Malicious software used in ransom demands
POPULARITY
Categories
Microsoft tags a critical vulnerability in Fortra's GoAnywhere software. A critical Redis vulnerability could allow remote code execution. Researchers tie BIETA to China's MSS technology enablement. Competing narratives cloud the Oracle E-Business Suite breach. An Ohio-based vision care firm will pay $5 million to settle phishing-related data breach claims. “Trinity of Chaos” claims to be a new ransomware collective. LinkedIn files a lawsuit against an alleged data scraper. This year's Nobel Prize in Physics recognizes pioneering research into quantum mechanical tunneling. On today's Industry Voices segment, we are joined by Alastair Paterson from Harmonic Security, discussing shadow AI and the new era of work. Australia's AI-authored report gets a human rewrite. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, we are joined by Alastair Paterson, CEO and Co-Founder of Harmonic Security, discussing shadow AI and the new era of work. You can hear the full conversation with Alastair here. Selected Reading Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Camp (Infosecurity Magazine) Redis warns of critical flaw impacting thousaRends of instances (Bleeping Computer) BIETA: A Technology Enablement Front for China's MSS (Recorded Future) Well, Well, Well. It's Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882) (Labs) EyeMed Agrees to Pay $5M to Settle Email Breach Litigation (Govinfo Security) Ransomware Group “Trinity of Chaos” Launches Data Leak Site (Infosecurity Magazine) LinkedIn sues ProAPIs for using 1M fake accounts to scrape user data (Bleeping Computer) The Nobel Prize for physics is awarded for discoveries in quantum mechanical tunneling (NPR) Deloitte refunds Australian government over AI in report (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire Daily podcast is a production of N2K Networks, your source for critical industry insights, strategic intelligence, and performance-driven learning products. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Christopher Brock, founder of Primary Hosting and Quantum Proof, joins Jeff Bloomfield for a mind-bending conversation on the rise of sovereign AI, post-quantum encryption, and how generative AI is reshaping both business and personal life. As Chief Information Security Officer for the Piqua Shawnee Tribe of Alabama and creator of the 300,000+ member Facebook group AI for Business and Life, Brock bridges ancient wisdom, advanced math, and cutting-edge tech to explore how AI can protect—not exploit—human identity, culture, and data. AI isn't just changing business—it's redefining the boundaries of human intelligence, creativity, and security. Christopher Brock shows us the future where AI meets quantum computing, tribal sovereignty meets technology, and cybersecurity meets consciousness. Whether you're a CEO, creator, or just curious about the next tech revolution, this episode will change how you see data, privacy, and possibility itself. Sovereign AI is about protection—of identity, culture, and innovation, not just efficiency. Quantum computing could crack modern encryption in seconds, forcing an urgent rethinking of cybersecurity. Quantum Proof aims to make data “unhackable” using a new mathematical model that predicts prime numbers. AI and quantum together are “steroids on steroids”—powerful but potentially perilous if not ethically guided. Ransomware-as-a-Service (RaaS) has become an organized dark-web industry with customer support desks. Data harvesting is happening now—hackers store encrypted data today, waiting for quantum tools to unlock it later. The AI learning curve starts with usage—use the tools yourself before delegating to a tech team. LLMs (like ChatGPT, Claude, Grok, Gemini) are modern-day PhDs in your pocket—only valuable if you engage them daily. SEO is dead—AI ranking is here. Businesses must adapt to “AI discoverability” instead of traditional Google search. If you ignore AI, you'll be left behind. Brock says plainly: “Use it—or miss where the world's going.” Time Topic 00:00 Opening banter: building AI platforms and UX importance 03:36 Introduction: Christopher Brock and his work 07:41 Speaking at MIT, launching Quantum Proof 09:21 The rise of AI for Business and Life community (300k+ members) 17:09 Brock's background: from student government to tech startups 23:50 COVID pivot, tribal leadership, and founding Primary Hosting 25:47 The birth of Quantum Proof and post-quantum encryption 28:06 Quantum computing explained (for humans!) 34:58 The math and philosophy behind Brock's new algorithms 35:53 Why today's encryption—and even blockchain—isn't safe 41:19 Ransomware-as-a-Service: the digital mob economy 45:51 How everyday people should start using AI 49:03 Building personalized AI agents and data ecosystems 52:24 The death of SEO and the rise of AI discoverability 54:31 Where to find Chris and what's next in AI & Quantum tech
Three Buddy Problem - Episode 66: We discuss drone sightings that shut down airports across Europe and what they reveal about hybrid warfare and the changing nature of conflict; Oracle ransomware/extortion campaign tied to unpatched E-Business Suite vulnerabilities and the company's muted response. Plus, the TikTok–Oracle deal and the strange role Oracle now plays in U.S. national security; OpenAI's Sora 2 launch and its implications for social media and human expression; Palo Alto's “Phantom Taurus” APT report, a follow-up on Cisco's ArcaneDoor disclosures, and the impact of the U.S. government shutdown on CISA. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).
In this episode of Unspoken Security, host A.J. Nash sits down with Marley Salveter, Director of Marketing at Unspoken Security. They explore how digital privacy and security awareness look different for younger generations who have grown up in a world where sharing personal data is routine, not a choice. Marley shares her perspective on adapting to life online, where building a personal brand and protecting personal information often overlap for today's professionals.Marley explains how her generation views data privacy as an accepted tradeoff, not a conscious decision, and why traditional corporate security training rarely feels relevant. She discusses the real risks of living in public—how threats feel less urgent until they get personal and why the rapid response of tech platforms can mask the lasting impact of breaches. She and A.J. dig into the challenge of communicating security risks to a connected generation that rarely sees tangible consequences.Together, they reflect on how open conversations bridge generational gaps and why storytelling and relatable dialogue help people internalize security lessons. Marley argues that making security personal is key to lasting change—especially for those building their careers and brands in the public eye.Send us a textSupport the show
In this episode of the Global Fresh Series, we sit down with Dave McCary of ZAG Technical Services to explore how cybersecurity and ransomware are reshaping the fresh produce industry. From recent high-profile attacks on produce companies to the hidden vulnerabilities in supply chains, Dave shares why protecting data and operations is just as critical as protecting the crops themselves. We discuss the real costs of downtime, how hackers exploit weaknesses, and the steps growers, shippers, and distributors can take today to safeguard their businesses — and the global food supply — from digital threats.First Class Sponsor: Peak of the Market: https://peakofthemarket.com/ Premium Sponsor: Zag Technological Services, Inc.: https://www.zagtech.com/ Premium Sponsor: Avocados from Colombia: https://avocadoscolombia.com/ Premium Sponsor: The Fruit & Vegetable Dispute Resolution Corporation: https://fvdrc.com/ Global Women Fresh: https://globalwomenfresh.com/
Got a question or comment? Message us here!Ransomware is evolving faster than ever, from double extortion tactics to lightning-fast attack chains. In this episode, we break down how these threats work, why every organization is a target, and the layered defenses SOCs can use to detect and stop attacks early. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.
⚠️ Wichtiger Hinweis: In dieser Folge geht es nicht um Victim Blaming. Cyberangriffe können jedes Unternehmen treffen – entscheidend ist, wie man damit umgeht.Diesmal ohne Max, dafür mit zwei Gästen, die den Mut hatten, offen über den Ransomware-Angriff auf ihr Unternehmen zu sprechen. Solche Gespräche sind leider selten, weil viele Betroffene schweigen – umso wertvoller sind die Einblicke von Thorsten und Tom. Keine Theorie, kein Whitepaper, sondern Praxis pur. Ein großes Dankeschön für diese so seltene Offenheit!
In Podcast Folge #114 begrüßen Julius und Marcel diesesmal gleich zwei Gäste in ihrer Runde: Robert Wortmann (Principal Security Strategist bei Trend Micro) und Max Imbiel (Field CISO DACH bei Cloudflare). Robert und Max sind außerdem auch Hosts von 'Breach FM' - dem Infosec Podcast. Gemeinsam schauen Julius, Marcel, Max und Robert in dieser Folge auf aktuelle Cyber-Angriffe, die Entwicklung von Ransomware, die Rolle von Künstlicher Intelligenz im Darknet und die Verantwortung von Herstellern und Dienstleistern.
Identity theft affects millions of people every year — but do you really know how it works, or how to protect yourself? This week, we're joined by Eva Velasquez, CEO of the Identity Theft Resource Center, who shares the latest trends in identity crime and what steps you can take if it ever happens to you.
Organizations continue to face an increasingly complex cyber threat landscape. Amid ongoing geopolitical and geoeconomic tensions and supply chain disruptions, a robust and comprehensive cyber risk management strategy can help businesses mitigate risks and improve resiliency. In this episode of Risk in Context, Marsh McLennan's Dan Bowden speaks with Marsh's Helen Nuttall and Matt Berninger about the importance of reviewing and reinforcing cyber controls to help minimize cyber exposures and uncertainty and better protecting their people, finances, and operations from cyber threats. You can access a transcript of the episode here. Read Cybersecurity Signals, Connecting Controls and Incident Outcomes and The 2025 OT Security Financial Risk Report. For more insights and insurance and risk management solutions, follow Marsh on LinkedIn and X and visit marsh.com.
In this episode of the Security Squawk Podcast, Bryan Hornung and Randy Bryan break down how ransomware keeps evolving and why businesses can't afford to let their guard down. Bryan covers three major stories: a ransomware attack on Volvo's supplier that exposed sensitive employee data, new research showing that 80% of ransomware victims get hit again, and how the Akira ransomware gang is flipping remote management tools against their victims. Randy dives into cyberattacks on global manufacturing, including production halts at Asahi and fallout from the Jaguar Land Rover ransomware incident. We'll unpack what these attacks mean for supply chains, IT teams, and everyday businesses—and why persistence is the new weapon of choice for cybercriminals. Tune in for sharp insights, real-world advice, and a little bit of sarcasm to keep it interesting. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...
The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com
Three Buddy Problem - Episode 65: We zero in on one of the biggest security stories of the year: the discovery of a persistent multi-stage bootkit implanting malware on Cisco ASA firewalls. Details on a new campaign, tied to the same threat actors behind ArcaneDoor, exploiting zero-days in Cisco's 5500-X series appliances, devices that sit at the heart of government and enterprise networks worldwide. Plus, Cisco's controversial handling of these disclosures, CISA's emergency deadlines for patching, the absence of IOCs and samples, and China's long-term positioning. Plus, thoughts on the Secret Service SIM farm discovery in New York and evidence of Russians APTs Turla and Gamaredon collaborating to hit Ukraine targets. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).
Whether trying to hit the road or soar through the skies - ransomware is providing speed bumps and delays. We'll talk about a couple of huge ongoing ransomware attacks. Plus - how does ransomware happen, and how are organizations dealing? Believe it or not there's some survey data that's kind of encouraging. We'll hit that on this edition of The Checklist, brought to you by SecureMac. Check out our show notes: SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com
The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.
United Airlines grounds ALL flights for second time in a month amid growing safety concerns Please Subscribe + Rate & Review Philip Teresi on KMJ wherever you listen! --- KMJ’s Philip Teresi is available on the KMJNOW app, Apple Podcasts, Spotify, Amazon Music or wherever else you listen. --- Philip Teresi, Weekdays 2-6 PM Pacific News/Talk 580 & 105.9 KMJ DriveKMJ.com | Podcast | Facebook | X | Instagram --- Everything KMJ: kmjnow.com | Streaming | Podcasts | Facebook | X | Instagram See omnystudio.com/listener for privacy information.
United Airlines grounds ALL flights for second time in a month amid growing safety concerns Please Subscribe + Rate & Review Philip Teresi on KMJ wherever you listen! --- KMJ’s Philip Teresi is available on the KMJNOW app, Apple Podcasts, Spotify, Amazon Music or wherever else you listen. --- Philip Teresi, Weekdays 2-6 PM Pacific News/Talk 580 & 105.9 KMJ DriveKMJ.com | Podcast | Facebook | X | Instagram --- Everything KMJ: kmjnow.com | Streaming | Podcasts | Facebook | X | Instagram See omnystudio.com/listener for privacy information.
On this week's show Patrick Gray and special guest Rob Joyce discuss the week's cybersecurity news, including: Secret Service raids a SIM farm in New York MI6 launches a dark web portal Are the 2023 Scattered Spider kids finally getting their comeuppance? Production halt continues for Jaguar Land Rover GitHub tightens its security after Shai-Hulud worm This week's episode is sponsored by Sublime Security. In this week's sponsor interview, Sublime founder and CEO Josh Kamdjou joins host Patrick Gray to chat about the pros and cons of using agentic AI in an email security platform. This episode is also available on YouTube Show notes U.S. Secret Service disrupts telecom network that threatened NYC during U.N. General Assembly MI6 launches darkweb portal to recruit foreign spies | The Record from Recorded Future News One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens | dirkjanm.io Github npm changes Flights across Europe delayed after cyberattack targets third-party vendor | Cybersecurity Dive Major European airports work to restore services after cyberattack on check-in systems | The Record from Recorded Future News When “Goodbye” isn't the end: Scattered LAPSUS$ Hunters hack on | DataBreaches.Net UK arrests 2 more alleged Scattered Spider hackers over London transit system breach | Cybersecurity Dive Alleged Scattered Spider member turns self in to Las Vegas police | The Record from Recorded Future News Las Vegas police arrest minor accused of high-profile 2023 casino attacks | CyberScoop DOJ: Scattered Spider took $115 million in ransoms, breached a US court system | The Record from Recorded Future News vx-underground on X: "Scattered Spider ransoms company for 964BTC - wtf_thats_alot.jpeg - Document says "Cost of BTC at time was $36M" - $36M / 964BTC = $37.5K - BTC value was $37.5K in November, 2023 - Google "Ransomware, November, 2023" - omfg.exe https://t.co/uv2EzbL5HT" | X JLR ‘cyber shockwave ripping through UK industry' as supplier share price plummets by 55% | The Record from Recorded Future News Jaguar Land Rover to extend production pause into October following cyberattack | Cybersecurity Dive New plan would give Congress another 18 months to revisit Section 702 surveillance powers | The Record from Recorded Future News AI-powered vulnerability detection will make things worse, not better, former US cyber official warns | Cybersecurity Dive
In cybersecurity, identity has become the primary attack vector. We explore identity in CXOTalk 892, with the CEO of RSA Security, Rohit Ghai, who explains how stolen credentials, social engineering, and AI-enabled impersonation break defenses. And what boards, CISOs, and executives must do now.What you'll learn:-- Why credential theft remains the #1 initial access vector and what “phishing resistant” MFA actually requires-- How attackers bypass MFA via help desk social engineering and voice impersonation, and how to stop it-- Managing identity across the joiner–mover–leaver lifecycle to close high-risk gaps-- The “assume breach” mindset: zero trust, least privilege, and blast radius reduction-- The CISO's evolving mandate: business vs. technology, board communication, and risk quantification-- AI in cyber: sword, shield, and attack surface, and the changing economics of attack vs. defense-- Ransomware beyond backups: data theft, response playbooks, and legal/PR readinessWho should watch:Board members, CEOs, CISOs, CIOs, and security leaders who seek clear actions to improve resilience without slowing the business.
New Episode! Tell us your feedback! Is Your Company Safe From AI Attacks?This episode covers the intersection of artificial intelligence and cybersecurity, exploring how AI can be used for both protection and malicious purposes. We examine how AI is used to create advanced ai cybercrime and deep fakes, and the rising threat of social engineering attacks. Learn how ai cybersecurity can help defend against ai hackers and other emerging threats. Feeling Kind? Consider Supporting Our Channel by subscribing! Over 84% of viewers do not subscribe to our channel!
Former Vice President Al Gore's latest project gives polluters nowhere to hide. Climate Trace, a non-profit that Gore co-founded, launched a tool Wednesday that uses AI to track fine particulate pollution from more than 660 million sources worldwide. Also, the U.K.'s National Crime Agency said on Wednesday that a man was arrested in connection to the ransomware attack that has caused delays and disruptions at several European airports since the weekend. Learn more about your ad choices. Visit podcastchoices.com/adchoices
In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• TribalNet: Casino-systems suppliers protecting operations from cyberattacks • TribalNet: AI main focus of tribal technology conference• TribalNet 2025: Cybersecurity Is Central to IT Modernization for Tribes• The Gate 15 Interview EP 62: Justine Bone, Executive Director, Crypto ISACMain Topics:U.S. Secret Service dismantles imminent telecommunications threat in New York tristate area. The U.S. Secret Service dismantled a network of electronic devices located throughout the New York tristate area that were used to conduct multiple telecommunications-related threats directed towards senior U.S. government officials, which represented an imminent threat to the agency's protective operations. This protective intelligence investigation led to the discovery of more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites. In addition to carrying out anonymous telephonic threats, these devices could be used to conduct a wide range of telecommunications attacks. This includes disabling cell phone towers, enabling denial of services attacks and facilitating anonymous, encrypted communication between potential threat actors and criminal enterprises. While forensic examination of these devices is ongoing, early analysis indicates cellular communications between nation-state threat actors and individuals that are known to federal law enforcement.Ransomware!• EU cyber agency says airport software held to ransom by criminals • A Cyberattack on Jaguar Land Rover Is Causing a Supply Chain Disaster • Rising cyberattacks on K-12 schools prompt concern as Uvalde CISD grapples with ransomwareCyber threat information law hurtles toward expiration, with poor prospects for renewal• Rand Paul's last-minute demands push key cybersecurity law to the brink• Peters Urges Senate to Quickly Extend Critical Cybersecurity Protections That Expire on October 1st• Health-ISAC CSO: A Looming Deadline: The Cybersecurity Information Sharing Act of 2015• RER and Coalition Urges TRIA Reauthorization• Commentary: Shrinking cyber budgets and rising threats: Why public-private partnerships are now mission-criticalUS threats and violence• MN man threatened people via email as retaliation for Charlie Kirk's death: Charges• NH Man Arrested for Allegedly Plotting to Kill Republican Governor Kelly Ayotte With Pipe Bombs• NCTC Supports U.S. Law Enforcement, First Responders by Sharing Intel Product Aimed at Deterring Attacks by Al-Qa'ida• ISIS calls for slaughter of Christians and Jews in UK attacks – 'shoot, stab, and ram' Quick Hits:• FBI PSA: Threat Actors Spoofing the FBI IC3 Website for Possible Malicious Activity• NHC issuing advisories for the Atlantic on Hurricane Gabrielle• UK NPSA: Vehicle Security Barriers at Event Venues • TikTok: Statement from ByteDanceo Deal to Keep TikTok in U.S. Is Near. These Are the Details.o Trump expected to approve TikTok deal via executive order later this week, WSJ reports• OpenAI admits AI hallucinations are mathematically inevitable, not just engineering flaws
A major ransomware attack disrupts airport operations across Europe. Congress is on the verge of letting major cyber legislation expire. A critical flaw nearly allowed total compromise of every Entra ID tenant. Automaker Stellantis confirms a data breach. Fortra patches a critical flaw in its GoAnywhere MFT software. Europol leads a major operation against online child sexual exploitation. Three of the cybersecurity industry's biggest players opt out of MITRE's 2025 ATT&CK Evaluations. A compromised Steam game drains a cancer patient's donations. Business Breakdown. Andrzej Olchawa and Milenko Starcik from VisionSpace join Maria Varmazis, host of T-Minus Space on hacking satellites. How one kid got tangled in Scattered Spider's web. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Andrzej Olchawa and Milenko Starcik from VisionSpace are speaking with Maria Varmazis, host of T-Minus Space on hacking satellites. Selected Reading EU cyber agency says airport software held to ransom by criminals (BBC News) Cyber threat information law hurtles toward expiration, with poor prospects for renewal (CyberScoop) Microsoft Entra ID flaw allowed hijacking any company's tenant (Bleeping Computer) Stellantis says a third-party vendor spilled customer data (The Register) Fortra Patches Critical GoAnywhere MFT Vulnerability (SecurityWeek) AI Forensics Help Europol Track 51 Children in Global Online Abuse Case (HackRead) Cyber Threat Detection Vendors Pull Out of MITRE Evaluations Test (Infosecurity Magazine) Verified Steam game steals streamer's cancer treatment donations (Bleeping Computer) CrowdStrike and Check Point intend to acquire AI security firms. (N2K CyberWire Business Briefing) ‘I Was a Weird Kid': Jailhouse Confessions of a Teen Hacker (Bloomberg) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
European airport disruption due to cyberattack check-in and baggage software SMS scammers now using mobile fake cell towers GPT-4-powered MalTerminal malware creates ransomware and Reverse Shell Huge thanks to our sponsor, Conveyor If security questionnaires make you feel like you're drowning in chaos, you're not alone. Endless spreadsheets, portals, and questions—always when you least expect them. Conveyor brings calm to the storm. With AI that auto-fills questionnaires and a trust center that shares all your docs in one place, you'll feel peace where there used to be panic. Find your security review zen at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.
Unveiling the Ransomware Ecosystem with Tammy Harper In this compelling episode, Jim is joined by Tammy Harper from Flair.io to re-air one of their most popular and insightful episodes. Dive into the intricate world of ransomware as Tammy, a seasoned threat intelligence researcher, provides an in-depth introduction to the ransomware ecosystem. Explore the basics and nuances of ransomware, from its origins to its modern-day complexities. Tammy discusses not only the operational structures and notable ransomware groups like Conti, LockBit, and Scattered Spider, but also the impact and evolution of ransomware as a service. She also elaborates on ransomware negotiation tactics and how initial access brokers operate. This episode is packed with invaluable information for anyone looking to understand the cybercrime underground economy. Don't forget to leave your questions in the comments, and they might be addressed in future episodes! 00:00 Introduction and Episode Re-Run Announcement 00:29 Guest Introduction: Tammy Harper from Flair io 00:41 Exploring the Dark Web and Ransomware 02:21 Tammy Harper's Background and Expertise 03:40 Understanding the Ransomware Ecosystem 04:02 Ransomware Business Models and Initial Access Brokers 07:08 Double and Triple Extortion Tactics 11:23 History of Ransomware: From AIDS Trojan to WannaCry 13:02 The Rise of Ransomware as a Service (RaaS) 19:41 Conti: The Ransomware Giant 26:17 Conti's Tools of the Trade: EMOTET, ICEDID, and TrickBot 32:05 The Conti Leaks and Their Impact 34:04 LockBit and the Ransomware Cartel 37:07 National Hazard Agency: A Subgroup of LockBit 38:17 Release of Volume Two and Its Impact 39:08 Details of the Training Manual 40:52 Ransomware Negotiations 41:28 Ransom Chat Project 42:27 Conti vs. LockBit Negotiation Tactics 43:30 Professionalism in Ransomware Operations 47:07 Ransomware Chat Simulation 48:03 Ransom Look Project 49:11 Current Ransomware Landscape 50:32 Infiltration and Research Methods 51:47 Profiles of Emerging Ransomware Groups 01:05:21 Initial Access Market 01:10:26 Future of Ransomware and Law Enforcement Efforts 01:13:14 Conclusion and Final Thoughts
In this episode of Unspoken Security, host AJ Nash welcomes Ivan Novikov, CEO of Wallarm, to discuss the fundamental shifts in API security. They explore how APIs have evolved from internal tools to the public-facing backbone of mobile apps, IoT, and AI. This change has dramatically expanded the threat surface, making traditional security methods obsolete.Ivan explains why older approaches, like signature-based detection and RegEx, fail against modern attacks. He details Wallarm's unique solution: a real-time decompiler that analyzes the actual payload of API requests. This technique allows for deep inspection of complex and nested data formats, identifying malicious code that standard tools miss.The conversation also looks to the future, examining the security risks posed by the rapid adoption of AI agents. Ivan concludes with a stark comparison between physical and cyber threats. In the digital world, attacks are constant and aggressive. Success depends less on the tools you have and more on who you are and how you use them.Send us a textSupport the show
In this episode of The ROCC Pod, we sit down with Shawn Thornton, founder of Smart Biz IT and former tech leader at Amazon and Ford, to unpack the growing importance of cybersecurity and compliance for small and mid-sized businesses. We open with a real-world horror story—Shawn walks us through how one of his Michigan-based clients was completely taken out by ransomware. Two facilities, thousands of hacked printers, a wiped customer database, destroyed emails, inaccessible websites—no backups, no recovery, over a million dollars in losses. It's a sobering introduction to the stakes of not being prepared.After the wake-up call, we shift to get to know Shawn a bit more personally—his passion for barbecuing, cold smoking cheeses, and his undying loyalty to the Detroit Lions. The conversation is easygoing, but the subject matter stays serious as we transition back to the business of IT and compliance.Shawn breaks compliance down in simple terms—it's about proving that you're protecting your customer and business data. Whether it's strong passwords, verified backups, multi-factor authentication, or employee training, these small habits can be the difference between continuity and catastrophe. He emphasizes that compliance isn't just about avoiding trouble; it can actually become a revenue driver. Companies looking to secure government contracts, enterprise partnerships, or venture funding all need to demonstrate cybersecurity maturity. Compliance is no longer optional—it's a credential.We talk about what Smart Biz IT offers: full-service IT support with a lens focused on compliance. From help desk and cloud backups to risk assessments and documentation, Shawn's firm is helping businesses not only stay safe but grow. He shares another example of a client with a seven-figure deal on the table—except they couldn't move forward without a SOC 2 attestation. Now, with Shawn's help, they're on track to be ready in time.The episode closes with Shawn reflecting on his move into entrepreneurship, the unique value Smart Biz iT brings to the market, and his great experience since joining the Royal Oak Chamber. We also get to learn that his favorite day of the year is NFL's opening Sunday, and fall—complete with smoked meats and fantasy football—is his favorite season.Contact Shawn: https://smartbizit.com/Or call: (248) 206-910000:00 – Ransomware Nightmare: A $1M Recovery00:53 – Introduction to the ROCC Pod01:12 – Meet Shawn Thornton: Tech Pro & BBQ King03:19 – What Is Compliance, Really?04:33 – Why Compliance Matters to Small Businesses06:04 – Common Cybersecurity Mistakes07:49 – Ransomware Case Study: Lessons Learned10:48 – Full-Service IT With a Compliance Focus12:53 – Turning Compliance Into Revenue13:46 – Shawn's Background: From Amazon to Smart Biz iT14:03 – Experience Joining the Chamber15:00 – Favorite Day of the Year: NFL Kickoff Sunday17:10 – Contact Info and Final Thoughts Learn more about the Royal Oak Chamber of Commerce: https://www.royaloakchamber.com/Connect with our hosts:Jon Gay from JAG in Detroit Podcasts - http://www.jagindetroit.com/Lisa Bibbee from Century 21 Northland - http://soldbylisab.com/ Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
In this week's Security Squawk Podcast, Bryan Hornung and Randy Bryan break down two major cybersecurity threats making headlines. First, Bryan covers how artificial intelligence is already supercharging ransomware, making attacks faster, cheaper, and harder to stop. Then Randy dives into the massive ShinyHunters breach that leaked sensitive data from Vietnam's national credit bureau, putting millions at risk worldwide. Tune in for sharp insights, practical advice, and a dose of wit as we connect the dots for business owners, IT professionals, and MSPs. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...
Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit
Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit
Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit
Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit
In the leadership and communications segment, Lack of board access: The No. 1 factor for CISO dissatisfaction, Pressure on CISOs to stay silent about security incidents growing, The Secret to Building a High-Performing Team, and more! Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a gripping conversation about the evolution of executive protection in the digital age. With over 30 years of experience, Chuck shares how targeted violence has shifted from physical threats to online ideation—and why it now starts with a click. From PII abuse to unregulated data brokers, generative AI manipulation, and real-world convergence of cyber and physical risks—this is a must-watch for CISOs, CSOs, CEOs, and anyone navigating modern threat landscapes. Hear real-world examples, including shocking stories of doxxing, AI-fueled radicalization, and the hidden dangers of digital exhaust. Whether you're in cyber, physical security, or executive leadership, this interview lays out the urgent need for converged risk strategies, narrative control, and a new approach to duty of care in a remote-first world. Learn what every security leader needs to do now to protect key personnel, prevent exploitation, and build a unified, proactive risk posture. This segment is sponsored by 360 Privacy. Learn how to integrate privacy and protective intelligence to get ahead of the next threat vector at https://securityweekly.com/360privacybh! In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks. What's happening? Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape. The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover hidden risks before threat actors do. This includes finding hardcoded credentials, leveraging leaked identities, and pivoting across systems just like real adversaries. To learn more about Pentera's proactive Ransomware testing please visit: https://securityweekly.com/penterabh Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-413
Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit
Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit
In the leadership and communications segment, Lack of board access: The No. 1 factor for CISO dissatisfaction, Pressure on CISOs to stay silent about security incidents growing, The Secret to Building a High-Performing Team, and more! Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a gripping conversation about the evolution of executive protection in the digital age. With over 30 years of experience, Chuck shares how targeted violence has shifted from physical threats to online ideation—and why it now starts with a click. From PII abuse to unregulated data brokers, generative AI manipulation, and real-world convergence of cyber and physical risks—this is a must-watch for CISOs, CSOs, CEOs, and anyone navigating modern threat landscapes. Hear real-world examples, including shocking stories of doxxing, AI-fueled radicalization, and the hidden dangers of digital exhaust. Whether you're in cyber, physical security, or executive leadership, this interview lays out the urgent need for converged risk strategies, narrative control, and a new approach to duty of care in a remote-first world. Learn what every security leader needs to do now to protect key personnel, prevent exploitation, and build a unified, proactive risk posture. This segment is sponsored by 360 Privacy. Learn how to integrate privacy and protective intelligence to get ahead of the next threat vector at https://securityweekly.com/360privacybh! In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks. What's happening? Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape. The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover hidden risks before threat actors do. This includes finding hardcoded credentials, leveraging leaked identities, and pivoting across systems just like real adversaries. To learn more about Pentera's proactive Ransomware testing please visit: https://securityweekly.com/penterabh Show Notes: https://securityweekly.com/bsw-413
Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off. Are Bitcoin ATMs anything more than scamming terminals. Ransomware hits the Uvalde school district and Jaguar. Did "Scattered LapSus Hunters" just throw in the towel. Germany, for one, to vote "no" on Chat Control. Russia's new MAX messenger has startup troubles. Samsung follows Apple's WhatsApp patch chain. Shocker: UK school hacks are mostly by students. HackerOne was hacked. Connected washing machines in Amsterdam hacked. DDoS breaks another record. Bluesky to implement conditional age verification. Enforcement actions for Global Privacy Control. Might Apple have finally beaten vulnerabilities Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT vanta.com/SECURITYNOW threatlocker.com for Security Now bitwarden.com/twit Melissa.com/twit
In the leadership and communications segment, Lack of board access: The No. 1 factor for CISO dissatisfaction, Pressure on CISOs to stay silent about security incidents growing, The Secret to Building a High-Performing Team, and more! Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a gripping conversation about the evolution of executive protection in the digital age. With over 30 years of experience, Chuck shares how targeted violence has shifted from physical threats to online ideation—and why it now starts with a click. From PII abuse to unregulated data brokers, generative AI manipulation, and real-world convergence of cyber and physical risks—this is a must-watch for CISOs, CSOs, CEOs, and anyone navigating modern threat landscapes. Hear real-world examples, including shocking stories of doxxing, AI-fueled radicalization, and the hidden dangers of digital exhaust. Whether you're in cyber, physical security, or executive leadership, this interview lays out the urgent need for converged risk strategies, narrative control, and a new approach to duty of care in a remote-first world. Learn what every security leader needs to do now to protect key personnel, prevent exploitation, and build a unified, proactive risk posture. This segment is sponsored by 360 Privacy. Learn how to integrate privacy and protective intelligence to get ahead of the next threat vector at https://securityweekly.com/360privacybh! In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks. What's happening? Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape. The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover hidden risks before threat actors do. This includes finding hardcoded credentials, leveraging leaked identities, and pivoting across systems just like real adversaries. To learn more about Pentera's proactive Ransomware testing please visit: https://securityweekly.com/penterabh Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-413
What does cyberwarfare really look like behind the headlines? This week, Roo sits down with Hayley Benedict, a cyber intelligence analyst at RANE, to explore the evolving world of digital conflict. From hacktivists to disinformation specialists, Hayley shares how nation states, criminals, and ideologically driven groups are blurring lines — and why data theft, disruption, and doubt remain the weapons of choice.
The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast Please share this podcast with someone you know! It helps us grow the podcast and we really appreciate it! Ransomware attack threatens to release art to AI training models https://cybernews.com/ai-news/lunalock-ransomware-attack-against-artists-platform/ https://www.404media.co/hackers-threaten-to-submit-artists-data-to-ai-models-if-art-site-doesnt-pay-up/ University of Oregon punishes student for reporting vulnerability https://www.oregonlive.com/education/2025/09/a-university-of-oregon-student-reported-a-troubling-online-privacy-lapse-the-university-placed-him-under-investigation.html Qantas cancels executive bonuses over online hack https://www.qantasnewsroom.com.au/media-releases/release-of-the-qantas-group-annual-report-and-sustainability-report-2/ https://www.cnbc.com/2024/10/24/microsoft-ceo-nadella-requested-pay-reduction-after-security-incidents.html iPhone 17 release https://appleinsider.com/inside/iphone-17/vs/iphone-17-pro-vs-iphone-16-pro---the-new-top-tier-compared Dad Joke of the Week (DJOW) Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/
The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com
Anthropic support CA AI laws, Albania has a new minister of Corruption and it's AI, A man was convinced by ChatGPT to build a computer to free it, Senator Wyden calls out Microsoft for still allowing RC4 to be used in Ransomware attacks. Cell Phone Recycle, Win 10 update, 2FA, backup to cloud. New HP Laptop, e-Cycle very old laptop, E-cycle and shredding, Win 11 playing DVD on my AIO,
Here's the thing. Connecting thousands of devices is the easy part. Keeping them resilient and secure as you grow is where the real work lives. In this episode, I sit down with Iain Davidson, Senior Product Manager at Wireless Logic, to unpack what happens when connectivity, security, and operations meet in the real world. Wireless Logic connects a new IoT device every 18 seconds, with more than 18 million active subscriptions across 165 countries and partnerships with over 750 mobile networks. That reach brings hard lessons about where projects stall, where breaches begin, and how to build systems that can take a hit without taking your business offline. Iain lays out a simple idea that more teams need to hear. Resilience and security have to scale at the same pace as your device rollouts. He explains why fallback connectivity, private networking, and an IoT-optimised mobile core such as Conexa set the ground rules, but the real differentiator is visibility. If you cannot see what your fleet is doing in near real time, you are guessing. We talk through Wireless Logic's agentless anomaly and threat detection that runs in the mobile core, creating behavioural baselines and flagging malware events, backdoors, and suspicious traffic before small issues become outages. It is an early warning layer for fleets that often live beyond the traditional IT perimeter. We also get honest about risk. Iain shares why one in three breaches now involve an IoT device and why detection can still take months. Ransomware demands grab headlines, but the quiet damage shows up in recovery costs, truck rolls, and trust lost with customers. Then there is compliance. With new rules tightening in Europe and beyond, scaling without protection does not only invite attackers. It can keep you out of the market. Iain's message is clear. Bake security in from day one through defend, detect, react practices, supply chain checks, secure boot and firmware integrity, OTA updates, and the discipline to rehearse incident playbooks so people know what to do when alarms sound. What if you already shipped devices without all of that in place? We cover that too. From migrating SIMs into secure private networks to quarantining suspect endpoints and turning on core-level detection without adding agents, there are practical ways to raise your posture without ripping and replacing hardware. Automation helps, especially at global scale, but people still make the judgment calls. Train your teams, run simulations, and give both humans and digital systems clear rules for when to block, when to escalate, and when to restore from backup. I left this conversation with a simple takeaway. Growth is only real if it is durable. If you are rolling out EV chargers, medical devices, cameras, industrial sensors, or anything that talks to the network, this episode gives you a working playbook for scaling with confidence. Connect with Iain on LinkedIn, explore the IoT security resources at WirelessLogic.com, or reach the team at hello@wirelesslogic.com. ********* Visit the Sponsor of Tech Talks Network: Land your first job in tech in 6 months as a Software QA Engineering Bootcamp with Careerist https://crst.co/OGCLA
Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow
Patch Tuesday. A data leak sheds light on North Korean APT Kimsuky. Apple introduces Memory Integrity Enforcement. Ransomware payments have dropped sharply in the education sector in 2025. A top NCS official warns ICS security lags behind, and a senator calls U.S. cybersecurity a “hellscape”. A Ukrainian national faces federal charges and an $11 million bounty for allegedly running multiple ransomware operations. Our guest is Jake Braun sharing the latest on Project Franklin. WhoFi makes WiFi a new spy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Jake Braun, longtime DEF CON organizer, former White House official, and lead on DEF CON Franklin, sharing the latest on Project Franklin. Selected Reading Two Zero-Days Among Patch Tuesday CVEs This Month (Infosecurity Magazine) Fortinet, Ivanti, Nvidia Release Security Updates (SecurityWeek) ICS Patch Tuesday: Rockwell Automation Leads With 8 Security Advisories (SecurityWeek) SAP 'wins' Patch Tuesday with worse flaws than Microsoft (The Register) Adobe Patches Critical ColdFusion and Commerce Vulnerabilities (SecurityWeek) Data leak sheds light on Kimsuky operations (SC Media) Apple Unveils iPhone Memory Protections to Combat Sophisticated Attacks (SecurityWeek) Learn about ChillyHell, a modular Mac backdoor (jamf) Ransomware Payments Plummet in Education Amid Enhanced Resiliency (Infosecurity Magazine) Critical infrastructure security tech needs to be as good as our smartphones, top NSC cyber official says (CyberScoop) Sen. King: Cyber domain is a ‘hellscape' that will be made worse by cuts (The Record) US indicts alleged ransomware boss tied to $18B in damages (The Register)Jeremy Clarkson's pub has been 'swindled' out of £27,000 by hackers (Manchester Evening News) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow
Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow
Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow
Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow