Podcasts about Ransomware

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

What separates organizations that successfully fend off ransomware from those that don't? What were the top threats facing organizations? Can we (pretty please) get a sneak peek into the 2025 Year in Review?Amy is joined by Dave Liebenberg, Strategic Analysis Team Lead, to break down key findings from Q4 2025's Cisco Talos Incident Response Quarterly Trends Report. From the top threats facing organizations — like the persistent exploitation of public-facing applications and the rise of new vulnerabilities such as Oracle EBS and React2Shell — to the unexpected drop in ransomware cases, this episode is packed with useful info. Episode resources:Q4 2025 Quarterly Trends Report: https://blog.talosintelligence.com/ir-trends-q4-2025/Qilin blog: https://blog.talosintelligence.com/uncovering-qilin-attack-methods-exposed-through-multiple-cases/Cybersecurity on a Budget blog: https://blog.talosintelligence.com/cybersecurity-on-a-budget-strategies-for-an-economic-downturn/

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Ivanti zero-days trigger emergency warnings around the globe. Singapore blames a China-linked spy crew for hitting all four major telcos. DHS opens a privacy probe into ICE surveillance. Researchers flag a zero-click RCE lurking in LLM workflows. Ransomware knocks local government payment systems offline in Florida and Texas. Chrome extensions get nosy with your URLs. BeyondTrust scrambles to patch a critical RCE. A Polish data breach suspect is caught eight years later. It's the Monday Business Breakdown. Ben Yelin gives us the 101 on subpoenas. And federal prosecutors say two Connecticut men bet big on fraud, and lost. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Ben Yelin, Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, talking about weaponized administrative subpoenas. Selected Reading EU, Dutch government announce hacks following Ivanti zero-days (The Record) Singapore says China-linked hackers targeted telecom providers in major spying campaign (The Record) Inspector General Investigating Whether ICE's Surveillance Tech Breaks the Law (404 Media) Critical 0-Click RCE Vulnerability in Claude Desktop Extensions Exposes 10,000+ Users to Remote Attacks (Cyber Security News)  Payment tech provider for Texas, Florida governments working with FBI to resolve ransomware attack (The Record) Chrome extensions can use unfixable time-channel to leak tab URLs (CyberInsider) BeyondTrust warns of critical RCE flaw in remote support software (Bleeping Computer) Hacker Poland's largest data leaks arrested (TVP World) LevelBlue will acquire MDR provider Alert Logic from Fortra. (N2K Pro Business Briefing) Men charged in FanDuel scheme fueled by thousands of stolen identities (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

What happens after you discover ransomware? You have to talk to the attackers. And that conversation can make or break your entire response.In this episode, Wade Gettle, a professional ransomware negotiator, pulls back the curtain on the high-stakes world of threat actor negotiations. Wade is the person who gets the call at 2 AM when organizations are facing their worst moment, and he's handled negotiations across every scenario imaginable.You'll learn:What actually happens in the first 72 hours of a ransomware incidentThe psychological tactics threat actors use to manufacture urgency and pressureWhy those 24-hour deadlines aren't real—and how to buy yourself timeHow threat actors research your financials, insurance policies, and supply chain before making contactWhen data validation saves companies from paying ransoms for data that isn't even theirsThe real cost of ransomware (spoiler: it's 10x the ransom amount)Why paying doesn't guarantee your data back—or that you won't get hit againThird-party breaches: the biggest risk vector right nowKey takeaway: Ransomware negotiations are psychological warfare disguised as business transactions. The best defense is being more prepared than the attackers expect you to be.Resources mentioned in this episode:ransomware.live (ransomware group tracking, info, conversations and more)ransomlook.io (ransomware group tracking and statistics)ChatGPT Ransomware Negotiation Simulator: https://chatgpt.com/g/g-679a6253574c8191a998145044b9c651-ransomsim-ransomware-negotiation-trainerWade Gettle on LinkedIn: https://www.linkedin.com/in/wade-gettle-7733704a/About the guest: Wade Gettle is a Senior Advisor at Flashpoint and serves as a Cyber Mission Planner for the New York Army National Guard. With a background in intelligence analysis, incident response, and threat intelligence, Wade brings calm to the storm when organizations face their most critical security incidents.Contact, Courses, and More: For feedback, reviews, guest pitches, or to get in contact with me for any other reason, head to blueprintpodcast.live! Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

A history of ransomware is more than just dates and names—it's the story of how criminals evolved from mailing infected floppy disks in 1989 to running billion-dollar enterprises that cripple entire organizations. On this episode of The Backup Wrap-up, I sit down with Dr. Mike Saylor, my co-author on "Learning Ransomware Response and Recovery," to trace this evolution from the AIDS Trojan to today's sophisticated double extortion attacks.We talk about how ransomware went from requiring physical distribution to scaling globally through the internet, how cryptocurrency made anonymous payment possible, and why the shift from tape to disk backups created vulnerabilities that attackers now exploit first. You'll learn about the wild west days when IT focused on building systems without understanding how bad guys attack, the emergence of ransomware-as-a-service that democratized cybercrime, and why modern attacks target your backups before encrypting your production systems.If you've ever wondered why backup immutability matters or how we got to a point where ransomware is inevitable rather than hypothetical, this episode connects those dots. Dr. Mike and I also discuss why having backups is still critical even with double extortion threats, and what you need to know about defending your backup systems in today's threat environment.Chapter Markers:00:00:00 - Introduction00:01:19 - Welcome and Guest Introduction00:02:19 - Curtis's First Ransomware Memory00:03:40 - The AIDS Trojan: First Ransomware (1989)00:04:42 - The Wild West Era: Late 1990s Security00:08:05 - Y2K and Budget Shifts00:11:26 - The Transition from Tape to Disk Backups00:15:45 - How Disk Backups Created Vulnerabilities00:19:30 - The Rise of Cryptolocker and Bitcoin00:23:15 - Ransomware as a Service Emerges00:27:40 - WannaCry and NotPetya00:31:20 - Double Extortion: The Game Changer00:35:10 - Why Backups Still Matter00:37:55 - Should You Just Pay the Ransom?00:40:01 - Defending Your Backup System

OpenClaw turns to VirusTotal to boost security CISA gives federal agencies one year to remove end-of-life devices Payments platform BridgePay confirms ransomware attack  Get the show notes here: https://cisoseries.com/cybersecurity-news-openclaw-embraces-virustotal-cisa-eol-deadline-ransomware-hits-bridgepay/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 4–6 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

Prevention and preparation are the best solutions to ransomware.

In this episode of Unspoken Security, host AJ Nash sits down with Galya Westler, Co-Founder and CEO at HumanBeam. They explore how advances in AI, digital identity, and holographic technology are reshaping the way organizations interact with people—while raising tough questions about privacy, ownership, and trust.Galya shares how her work began in health technology, connecting patients to care during pandemics, and evolved into building secure, lifelike AI avatars for real-world use. She explains why protecting personal likeness and voice matters more than ever, especially as AI tools become more convincing and accessible. Galya stresses the need for consent, encryption, and clear boundaries to keep digital identities safe and organizations accountable.Together, AJ and Galya dig into the risks and rewards of merging human presence with AI. They discuss how thoughtful design and strong security practices can support experts instead of replacing them, and why education and authenticity are key as we build a future where technology and humanity work side by side.Send us a textSupport the show

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

The episode focuses on current security risks and limitations in industry intelligence, highlighting that CISA's Known Exploited Vulnerabilities (KEV) catalog often lags by years in tagging vulnerabilities exploited by ransomware. One cited vulnerability sat in the catalog for 1,353 days before being flagged as ransomware-exploited, illustrating a significant delay in actionable intelligence. This gap raises concerns for MSPs whose patching priorities rely on outdated catalogs, potentially leading to a misalignment between compliance activities and actual threat vectors.Supporting this, Dave Sobel underscores how evolving threat models frequently bypass traditional vulnerability management. The recent compromise of OpenClaw's skills marketplace, with a 12% malicious rate in submitted skills and basic post-facto reporting mechanisms, demonstrates that credential theft and malicious automation now present risks outside standard patch management. The core operational challenge for MSPs is not just software vulnerability but the governance of AI-enabled tools and uncontrolled marketplaces that can expose clients to breaches.Further contextualizing risk and automation, vendor launches include Lexful's AI-native documentation for MSPs and Cavelo Flash's agentless assessment tool. These offerings promise streamlined documentation and rapid risk assessment, but Dave Sobel notes their reliance on beta features, integration dependencies, and non-definitive compliance positions. Additionally, DocuSign's release of AI-generated contract summaries raises questions about liability, as inaccurate summaries can mislead signers, and responsibility defaults to the end user rather than the vendor.The primary implication for MSPs and technology leaders is the need to inventory all AI-powered tools with access to client environments, actively govern marketplace adoption, and critically evaluate automation claims. Compliance-focused patching is no longer sufficient; operational oversight must prioritize credential management and identity governance over checklist-based approaches. Caution is advised before rapid migration to beta solutions or locking into long-term contracts, as both reduce flexibility and increase exposure to emerging, non-traditional attack surfaces.Three things to know today00:00 CISA's Ransomware Tags Arrive Years Late While AI Tools Steal Credentials Now05:53 IT Glue Founder Launches AI Documentation Platform Lexful for MSPs at Right of Boom09:52 Cavelo and DocuSign Launch AI Tools That Automate Assessments and Contract ReviewsThis is the Business of Tech.   Supported by: Small Biz Thoughts Community

From Astro Boy to Gundam to real-world robots like ASIMO and Pepper, Japan's fascination with robots runs deep. This week, the Krewe is joined by author, cultural commentator, & robot enthusiast Matt Alt to explore how robots became heroes instead of threats in Japanese pop culture and how those sci-fi dreams quietly shaped Japan's modern relationship with technology, AI, and everyday automation. From giant mecha and cyborg icons to robot cafés and beyond, we dig into why Japan seems so comfortable living alongside machines in an episode that's equal parts nostalgia, culture, and future tech.------ About the Krewe ------The Krewe of Japan Podcast is a weekly episodic podcast sponsored by the Japan Society of New Orleans. Check them out every Friday afternoon around noon CST on Apple, Google, Spotify, Amazon, Stitcher, or wherever you get your podcasts.  Want to share your experiences with the Krewe? Or perhaps you have ideas for episodes, feedback, comments, or questions? Let the Krewe know by e-mail at kreweofjapanpodcast@gmail.com or on social media (Twitter: @kreweofjapan, Instagram: @kreweofjapanpodcast, Facebook: Krewe of Japan Podcast Page, TikTok: @kreweofjapanpodcast, LinkedIn: Krewe of Japan LinkedIn Page, Blue Sky Social: @kreweofjapan.bsky.social, Threads: @kreweofjapanpodcast & the Krewe of Japan Youtube Channel). Until next time, enjoy!------ Support the Krewe! Offer Links for Affiliates ------Use the referral links below & our promo code from the episode!Support your favorite NFL Team AND podcast! Shop NFLShop to gear up for football season!Zencastr Offer Link - Use my special link to save 30% off your 1st month of any Zencastr paid plan! ------ Matt Alt Links ------Matt's WebsitePure Invention - Publisher's PageMatt's NewsletterPure Tokyoscope PodcastMatt on IG------ Past Matt Alt Episodes ------Akira Toriyama: Legacy of a Legend ft. Matt Alt (S5E3)The History of Nintendo ft. Matt Alt (S4E18)How Marvel Comics Changed Tokusatsu & Japan Forever ft Gene & Ted Pelc (Guest Host, Matt Alt) (S3E13)Yokai: The Hauntings of Japan ft. Hiroko Yoda & Matt Alt (S2E5)Why Japan ft. Matt Alt (S1E1)------ Past KOJ Pop Culture Episodes ------Enjoying Shojo Anime & Manga ft. Taryn of Manga Lela (S5E18)The History & Evolution of Godzilla ft. Dr. William (Bill) Tsutsui (S5E1)Thoughts on Godzilla Minus One ft. Dr. William (Bill) Tsutsui (S4Bonus)Japanese Mascot Mania ft. Chris Carlier of Mondo Mascots (S4E8)Tokusatsu Talk with a Super Sentai ft. Sotaro Yasuda aka GekiChopper (S4E6)The Evolution of PokéMania ft Daniel Dockery [Part 2] (S4E3)The Evolution of PokéMania ft Daniel Dockery [Part 1] (S4E2)Japanese Independent Film Industry ft. Award Winning Director Eiji Uchida (S3E18)Talking Shonen Anime Series ft. Kyle Hebert (S3E10)Japanese Arcades (S2E16)How to Watch Anime: Subbed vs. Dubbed ft. Dan Woren (S2E9)Manga: Literature & An Art Form ft. Danica Davidson (S2E3)The Fantastical World of Studio Ghibli ft. Steve Alpert (S2E1)The Greatest Anime of All Time Pt. 3: Modern Day Anime  (2010's-Present) (S1E18)The Greatest Anime of All Time Pt. 2: The Golden Age  (1990's-2010's) (S1E16)The Greatest Anime of All Time Pt. 1: Nostalgia (60's-80's) (S1E5)We Love Pokemon: Celebrating 25 Years (S1E3)------ JSNO Upcoming Events ------JSNO Event CalendarJoin JSNO Today!

It's a brand new season of Random but Memorable — and we're kicking things off with practical security for the people you care about most.

Send us a textMost cybersecurity talks focus on technical solutions, but this episode reveals a game-changing perspective: building trust is at the core of cybersecurity success. Danielle Sheer, Chief Trust Officer at Commvault, shares how her legal background and emotional connection strategies transform organizations' approach to security—making cybersecurity relatable, manageable, and resilient.You'll discover:The surprising skills lawyers develop that elevate cybersecurity leadership—like seeing multiple sides of a problem and translating complex threats into business language.How trust, not just technology, is the secret to effective security—why relationships matter more than firewalls alone.Practical insights on handling breaches, from crisis communication to resilience strategies that go beyond spending more.The role of AI in expanding the threat landscape, and why understanding and simplifying cybersecurity is crucial as attacks get more advanced.Why the future of cybersecurity hinges on your ability to foster trust, build internal alignment, and communicate clearly across technical and non-technical teams.If you're a security professional, a leader trying to bridge the tech-human gap, or anyone interested in how trust can be your greatest shield—this episode is your must-listen. Danielle Sheer's unique journey from law to security offers lessons on leadership, relationship-building, and proactive resilience that could redefine how your organization defends itself in a digital age.Timestamps: 00:00 - Introduction to Danielle Sheer and her career journey02:07 - From law to leadership: Building emotional connections and trust04:28 - Defining the Chief Trust Officer role and its organizational value05:59 - Skills gained in law school that translate across industries08:38 - The importance of perspective-taking and storytelling in cybersecurity09:34 - Strategies for communicating cybersecurity issues effectively to non-technical stakeholders11:53 - Managing internal security processes and building trust through transparency13:12 - The anatomy of breaches and translating between technical and business language15:24 - The importance of resilience, employee education, and business continuity plans17:00 - Conducting effective tabletop exercises and lessons from breach simulations20:36 - Ransomware payments and industry responses to emerging threats22:29 - How AI is transforming cybersecurity: skill gaps and threat detection challenges26:13 - State-sponsored attacks, malware timelines, and geopolitical cybersecurity concerns28:37 - The need for global cooperation and continuous vigilance in cybersecurity30:27 - Final thoughts: connecting organizations and sharing resourcesSupport the showFollow the Podcast on SocSupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast Affiliates➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh➡️ OffGrid Coupon Code: JOE➡️ Unplugged Phone: https://unplugged.com/Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.

Understanding how ransomware works is critical for anyone responsible for protecting their organization's data. In this episode of The Backup Wrap-up, we examine the five core objectives that drive nearly every ransomware attack - from initial access through the final ransom note delivery.I'm joined by my co-author Dr. Mike Saylor as we kick off what's going to be a comprehensive series on our new book, "Learning Ransomware Response and Recovery." We start at the beginning: how do these attackers even get in? Mike breaks down the role of initial access brokers (IABs) - the bad guys who specialize in harvesting and selling credentials. We talk about why email phishing remains the cheapest and most statistically reliable attack vector, even with all our defenses.From there, we walk through lateral movement and reconnaissance. Once attackers are inside your network, they're not sitting idle. They're mapping your environment, identifying your crown jewels, and figuring out where your backups live. The "phone home" phase establishes command and control, letting attackers coordinate their activities and receive instructions.We dig into data exfiltration and the rise of double extortion. It's not enough anymore to just encrypt your data - attackers are stealing it first, threatening to publish it even if you can restore from backups. Mike shares some fascinating details about how sophisticated ransomware can be, including variants that examine file headers rather than just extensions to find valuable targets.The encryption phase itself is resource-intensive, and Mike explains why you might actually notice your computer acting weird if you're paying attention. Your mouse hesitates, typing lags, the network slows down - these are all potential warning signs.Finally, we cover how ransom notes are delivered today. Spoiler: it's not the old-school desktop background takeover anymore. Modern ransomware drops text files in every folder it touches, making sure you can't miss the message.This episode sets the foundation for understanding how ransomware works, which is the first step in defending against it and recovering when prevention fails.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

This Follower Friday on The Green Insider spotlights the powerhouse UTSI podcast series and the cutting‑edge conversations shaping the future of OT. Mike Nemer and Shaun Six break down the latest in OT innovation, AI, security, and energy efficiency, while showcasing standout partners like Sequre Quantum, Siemens, BlastWave, and EdgeRealm. It's a dynamic deep dive into why OT cybersecurity is becoming mission‑critical for today's infrastructure leaders — and how collaboration, education, and next‑gen technology are driving the industry forward. UTSI Podcast Series Conclusion Final episode of a six‑part podcast series sponsored by UTSI International. Features reflections from Mike Nemer and Shaun Six (CEO, UTSI International) on relationships built during the series. Emphasis on OT cybersecurity as a core theme. Emergent insight: AI's environmental impact surfaced as an unintended but compelling storyline. Episode structure includes a brief series recap, a short CEO segment (8–10 minutes), and post‑production editing support. Critical Infrastructure Security Challenges UTSI's 40‑year history supporting critical infrastructure is underscored. Industry challenges highlighted: Talent shortage (≈5 engineers leaving for every 1 entering). Rapid increase in connectivity of critical infrastructure devices. AI positioned as a force multiplier for operators—but also a potential attack vector if data is exposed. Partnerships discussed: Sequre Quantum – quantum random number generators. BlastWave – insights into AI's dual role as defender and risk. Focus on showcasing technologies that secure operations and protect infrastructure from emerging threats. AI Data Center Energy Solutions Collaboration with Siemens (via Alyssa) on AI's impact on data centers. Key concerns: rising energy and water consumption driven by AI workloads. Edge Realm highlighted for improving energy density at the edge to reduce strain. Introduction of LeakGeek, a rapid leak detection and response tool. Work with EdgeRealm also addresses illegal hot tapping and oil theft, noted as more common than publicly acknowledged. OT Cybersecurity: Collaboration and Education Strong focus on securing operational technology (OT) and industrial control systems. Call for improved private–public collaboration and information sharing. Many cyberattacks go unreported to avoid reputational damage. Attack vectors increasingly include everyday devices (e.g., printers, fax machines). Ransomware incidents can cost organizations millions of dollars per day. Emphasis on educating boards and investors about OT cybersecurity risks and value. UTSI OT Cybersecurity Partnership UTSI's approach includes: Cloaking OT systems. Securing remote access. Improving visibility and auditability of networks. Recognition of sponsorship and education value of a six‑part cybersecurity series. Closing remarks focused on partnership, knowledge sharing, and raising cybersecurity awareness. A special shout out the guest in this UTSI podcast series, Paulina Assmann, Alissa Nixon, Tom Sego, Frank Stepic, and Robert Hilliker. To be an Insider Please subscribe to The Green Insider powered by ERENEWABLE wherever you get your podcast from and remember to leave us a five-star rating. This podcast is sponsored by UTSI International. To learn more about our sponsor or ask about being a sponsor, contact ERENEWABLE and the Green Insider Podcast. The post Breaking Down OT Cybersecurity: Highlights from UTSI's Six‑Part Series appeared first on eRENEWABLE.

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

Got a question or comment? Message us here!Ransomware is kicking off 2026 at full speed. We break down the top active groups right now, how they're getting in, what infrastructure they're targeting, and the key indicators your SOC should be watching to stay ahead.

US cyber chief uploaded sensitive files into public ChatGPT Vibe-coded 'Sicarii' ransomware can't be decrypted WhatsApp account feature combats spyware Check out the show notes here: https://cisoseries.com/cybersecurity-news-us-cyber-chief-uploaded-sensitive-files-into-public-chatgpt-vibe-coded-sicarii-ransomware-cant-be-decrypted-whatsapp-account-feature-combats-spyware/  Huge thanks to our episode sponsor, Conveyor Ever dream of giving customers instant answers to their security questions without ever filling out another questionnaire?   Meet Conveyor's new Trust Center Agent.   The Agent lives in your Conveyor Trust Center and answers every customer question, surfaces documents and even completes full questionnaires instantly so customers can finish their review and be on their way.   Top tech companies like Atlassian, Zapier, and more are using Conveyor to automate away tedious work. Learn more at conveyor.com.  

Jeff Steadman is joined by RSM colleagues Rich Servillas and Charles John to explore the critical intersection of identity access management, operational resilience, and disaster recovery. Rich, a director from the cyber response group, shares insights from the front lines of ransomware and cloud intrusions, while Chuck, director of operational resilience, discusses the importance of business continuity planning. The conversation covers the true impact of security incidents on brand reputation and operations, the necessity of out-of-band communication, and why identity is often the first thing challenged and the last thing trusted during a crisis. The guests also provide practical advice for IAM professionals on reducing blast radius through standing privilege reduction and robust logging.Connect with Rich: https://www.linkedin.com/in/richard-servillas-041a0551/Connect with Chuck: https://www.linkedin.com/in/chuckjohn/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comTimestamps:00:00:00 - Introduction and 2026 conference outlook00:01:44 - Introducing guests Rich and Chuck from RSM00:03:56 - Defining operational resilience and business continuity00:06:22 - When and how to start the planning process00:09:55 - Chuck's background in public health and emergency management00:12:44 - The broad impact of incidents on brand and operations00:16:45 - Key elements every recovery plan must include00:19:14 - Defining incident severity and matrixes00:21:52 - Identity as the new perimeter and its operational dependencies00:24:57 - Why hackers log in rather than break in00:26:46 - The first hours of a cyber incident response00:29:35 - Current threat trends and the role of AI00:31:29 - Updating plans through post-action debriefs00:34:31 - Cyber insurance gaps and contractual SLAs00:40:24 - Advice for identity professionals on reducing blast radius00:46:10 - Personal milestones and looking forward to 2026Keywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, IAM, Cybersecurity, Business Continuity, Disaster Recovery, Operational Resilience, RSM, Incident Response, Ransomware, Cyber Insurance, Identity Governance

Ransomware isn't a technical problem—it's a leadership test. In this episode of Life of a CISO, Dr. Eric Cole welcomes back bestselling author and cybersecurity leader Zachary Lewis to break down the real-world realities of responding to a ransomware attack. Drawing from firsthand experience, they discuss why executive relationships, preparation, and credibility matter more than tools, how CISOs survive high-pressure incidents, and what separates leaders who thrive after a breach from those who don't. If you're a CISO, security leader, or aspiring executive, this episode offers practical insight into what ransomware response really looks like when everything is on the line.  

In this episode of Unspoken Security, host AJ Nash sits down with Eric Yunag, EVP of Product and Services at Convergint. They explore how security integration is changing as organizations face a fast-moving threat landscape and rising expectations from leaders and regulators. Eric explains why today's environment demands a new approach—one that connects hardware, software, and services in a more dynamic, real-time ecosystem.Eric shares how integrators help companies navigate not just the technical, but also the legal and operational complexity of modern security. He describes how shifting to cloud platforms, unifying physical and digital identities, and balancing privacy with business outcomes all add new layers of challenge. The conversation highlights the growing use of AI and “visual intelligence”—using camera data for both security and business insight—as organizations look to do more with their investments.Throughout the discussion, Eric makes the case for trusted, neutral advisors who help organizations build smarter, more connected security systems. He shows how today's integrators are positioned to guide clients through tough choices, benchmark best practices, and unlock value that goes far beyond traditional security.Send us a textSupport the show

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this week's Security Sprint, Dave and Andy covered the following topics:Opening:• Cyber Insights 2026: Information Sharing (SecurityWeek, 16 Jan 2026)• ICYMI: Homeland Republicans underscore importance of strong public-private sector partnerships to deter cyber threats — House Homeland Security Committee (Majority) | Jan 17, 2026 Main Topics:Pro-Russia hacktivist activity continues to target UK organisations & NCSC warns of hacktivist groups disrupting UK online services (UK National Cyber Security Centre, Jan 2026). The NCSC reports sustained, low-sophistication but high-volume hacktivist campaigns—primarily DDoS and website defacements—linked to pro-Russia narratives and opportunistic targeting of UK public- and private-sector organizations. While technically unsophisticated, the activity is persistent, media-aware, and designed to generate disruption, reputational harm, and psychological impact rather than deep network compromise. The NCSC emphasizes preparedness measures including DDoS resilience, clear incident communications, and executive awareness that “noise” activity can still impose real operational cost. • Russia-linked APT28 targets energy and defense groups tied to NATO • UAT-8837 targets critical infrastructure sectors in North America • A Day Without ICS: The real impact of ICS/OT security threats Ransomware• Worldwide ransomware roundup: 2025 end-of-year report • Global ransomware attacks rose 32% in 2025, as manufacturers emerged as top target• 2025 Shattered Records: Key takeaways from the GRIT 2026 Ransomware & Cyber Threat Report• DeadLock Ransomware: Smart Contracts for Malicious Purposes Domestic Operations: Joint Interagency Task Force-Counter Cartel (JIATF-CC) established & US Northern Command establishes JTF-GOLD Quick Hits:• (TLP:CLEAR) Assessing Terrorism Trends on the Horizon in 2026 — WaterISAC — Jan 15, 2026 • UK NCSC: Designing safer links: secure connectivity for operational technology• NCSC UK: Secure connectivity principles for OT (collection) • FBI: Secure Connectivity Principles for Operational Technology (OT) (PDF)• ACSC (Australia): New publication for small businesses managing cyber risks from AI • Artificial intelligence for small business: Managing cyber security risks• Developing your IT recovery plan (Canadian Centre for Cyber Security, Jan 2026)• Improving cyber security resilience through emergency preparedness planning (Canadian Centre for Cyber Security, Jan 2026)• Developing your incident response plan (Canadian Centre for Cyber Security, Jan 2026)• Developing your business continuity plan (Canadian Centre for Cyber Security, Jan 2026)

Before fully diving into 2026, the Krewe takes a minute (or 64) to reflect on Japan in 2025, recapping & remembering the good, the bad & the wacky. From the top news stories of 2025 to the year's biggest pop culture stand outs, this episode covers it all!------ About the Krewe ------The Krewe of Japan Podcast is a weekly episodic podcast sponsored by the Japan Society of New Orleans. Check them out every Friday afternoon around noon CST on Apple, Google, Spotify, Amazon, Stitcher, or wherever you get your podcasts.  Want to share your experiences with the Krewe? Or perhaps you have ideas for episodes, feedback, comments, or questions? Let the Krewe know by e-mail at kreweofjapanpodcast@gmail.com or on social media (Twitter: @kreweofjapan, Instagram: @kreweofjapanpodcast, Facebook: Krewe of Japan Podcast Page, TikTok: @kreweofjapanpodcast, LinkedIn: Krewe of Japan LinkedIn Page, Blue Sky Social: @kreweofjapan.bsky.social, Threads: @kreweofjapanpodcast & the Krewe of Japan Youtube Channel). Until next time, enjoy!------ Support the Krewe! Offer Links for Affiliates ------Use the referral links below & our promo code from the episode!Support your favorite NFL Team AND podcast! Shop NFLShop to gear up for football season!Zencastr Offer Link - Use my special link to save 30% off your 1st month of any Zencastr paid plan! Get your very own JAPAN BEAR SHELTER------ Past KOJ Episodes Referenced ------Crash Course in Japanese Politics ft. Tobias Harris of Japan Foresight (S6E13)Social Media & Perceptions of Japan (S6E8)Japanese Soccer on the World Stage ft. Dan Orlowitz (S6E5)Meet the J.League ft. Dan Orlowitz (S6E4)Expo 2025: Japan on the World Stage ft. Sachiko Yoshimura (S6E2)Checking Out Miyagi ft. Ryotaro Sakurai (Guest Host, William Woods) (S5E5)Thoughts on Godzilla Minus One ft. Dr. William (Bill) Tsutsui (S4Bonus)Visiting Themed Cafes in Japan ft. Chris Nilghe of TDR Explorer (S4E15)The Life of a Sumotori ft. 3-Time Grand Champion Konishiki Yasokichi (S4E10)Japan 2021: A Year in Review (S2E13)Japanese Theme Parks ft. TDR Explorer (S2E4)Greatest Anime of All-Time pt. 3: Modern Day Anime (2010-Present) (S1E18)Talking Sumo ft. Andrew Freud (S1E8)------ JSNO Upcoming Events ------JSNO Event CalendarJoin JSNO Today!

AI is revolutionizing healthcare, but it's also giving cybercriminals unprecedented speed, scale, and precision.In this episode of Straight Out of Health IT, Ali Pabrai, Chief Executive Officer at ecfirst, explores how artificial intelligence is revolutionizing cybersecurity risk management in healthcare. While AI is accelerating innovation in diagnostics, workflows, and operations, it is also expanding attack surfaces through new data flows, third-party tools, and global supply chains. Despite updated guidance from HHS, NIST, and HIPAA-aligned frameworks, the healthcare sector remains under intense pressure from threats. Ransomware attacks and large-scale breaches continue to disrupt clinical operations and expose patient data, underscoring the stakes for healthcare organizations.Ali stresses that cybersecurity can no longer be treated as a compliance checkbox but must be approached as an enterprise-wide resilience strategy. Attackers are using AI to launch faster, more personalized, and more targeted attacks, exploiting vulnerabilities in devices, cloud systems, and human behavior. At the same time, healthcare organizations face growing financial exposure through class-action lawsuits, regulatory settlements, and long-term corrective action plans. Persistent gaps in configuration management, patching, and workforce awareness leave many organizations vulnerable, despite lessons learned from prior breaches.The conversation underscores the importance of robust AI governance, grounded in HIPAA security programs, NIST's AI Risk Management Framework, state-level AI mandates, and integrated standards, such as HITRUST. Ali emphasizes the importance of conducting AI-focused risk assessments, improving ransomware readiness, and establishing clear AI risk management policies. He also underscores the importance of building AI literacy across the workforce to reduce social engineering and insider risk. Ultimately, the discussion frames AI as both a threat and an opportunity, with resilience depending on leadership, knowledge, and proactive governance.Tune in to hear how healthcare leaders can turn AI from a growing liability into a powerful tool for resilience and trust! ResourcesConnect with Ali Pabrai on LinkedIn here.Follow ecfirst on LinkedIn here and visit their website here.Check out the ecfirst AICRP program here!Read the NIST AI Risk Management Framework here!

What is ransomware, and why does it remain the number one threat to businesses of all sizes? In this episode of The Backup Wrap-up, W. Curtis Preston and Prasanna Malaiyandi break down the fundamentals of ransomware attacks and explain why the question "what is ransomware" still gets searched tens of thousands of times each month.We cover the two main types of ransomware attacks: traditional encryption-based attacks where hackers lock your data and demand payment, and the newer double extortion model where attackers steal your sensitive information before encrypting it—then threaten to publish everything if you don't pay.Our hosts share real-world examples including the Sony hack, the Costa Rica government attack, and the massive Jaguar Land Rover breach that cost over $2.5 billion. Whether you're a Fortune 500 company or a small dental office, this episode explains what is ransomware, why you're a target, and why preparation is your best defense.

#SecurityConfidential #DarkRhiinoSecurityMatthew Waddell is an incident response and digital forensics expert with over 25 years of experience helping governments, global enterprises, and small businesses. He has also supported U.S. government counter-intelligence investigations and frontline operations overseas. Today, he's distilling decades of real-world experience into practical guidance and a new book designed to help organizations survive ransomware with clarity and confidence.00:00 Intro1:25 Our Guest02:02 Working for NASA09:30 Password hygiene is the key 11:38 Passkeys: Good or bad?18:00 If you collect any finances, you're a target23:30 Bad Actors are practicing on Small businesses27:18 Is A.I accelerating the Ransomware process?29:22 Employee Education Mindset34:23 Physical Security42:57 Calming down the executive team50:11 Survive Ransomware----------------------------------------------------------------------To learn more about Matthew visit https://tacticallysecure.com/survive/To learn more about Dark Rhiino Security visit https://www.darkrhiinosecurity.com----------------------------------------------------------------------

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

My conversation with Kurtis Minder cuts through the fantasy land most people live in when they talk about ransomware.This isn't about movie-style hackers or “just restore from backup” nonsense. It's about the industrialized ransomware economy—where threat actors operate with rules, quotas, minimum payouts, and negotiation playbooks that look a lot more like organized business than random crime.We get into the ugly realities organizations face when ransomware hits:How ransom negotiations actually work todayWhy cyber insurance often shapes decisions more than security teams doAnd the uncomfortable ethical tradeoffs executives are forced to make under real pressureWe also call out one of the biggest contributors to successful ransomware attacks: complacency. Most organizations have incident response plans that look great in PowerPoint and fall apart the second reality shows up. If you're not rehearsing, testing, and updating those plans, they're effectively worthless.Finally, we talk about what actually moves the needle. Not buzzwords. Not vendor bingo. Real strategy:Zero Trust done correctlyLeast privilege enforced, not “eventually planned”Microsegmentation that limits blast radius instead of praying backups workRansomware isn't going away. The only question is whether your organization is architected to absorb impact and survive, or whether you're funding the next criminal enterprise.Key TakeawaysRansomware is a structured business model, not chaos—negotiations follow rules and economics.Complacency kills response efforts; untested incident plans fail every time.Zero Trust, least privilege, and microsegmentation materially reduce ransomware blast radius when implemented correctly.

A ransomware attack doesn't always announce itself with flashing warnings and locked screens. Sometimes it starts with a quiet system outage, a few unavailable servers, and a sinking realization days later that the threat actors were already inside. This conversation pulls back the curtain on what really happens when an organization believes it's dealing with routine failures only to discover it's facing a full-scale cyber extortion event. My guest today is Zachary Lewis, CIO and CISO for a Midwest university, a 40 Under 40 Business Leader, and a former Nonprofit CISO of the Year. Zachary shares the inside story of a LockBit ransomware attack that unfolded while his team was still building foundational security controls, forcing real-time decisions about recovery, disclosure, negotiations, and whether paying a ransom was even an option. We talk about the shame that keeps many cyber incidents hidden, the emotional weight leaders carry during these moments, and the practical realities that don't show up in tabletop exercises from buying bitcoin to restoring systems when password managers are encrypted. It's an honest, grounded discussion about resilience, preparedness, and why sharing these stories openly may be one of the most important defenses organizations have. Show Notes: [04:05] Zachary Lewis explains why the absence of an immediate ransom note delayed suspicion of an attack. [06:00] The first technical indicators suggest something more serious is unfolding. [07:45] Discovering encrypted hypervisors and realizing recovery won't be straightforward. [09:30] Zachary outlines when data exfiltration became a real concern. [11:05] Receiving the LockBit ransomware note confirms the organization has been compromised. [12:55] The 4:30 a.m. phone call pushes leadership into full crisis mode. [14:40] Zachary reflects on managing fear, responsibility, and decision fatigue mid-incident. [16:20] Executive expectations collide with technical realities during the breach. [18:05] Why "doing most things right" still doesn't guarantee protection. [19:55] Cyber insurance begins shaping early response decisions. [21:35] Bringing in incident response teams and legal counsel under tight timelines. [23:20] Zachary describes working with the FBI and understanding jurisdictional limits. [25:10] What law enforcement can and cannot realistically provide during ransomware events. [26:50] Opening communication channels with the threat actors. [28:35] The psychological pressure behind ransomware negotiations. [30:10] Attacker-imposed timelines force rapid, high-stakes decisions. [31:55] Zachary walks through the practical challenges of acquiring cryptocurrency. [33:40] Why encrypted password managers created unexpected recovery barriers. [35:15] Determining which systems could be restored first—and which could not. [37:00] Lessons learned about backup integrity and offline recovery. [38:45] The importance of clear internal communication during uncertainty. [40:25] Balancing transparency with legal and reputational concerns. [42:10] How staff reactions differed from executive responses. [43:55] Zachary discusses the stigma that keeps many ransomware incidents quiet. [45:40] Why sharing breach stories can strengthen collective defenses. [47:20] MFA gaps and configuration issues exposed by the attack. [49:05] Why tabletop exercises fall short of real-world incidents. [50:50] Long-term security changes made after recovery. [52:30] Zachary offers advice for CISOs facing their first major incident. [54:10] What preparedness really means beyond compliance checklists. [56:00] Why resilience and recovery deserve equal priority. [58:30] Final reflections on leadership, accountability, and learning in public. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Zachary Lewis - The Homesteading CISO Zach Lewis - LinkedIn

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• TribalHub Cybersecurity Summit! 17-20 Feb, Jacksonville, Florida• Crypto ISAC & Crypto Crime Reaches Record High in 2025 as Nation-State Sanctions Evasion Moves On-Chain at Scale (and so many breach and incident reports)• MFA follow up and the alleged Instagram breach: Instagram user data leak: scraped records from 2022 resurface Main Topics:Complex realities for the workplace:• Venezuela, geopolitics and domestic considerations• Immigration and ICE-related incidents and protests• Considerations for leaders in the workplaceInsider Threats: • Malicious employees for hire: How dark web criminals recruit insiders • Hiding in plain sight: What the death of Aldrich Ames teaches us about insider threats The State of Ransomware in the U.S.: Report and Statistics 2025. “Since 2023, the number of globally claimed victims has increased from approximately 5400 annually to over 8000 in 2025… the number of victims has grown, so has the number of ransomware groups… ransomware has become more decentralized, more competitive, and more resilient. As long as affiliates remain plentiful and social engineering remains effective, victim counts are likely to continue rising.”Quick Hits:• FBI FLASH: North Korean Kimsuky Actors Leverage Malicious QR Codes in Spearphishing Campaigns Targeting U.S. Entities • How China and Russia are using Maduro's capture to sway U.S. discourse • U-Haul truck drives into crowd at Westwood rally against Iranian government • The Government Cyber Action Plan: strengthening resilience across the UK • CISA - Secure Your Business; Protect your business, employees and customers with smart cybersecurity practices

The Monday Microsegment for the week of January 12th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.A cyber incident snarls operations at a major European port.Ransomware gangs go after cloud backups.And Ivanti warns that its VPN devices are being actively exploited.And Gary Barlet joins us to unpacks cyber warfare hitting critical infrastructure. https://www.wsj.com/articles/venezuela-raid-highlights-cyber-vulnerability-of-critical-infrastructure-28aed054?mod=author_content_page_1_pos_1Head to The Zero Trust Hub: hub.illumio.comDownload The 2025 Global Cloud Detection and Response Report: https://www.illumio.com/resource-center/global-cloud-detection-and-response-report-2025 

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

In this episode of Unspoken Security, host AJ Nash sits down with Danielle Jablanski from STV to break down the hard truths of operational technology (OT) security. Danielle explains why critical infrastructure - from water and transportation to manufacturing - remains vulnerable, tracing the challenge back to legacy systems, vendor complexity, and the lack of clear, industry-wide standards. She argues that many organizations have poor visibility into their assets and often rely on outdated assumptions about risk and business impact.Danielle calls out the pitfalls of flashy security solutions and emphasizes the need for basic, proven practices like network segmentation and clear asset management. She highlights the disconnect between IT and OT, showing how real-world safety and business operations depend on bridging this gap with honest communication and practical controls. Rather than chasing after hype, Danielle urges leaders to focus on building resilience: knowing what matters, assessing real risks, and strengthening what you can control.Throughout the conversation, Danielle offers a grounded perspective on why OT security demands more than checklists and compliance. She points to the need for shared data, better early warning systems, and a broader base of professionals willing to dig into the complexities - before an incident forces everyone's hand.Send us a textSupport the show

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

Happy New Year!

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• Trump suggests US used cyberattacks to turn off lights in Venezuela during strikes• Protests in US cities over Trump's military intervention in Venezuela• Trump Ramps Up Incendiary Threats After Venezuela Strike• White House: RUBIO: This Is Our Hemisphere — and President Trump Will Not Allow Our Security to be Threatened• PMs of Greenland, Denmark tell Trump to stop U.S. takeover threatsMain Topics:Leftwing militants claim responsibility for arson attack on Berlin power grid. Protest over climate crisis and AI has cut power to tens of thousands of homes which may take days to fully restore. The Vulkangruppe (Volcano Group) said it had deliberately targeted some of the city's wealthiest districts.Ransomware:• Recorded Future: New ransomware tactics to watch out for in 2026• Semperis: What CISOs Need to Know About Fighting Ransomware in 2026 • Top 10 Ransomware Groups of 2025MFA: Dozens of Global Companies Hacked via Cloud Credentials from Infostealer Infections & More at Risk. This report provides a granular reconstruction of the compromised assets. Furthermore, we demonstrate that these catastrophic security failures were not the result of zero-day exploits in the platform architecture, but rather the downstream effect of malware infections on employee devices combined with a critical failure to enforce Multi-Factor Authentication (MFA).• One criminal, 50 hacked organizations, and all because MFA wasn't turned on. "Because the organizations listed below did not enforce MFA, the attacker walks right in through the front door," the cybersecurity shop said in a Monday report. "No exploits, no cookies – just a password."• Cloud file-sharing sites targeted for corporate data theft attacksAI Deepfakes Are Impersonating Pastors to Try to Scam Their Congregations; Religious communities around the US are getting hit with AI depictions of their leaders sharing incendiary sermons and asking for donations. Quick Hits:• Bleeping Computer: The biggest cybersecurity and cyberattack stories of 2025 • Infosecurity's Top 10 Cybersecurity Stories of 2025• Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025.• Two Americans Plead Guilty to Targeting Multiple U.S. Victims Using ALPHV BlackCat Ransomware• CISA Known Exploited Vulnerabilities Surged 20% in 2025; CISA's Known Exploited Vulnerabilities (KEV) Catalog Grew By 20% In 2025, Including 24 Vulnerabilities Exploited By Ransomware Groups

The Monday Microsegment for the week of January 5th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.New year, new zero-day vulnerability in Windows Server.Ransomware rings in 2026 by hitting healthcare in Europe.And attackers cash in on holiday passwords.And Ashwarya Ramani joins us for a special Book Club segment! Head to The Zero Trust Hub: hub.illumio.comDownload The 2025 Global Cloud Detection and Response Report: https://www.illumio.com/resource-center/global-cloud-detection-and-response-report-2025 

Ransomware attacks on backups have reached epidemic levels, with 96% of attacks now targeting backup infrastructure. In this episode of The Backup Wrap-up, Curtis Preston and Prasanna Malaiyandi break down the alarming statistics and explain why cybercriminals have made your recovery systems their primary target.The math is simple: if attackers destroy your backups, you're far more likely to pay the ransom. And with only 25% of organizations feeling prepared for ransomware attacks on backups, the gap between threat and readiness is massive.Curtis and Prasanna discuss two studies revealing these numbers, explore why less than 7% of companies recover within a day, and outline practical defenses including true immutability, separate identity management systems, and MFA. If you're not protecting your backup infrastructure from ransomware attacks on backups, you're leaving yourself wide open.

Real-world risks and responsible use of AI kick off the second part of our conversation with The Long Island Macintosh Users Group. The group swaps scam stories (spoofed bank calls, W-2 phishing, ransomware) and how AI can amplify fraud. Ways to mitigate exposure in an AI-powered world include cyber insurance, privacy tradeoffs in popular AI tools, copyright/IP guardrails in image generation, and careful experimentation.  This edition of MacVoices is supported by MacVoices After Dark. What happens before and after the shows is uncensored, on-topic, off-topic, and always off the wall. Sign up as a MacVoices Patron and get access! http://patreon.com/macvoices Show Notes: Chapters: [0:00] Scams refresher: don't click, verify directly [2:18] Why scams work: volume, pressure, and “sensibility” [3:44] Spoofed bank calls and how to break the script [5:49] Small businesses as targets; cyber insurance gap [7:12] Photo scanning business: liability vs. cyber coverage [11:35] W-2 breach fallout; IRS PINs and identity theft [13:42] Ransomware economics and “references” story [20:13] LLM choices: ChatGPT vs. Perplexity; citations and accuracy [21:58] Scraping, paywalls, and plagiarism concerns [26:16] Privacy tradeoffs and risk assumptions [31:06] Apple, encryption backdoors, and trust [34:56] Human review triggers; sensitive prompts [38:33] Closing: experiment, but stay cautious [40:50] Synthetic hosts, AI conversations, and credibility risks [41:10] AI companions and teen harms; responsibility and guardrails [42:15] Phones in schools; education over bans [46:51] Wrap-up and thanks Support: Become a MacVoices Patron on Patreon      http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect: Web:      http://macvoices.com Twitter: http://www.twitter.com/chuckjoiner      http://www.twitter.com/macvoices Mastodon:      https://mastodon.cloud/@chuckjoiner Facebook:      http://www.facebook.com/chuck.joiner MacVoices Page on Facebook:      http://www.facebook.com/macvoices/ MacVoices Group on Facebook:      http://www.facebook.com/groups/macvoice LinkedIn:      https://www.linkedin.com/in/chuckjoiner/ Instagram:      https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes      Video in iTunes      Subscribe manually via iTunes or any podcatcher: Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

Real-world risks and responsible use of AI kick off the second part of our conversation with The Long Island Macintosh Users Group. The group swaps scam stories (spoofed bank calls, W-2 phishing, ransomware) and how AI can amplify fraud. Ways to mitigate exposure in an AI-powered world include cyber insurance, privacy tradeoffs in popular AI tools, copyright/IP guardrails in image generation, and careful experimentation.  This edition of MacVoices is supported by MacVoices After Dark. What happens before and after the shows is uncensored, on-topic, off-topic, and always off the wall. Sign up as a MacVoices Patron and get access! http://patreon.com/macvoices Show Notes: Chapters: [0:00] Scams refresher: don't click, verify directly [2:18] Why scams work: volume, pressure, and "sensibility" [3:44] Spoofed bank calls and how to break the script [5:49] Small businesses as targets; cyber insurance gap [7:12] Photo scanning business: liability vs. cyber coverage [11:35] W-2 breach fallout; IRS PINs and identity theft [13:42] Ransomware economics and "references" story [20:13] LLM choices: ChatGPT vs. Perplexity; citations and accuracy [21:58] Scraping, paywalls, and plagiarism concerns [26:16] Privacy tradeoffs and risk assumptions [31:06] Apple, encryption backdoors, and trust [34:56] Human review triggers; sensitive prompts [38:33] Closing: experiment, but stay cautious [40:50] Synthetic hosts, AI conversations, and credibility risks [41:10] AI companions and teen harms; responsibility and guardrails [42:15] Phones in schools; education over bans [46:51] Wrap-up and thanks Support:      Become a MacVoices Patron on Patreon      http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect:      Web:      http://macvoices.com      Twitter:      http://www.twitter.com/chuckjoiner      http://www.twitter.com/macvoices      Mastodon:      https://mastodon.cloud/@chuckjoiner      Facebook:      http://www.facebook.com/chuck.joiner      MacVoices Page on Facebook:      http://www.facebook.com/macvoices/      MacVoices Group on Facebook:      http://www.facebook.com/groups/macvoice      LinkedIn:      https://www.linkedin.com/in/chuckjoiner/      Instagram:      https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes      Video in iTunes      Subscribe manually via iTunes or any podcatcher:      Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

(Presented by Material Security (https://material.security): We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 79: We cover MongoBleed (CVE‑2025‑14847), exposed MongoDB deployments, and the sad realization that zero-day attacks are a normal, everyday occurrence. Plus, AI's expanding role and misuse across products and workflows, proximity attacks against Bluetooth audio devices, spyware sanctions de-listings, and ransomware economics. In a special mailbag segment, we give our book recommendations and respond to common questions from the listeners. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

A new year - and so much to do! To start 2026, Richard flies solo again to discuss the issues he's seen on sysadmins' minds as we head into the new year. Obviously, AI is eating up a lot of the conversation from many different angles: tools that can help us be more productive, security issues in our organizations due to misuse, and now, AI-driven hacking. Security still looms large, and not just from an AI perspective - the latest round of supply chain attacks has led to litigation, putting new emphasis on making sure you're secure. Windows has a new leader, things are changing there, and there's the ongoing migration to the cloud. Does it still make sense? There seems to be more concern about data sovereignty than ever, and some meaningful conversations to have. Happy New Year!LinksAzure SRE Agents with Deepthi ChelupatiMicrosoft PurviewThe M365 Copilot Data Readiness Checklist with Nikki ChappleQuering for Breaches with Mark MorowcyznskiManaging Vendor Incidents with Mandi WallsIncident Management and the Crowdstrike event with Lieam WestleyMicrosoft IntuneMicrosoft Entra IDMicrosoft Defender for EndpointMicrosoft Entra ID Protection with Corissa KoopmansWindows Server 2025Upgrading to Windows Server 2025 with Robert SmitRecorded December 20, 2025

In this conversation, I break down the state of cybersecurity heading into 2025—and it's not pretty. Ransomware isn't “ramping up,” it's eating the market alive, while too many organizations are still betting their future on outdated controls, checkbox compliance, and the fantasy that perimeter security is a strategy. I call out the continued failure of traditional security models, the uncomfortable reality of high-profile vendor missteps, and the industry's habit of confusing tool sprawl with actual risk reduction.My bottom line is simple: Zero Trust isn't a buzzword; it's the only approach that aligns with how modern environments actually operate—cloud-first, identity-driven, and constantly under attack. If you want real improvement, start treating identity like the control plane, tighten your cloud and endpoint fundamentals, get serious visibility into what's connecting and what's executing, and stop pretending “prevention” alone is a plan. Initial access is going to happen—so engineer for containment and resiliency. I wrap up with practical steps you can apply immediately to harden posture and quit treating cyber defense like a yearly renewal rather than a continuous operational discipline.TakeawaysRansomware incidents surged in 2025, impacting critical infrastructure.Traditional defenses are failing to contain ransomware attacks.Using a password manager is essential for security.Cybercrime costs are projected to reach $10 trillion by 2025.Misconfigurations in cloud services are a major risk factor.Identity management is a solvable problem that needs attention.Vendors in cybersecurity are not immune to breaches.Organizations should partner with service providers for cybersecurity.Research and data should guide cybersecurity strategies.A proactive approach is necessary to mitigate cyber threats.

Love a hot take?

Organizations worldwide scramble to address the critical React2Shell vulnerability.  Major insurers look to exclude artificial intelligence risks from corporate policies. Three Chinese hacking groups converge on the same Sharepoint flaws. Ransomware crews target hypervisors. A UK hospital asks the High Court to block publication of data stolen by the Clop gang. The White House approves additional Nvidia AI chip exports to China. The ICEBlock app creator sues the feds over app store removal. The FBI warns of virtual kidnapping scams. The FTC upholds a ban on a stalkerware maker. Dave Lindner, CISO of Contrast Security, discusses nation-state adversaries targeting source code to infiltrate the government and private sector. Craigslist's founder pledges support for cybersecurity, veterans and pigeons. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest ⁠Dave Lindner⁠, CISO of ⁠Contrast Security⁠, discusses nation-state adversaries targeting source code to infiltrate the government and private sector. Selected Reading Researchers track dozens of organizations affected by React2Shell compromises tied to China's MSS (The Record) Insurers retreat from AI cover as risk of multibillion-dollar claims mounts (Financial Times) Three hacking groups, two vulnerabilities and all eyes on China (The Record) Researchers spot 700 percent increase in hypervisor ransomware attacks (The Register) UK Hospital Asks Court to Stymie Ransomware Data Leak (Bank Infosecurity) Trump says Nvidia can sell more powerful AI chips to China (The Verge) ICEBlock developer sues Trump administration over App Store removal (The Verge) New FBI alert urges vigilance on virtual kidnapping schemes (SC Media) FTC upholds ban on stalkerware founder Scott Zuckerman (TechCrunch) Craigslist founder signs the Giving Pledge, and his fortune will go to military families, fighting cyberattacks—and a pigeon rescue (Fortune) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices