques d'attaque, mais plutôt sur les éléments stables et prévisibles du comportement criminel. Approche criminologique des rançongiciels L'originalité de la recherche de Vicky réside dans son approche criminologique. Plutôt que de se concentrer uniquement sur les aspects techniques qui évoluent rapidement, elle a choisi d'analyser les comportements humains sous-jacents aux attaques. Sa philosophie est que les techniques ne sont que des outils utilisés par des humains pour commettre des actes criminels. Cette perspective lui a permis de découvrir que les attaques de rançongiciels sont beaucoup moins sophistiquées qu'on pourrait le croire. En réalité, la plupart peuvent être exécutées en quelques lignes de commande une fois l'accès obtenu. Cette simplicité contraste avec l'image de tours de magie technologiques souvent véhiculée dans les médias. Constats sur la simplicité des attaques L'un des enseignements les plus marquants de sa recherche concerne la banalité technique des attaques. Vicky observe que les méthodes utilisées aujourd'hui sont essentiellement identiques à celles d'il y a six ans. Les attaquants utilisent toujours la même approche : ils “se tapent la tête” sur différents systèmes jusqu'à ce qu'ils trouvent une faille exploitable. La principale évolution qu'elle note est l'augmentation de la spécialisation des tâches. Alors qu'auparavant, un même attaquant gérait l'ensemble du processus, on observe maintenant une séparation entre ceux qui obtiennent l'accès initial (Initial Access Brokers) et ceux qui mènent l'attaque finale. Cette fragmentation n'augmente cependant pas la complexité technique fondamentale des attaques. Problèmes de base en cybersécurité Vicky souligne que beaucoup d'organisations investissent massivement dans des produits de cybersécurité sophistiqués sans maîtriser les fondamentaux. Elle observe fréquemment des entreprises qui possèdent des outils avancés mais mal déployés ou mal configurés, parfois même pas mis en place du tout. Sa première question lors d'interventions de réponse à incident est révélatrice : “Savez-vous ce que vous avez dans votre environnement ?” La réponse est souvent approximative, ce qui illustre le problème fondamental. Sans une connaissance précise de son infrastructure et une configuration appropriée des éléments de base, les investissements en cybersécurité perdent leur efficacité. Dépendance des attaquants à l'infrastructure des victimes L'une des découvertes les plus importantes de la recherche concerne la forte dépendance des attaquants vis-à-vis de l'infrastructure des victimes. Cette observation est cruciale car elle identifie un point de contrôle pour les défenseurs. Contrairement aux outils d'attaque qu'on ne peut pas contrôler, l'infrastructure appartient à l'organisation et peut être configurée de manière à compliquer considérablement le travail des attaquants. Cette dépendance se manifeste dans tous les aspects de l'attaque : reconnaissance, mouvement latéral, élévation de privilèges, et exfiltration de données. En rendant l'infrastructure moins “accueillante” pour les attaquants, on peut augmenter significativement la difficulté de leurs opérations. Importance critique des comptes valides Les comptes valides représentent la technique la plus stable et la plus utilisée dans l'arsenal des attaquants de rançongiciels. Vicky les observe à toutes les étapes du processus d'attaque : entrée initiale, évasion des défenses, reconnaissance interne, élévation de privilèges, persistance, et mouvement latéral. Cette omniprésence des comptes valides dans les attaques souligne l'importance cruciale de repenser complètement la gestion des accès. Il ne s'agit plus seulement d'appliquer le principe de moindre privilège, mais d'adopter une approche beaucoup plus granulaire et contextuelle. Recommandations pour la gestion des accès Vicky propose une approche révolutionnaire de la gestion des accès basée sur plusieurs dimensions. D'abord, une segmentation par groupes d'employés avec des accès spécifiques à leurs besoins réels, pas théoriques. Ensuite, l'implémentation de restrictions temporelles : la plupart des employés ne travaillent pas après 21h, leurs comptes ne devraient donc pas avoir accès aux systèmes critiques durant ces heures. Elle suggère également des restrictions géographiques, bloquant les connexions depuis des emplacements non autorisés. Ces mesures forcent les attaquants à opérer dans des créneaux temporels et géographiques spécifiques, compliquant considérablement leurs opérations et potentiellement les décourageant de cibler l'organisation. Cibles privilégiées des attaquants L'analyse révèle que certains éléments de l'infrastructure sont systématiquement ciblés. Les antivirus et firewalls sont désactivés par des scripts automatisés. Les solutions de détection (EDR) voient leurs configurations modifiées. L'Active Directory et les contrôleurs de domaine sont particulièrement visés car ils donnent accès à des privilèges étendus. Le cloud est devenu une cible majeure depuis 2020, coïncidant avec la migration massive due à la pandémie. Les services d'accès distant (VPN, bureaux à distance) constituent des portes d'entrée privilégiées. Ces observations permettent de prioriser les efforts de sécurisation sur les éléments les plus à risque. Stratégies d'évasion et de dissimulation Les attaquants investissent énormément d'efforts dans l'évasion de la détection plutôt que dans la sophistication technique. Leur avantage principal réside dans leur capacité à rester indétectés le plus longtemps possible avant de révéler leur présence. Vicky observe de nombreuses techniques de brouillage du trafic réseau, rendant la détection difficile dans le volume normal des communications. Cette approche furtive explique pourquoi une détection précoce peut transformer radicalement la dynamique de l'incident, forçant les attaquants à opérer sous pression et à commettre des erreurs. Aspects comportementaux et motivations L'approche criminologique révèle des aspects souvent négligés. Les attaquants ont des vies personnelles et des contraintes temporelles. Beaucoup opèrent selon des horaires de travail normaux dans leur fuseau horaire. Cette humanisation des attaquants ouvre des possibilités de défense basées sur l'analyse comportementale. Concernant les motivations, au-delà de l'aspect financier évident des rançongiciels, Vicky identifie des problématiques plus subtiles comme les Initial Access Brokers qui vendent des accès pour des sommes dérisoires. Ces cas révèlent souvent des motivations personnelles (frustration professionnelle, problèmes financiers personnels) plutôt que purement lucratives. Méthodologie multidisciplinaire La force de cette recherche réside dans son approche multidisciplinaire, combinant écologie, économie, criminologie et technique. Cette convergence permet de créer une nouvelle chaîne d'attaque (kill chain) basée sur les techniques les plus fréquemment observées, offrant des points d'intervention plus précis. L'approche évite l'écueil de la sur-sophistication des menaces. Plutôt que de se préparer contre des groupes APT ultra-sophistiqués qui ciblent rarement les PME, elle encourage une évaluation réaliste des menaces appropriées à chaque organisation. Impact de la spécialisation criminelle L'évolution vers une spécialisation des rôles dans l'écosystème criminel reflète une professionnalisation du secteur. Les Initial Access Brokers se spécialisent dans l'obtention d'accès qu'ils revendent ensuite. Cette séparation des tâches, bien qu'augmentant l'efficacité globale, crée aussi de nouveaux points de vulnérabilité dans la chaîne criminelle. Le marché des accès révèle des prix parfois dérisoires, suggérant que certains vendeurs sont motivés par autre chose que le profit pur. Cette réalité soulève des questions importantes sur la gestion des risques internes et la satisfaction des employés ayant accès à des systèmes critiques. Recommandations stratégiques La recherche aboutit à des recommandations pragmatiques centrées sur le “security by design”. Il s'agit de repenser fondamentalement l'architecture de sécurité plutôt que d'ajouter des couches successives de protection. Cette approche reconnaît qu'il n'est jamais trop tard pour réviser ses configurations de base. L'objectif n'est pas de créer une forteresse impénétrable, mais de rendre l'environnement suffisamment “ennuyeux” ou difficile pour décourager les attaquants opportunistes. Dans l'esprit de Vicky, “le meilleur truc en cybersécurité, c'est juste être plus embêtant que quelqu'un d'autre”. Cette philosophie pragmatique reconnaît les limites des ressources et se concentre sur l'efficacité maximale avec les moyens disponibles, privilégiant une approche de risque proportionné plutôt que de protection absolue. Collaborateurs Nicolas-Loïc Fortin Vicky Desjardins Crédits Montage par Intrasecure inc Locaux réels par Cybereco
Text us a pool question!In this episode of the Talking Pools podcast, Rudy Stankowitz is interrupted with breaking news on a malware attack that has left an industry manufacturer paralyzed. He also addresses common myths and misconceptions that plague the industry, as well as how Podcasts and Trade Magazines are the only reliable sources of information for Pool Service Professionals. He discusses the importance of understanding pool chemistry, the role of various chemicals, and the significance of proper maintenance practices. Rudy emphasizes the need for pool professionals to be informed and equipped with the appropriate knowledge to provide the best service to their clients. From debunking the myth of chlorine lock to explaining the impact of sulfates on pool equipment, this episode is packed with valuable insights for anyone in the pool service industry.Mentions:Merlin IndustriesPHTAAsk the Pool GuyPool ChasersSPASAPool and Spa NewsPool Pro MagazineAQUA MagazinePool magazineService industry NewsSPLASH MagazinetakeawaysVariable speed pumps require flow meters for actual savings.Baking soda is chemically identical to an alkalinity increaser.The chlorine lock is a myth; it's actually about chlorine demand.Cyanuric acid protects chlorine, but it isn't always necessary.Soda ash is more effective for raising pH than baking soda.Magic Erasers do not prevent algae growth in pools.Phosphates can be present without causing algae blooms.Sulfates can damage pool equipment and stonework.Free chlorine is t AquaStar Pool ProductsThe Global Leader in Safety, Dependability, & Innovation in Pool Technology.POOL MAGAZINE Pool Magazine is leading up to the minute news source for Swimming Pool News and Pool Features. OuBLUERAY XLThe real mineral purifier! Reduce your pool maintenance costs & efforts by 50%Instacart - Groceries delivered in as little as 1 hour.Free delivery on your first order over $35.CPO Certification ClassesAttend your CPO class with Rudy Stankowitz!Online Pool ClassesThe difference between you and your competition is what you know!Jack's MagicIf you know Jack's you'd have no stains!RaypakRaypak, leading the evolution of environmental efficiency and sustainability in pool heaters.the 'How to Get Rid of Algae' handbookThe most comprehensive guide on algae prevention and remediation you will ever own. Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showThank you so much for listening! You can find us on social media: Facebook Instagram Tik Tok Email us: talkingpools@gmail.com
The podcast discusses the evolving landscape of cybersecurity for small and mid-market businesses, emphasizing the dual threats posed by advanced artificial intelligence tools and a resurgence of ransomware attacks. As cybercriminals leverage AI for sophisticated phishing and impersonation tactics, traditional security measures are becoming obsolete. Organizations are urged to adopt enterprise-grade solutions, such as unified security platforms and zero-trust frameworks, to protect their operations. The introduction of secure browser technologies is highlighted as a critical step in enhancing defenses against the 95% of security incidents linked to browser vulnerabilities.A significant decline in the number of active Windows PCs, with 400 million devices disappearing in three years, indicates a shift in consumer behavior towards mobile devices and tablets. This trend reflects a broader change in endpoint strategy, as the traditional perimeter dissolves and the focus shifts from device management to user and data control across platforms. The implications of the upcoming end of support for Windows 10 in October 2025 may further influence this trend, as users may opt not to invest in new devices.The podcast also covers Microsoft's new security measures aimed at preventing incidents similar to the CrowdStrike meltdown, which caused extensive damages. The company plans to move third-party security drivers out of the Windows kernel to enhance reliability and reduce risks. Additionally, Microsoft is offering extended security updates for Windows 10 users, allowing them to continue receiving support even after the end of support date. This initiative reflects a commitment to improving system stability and addressing vulnerabilities.Finally, the discussion touches on the broader implications of AI in various sectors, including its impact on the workforce and democratic processes. The podcast highlights concerns about AI's role in elections and education, as well as the ethical challenges arising from its use. The conversation emphasizes the need for businesses to manage the complexities of AI, including compliance and creativity loss, while pushing back against inflated vendor claims. This approach will help build trust and ensure that organizations can navigate the rapidly changing digital landscape effectively. Three things to know today 00:00 400 Million Missing PCs Mark the End of the Endpoint Era—MSPs Must Evolve or Fade06:04 From Kernel Changes to Cyber Insurance: Why Structural Resilience Now Defines MSP Value10:23 From Productivity to Manipulation: The Expanding and Uneven Impact of AI Across Sectors This is the Business of Tech. Supported by: https://timezest.com/mspradio/https://www.huntress.com/mspradio/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.
Cyber crime continues to grow each year, but should organizations give up fighting it? On this episode of Unspoken Security, host AJ Nash speaks with Robert Duncan from Netcraft, who argues the answer is absolutely not. Robert makes the case that fighting cyber crime is worth the effort, even when it feels like an endless battle.Robert challenges the common view that "whack-a-mole" tactics are pointless. He believes the key is changing the game from single-player to multiplayer whack-a-mole. By working with domain registrars, hosting providers, and government agencies, defenders can hit criminals at multiple points in their attack chain. This coordinated response makes cyber crime more expensive and less profitable for attackers.The conversation covers everything from traditional phishing to sophisticated pig butchering scams. Robert shares how Netcraft uses AI to engage with scammers and gather intelligence at scale. He also discusses the national security implications of cyber crime and why whole-of-government responses in countries like Australia and the UK show promise for reducing fraud rates.Send us a textSupport the show
NHS confirms patient death linked to ransomware attack BreachForums busted again Thousands of SaaS apps still vulnerable to nOAuth Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
Is the ransomware threat really getting worse – or just more visible? A spree of cyber attacks targeting major UK retailers has thrown ransomware back into the spotlight. But according to Tom Draper, UK managing director at Coalition, it's not that threats are rising — it's that companies are operating in an increasingly complex cyber crime ecosystem.In Behind the Headlines, Draper unpacks the key challenges facing cyber underwriters today, from softening rates to the lingering effects of last year's CrowdStrike outage.Plus, in this week's news rundown, Insurance Insider's Fiona Robertson breaks down how the Willis Re talent rebuild is gaining momentum.
This week, Audra is joined by Megan Stifel, chief strategy officer for the Institute for Security and Technology, to discuss how ransomware has evolved from a business nuisance to now a threat to national security. Megan also shares how the United States' overall response to ransomware has the potential to impact the types of attacks faced by its organizations and touches on the need for greater transparency when it comes to international cyber information sharing. Megan Stifel is the Chief Strategy Officer for the Institute for Security and Technology. She is the founder of Silicon Harbor Consultants, which provides strategic cybersecurity operations and policy counsel. Prior to founding Silicon Harbor Consultants, she was an attorney in the National Security Division at the U.S. Department of Justice (DOJ). She most recently served as Global Policy Officer and Capacity and Resilience Program Director at the Global Cyber Alliance. She was previously the Cybersecurity Program Director at Public Knowledge. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e337
DHS warns of retaliatory Iranian cyberattacks Steel giant Nucor confirms breach Ransomware hits healthcare system again Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
Kory Daniels, Chief Information Security Officer at Trustwave, highlights the unique cybersecurity challenges facing the healthcare industry, particularly in this environment of funding constraints and the increasing sophistication of cyberattacks. Healthcare data is highly valuable to cybercriminals, who can use it for ransomware attacks, identity and insurance fraud, and other nefarious purposes. AI can be part of both the attack and the solution, helping to build in more cyber resilience and awareness about vulnerabilities. Kory explains, "Healthcare is a prime target for cyberattacks for a very fundamental reason. When human lives are at risk due to a criminal objective—which is to make money—they view organizations where human lives are at risk as a greater potential and opportunity. Facilitation of ransomware payments: Ransomware is one of the largest tactics that criminals use to achieve financial gain, but it's not the only tactic they use to achieve financial gain. So, they're looking to exploit the fear and uncertainty, putting patient lives at risk and adding complexity to patient care through their nefarious actions. But also, healthcare data is very attractive for cybercriminals, and just criminal activity in general. And why that is, is that criminals are looking at healthcare data even more so—it's more valuable than driver's license data." "Look at the opportunity of what you can do with healthcare records, and what can you do with PII, Personally Identifiable Information. Threat actors are tapping into this data in several different ways to achieve the additional financial gain above and beyond targeting a healthcare organization with a ransomware attack." "But they're also committing fraud, and fraud toward healthcare insurers, and looking at submitting false claims, fraud against the prescription drug industry in terms of soliciting and looking to obtain prescription drugs through nefarious means, but utilizing data and identity data that comes from hospital and healthcare records. There are a variety of different ways that we've just scratched the surface on, which make the healthcare industry such a desirable target for those seeking to achieve financial gain in the criminal industry." #Trustwave #Cybersecurity #CyberAttacks #HealthcareSecurity #HealthcareIT #CISOInsights trustwave.com Download the transcript here
Kory Daniels, Chief Information Security Officer at Trustwave, highlights the unique cybersecurity challenges facing the healthcare industry, particularly in this environment of funding constraints and the increasing sophistication of cyberattacks. Healthcare data is highly valuable to cybercriminals, who can use it for ransomware attacks, identity and insurance fraud, and other nefarious purposes. AI can be part of both the attack and the solution, helping to build in more cyber resilience and awareness about vulnerabilities. Kory explains, "Healthcare is a prime target for cyberattacks for a very fundamental reason. When human lives are at risk due to a criminal objective—which is to make money—they view organizations where human lives are at risk as a greater potential and opportunity. Facilitation of ransomware payments: Ransomware is one of the largest tactics that criminals use to achieve financial gain, but it's not the only tactic they use to achieve financial gain. So, they're looking to exploit the fear and uncertainty, putting patient lives at risk and adding complexity to patient care through their nefarious actions. But also, healthcare data is very attractive for cybercriminals, and just criminal activity in general. And why that is, is that criminals are looking at healthcare data even more so—it's more valuable than driver's license data." "Look at the opportunity of what you can do with healthcare records, and what can you do with PII, Personally Identifiable Information. Threat actors are tapping into this data in several different ways to achieve the additional financial gain above and beyond targeting a healthcare organization with a ransomware attack." "But they're also committing fraud, and fraud toward healthcare insurers, and looking at submitting false claims, fraud against the prescription drug industry in terms of soliciting and looking to obtain prescription drugs through nefarious means, but utilizing data and identity data that comes from hospital and healthcare records. There are a variety of different ways that we've just scratched the surface on, which make the healthcare industry such a desirable target for those seeking to achieve financial gain in the criminal industry." #Trustwave #Cybersecurity #CyberAttacks #HealthcareSecurity #HealthcareIT #CISOInsights trustwave.com Listen to the podcast here
In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity. Nathan Case - https://www.linkedin.com/in/nathancase/ Chapters 00:00 Introduction to the Israel-Iran Conflict 00:52 Meet the Expert: Nate Case 01:51 Cyber Warfare Insights from Russia-Ukraine Conflict 03:36 The Impact of Cyber on Critical Infrastructure 08:00 Ethics and Rules of Cyber Warfare 15:01 Iran's Cyber Capabilities and Strategies 16:56 Historical Context and Modern Cyber Threats 23:28 Foreign Cyber Threats: The Iranian Example 24:06 Israel's Cyber Capabilities 25:39 The Role of Cyber Command 26:23 Challenges in Cyber Defense 27:11 The Complexity of Cyber Warfare 32:21 Ransomware and Attribution Issues 36:13 Defensive Cyber Operations 39:39 Final Thoughts and Recommendations
Cybercriminals are getting bolder—and smarter. This week, the Security Squawk crew tackles some of the most concerning stories in cyber news: a ransomware gang is now telling victims to call their lawyers, insurers like Aflac are struggling with ongoing ransomware outages, and healthcare data for over 50 million people has been exposed. We each bring a real-world case that highlights just how chaotic—and dangerous—the threat landscape has become. Topics this week: Qilin ransomware's new legal scare tactic Episource breach impacts 5.4 million patients McLaren Health confirms sensitive data exfiltration Aflac & other insurers hit by ransomware, causing major outages Tune in for expert breakdowns, sharp insights, and actionable advice to keep your business secure.
In this episode, I discuss three key strategies for maintaining privacy and security across your physical mailbox, email, and phone. I discuss the growing Matrix community, explore alternative mailing solutions using co-working spaces, detail a four-tier email strategy, and examine the concerning spread of Flock ALPR cameras. I also share insights on anonymous eSIM options and answer listener questions about dealing with Know-Your-Customer requirements.In this week's episode:Joining the Matrix community with ElementPhysical mailbox strategies: UPS stores, virtual CMRA addresses, and co-working spacesFour-tiered email approach using ProtonMail, Fastmail, SimpleLogin, and Gmail sock puppetMobile phone privacy with Mint Mobile and anonymous eSIM optionsThe Flock ALPR camera threat and how to protect yourselfListener questions: Australian SIM card strategies with KYC requirementsCapture the Flag challenge details for June 21stMatrix Community RoomsIt seems on Element X, it doesn't list the rooms associated with the Matrix space, so you can click on each of these links to join the rooms:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:Matrix Clients - https://matrix.org/clientsMatrix Community - https://matrix.to/#/#psysecure:matrix.orgSmarty Address Lookup - https://www.smarty.com/products/single-addressExpired Domains - https://www.expireddomains.net/Stealths.net (Anonymous eSIMs) - https://stealths.net/DeFlock.me (ALPR Camera Map) - https://deflock.me/Flock Safety Privacy Policy - https://www.flocksafety.com/privacy-policyEFF Article on DeFlock - https://www.eff.org/deeplinks/2025/02/anti-surveillance-mapmaker-refuses-flock-safetys-cease-and-desist-demandCTF Challenge Rules - https://psysecure.com/ctf“Imagine this situation where we have the huge electronic intercommunication so that everybody is in touch with everybody else in such a way that it reveals their inmost thoughts, and there is no longer any individuality. No privacy. Everything you are, everything you think, is revealed to everyone.”- “Future of Communications” Alan WattsOfficial Website: https://psysecure.comPodcast music: The R3cluse ★ Support this podcast on Patreon ★
Host David Mauro interviews Jeremy Samide, CEO of Blackwired, about why hackers target you. We expose the latest dark web secrets, and the latest social engineering risks. Find more about Blackwired here: https://www.blackwired.com/Send us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Have a Guest idea or Story for us to Cover? You can now text our Podcast Studio direct. Text direct (904) 867-4466
Cyberattacks are on the rise—and smaller municipalities are now a top target. In this episode of OMAG All Access, David Dalton, OMAG's Director of Claims, is joined by cybersecurity attorney Zach Oubre of McAfee & Taft to discuss how cities and towns in Oklahoma can protect themselves.Zach shares insights from years of experience helping clients navigate breaches, ransomware events, and phishing scams. Together, they walk through practical steps your municipality can take now—from improving email security to implementing multi-factor authentication and updating system patches.Whether you're a city manager, clerk, or IT professional, this episode offers straightforward advice to reduce your cyber risk and respond quickly when attacks occur.Learn more at www.omag.org
Viasat confirms it was breached by Salt Typhoon. Microsoft's June 2025 security update giveth, and Microsoft's June 2025 security update taketh away. Local privilege escalation flaws grant root access on major Linux distributions. BeyondTrust patches a critical remote code execution flaw. SMS low cost routing exposes users to serious risks. Erie Insurance says their ongoing outage isn't ransomware. Backups are no good if you can't find them. Veeam patches a critical vulnerability in its Backup software. SuperCard malware steals payment card data for ATM fraud and direct bank transfers. We preview our Juneteenth special edition. Backing up humanity. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we are sharing an excerpt of our Juneteenth Special Edition conversation between Dave Bittner, T-Minus Space Daily's Maria Varmazis, and CISO Perspectives podcast's Kim Jones. Enjoy this discussion on the eve of Juneteenth and tune into your CyberWire Daily feed tomorrow on your favorite podcast app to hear the full conversation. Selected Reading Viasat hacked by China-backed Salt Typhoon in 2024 US telecom attacks (Cybernews) Microsoft's June Patches Unleash a Cascade of Critical Failures (WinBuzzer) New Linux udisks flaw lets attackers get root on major Linux distros (Bleeping Computer) BeyondTrust warns of pre-auth RCE in Remote Support software (Bleeping Computer) Two Factor Insecurity (Lighthouse Reports) Erie Insurance: ‘No Evidence' of Ransomware in Network Outage (Insurance Journal) Half of organizations struggle to locate backup data, report finds (SC Media) New Veeam RCE flaw lets domain users hack backup servers (Bleeping Computer) Russia detects first SuperCard malware attacks skimming bank data via NFC (The Record) Why one man is archiving human-made content from before the AI explosion (Ars Technica) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In part two of our Cybersecurity installment of our Workplace Strategies Watercooler 2025 podcast series, Ben Perry (shareholder, Nashville) and Justin Tarka (partner, London) discuss the steps to take after resolving and containing a ransomware incident. Justin and Ben, who is co-chair of the firm's Cybersecurity and Privacy Practice Group, highlight several key areas, including preparing the response team, implementing training for relevant employees and regular reviews of cybersecurity measures; developing a comprehensive incident response plan and assembling a dedicated response team; identifying opportunities for long-term infrastructure improvements; and assessing other areas of external risk management, such as data mapping and retention processes, vendor due diligence, and notification obligations.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Extracting Data From JPEGs Didier shows how to efficiently extract data from JPEGs using his tool jpegdump.py https://isc.sans.edu/diary/A%20JPEG%20With%20A%20Payload/32048 Windows Recall Export in Europe In its latest insider build for Windows 11, Microsoft is testing an export feature for data stored by Recall. The feature is limited to European users and requires that you note an encryption key that will be displayed only once as Recall is enabled. https://blogs.windows.com/windows-insider/2025/06/13/announcing-windows-11-insider-preview-build-26120-4441-beta-channel/ Anubis Ransomware Now Wipes Data The Anubis ransomware, usually known for standard double extortion, is now also wiping data preventing any recovery even if you pay the ransom. https://www.trendmicro.com/en_us/research/25/f/anubis-a-closer-look-at-an-emerging-ransomware.html Mitel Vulnerabilities CVE-2025-47188 Mitel this week patched a critical path traversal vulnerability (sadly, no CVE), and Infoguard Labs published a PoC exploit for an older file upload vulnerability. https://labs.infoguard.ch/posts/cve-2025-47188_mitel_phone_unauthenticated_rce/ https://www.mitel.com/support/mitel-product-security-advisory-misa-2025-0007
Small and medium-sized businesses (SMBs) are exhibiting a dangerous overconfidence in their cybersecurity readiness, with a significant gap between their perceived capabilities and actual security measures in place. A recent report reveals that while 71% of SMBs feel confident in managing major cybersecurity incidents, only 22% have an advanced cybersecurity posture. This disconnect presents a critical opportunity for IT service providers to step in with strategic, outcome-focused solutions that emphasize not just tools, but comprehensive cybersecurity strategies.The landscape of cybersecurity is evolving, with SMBs increasingly recognizing the importance of cyber resiliency. Reports indicate that 68% of small businesses and 89% of mid-market firms understand the need for quick recovery from incidents, yet many still lack formal security protocols. As the market for cybersecurity solutions is projected to grow significantly, reaching an estimated $70 billion by 2034, the demand for effective strategies is more pressing than ever. The rise of cloud-based security solutions and zero-trust architecture is indicative of this shift.Regulatory changes are also impacting the cybersecurity landscape, as the SEC withdraws proposed regulations that would have required investment firms to establish written cybersecurity policies. This deregulation creates a trust vacuum that IT providers can fill by offering managed compliance and risk mitigation services. The convergence of regulatory retreat and escalating cyber threats underscores the need for proactive security measures, as the responsibility for cybersecurity increasingly shifts to the market.Amid these challenges, advancements in email security, particularly through DMARC adoption, show promise in combating phishing attacks. However, the rapid proliferation of generative AI applications is creating new vulnerabilities, complicating the security landscape. IT service providers are urged to capitalize on foundational security measures while also addressing the emerging risks associated with AI. The evolving cybersecurity environment presents both challenges and opportunities for providers who can adapt and innovate in response to these shifting dynamics. Four things to know today 00:00 SMBs Overconfident, Underprepared: Cybersecurity Misalignment Fuels $70B Market Surge05:00 SEC Pullback Leaves Cyber Gaps as Ransomware and Zero Trust Shape 2025 Risk Landscape08:50 From DMARC to Shadow AI: Why Cybersecurity Now Requires Dual-Front Defense11:45 Bifurcation in IT Services: MSP-Centric Tools and Vertical Platforms Signal Strategic Divide This is the Business of Tech. Supported by: https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
In part one of our Cybersecurity installment of our Workplace Strategies Watercooler 2025 podcast series, Ben Perry (shareholder, Nashville) and Justin Tarka (partner, London) discuss key factors employers should consider when facing ransomware incidents. The speakers begin by simulating an incident response and outlining the necessary steps to take after a security breach occurs. Justin and Ben, who is co-chair of the firm's Cybersecurity and Privacy Practice Group, discuss best practices when investigating a ransomware incident, assessing the impact of the incident, containing the situation, communicating with stakeholders, fulfilling notification requirements, and adhering to reporting obligations. The speakers also address considerations when responding to ransom requests, including performing a cost-benefit analysis regarding payment, reviewing insurance coverage, identifying potential litigation risks, fulfilling ongoing notification obligations, addressing privacy concerns, and more.
From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss data encryption and how the process can help organizations across the globe. • For more on cybersecurity, visit us at https://cybersecurityventures.com
William Lyne of the UK's National Crime Agency joins us live at Infosecurity Europe to talk ransomware, AI threats, and the future of cybercrime disruption.When the UK's top cyber intelligence strategist sits down with you in London, you listen — and you hit record.At Infosecurity Europe 2025, the ITSPmagazine podcast team — Marco Ciappelli and Sean Martin — sat down with William Lyne, Deputy Director and Head of Cyber Intelligence at the UK's National Crime Agency (NCA). This is the guy who not only leads cyber strategy for the NCA, but has also represented the UK at the FBI in the U.S. and now oversees national-level ransomware disruption efforts. It's not just a conversation — it's a rare front-row seat into how one of the world's most serious crime-fighting agencies is tackling ransomware 3.0.The message? Ransomware isn't just a cyber issue. It's a societal one. And it's evolving faster than we're prepared for — unless we change the game.“It went from niche to national threat fast,” Lyne explains. “The tools were always there. It just took a few threat actors to stitch them together.”From banking malware to fully operational cybercrime-as-a-service ecosystems, Lyne walks us through how the underground economy has industrialized. Ransomware isn't just about tech — it's about access, scale, and business models. And most importantly, it's no longer limited to elite coders or closed-door Russian-speaking forums. The barrier to entry is gone, and the dark web is wide open for business.Sean brings up the obvious: “Why does this still feel like we're always reacting?”Lyne responds: “We've shifted. We're going after the ecosystem — the people, the infrastructure, the business model — not just the payload.” That includes disrupting ransomware-as-a-service, targeting marketplaces, and yes, investing in preemptive intelligence.Marco flips the script by comparing today's cyber landscape to something deeply human. “Extortion is nothing new — we've just digitalized it. This is human behavior, scaled by tech.”From there, the conversation takes a future-facing turn. Deepfakes, AI-powered phishing, the commoditization of generative tools — Lyne confirms it's all on their radar. But he's quick to note that cybercriminals aren't bleeding-edge innovators. “They adopt when the ROI is right. But AI-as-a-service? That's coming. And it will reshape how efficient — and damaging — these threats become.”And then the real insight lands:“You can't wait to be a victim to talk to law enforcement. We may already have access to the infrastructure. The earlier we hear from you, the better we can act — and fast.”That kind of operational openness isn't something you heard from law enforcement five years ago. It signals a cultural shift — one where collaboration is not optional, it's essential.William also highlights the NCA's partnerships with private sector firms, academia, and international agencies, including the Kronos operation targeting LockBit infrastructure. These kinds of collaborations prove that when information moves, so does impact.Why does this matter?Because while most cybersecurity media gets stuck in product buzzwords and vendor hype, this is the real stuff — how ransomware groups behave, how law enforcement thinks, and how society can respond. It's not theory. It's strategy, lived on the front lines.
Host David Shipley discusses several critical cybersecurity incidents and developments. WestJet, Canada's second-largest airline, faced a cybersecurity breach impacting its mobile app and internal systems. The airline is working with law enforcement to investigate while emphasizing the integrity of its flight operations. Additionally, the Anubis ransomware has evolved, now incorporating a file-wiping function to heighten victim pressure and destruction. The episode also covers a novel malware campaign exploiting Discord's vanity invite system to deliver remote access trojans and info stealers, highlighting platform trust vulnerabilities. Lastly, a significant multi-hour Google Cloud outage caused by an API quota misconfiguration affected numerous services globally, emphasizing the fragility of our interconnected digital infrastructure. The episode underscores the need for robust disaster recovery plans and cautious digital practices. 00:00 Introduction and Overview 00:30 WestJet Cybersecurity Incident 02:15 Anubis Ransomware Evolution 05:35 Discord Vanity Link Hijack 08:35 Google Cloud Outage 10:50 Conclusion and Final Thoughts
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast Please share this podcast with someone you know! It helps us grow the podcast and we really appreciate it! DIA Insider Threat member leaked classified data https://therecord.media/defense-intelligence-agency-it-specialist-suspected-leak-foreign-government Australia ransomware victims must report payments https://therecord.media/australia-ransomware-victims-must-report-payments https://www.nomoreransom.org/en/index.html Coinbase hack tied to support contractor https://www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/ Good cybersecurity hygiene https://www.csoonline.com/article/567737/the-5-cis-controls-you-should-implement-first.html Dad Joke of the Week (DJOW) Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Ben - https://www.linkedin.com/in/benjamincorll/
We dive into our latest public report with Randy Pargman, Jake Ouellette, Kostas T., and Mangatas Tondang.Report: https://thedfirreport.com/2025/05/19/another-confluence-bites-the-dust-falling-to-elpaco-team-ransomware/Contact Us: https://thedfirreport.com/contact/Services: https://thedfirreport.com/services/Music by FASSounds from Pixabay
What if paying the ransom guaranteed you'd still lose everything? In this week's Security Squawk Podcast, Bryan, Reginald, and Randy break down one of the most disturbing ransomware developments yet—Anubis ransomware, which encrypts your data and wipes it out regardless of payment. There's no negotiation. No way back. We also dive into: Nova Scotia Power breach – A cyberattack hits a major utility provider. Is our infrastructure truly ready for what's coming? Israel-Iran cyber war risks – As these nations trade digital blows, U.S. businesses may find themselves caught in the crossfire. Insider threats exposed – It's not just rogue employees. Negligence and poor culture may be your biggest risk factor. Motel 6 data leak – An investment firm mishandled sensitive data, exposing customers and employees. Who's responsible when partners fumble? Tune in for expert insights, unfiltered opinions, and practical guidance on how these threats could impact your business—and what to do about it.
#616: Two school teachers in Ohio saved their entire lives for one dream — buying a farm. When they inherited $1.3 million and found the perfect property for $1.2 million, everything seemed perfect. Five days before closing, they received what looked like a legitimate email from their closing company with wire transfer instructions. They sent the money and showed up at closing, only to discover they'd been scammed. The email was fake, sent by hackers who had infiltrated the closing company's servers for months, waiting for exactly this type of high-value cash deal. That story comes from cybersecurity expert Dr. Eric Cole, who joins us to explain why ordinary people have become prime targets for cybercriminals. Cole, a former CIA hacker who served as cybersecurity commissioner under President Barack Obama and advises high-profile clients including Bill Gates' personal estate, has a message: if you think you're too small to be targeted, you're wrong. While billion-dollar companies deploy teams of 60 cybersecurity professionals, you have virtually no protection. Criminals know this. They're not trying to steal $100 million from one person anymore — they're stealing $50 from thousands of people every month. You probably won't notice the small amounts vanishing from your accounts. Cole calls it "death by a thousand cuts," and it's happening right now. We talk through the most common attacks targeting your money. Bank hacking is simpler than most people realize. All criminals need is your account number — printed on every check you write — and your password. With that information, they can often perform electronic fund transfers of up to 50 percent of your account balance without triggering alerts. Cole explains how phishing schemes have evolved beyond simple email scams. Criminals now use artificial intelligence to mimic voices, calling grandparents with their grandchild's actual voice asking for bail money. Ransomware has become a massive business operation. Cole describes a company in Russia with 700 employees whose entire business model is encrypting people's files and demanding payment. Cole advocates for going old-school on major financial transactions. When buying real estate, he meets face-to-face, brings certified checks, and refuses to trust email wire instructions. For daily security, he recommends turning on two-factor authentication for every account, setting up instant notifications for any account activity, and dramatically reducing the number of apps on your devices. We also cover the China-TikTok connection, secure messaging options, and why Cole helped configure President Obama's smartphone to connect to fake cell towers that masked his actual location. Cole's bottom line: cybersecurity isn't just for tech companies anymore. Criminals are targeting ordinary people because we're easier prey than heavily protected corporations. Your money is under threat. Here's how to protect it. Learn more about your ad choices. Visit podcastchoices.com/adchoices
In this episode of Unspoken Security, host AJ Nash sits down with Jennifer Leggio, Chief Strategy Officer of W2 Communications, to discuss the unspoken challenges impacting career fulfillment. Jennifer shares her personal experiences with toxic work environments, imposter syndrome, and the struggle to balance ego and self-awareness. She highlights the importance of advocating for yourself while remaining empathetic to others' struggles.Jennifer introduces the concept of "self-energy," emphasizing the need to prioritize what's best for everyone, not just yourself. She also explores the impact of personal trauma on professional life and offers practical advice for building resilience. Jennifer emphasizes the value of self-care, including meditation and affirmations. She shares her personal "courage plan" framework to help listeners overcome obstacles and create a more fulfilling life.This episode challenges listeners to examine their behaviors and create a path toward greater self-awareness and personal growth, both personally and professionally.Send us a textSupport the show
In today's episode of Karma Stories, we dive into three cases of outrageous boss behavior and the employees who turned the tables. First, an IT consultant warns of major security flaws only to be ignored until hackers bring the company to its knees. Then, a postal worker is told to use her personal phone for deliveries and gets the last laugh when the system falls apart. Finally, an overworked employee uses their PTO exactly as HR demands, leaving management to face the holiday chaos alone.Get your Custom Hand Turned Pen by Rob at https://CanadianRob.comSubmit your own stories to KarmaStoriesPod@gmail.com.Karma Stories is available on all major Podcasting Platforms and on YouTube under the @KarmaStoriesPodcast handle. We cover stories from popular Reddit Subreddits like Entitled Parents, Tales From Tech Support, Pro Revenge and Malicious Compliance. You can find new uploads here every single day of the week!Rob's 3D Printing Site: https://Dangly3D.comBecome a supporter of this podcast: https://www.spreaker.com/podcast/karma-stories--5098578/support.
In this RSA Conference 2025 special episode, we explore two critical frontiers shaping the future of cybersecurity. First, Jon DiMaggio (Author of The Ransomware Diaries, Analyst1) breaks down the hidden supply chains behind ransomware gangs, including the economics of affiliate betrayal and the challenge of accurate attribution. He walks us through his methodology for identifying ransomware rebrands like BlackCat and RansomHub using evidence-based frameworks designed to eliminate human bias. Then we're joined by Matt Radolec (VP of Incident Response at Varonis), who brings a fresh perspective on talent development in cybersecurity. Drawing from his keynote "From Gamer to Leader", Matt argues that gamers possess untapped potential as cybersecurity professionals and it's time to design leadership pipelines like quest lines. From ransomware negotiations on underground forums to using AI-enhanced playbooks and transforming threat response teams into RPG-style guilds, this episode blends technical insight with cultural reflection.
In this episode of Security Matters, host David Puner sits down with Marene Allison, former Chief Information Security Officer (CISO) of Johnson & Johnson, for a candid and wide-ranging conversation on trust, identity, and leadership in cybersecurity. From securing global vaccine supply chains during the COVID-19 pandemic to navigating the rise of AI and machine identities, Marene shares hard-earned insights from her decades-long career in national security and the private sector.They explore what it means to be a mission-driven CISO, how to build trust from the boardroom to the front lines, and why identity has always been the true perimeter. Marene also reflects on her post-CISO chapter and the evolving role of cybersecurity leaders in a rapidly evolving threat landscape.
Chris Hendricks, head of Coalition's incident response, discusses findings from the 2025 Cyber Claims Report, including a drop in ransomware claims, and a surge in business email compromise and funds transfer fraud losses.
As Infosecurity Europe prepares to mark its 30th anniversary, Portfolio Director Saima Poorghobad shares how the event continues to evolve to meet the needs of cybersecurity professionals across industries, sectors, and career stages. What began in 1996 as a niche IT gathering has grown into a strategic hub for over 14,000 visitors, offering much more than just vendor booths and keynotes. Saima outlines how the event has become a dynamic space for learning, collaboration, and strategic alignment—balancing deep technical insight with the broader social, political, and technological shifts impacting the cybersecurity community.The Power of the Crowd: Community, Policy, and Lifelong LearningThis year's programming reflects the diverse needs of the cybersecurity community. Attendees range from early-career practitioners to seasoned decision-makers, with representation growing from academia and public policy. The UK government will participate in sessions designed to engage with the community and gather feedback to inform future regulation—a sign of how the show has expanded beyond its commercial roots. Universities are also getting special attention, with new student guides and tailored experiences to help emerging professionals find their place in the ecosystem.Tackling Today's and Tomorrow's Threats—From Quantum to GeopoliticsInfosecurity Europe 2024 is not shying away from bold topics. Professor Brian Cox will open the event by exploring the intersection of quantum science and cybersecurity, setting the tone for a future-facing agenda. Immediately following, BBC's Joe Tidy will moderate a session on how organizations can prepare for the cryptographic disruption quantum computing could bring. Rory Stewart will bring a geopolitical lens to the conversation, examining how shifting alliances, global trade tensions, and international conflicts are reshaping the threat landscape and influencing cybersecurity priorities across regions.Maximizing the Experience: Prep, Participate, and PartyFrom hands-on tech demos to peer-led table talks and new formats like the AI and Cloud Security Theater, the show is designed to be navigable—even for first-time attendees. Saima emphasizes preparation, networking, and follow-up as keys to success, with a new content download feature helping attendees retain insights post-event. The celebration culminates with a 90s-themed 30th anniversary party and a strong sense of pride in what this event has helped the community build—and protect—over three decades.The message is clear: cybersecurity is no longer just a technical field—it's a societal one.___________Guest: Geoff White, Author, Speaker, Investigative Journalist, Podcast Creator | https://www.linkedin.com/in/geoffwhitetech/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
SummaryIn this episode, Jack Clabby and Kayley Melton discuss their conversation with Reginald Andre, a cybersecurity expert and CEO of ARK Solvers. They explore themes of mentorship, the evolution of cybersecurity businesses, the impact of AI, team culture, and community engagement. Andre shares his journey from aspiring English teacher to successful entrepreneur, emphasizing the importance of mentorship and personal growth in the cybersecurity field. In this engaging conversation, the speakers delve into the importance of mentorship, innovative teaching methods, and the role of AI in personal and professional development. They share personal anecdotes about mentoring students and children, emphasizing hands-on learning and real-world applications. The discussion also touches on the fun and insightful lifestyle polygraph segment, where the guest answers quirky questions that reveal his personality and approach to challenges.TakeawaysAndre is a natural mentor who emphasizes actionable advice.The importance of building a fantasy board of directors.Reginald's journey from CompUSA to CEO of ARK Solvers.The shift from IT to cybersecurity in business.AI's growing role in cybersecurity and business efficiency.Hiring based on personality and cultural fit over technical skills.Encouraging a culture of learning from mistakes.The impact of community engagement on personal growth.The significance of mentorship in shaping careers.Raising awareness on critical social issues like human trafficking. Mentorship can significantly impact a student's career trajectory.Hands-on learning is more effective than traditional lectures.Building a resume starts with taking initiative in school activities.AI can serve as a valuable tool for decision-making and mentorship.Creating a community around learning can enhance educational experiences.Students should actively seek internships and opportunities before graduation.Innovative teaching methods can fill gaps in traditional education systems.Personal anecdotes can illustrate the effectiveness of mentorship.Engaging with technology early can lead to better career prospects.Networking and building relationships are crucial for professional growth.TitlesMentorship in Cybersecurity: Lessons from Reginald AndreThe Evolution of Cybersecurity: From IT to AIBuilding a Strong Team Culture in CybersecurityCommunity Engagement: Making a Difference Beyond BusinessSound Bites"Andre is such a natural mentor.""I built my fantasy board of directors.""I had to pivot my business.""AI is not going to take your job.""I always leave him with something.""He was actually building his resume.""Everything has to be hands-on.""I would do Too Fast Too Furious.""You'd be tasked with AI education."Chapters00:00 Introduction to Cybersecurity Mentorship01:56 The Journey of Reginald Andre05:58 From IT to Cybersecurity: A Business Evolution11:55 The Impact of AI on Cybersecurity17:52 Building a Strong Team Culture22:05 Community Engagement and Personal Growth27:39 Mentorship and Impact30:21 Innovative Teaching Approaches34:04 Lifestyle Polygraph: Fun and Insightful Questions
No episódio de hoje do Podcast Canaltech, Jeferson Propheta, vice-presidente da CrowdStrike para o Sul da América Latina, conversa sobre o preocupante aumento dos ataques de ransomware e o roubo massivo de credenciais na região. Segundo o relatório 2025 da CrowdStrike, o Brasil é o país mais visado, enfrentando um crescimento de 15% nos ataques de ransomware em relação ao ano anterior. Propheta explica quais fatores tornam o Brasil um alvo prioritário, detalha as novas táticas usadas por cibercriminosos e destaca a intensificação das operações de grupos ligados à China, que têm mirado governos e empresas estratégicas da América Latina. Além disso, Elisa Fontes, responsável pela distribuição de conteúdo do Canaltech, traz os principais destaques do Gramado Summit, um dos maiores eventos de inovação e empreendedorismo da América Latina. Você também vai conferir: Itaú lança IA que ajuda você a escolher os melhores investimentos; Hisense lança a maior TV do Brasil: 116 polegadas; Google lança plano de IA no Brasil por R$ 1.200 ao mês; Trump propõe corte de 25% no orçamento da NASA e Intel só vai lançar produtos com lucro mínimo de 50% em nova estratégia para sair da crise. Este podcast foi roteirizado e apresentado por Fernanda Santos e contou com reportagens de Marcelo Fischer, Wendel Martins, Bruno de Blasi, Danielle Cassita e Raphael Giannotti. A trilha sonora é de Guilherme Zomer, a edição de Jully Cruz e a arte da capa é de Erick Teixeira.See omnystudio.com/listener for privacy information.
How do we prepare our cybersecurity for a post quantum world? This week, Technology Now explores how security experts are looking to future-proofing their work. We will examine the hurdles to post-quantum security, the underlying ways in which our data is protected, and we will be delving into the underground world of “harvest now, decrypt later”. Dr Sarah McCarthy tells us more. This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what can be learnt from it. About Dr Sarah McCarthy: https://www.linkedin.com/in/sarahmccarthyphd/?originalSubdomain=ca SourcesQuantum computing chip: https://blog.google/technology/research/google-willow-quantum-chip/https://www.bbc.co.uk/news/articles/c791ng0zvl3oNIST Post Quantum Standards: https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standardsMartian aurora: https://science.nasa.gov/solar-system/planets/mars/nasa-observes-first-visible-light-auroras-at-mars/Rutherford's Lecture: https://web.lemoyne.edu/giunta/ruth1920.htmlJames Chadwick: https://www.nobelprize.org/prizes/physics/1935/chadwick/biographical/
In this episode of Cybersecurity Today, host Jim Love discusses the latest urgent security updates and cyber threats. Google has released an emergency Chrome patch to fix a high-severity zero-day vulnerability, while Microsoft issued an emergency patch to resolve Windows 11 boot failures caused by their May 2025 update. A mysterious whistleblower known as 'Gang Exposed' is doxing major ransomware leaders, providing invaluable intelligence for global cybersecurity efforts. Additionally, 'Quishing,' or QR code phishing, is emerging as a new threat, with cybercriminals taping malicious QR codes on public lampposts and street corners. This trend bypasses traditional digital defenses, underscoring the need for public awareness and vigilance. The episode emphasizes the importance of immediate updates, informed vigilance, and proactive cybersecurity measures. 00:00 Emergency Chrome Patch and Windows 11 Boot Fix 00:28 Google's Zero-Day Vulnerability in Chrome 02:28 Microsoft's Emergency Update for Windows 11 05:35 Gang Exposed: Unmasking Ransomware Leaders 07:55 Quishing: The New QR Code Phishing Threat 10:22 Conclusion and Viewer Engagement
Random but Memorable turns 150! 1️⃣5️⃣0️⃣ (It's official, we're old.)
Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what's keeping IT decision-makers awkward at night, and the best approach to creating a proactive security measure. Cyber Resilience in Action: A Guide for Mid-Market Firms This segment is sponsored by CTG. Visit https://securityweekly.com/ctgrsac to learn more about them! Nightwing Interview Nightwing divested from Raytheon in April 2024 and is entering another year of redefining national security. Amid emerging threats and shifting industry regulations and compliance frameworks, traditional security measures are no longer cutting it. As Cyber Incident Response Manager at Nightwing, Nick Carroll discusses how organizations can continue to build cyber resiliency and stay one step ahead in today's threat landscape. This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them! Segment 2 Libraesva Interview Generative AI is having a transformative effect across almost every industry, but arguably the area it has had the most significant impact is cybercrime. Discriminative AI can now learn to recognize what constitutes normal communication patterns, so anything out of the ordinary can be flagged. AI is also enabling human security analysts to automate the triage of reported emails, to rapidly identify false positives and keep up with emerging cybercriminal tactics. Finally, specialized Small Language Models (SLMs) using neural networks are able to analyze and comprehend the semantic intent of the message. This segment is sponsored by Libraesva. Visit https://securityweekly.com/libraesvarsac to learn more about them! IRONSCALES Interview Phishing has evolved—fast. What started as basic email scams has transformed into AI-powered cyber deception. Phishing 1.0: Early phishing relied on spam emails, fake banking alerts, and malware links to trick users into clicking Phishing 2.0: Attackers got smarter—instead of mass emails, they started impersonating real people Phishing 3.0: Now, cybercriminals are using AI to generate fake but highly convincing voices, videos, and images IRONSCALES discusses the current gaps in SEG technology and will showcase industry-first innovations for protection against deepfakes. Assessing Organizational Readiness in the Face of Emerging Cyber Threat Using AI to Enhance Defensive Cybersecurity white paper The Hidden Gaps of SEG Protection white paper This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/ironscalesrsac to learn more about them! Segment 3 Illumio Interview In the post-breach world, speed and clarity are essential for effective cybersecurity. Security teams are inundated with vast amounts of data, much of which is not actionable. To combat cyber threats—and level the playing field—defenders need precise intelligence to identify attacks, dynamically quarantine threats, and prevent cyber disasters, highlighting the power of the security graph. Segment Resources: Rethinking Threat Detection in a Decentralized World Illumio Insights Announcement More information about Illumio Insights This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiorsac for information on Illumio Insights or to sign up for a private preview! ESET Interview The ransomware landscape is rapidly changing. ESET global research team has been closely following ransomware gang disruptions, new players and how the RaaS business model continues to evolve. In this segment, Tony Anscombe will take a look into recent research, hacks and attacks, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. Segment Resources: https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-409
When it comes to data protection, the word “immutability” often feels like it belongs in the realm of enterprise giants with complex infrastructure and massive budgets. But during this RSAC Conference conversation, Sterling Wilson, Field CTO at Object First, makes a strong case that immutability should be, and can be, for everyone.Wilson brings a grounded perspective shaped by his experience on the floor at RSAC, where Object First made its debut as a sponsor. The energy, he notes, was contagious: not just among vendors, but also from practitioners expressing serious concerns about their ability to recover data post-incident. These conversations weren't hypothetical; they were real worries tied to rising insurance premiums, regulatory compliance, and operational survivability. And at the core of all this? Trust in the data backup process.Agentic AI, AI capable of making decisions independently, is one of the trends Wilson flags as both promising and risky. It offers potential for improving preparedness and accelerating recovery. But it also raises concerns around access and control of sensitive data, particularly if exploited by adversaries. For Sterling, the opportunity lies in combining proactive readiness with simplicity and control, especially for those who aren't traditional security practitioners.Object First is doing just that through OOTBI: Out of the Box Immutability. And yes, there's a mascot: OOTBI. More than just a marketing hook, OOTBI represents a shift toward making backup and recovery systems approachable, usable, and, importantly, accessible. According to Wilson, the product gets users from “box to backup” in 15 minutes... with encrypted, immutable storage that meets critical requirements for cyber insurance coverage.Cost, Wilson adds, is a key barrier that often prevents organizations from reaching data protection best practices. That's why Object First now offers consumption-based pricing models. Whether a business is cloud-first or scaling fast, it's a path to protection that doesn't require breaking the budget.Ultimately, Wilson emphasizes education and community as critical drivers of progress. From field labs where teams can configure their own Opi, to on-location conference conversations, the company is building awareness, and reducing fear, by making secure storage not just a feature, but a foundation.This episode is a reminder that effective cybersecurity isn't only about innovation; it's about inclusion, practicality, and trust... both in your tools and your team.Learn more about Object First: https://itspm.ag/object-first-2gjlNote: This story contains promotional content. Learn more.Guest: Sterling Wilson, Field CTO, Object First | https://www.linkedin.com/in/sterling-wilson/ResourcesLearn more and catch more stories from Object First: https://www.itspmagazine.com/directory/object-firstLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, marco ciappelli, sterling wilson, immutability, agentic, ai, backup, recovery, cybersecurity, insurance, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Exploring a Use Case of Artificial Intelligence Assistance with Understanding an Attack Jennifer Wilson took a weird string found in a recent honeypot sample and worked with ChatGPT to figure out what it is all about. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Exploring%20a%20Use%20Case%20of%20Artificial%20Intelligence%20Assistance%20with%20Understanding%20an%20Attack/31980 Ransomware Deployed via SimpleHelp Vulnerabilities Ransomware actors are using vulnerabilities in SimpleHelp to gain access to victim s networks via MSPs. The exploited vulnerabilities were patched in January. https://news.sophos.com/en-us/2025/05/27/dragonforce-actors-target-simplehelp-vulnerabilities-to-attack-msp-customers/ OS Command Injection in Everetz Equipment Broadcast equipment manufactured by Everetz is susceptible to an OS command injection vulnerability. Everetz has not responded to researchers reporting the vulnerability so far and there is no patch available. https://www.onekey.com/resource/security-advisory-remote-code-execution-on-evertz-svdn-cve-2025-4009
That Q&A time is here again, and this month we field emails and Discord Qs about such things as the hopeful return of the webring, what to do with the hardware if your PC is compromised by a bad actor, Nvidia cards in Linux, using game consoles as streaming media boxes, human stenography in courtrooms being replaced by recordings (and maybe AI), an extremely ambitious plan to stream some ducks, and perhaps the best pirate radio station idea we've ever heard. Support the Pod! Contribute to the Tech Pod Patreon and get access to our booming Discord, a monthly bonus episode, your name in the credits, and other great benefits! You can support the show at: https://patreon.com/techpod
From the BBC World Service: Some U.K. retailers are dealing with a curious cyberattack. One of them is Marks and Spencer, also known as M&S. The attack has resulted in empty shelves, an inability to take online orders and roughly $400 million in lost earnings. Plus, if you're into moisturizers, you've probably encountered shea butter. But the nut tree — a major source of income for millions of women in Africa — is threatened by climate change.