Podcasts about Ransomware

Steve Gibson and Leo Laporte host a special episode of Security Now live from ThreatLocker's Zero Trust World 2026 in Orlando, Florida. The final frontier of security is internal. Today, we have the tools, techniques and technologies to thwart attacks originating from outside our perimeter. We're now good at protecting our borders. But major high profile breaches occurring over the past several years have revealed that insufficient attention has been given to the security of our internal systems and networks. Today's greatest security weaknesses result from decades of system design, deployment and policy that have placed far too much trust on the conduct of those on the inside, behind our borders. Whether deliberate, inadvertent, or externally penetrating, the greatest challenge we now face is that of designing and deploying our internal security with strict adherence to the principles of least privilege and zero trust. Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: threatlocker.com/twit

Steve Gibson and Leo Laporte host a special episode of Security Now live from ThreatLocker's Zero Trust World 2026 in Orlando, Florida. The final frontier of security is internal. Today, we have the tools, techniques and technologies to thwart attacks originating from outside our perimeter. We're now good at protecting our borders. But major high profile breaches occurring over the past several years have revealed that insufficient attention has been given to the security of our internal systems and networks. Today's greatest security weaknesses result from decades of system design, deployment and policy that have placed far too much trust on the conduct of those on the inside, behind our borders. Whether deliberate, inadvertent, or externally penetrating, the greatest challenge we now face is that of designing and deploying our internal security with strict adherence to the principles of least privilege and zero trust. Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: threatlocker.com/twit

Steve Gibson and Leo Laporte host a special episode of Security Now live from ThreatLocker's Zero Trust World 2026 in Orlando, Florida. The final frontier of security is internal. Today, we have the tools, techniques and technologies to thwart attacks originating from outside our perimeter. We're now good at protecting our borders. But major high profile breaches occurring over the past several years have revealed that insufficient attention has been given to the security of our internal systems and networks. Today's greatest security weaknesses result from decades of system design, deployment and policy that have placed far too much trust on the conduct of those on the inside, behind our borders. Whether deliberate, inadvertent, or externally penetrating, the greatest challenge we now face is that of designing and deploying our internal security with strict adherence to the principles of least privilege and zero trust. Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: threatlocker.com/twit

Steve Gibson and Leo Laporte host a special episode of Security Now live from ThreatLocker's Zero Trust World 2026 in Orlando, Florida. The final frontier of security is internal. Today, we have the tools, techniques and technologies to thwart attacks originating from outside our perimeter. We're now good at protecting our borders. But major high profile breaches occurring over the past several years have revealed that insufficient attention has been given to the security of our internal systems and networks. Today's greatest security weaknesses result from decades of system design, deployment and policy that have placed far too much trust on the conduct of those on the inside, behind our borders. Whether deliberate, inadvertent, or externally penetrating, the greatest challenge we now face is that of designing and deploying our internal security with strict adherence to the principles of least privilege and zero trust. Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: threatlocker.com/twit

Steve Gibson and Leo Laporte host a special episode of Security Now live from ThreatLocker's Zero Trust World 2026 in Orlando, Florida. The final frontier of security is internal. Today, we have the tools, techniques and technologies to thwart attacks originating from outside our perimeter. We're now good at protecting our borders. But major high profile breaches occurring over the past several years have revealed that insufficient attention has been given to the security of our internal systems and networks. Today's greatest security weaknesses result from decades of system design, deployment and policy that have placed far too much trust on the conduct of those on the inside, behind our borders. Whether deliberate, inadvertent, or externally penetrating, the greatest challenge we now face is that of designing and deploying our internal security with strict adherence to the principles of least privilege and zero trust. Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: threatlocker.com/twit

Steve Gibson and Leo Laporte host a special episode of Security Now live from ThreatLocker's Zero Trust World 2026 in Orlando, Florida. The final frontier of security is internal. Today, we have the tools, techniques and technologies to thwart attacks originating from outside our perimeter. We're now good at protecting our borders. But major high profile breaches occurring over the past several years have revealed that insufficient attention has been given to the security of our internal systems and networks. Today's greatest security weaknesses result from decades of system design, deployment and policy that have placed far too much trust on the conduct of those on the inside, behind our borders. Whether deliberate, inadvertent, or externally penetrating, the greatest challenge we now face is that of designing and deploying our internal security with strict adherence to the principles of least privilege and zero trust. Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsor: threatlocker.com/twit

Beazley's Head of U.S. Cyber, Melissa Carmichael, breaks down the mounting pressures in the 2026 cyber insurance market and explains how insurers are balancing profitability, coverage, and emerging … Read More » The post AI Is Supercharging Ransomware. Is Cyber Insurance at Risk? appeared first on Insurance Journal TV.

Beazley's Head of U.S. Cyber, Melissa Carmichael, breaks down the mounting pressures in the 2026 cyber insurance market and explains how insurers are balancing profitability, coverage, and emerging … Read More » The post AI Is Supercharging Ransomware. Is Cyber Insurance at Risk? appeared first on Insurance Journal TV.

Beazley's Head of U.S. Cyber, Melissa Carmichael, breaks down the mounting pressures in the 2026 cyber insurance market and explains how insurers are balancing profitability, coverage, and emerging … Read More » The post AI Is Supercharging Ransomware. Is Cyber Insurance at Risk? appeared first on Insurance Journal TV.

(Presented by TLPBLACK: High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help defenders detect, hunt, and disrupt threats faster, with seamless integration into SIEM and SOAR workflows.) Huntress threat intelligence analyst Greg Linares shares insights on the modern ransomware ecosystem, including how crews operate like businesses and why Akira, Medusa, RansomHub, and Qilin cause so much damage. Plus, signs of overlap between ransomware and nation-state activity, what “time to ransom” really means for defenders, and why techniques like ClickFix and credential theft keep working at scale. The conversation also covers the surge in RMM tool abuse, how “living off the land” attacks can unfold without traditional malware, and the basic defenses smaller organizations can prioritize.

This week's Security Squawk episode isn't about phishing. It's about structural weakness. Three separate incidents. Three different industries. One uncomfortable pattern: the systems organizations trust most are expanding risk quietly — and in some cases, architecturally. First, a lawsuit that should make every board member pay attention. Marquis Software Solutions, a fintech serving 74 U.S. banks, is suing SonicWall. The allegation centers on SonicWall's cloud backup system, where firewall configuration backups were allegedly accessible and contained credentials — including MFA scratch codes. Those backups were reportedly used to compromise Marquis, leading to a ransomware incident and downstream exposure. What began as a scoped 5% customer exposure was later reported as potentially impacting all customers. This is not a misconfigured endpoint. This is a control-plane failure. For CEOs, this reframes vendor risk. It's no longer a questionnaire exercise. It's a litigation vector. If a security provider's design exposes authentication artifacts, your internal diligence may not matter. The liability chain now includes vendors and MSPs in a very direct way. For IT Directors, the operational question is simple: what exactly is inside your firewall backups? Are reusable authentication artifacts stored? Who can access vendor-hosted exports? If attackers obtain your configuration backups, can they replay your defenses? For MSPs, the exposure is real. If you manage firewall exports or MFA deployments, you are part of the architecture. And potentially part of the courtroom. Then we shift to UFP Technologies, a medical device manufacturer. Intrusion detected. Billing and shipping label systems disrupted. Data stolen or destroyed. Insurance expected to offset financial impact. But this isn't primarily a data story. Attackers disrupted order-to-cash and fulfillment velocity. In healthcare supply chains, slowing billing and labeling can create immediate executive escalation without touching the factory floor. Modern ransomware groups increasingly target business process choke points — ERP, labeling, scheduling — because leverage doesn't require full encryption anymore. For CEOs, “no material impact expected” is accounting language. Customers measure impact in delayed shipments. For IT leaders, the question becomes operational: can billing, labeling, and fulfillment functions recover independently? Are those systems segmented? Tested? Immutable? For risk managers and insurers, this represents a shift in underwriting focus — from endpoints to process resilience. Finally, the University of Hawaiʻi Cancer Center ransomware incident. Roughly 87,000 study participants directly impacted. But historical datasets, including Social Security numbers collected from driver's license and voter registration data dating back to 1998, expanded potential exposure to nearly 1.2 million individuals. They engaged the threat actors. They received a decryptor. They received “assurances” that data was destroyed. That's not verification. That's negotiation. The uncomfortable truth: legacy identity data becomes modern ransom currency. Research environments often have weaker governance than clinical systems, yet they can contain decades of sensitive identifiers. For boards, the issue isn't just security posture. It's data retention discipline. What obsolete identity data are you still holding? Why? For how long? And who owns the risk? Across these stories, three themes emerge: Control-plane trust is fragile. Operational choke points are the new leverage strategy. Data retention is compounded liability. Cybersecurity is no longer just about stopping intrusion. It's about architectural accountability and governance maturity. If you value independent, executive-level analysis without vendor spin, support the show at: buymeacoffee.com/securitysquawk The real question is this: Are your greatest cyber risks coming from external attackers — or from design decisions you haven't revisited in years?

Join this episode of DM Radio as Eric Kavanagh interviews Eric Herzog of Infinidat as he explains why cyber storage resilience is critical as ransomware attacks surge. Learn more how real-time data cleansing protects sales performance and email deliverability with Jason Gladu of Convertr. They are joined by Matt DeLauro from SEON, who explores AI-driven fraud detection and AML in a world of increasingly sophisticated financial crime.

The AI revolution isn't coming—it's already here, and it's systematically breaking legacy email security as we know it. In this episode of Born in Silicon Valley, Alan LeFort, Co-Founder and CEO of StrongestLayer, reveals exactly why pattern-matching defenses are failing against AI-generated attacks and how his team is engineering reasoning-based detection to secure the future of enterprise communication. Alan brings over 25 years of experience scaling products at tech giants like Proofpoint, McAfee, and Intel. We dive into the critical pivot from large corporate life to startup innovation, exploring why true disruption requires a 10X leap in performance, not just incremental improvement. We also unpack the reality of the cybersecurity landscape: what hackers are really after, why AI is the ultimate double-edged sword, and how StrongestLayer is building the third generation of email security specifically for the AI era. Chapters 00:00 Introduction to Alan LeFort and StrongLayer 03:01 Alan's Unique Career Journey 06:13 The Decision to Join a Startup 07:52 The Role of Age in Startup Leadership 09:44 AI's Impact on Business and Email Security 13:12 The Challenges of Email Security 16:10 Disrupting Existing Categories in Sales 19:29 Key Metrics for Email Security Success 19:55 Common Threats in Email Security 21:57 Advice for Employees on Email Security 24:47 AI and Data Privacy in Security 27:32 StrongLayer's Growth and Future Plans 29:30 Navigating Change Management in Growth 32:31 The Future of Email Security 35:38 Dealing with Ransomware and Cyber Threats 38:12 Preparing for AI-Driven Attacks 39:34 Building a Strong Team for Growth 43:55 Identifying Key Roles for Success Host: Jake Aaron Villarreal leads the top AI recruitment firm in Silicon Valley, www.matchrelevant.com, uncovering stories of funded startups and going behind the scenes to tell their founders' journeys. If you are growing an AI startup or have a great story to tell, email us at: jake.villarreal@matchrelevant.com

Parce que… c'est l'épisode 0x716! Shameless plug 31 mars au 2 avril 2026 - Forum INCYBER - Europe 2026 14 au 17 avril 2026 - Botconf 2026 20 au 22 avril 2026 - ITSec Code rabais de 15%: Seqcure15 28 et 29 avril 2026 - Cybereco Cyberconférence 2026 9 au 17 mai 2026 - NorthSec 2026 3 au 5 juin 2026 - SSTIC 2026 19 septembre 2026 - Bsides Montréal 1 au 3 décembre 2026 - Forum INCYBER - Canada 2026 24 et 25 février 2027 - SéQCure 2027 Notes IA Confrontation DoW et Anthropic Anthropic digs in heels in dispute with Pentagon, source says Anthropic to Pentagon: Robo-weapons could hurt US troops Anthropic CEO says it cannot ‘accede' to Pentagon's demands for AI use Sam Altman says OpenAI shares Anthropic's red lines in Pentagon fight Trump admin blacklists Anthropic; AI firm refuses Pentagon demands Our agreement with the Department of War Statement on the comments from Secretary of War Pete Hegseth Anthropic Folie d'utilisation du IA Kevin Beaumont: “The incredible thing about thi…” - Cyberplace Tech Firms Aren't Just Encouraging Their Workers To Use AI. They're Enforcing It. Kevin Beaumont: “Accenture are firing people wh…” - Cyberplace Le grand remplacement IBM Shares Crater 13% After Anthropic Says Claude Code Can Tackle COBOL Modernization Infosec community panics over Anthropic Claude Code Security Long Before Tech CEOs Turned To Layoffs To Cover AI Expenses, There Was WorldCom Microsoft execs worry AI will eat entry level coding jobs AI gets good at finding bugs, not as good at fixing them Rapid AI-driven development makes security unattainable Claude Code Security Shows Promise, Not Perfection OpenClaw Google Antigravity falls to Earth under compute burden Malicious OpenClaw Skills Used to Trick Users into Manual Password Entry for AMOS Infection A Meta AI security researcher said an OpenClaw agent ran amok on her inbox The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web Sandboxes Won't Save You From OpenClaw This AI Agent Is Designed to Not Go Rogue AWS says 600+ FortiGate firewalls hit in AI-augmented attack Why the EU's AI Act is about to become every enterprise's biggest compliance challenge Detecting and preventing distillation attacks Anthropic Is AI Good for Democracy? Identity-First AI Security: Why CISOs Must Add Intent to the Equation Microsoft adds Copilot data controls to all storage locations AI models suck slightly less at math than they did last year Canadian government demands safety changes from OpenAI WA drivers reeling after passengers caught out by AI-powered safety cameras Souveraineté ou tout ce que je peux faire sur mon terrain Sovereignty in a System Prompt - POP RDI; RET; Danish government agency to ditch Microsoft software in push for digital independence US orders diplomats to fight data sovereignty initiatives Privacy ou tout ce qui devrait rester à la maison Enough Is Enough Five security lessons from the FBI's Washington Post raid Banning children from VPNs and social media will erode adults' privacy EU lawmakers propose that youth under 16 be barred from social media without parental consent Instagram to start alerting parents when children search for terms relating to self-harm Red ou tout ce qui est brisé Ransomware gangs advancing Moscow's geopolitical aims, Romanian cyber chief warns Android mental health apps with 14.7M installs filled with security flaws Discord pushes back age verification debut to 2H'26 Ransomware payment rate drops to record low as attacks surge Blue ou tout ce qui améliore notre posture Identity Prioritization isn't a Backlog Problem - It's a Risk Math Problem Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool The Case for Why Better Breach Transparency Matters Some Linux LTS Kernels Will Be Supported Even Longer, Announces Greg Kroah-Hartman Collaborateurs Nicolas-Loïc Fortin Crédits Montage par Intrasecure inc Locaux réels par Intrasecure inc

AI is happening so fast, Ransomware attacks increasing but payments going down, AI's ability to write Cobol tanks IBM stock, Bumper Music, My Network interface seems to have broken DNS,

Five Eyes flags active exploitation of Cisco SD-WAN flaws. Ransomware incidents surge, but fewer victims are paying. The FTC eases its stance on COPPA to encourage age verification. Authorities in Poland and Germany charge 11 in a Facebook credential harvesting scheme. Top UK news outlets unite on AI licensing standards, as the UK touts gains in cyber resilience. Researchers say a hacker abused Anthropic's Claude to breach Mexican government networks. Gamers revolt over AI in game development. On our Industry Voices, we are joined by Linda Gray Martin, Chief of Staff and SVP, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2026. In Moscow, a man is accused of impersonating an FSB officer to shake down the Conti ransomware gang.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on our Industry Voices, we are joined by Linda Gray Martin, Chief of Staff and SVP, and Britta Glade, SVP of Content and Communities, from RSAC sharing what is new at RSAC 2026. Selected Reading Cisco SD-WAN Is Actively Exploited by UAT-8616, Five Eyes Alliance Agencies Issue Warning (TechNadu) Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis (The Record) FTC Softens Enforcement of Rule Protecting Children Online, Ostensibly to Protect Children Online (Gizmodo) Poland Cybercrime Unit Uncovers Scheme Stealing 100,000 Facebook Logins (The 420) UK news giants form 'NATO for news' group to control AI scraping (Press Gazette) Government cuts cyber-attack fix times by 84% and launches new profession to protect public services (GOV.UK) Hacker Used Anthropic's Claude to Steal Sensitive Mexican Data (Bloomberg) AI Mistakes Are Infuriating Gamers as Developers Seek Savings (Bloomberg) Moscow man accused of posing as FSB officer to extort Conti ransomware gang (The Record) AIs can't stop recommending nuclear strikes in war game simulations (New Scientist) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

ETH Zurich's deep-dive into the world's top password managers exposes how feature overload and legacy design obscure real security flaws, forcing a rethink of what "zero knowledge" actually means for your vault. Learn why recent fixes matter—and why open source may be your safest bet. CA's warn us to urgently prepare for the inevitable. Three U.S. states attempt to ban 3D printed firearms. Denied ransom, ShinyHunters leaks 967,000 personal details. "Billions" of U.S. social security numbers leaked. Is Apple planning to add cameras to three new gadgets. No more security fixes for Firefox on Windows 7 & 8. Russia blocks the official Linux kernel site they need. Will the U.S."freedom.gov" site post EU blocked content. LLM's will offer secure passwords. Do Not Use Them. As predicted, the "ClickFix" attack strategy takes over. A listener believes his computer is compromised. How could three popular password managers get things wrong. Show Notes - https://www.grc.com/sn/SN-1066-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com bitwarden.com/twit zscaler.com/security hoxhunt.com/securitynow material.security

ETH Zurich's deep-dive into the world's top password managers exposes how feature overload and legacy design obscure real security flaws, forcing a rethink of what "zero knowledge" actually means for your vault. Learn why recent fixes matter—and why open source may be your safest bet. CA's warn us to urgently prepare for the inevitable. Three U.S. states attempt to ban 3D printed firearms. Denied ransom, ShinyHunters leaks 967,000 personal details. "Billions" of U.S. social security numbers leaked. Is Apple planning to add cameras to three new gadgets. No more security fixes for Firefox on Windows 7 & 8. Russia blocks the official Linux kernel site they need. Will the U.S."freedom.gov" site post EU blocked content. LLM's will offer secure passwords. Do Not Use Them. As predicted, the "ClickFix" attack strategy takes over. A listener believes his computer is compromised. How could three popular password managers get things wrong. Show Notes - https://www.grc.com/sn/SN-1066-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com bitwarden.com/twit zscaler.com/security hoxhunt.com/securitynow material.security

ETH Zurich's deep-dive into the world's top password managers exposes how feature overload and legacy design obscure real security flaws, forcing a rethink of what "zero knowledge" actually means for your vault. Learn why recent fixes matter—and why open source may be your safest bet. CA's warn us to urgently prepare for the inevitable. Three U.S. states attempt to ban 3D printed firearms. Denied ransom, ShinyHunters leaks 967,000 personal details. "Billions" of U.S. social security numbers leaked. Is Apple planning to add cameras to three new gadgets. No more security fixes for Firefox on Windows 7 & 8. Russia blocks the official Linux kernel site they need. Will the U.S."freedom.gov" site post EU blocked content. LLM's will offer secure passwords. Do Not Use Them. As predicted, the "ClickFix" attack strategy takes over. A listener believes his computer is compromised. How could three popular password managers get things wrong. Show Notes - https://www.grc.com/sn/SN-1066-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com bitwarden.com/twit zscaler.com/security hoxhunt.com/securitynow material.security

ETH Zurich's deep-dive into the world's top password managers exposes how feature overload and legacy design obscure real security flaws, forcing a rethink of what "zero knowledge" actually means for your vault. Learn why recent fixes matter—and why open source may be your safest bet. CA's warn us to urgently prepare for the inevitable. Three U.S. states attempt to ban 3D printed firearms. Denied ransom, ShinyHunters leaks 967,000 personal details. "Billions" of U.S. social security numbers leaked. Is Apple planning to add cameras to three new gadgets. No more security fixes for Firefox on Windows 7 & 8. Russia blocks the official Linux kernel site they need. Will the U.S."freedom.gov" site post EU blocked content. LLM's will offer secure passwords. Do Not Use Them. As predicted, the "ClickFix" attack strategy takes over. A listener believes his computer is compromised. How could three popular password managers get things wrong. Show Notes - https://www.grc.com/sn/SN-1066-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com bitwarden.com/twit zscaler.com/security hoxhunt.com/securitynow material.security

ETH Zurich's deep-dive into the world's top password managers exposes how feature overload and legacy design obscure real security flaws, forcing a rethink of what "zero knowledge" actually means for your vault. Learn why recent fixes matter—and why open source may be your safest bet. CA's warn us to urgently prepare for the inevitable. Three U.S. states attempt to ban 3D printed firearms. Denied ransom, ShinyHunters leaks 967,000 personal details. "Billions" of U.S. social security numbers leaked. Is Apple planning to add cameras to three new gadgets. No more security fixes for Firefox on Windows 7 & 8. Russia blocks the official Linux kernel site they need. Will the U.S."freedom.gov" site post EU blocked content. LLM's will offer secure passwords. Do Not Use Them. As predicted, the "ClickFix" attack strategy takes over. A listener believes his computer is compromised. How could three popular password managers get things wrong. Show Notes - https://www.grc.com/sn/SN-1066-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com bitwarden.com/twit zscaler.com/security hoxhunt.com/securitynow material.security

ETH Zurich's deep-dive into the world's top password managers exposes how feature overload and legacy design obscure real security flaws, forcing a rethink of what "zero knowledge" actually means for your vault. Learn why recent fixes matter—and why open source may be your safest bet. CA's warn us to urgently prepare for the inevitable. Three U.S. states attempt to ban 3D printed firearms. Denied ransom, ShinyHunters leaks 967,000 personal details. "Billions" of U.S. social security numbers leaked. Is Apple planning to add cameras to three new gadgets. No more security fixes for Firefox on Windows 7 & 8. Russia blocks the official Linux kernel site they need. Will the U.S."freedom.gov" site post EU blocked content. LLM's will offer secure passwords. Do Not Use Them. As predicted, the "ClickFix" attack strategy takes over. A listener believes his computer is compromised. How could three popular password managers get things wrong. Show Notes - https://www.grc.com/sn/SN-1066-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com bitwarden.com/twit zscaler.com/security hoxhunt.com/securitynow material.security

When David Koopmans' IT manager started sending strange messages to employees, David knew something was wrong. By then, threat actors had been inside his network for 30 days.What followed was a ransomware nightmare that cost $14 million, put David in the hospital, and ended with him being let go—despite years of warning leadership they needed to invest in security.In this episode, we follow David's story from chaos to recovery, with expert context from Fortinet's incident response team on what actually happens when the call comes in (spoiler: it's always Friday afternoon), the critical mistakes that make attacks worse, and why 30 minutes a week of preparation could be the difference between survival and catastrophe.Key Takeaways:Why "we're not a target" is the most dangerous assumption in securitThe common mistake that lets attackers hit you twiceHow tabletop exercises helped one company respond to a near-identical real incidentThe 30-minute weekly habit that separates prepared teams from overwhelmed onesFeaturing: David Koopmans (CIO, MMT Ambulance), Josh Brewer (Softchoice), John Simmons (FortiGuard IR Lead, Americas), John Hollenberger (FortiGuard Proactive Lead)====This episode is brought to you by FortinetWhen a cyber incident hits, the difference between chaos and recovery comes down to preparation. Learn how FortiGuard Incident Response Services can help your team respond faster and recover stronger at softchoice.com/fortinet====Resources• FortiGuard Incident Response Services: softchoice.com/fortinet• Book: "Cybersecurity Tabletop Exercises: From Planning to Execution" by John Hollenberger (No Starch Press, October 2024)The Catalyst by Softchoice is the podcast dedicated to exploring the intersection of humans and technology.

ETH Zurich's deep-dive into the world's top password managers exposes how feature overload and legacy design obscure real security flaws, forcing a rethink of what "zero knowledge" actually means for your vault. Learn why recent fixes matter—and why open source may be your safest bet. CA's warn us to urgently prepare for the inevitable. Three U.S. states attempt to ban 3D printed firearms. Denied ransom, ShinyHunters leaks 967,000 personal details. "Billions" of U.S. social security numbers leaked. Is Apple planning to add cameras to three new gadgets. No more security fixes for Firefox on Windows 7 & 8. Russia blocks the official Linux kernel site they need. Will the U.S."freedom.gov" site post EU blocked content. LLM's will offer secure passwords. Do Not Use Them. As predicted, the "ClickFix" attack strategy takes over. A listener believes his computer is compromised. How could three popular password managers get things wrong. Show Notes - https://www.grc.com/sn/SN-1066-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com bitwarden.com/twit zscaler.com/security hoxhunt.com/securitynow material.security

What makes a great lawyer in a cyber incident response? This is a key question that I explored during part 2 of our podcast with Professor Ciaran Martin, a world leading cyber thought leader. The questions challenged Ciaran but he answered it succinctly as “one do and one don't”. The best incident leaders loosen control (the “do”), rather than tighten it (the “don't”). A damaging instinct in a crisis (often driven by impractical lawyering) is locking everything down and keeping help out for fear of liability. In practice, faster recovery usually comes from working openly with the broader cyber response community. Most people genuinely want to help. Here were my other favourite pieces of wisdom shared by Ciaran coming out of the discussion. 1. The “pyramid of liability” has inverted. When something goes wrong, we still reach for the easiest explanation – i.e. “someone clicked the link”. That's comforting, but it misses the point. Most incidents are really about upstream failures — poor software design, weak procurement choices, and a lack of accountability for vendors and platforms. Blaming frontline users (including our corporates) just ignores the real source. 2. Transparency after an incident doesn't destroy trust, but builds it. There's a strong instinct (again, I'm sorry, but often driven by legal) to say as little as possible. But if you actually look at major incidents over time, the organisations that were sensibly open about what happened and what failed didn't suffer lasting reputational or commercial damage. If anything, they earned goodwill — from regulators, peers and the broader ecosystem. The "what" are questions of fact and are often not protected by privilege anyway. 3. Cyber planning breaks down when it obsesses over data and ignores continuity. There are numerous examples in the healthcare space. Legal duties pushed decision‑makers to prioritise protecting data over keeping life‑saving services running. That's a structural flaw. In some crises, loss of service is far more harmful than loss of data — yet our frameworks don't always reflect that. 4. Along this line, operational outages are more dangerous than data breaches — and we're not ready for them. When ports, airlines or hospitals go down, the economic and social impact is immediate and severe. These aren't just “bigger data breaches”; they're a different category of risk altogether. Australia hasn't yet experienced one at scale, but when it does, the shock will be national. It's certainly my biggest fear. 5. Ransomware only works if we treat threats as credible. Data extortion relies on panic and amplification. Australia's experience shows that when institutions, media and law enforcement refuse to play along — and don't amplify stolen data — attackers lose leverage, even if data technically leaks. The economics of the cyber criminal model collapse surprisingly quickly. There's loads more in the full podcast (~20 minutes). Definitely worth a save and watching or listening on your commute to/from work. This is cross examining Professor Ciaran Martin – Part 2. Here we go…

ETH Zurich's deep-dive into the world's top password managers exposes how feature overload and legacy design obscure real security flaws, forcing a rethink of what "zero knowledge" actually means for your vault. Learn why recent fixes matter—and why open source may be your safest bet. CA's warn us to urgently prepare for the inevitable. Three U.S. states attempt to ban 3D printed firearms. Denied ransom, ShinyHunters leaks 967,000 personal details. "Billions" of U.S. social security numbers leaked. Is Apple planning to add cameras to three new gadgets. No more security fixes for Firefox on Windows 7 & 8. Russia blocks the official Linux kernel site they need. Will the U.S."freedom.gov" site post EU blocked content. LLM's will offer secure passwords. Do Not Use Them. As predicted, the "ClickFix" attack strategy takes over. A listener believes his computer is compromised. How could three popular password managers get things wrong. Show Notes - https://www.grc.com/sn/SN-1066-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com bitwarden.com/twit zscaler.com/security hoxhunt.com/securitynow material.security

In this episode of The Virtual CISO Moment, Greg Schaffer sits down with Chris Kimpland, CEO of Velocity Incident Response, a service-disabled veteran-owned firm specializing in digital forensics and incident response A former U.S. Army combat engineer, Chris has led hundreds of ransomware negotiations and brings a candid, frontline perspective to what unfolds during an active breach. He shares why negotiation is often more business than emotion, what “proof of life” means in a data extortion case, and how organizations navigate the hardest decision of all — whether to pay.This episode delivers a concise, real-world look at crisis leadership when minutes matter and stakes are high.

Hospital Shutdown, Ransomware Surge, Fortinet Failures A hospital doesn't cancel chemotherapy appointments because of a “technical issue.” They cancel them because they've lost operational control. This week, the University of Mississippi Medical Center shut down its entire network after a ransomware attack disrupted systems — including Epic. Clinics closed. Elective procedures paused. Outpatient services halted. Emergency operations activated. Leadership described the shutdown as precautionary. But here's the real question executives should be asking: Why was a full network shutdown necessary? If segmentation is validated… If identity governance is enforced… If lateral movement detection is operationalized… Why does the only safe option become “turn it all off”? In this episode of Security Squawk, we break down what this incident signals about containment confidence, governance maturity, and operational resilience — not just in healthcare, but across every industry that depends on uptime. And we zoom out. Because UMMC isn't happening in isolation. According to TechRadar, ransomware groups have reached an all-time high in 2025. The victim growth rate has doubled. Qilin and other affiliate-driven operators are scaling aggressively. This isn't random chaos. It's industrialization. More fragmentation. More specialization. More execution discipline on the criminal side. Healthcare, public sector, and critical infrastructure are being economically targeted because downtime equals leverage. When systems go dark, negotiation pressure spikes. Then we connect it to something many leaders are still underestimating: Fortinet exploitation patterns. Edge vulnerabilities. VPN credential harvesting. Reinfection cycles months after patches were released. The vulnerability itself isn't the story. The response maturity is. Attackers are repeatedly probing whether organizations: – Patch fast enough – Rotate exposed credentials – Reset trust boundaries after compromise – Validate segmentation integrity – Rebuild identity confidence When those governance steps are skipped, attackers come back. That's not a tooling failure. That's a leadership failure. This episode translates three headlines into one hard truth: Ransomware is no longer just a malware problem. It's a containment confidence problem. For CEOs: If you cannot isolate an intrusion without shutting down revenue operations, your resilience model is fragile. For IT Directors: Active Directory recovery is not a restore-from-backup event. It's a trust re-establishment event. For MSPs: Client environments are operating in a denser criminal ecosystem. Tool stacking without maturity validation will not scale. For Risk Leaders: Financial exposure is no longer limited to ransom. Revenue interruption, regulatory scrutiny, and reputational damage compound quickly — especially in healthcare. We also discuss: • Why attacker communication often signals a second phase • Why affiliate ransomware models are accelerating • Why segmentation validation will become a board-level metric • Why detection speed does not equal governance strength Security Squawk exists to translate cybersecurity chaos into business reality — without vendor spin and without hype. If you value that kind of analysis and want to support independent, executive-focused cybersecurity conversations, you can back the show at: buymeacoffee.com/securitysquawk Your support helps us keep this live, timely, and unfiltered. Because criminals are already running maturity audits. And they invoice in operational shutdown. The question is simple: If it happened to you tomorrow, could you contain it — or would you turn the lights off?

Ransomware as a service has turned cybercrime into a franchise business — and in this episode, Dr. Mike Saylor and I break down exactly how it works, who's buying, and why the buyer might end up as the patsy.If you thought ransomware was just a lone hacker writing code in a basement, this episode is going to change how you think about it. Ransomware as a service means that today, literally anyone — no technical skills required — can pay someone to launch a ransomware attack on their behalf. You hand over the money, tell them what you want, and sit back and watch your crypto wallet. That's it. No portal. No dashboard. No login. Just a chat on the dark web through the TOR network and a prayer that they actually do what you paid for.Dr. Mike Saylor walks us through the full criminal ecosystem — from the initial access brokers who collect and sell validated email addresses, to the botnet operators who rent out millions of compromised computers by the hour, to the affiliate programs that tie it all together. We cover the franchise model, the "no honor among thieves" reality of these transactions, and why the person who buys into ransomware as a service might just end up as law enforcement's fall guy.This is one of those episodes where the more you learn, the more you realize how much the threat picture has changed — and why your backups are more important than ever.Chapters:00:00:00 - Episode Intro00:01:17 - Introductions & Welcome00:03:25 - Setting the Stage: CryptoLocker and the Birth of a Criminal Industry00:07:17 - Defining Ransomware as a Service: The Franchise Model00:10:36 - The Amazon/AWS Analogy and How Botnets Power the Attacks00:17:10 - No Portal, No Dashboard: How Dark Web Transactions Actually Work00:19:17 - Why Do RaaS Operators Offer the Service? The Lottery Ticket Theory00:21:59 - The Affiliate Model: How the Criminal Ecosystem Specializes00:26:33 - How Many RaaS Groups Exist — and Who's Buying?00:29:36 - RaaS as Subterfuge: The Conti Group and the Costa Rica Attack00:30:49 - Who Are These Criminals, Really?

Report: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thedfirreport.com/2026/02/23/apache-activemq-exploit-leads-to-lockbit-ransomware/Contact Us: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thedfirreport.com/contact/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

How do I know if the software I'm installing is legit? Crims created a fake RMM tool to gain access to business networks, Ransomware attacks, Why is Cloudflare blocking me? Security Cam Talk, AI Generated passwords, Want's to remote into PC for Quickbooks work.

How do I know if the software I'm installing is legit? Crims created a fake RMM tool to gain access to business networks, Ransomware attacks, Why is Cloudflare blocking me? Security Cam Talk, AI Generated passwords, Want's to remote into PC for Quickbooks work.

The Krewe wraps up Season 6 with an episode looking back at the highs, the lows, & what's to come! Join Doug & Jenn for listener feedback and behind-the-scenes stories as they put a bow on the 6th chapter of KOJ Podcast! ------ About the Krewe ------ The Krewe of Japan Podcast is a weekly episodic podcast sponsored by the Japan Society of New Orleans. Check them out every Friday afternoon around noon CST on Apple, Google, Spotify, Amazon, Stitcher, or wherever you get your podcasts.  Want to share your experiences with the Krewe? Or perhaps you have ideas for episodes, feedback, comments, or questions? Let the Krewe know by e-mail at kreweofjapanpodcast@gmail.com or on social media (Twitter: @kreweofjapan, Instagram: @kreweofjapanpodcast, Facebook: Krewe of Japan Podcast Page, TikTok: @kreweofjapanpodcast, LinkedIn: Krewe of Japan LinkedIn Page, Blue Sky Social: @kreweofjapan.bsky.social, Threads: @kreweofjapanpodcast & the Krewe of Japan Youtube Channel). Until next time, enjoy! ------ Support the Krewe! Offer Links for Affiliates ------ Use the referral links below & our promo code from the episode! Support your favorite NFL Team AND podcast! Shop NFLShop to gear up for football season! Zencastr Offer Link - Use my special link to save 30% off your 1st month of any Zencastr paid plan!  ------ JSNO Upcoming Events ------ JSNO Event Calendar Join JSNO Today!

Dutch authorities warn Russia is escalating hybrid operations across Europe. Ransomware shuts down the University of Mississippi Medical Center. PayPal notifies customers of a data breach. The FBI says ATM jackpotting is on the rise. An FBI confidential informant had a hand in online fentanyl sales. TrustConnect malware masquerades as a legitimate remote monitoring and management tool. Researchers uncover the first Android malware to integrate generative AI. A critical zero-day hits Grandstream VOIP phones. The IRS slashes IT staff and technology executives. Our guest is James Turgal, a 22-year FBI vet and VP of global cyber risk and board relations at Optiv, discussing the latest wave of tax scams and IRS fraud. DOGE dudes deliver DEI deathblows. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by James Turgal, a 22-year FBI vet and VP of global cyber risk and board relations at Optiv, discussing the latest wave of tax scams and IRS fraud. Selected Reading Russia stepping up hybrid attacks, preparing for long standoff with West, Dutch intelligence warns (The Record) University of Mississippi Medical Center Suffers Cyberattack, Closes All Clinics, Cancels Services (Mississippi Free Press) PayPal discloses data breach that exposed user info for 6 months (Bleeping Computer) FBI: Over $20 million stolen in surge of ATM malware attacks in 2025 (Bleeping Computer) An FBI ‘Asset' Helped Run a Dark Web Site That Sold Fentanyl-Laced Drugs for Years (WIRED) (Don't) TrustConnect: It's a RAT in an RMM hat (Proofpoint US) PromptSpy ushers in the era of Android threats using GenAI (We Live Security) CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED) (Rapid 7) DOGE bites taxman (The Register) DOGE Bro's Grant Review Process Was Literally Just Asking ChatGPT ‘Is This DEI?' (Techdirt) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Comment on this episode by going to KDramaChat.com Today, we'll be discussing Episode 13 of Start-Up, the hit K Drama on Netflix starring Bae Suzy as Seo Dal-mi, Nam Joo Hyuk as Nam Do San, Kim Seon Ho as Han Ji Pyeong, Kang Han Na as Won In Jae, and Kim Hae Sook as Choi Won Deok. We discuss: The songs we featured during the recap: Dream by Jamie, Ransomware by Kim Dong Hyeok, Remind by Park Sejun Joanna's epic night at the TWICE concert at Capital One Arena — 21,000 fans, multi-generational crowds, and how “Takedown” from KPop Demon Hunters is bringing TWICE to new audiences in the U.S. The meaning of the episode title “Comfort Zone” and how it perfectly captures Han Ji Pyeong's three-year stalemate with Seo Dal Mi. Ji Pyeong's awkward confession while making skewers, why saying “I want to be the first person you think of” wasn't quite enough, and whether jewelry is a bold romantic move or a panicked leap out of the friend zone. Yeong Sil's iconic baseball analogy — “Two outs in the bottom of the ninth and a full count” — and why it may be the motivational speech Ji Pyeong needed to finally swing the bat. Nam Do San's three years in Silicon Valley: success, stock options, Napa wine, yachts on the Bay… and whether coding became his emotional safe haven after heartbreak. The ransomware attack on CheongMyeong Company — port 22, SSH vulnerabilities, decryption keys, and whether finding the key was even remotely realistic (thank you to our cybersecurity friends for weighing in!). The thrill of problem-solving: why Do San says he hasn't felt this alive in years — and whether returning to Korea means stepping out of his own comfort zone. The complicated dynamic between the sisters as Dal Mi (now CEO of CheongMyeong) and In Jae (대표님) maintain strict professionalism at work while still struggling to reconnect personally — especially around Chuseok. Han Ji Pyeong's heartbreaking timing yet again — arriving just after Do San saves the company — and why Dal Mi hesitated to call him during the crisis. The bromance vote over street skewers and tteokbokki outside Sandbox — and the emotional moment when the three friends decide to stay in Korea together. Our favorite lines: – “Two outs in the bottom of the ninth and a full count.” – “Don't throw a pebble into a calm lake.” At the end of the episode, Ji Pyeong confronts Do San in the elevator, gift in pocket, promotion title acknowledged (상무님!), and the rivalry officially reignites. Joanna's interview with real-life venture capitalist Tim McLoughlin of Cofounders Capital — decision-making under uncertainty, making peace with imperfect data, and why looking backward can slow you down. Next week, we recap and analyze Episode 14 of Start-Up and begin narrowing down our choice for Season 14. Send us your recommendations! References Chuseok - Wikipedia Drinkers in Korea Dial for Designated Drivers - The New York Times Songpyeon - Wikipedia

A ransomware attack forces a hospital system to close. AP correspondent Mike Hempen reports.

In this episode of Unspoken Security, host AJ Nash sits down with Bob Fabien “BZ” Zinga, a cybersecurity executive and Naval Information Warfare Commander in the U.S. Navy Reserve. They explore how performative leadership shows up in security teams, and why values on a wall fail when pressure hits.BZ argues that optics without accountability kills trust. When leaders bend with politics or budgets, engaged employees go quiet. That silence hides risk. He shares how breaches often trace back to human choices, including a W-2 phishing scam that exposed employees' data and changed his own life. He also pushes blameless postmortems and clear escalation paths.From there, the conversation moves to AI. BZ warns that teams can automate bias and outsource judgment. He calls for guardrails, regulation, and human oversight, especially in high-stakes decisions. He closes with a simple standard: speak up for fairness, even when silence would feel safer.Send a textSupport the show

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

Got a question or comment? Message us here!No phishing. No user interaction. Just exposed services and a missing authentication check. In this episode of the #SOCBrief, we dive into the SmarterMail RCE flaw already being exploited in the wild and why mail servers continue to be prime ransomware targets. We cover indicators to hunt for, detection tips, and practical steps SOC teams can take to reduce risk fast.

The government shutdown leaves CISA at reduced capacity. Ransomware and misconfigured AI threaten cyber-physical infrastructure. Operation DoppelBrand targets Fortune 500 financial and technology firms. Researchers uncover infostealers targeting OpenClaw AI. Identity-based attacks accounted for nearly two-thirds of initial intrusions last year. Researchers compromise popular cloud-based password managers. Authorities have arrested a man suspected of links to Phobos ransomware. Monday business breakdown. On Threat Vector, host David Moulton talks with Steve Elovitz about the 750 major breaches his team analyzed in a single year. Digital detour delivers a Dutchman to detention. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector On today's Threat Vector segment, David Moulton is joined by Steve Elovitz from Unit 42's North America consulting and incident response practice. After analyzing 750+ major breaches in a single year, he's seen exactly which security investments save companies and which ones fail when attackers strike. You can hear David and Steve's full conversation on Thursday's episode of Threat Vector and listen to new episodes each Thursday on your favorite podcast app. Selected Reading CISA Navigates DHS Shutdown With Reduced Staff (SecurityWeek) Significant Rise in Ransomware Attacks Targeting Industrial Operations (Infosecurity Magazine) A Misconfigured AI Could Trigger Infrastructure Collapse (BankInfo Security) Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft (Infosecurity Magazine) Infostealer malware found stealing OpenClaw secrets for first time (Bleeping Computer) Unit 42: Nearly two-thirds of breaches now start with identity abuse (CyberScoop) Password Managers Vulnerable to Vault Compromise Under Malicious Server (SecurityWeek) Poland arrests suspect linked to Phobos ransomware operation (Bleeping Computer) Vega raises $120 million in a Series B round led by existing investor Accel (N2K Pro Business Briefing) Dutch police arrest man who refused to delete confidential files shared by mistake (The Record) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

How can you help your loved ones navigate and securely adopt AI tools ? Will Gardner, CEO of Childnet joins the show for a vital conversation about helping families use AI safely. We talk about Childnet's latest research and the practical ways you can become a digital role model and start better AI conversations at home.

Eurail stolen traveler data now up for sale EU Parliament blocks AI features Japan's Washington Hotel discloses ransomware hit Get the full show notes here:  Huge thanks to our sponsor, Conveyor Here's a fun question. Would you rather support more enterprise deals… or answer fewer security questionnaires? Moving upmarket usually means more scrutiny and more security questions. Instead of hiring more people or slowing sales, Alteryx used Conveyor's AI to automate customer security reviews like questionnaires, SOC 2 requests, and all the back-and-forth. They supported 200% growth and over half a billion dollars in pipeline with a 4 person team. If you're tired of choosing between growth and sanity, check out Conveyor at conveyor.com.  

The cryptolocker virus was the attack that turned ransomware from a nuisance into a full-blown criminal industry — and in this episode of The Backup Wrap-up, we break down exactly how that happened. W. Curtis Preston (Mr. Backup) sits down with co-host Prasanna Malaiyandi and cybersecurity expert Dr. Mike Saylor to trace the full evolution of ransomware and explain why CryptoLocker was the turning point.If you've ever wondered how ransomware went from fake pop-up messages to billion-dollar criminal enterprises, this is the episode for you. We start with the earliest days — scareware attacks that did nothing more than frighten you into paying — and walk through the progression of encryption methods that made ransomware increasingly dangerous. Dr. Mike Saylor breaks down the difference between symmetric and asymmetric encryption in plain language, and explains why the move to public-private key pairs made it so much harder for victims to recover without paying up.Then we get into the cryptolocker virus itself: how it spread through fake FedEx emails, why it kick-started phishing awareness training, what Operation Tovar did to shut it down, and — just as interesting — what the bad guys learned from its failures. We cover the role of the Zeus botnet, how Bitcoin became the payment method of choice, and why ransoms started out at just a few hundred bucks. We also talk about what happened next: the rise of data exfiltration, double extortion, and even triple extortion where attackers go after the victims of the victims.Plus, we take a side trip into the LastPass breach and pour one out for the guy who lost his crypto fortune in a landfill.Whether you're in IT, security, or just want to understand how ransomware works, this episode gives you the full picture.Chapters:00:00:00 — Intro00:01:22 — Welcome and Introductions00:04:11 — The Three Generations of Ransomware00:05:01 — Scareware: Fake Attacks That Did Nothing00:05:42 — Ciphers and Decoder Ring Encryption00:06:38 — Symmetric Encryption Explained00:09:25 — Asymmetric (Public-Private Key) Encryption00:12:46 — Why Asymmetric Encryption Made Ransomware Stronger00:15:44 — What Was the CryptoLocker Virus?00:16:25 — Lessons CryptoLocker Taught Victims and Criminals00:18:03 — Operation Tovar Takes Down CryptoLocker00:19:54 — Bitcoin, Ransom Amounts, and Getting Paid00:23:20 — Botnets Explained: Networks of Zombie Computers00:26:22 — Recap: Three Phases of Ransomware00:27:09 — Double Extortion and Data Exfiltration00:28:01 — The LastPass Connection00:28:47 — The Lost Crypto Hard Drive

What separates organizations that successfully fend off ransomware from those that don't? What were the top threats facing organizations? Can we (pretty please) get a sneak peek into the 2025 Year in Review?Amy is joined by Dave Liebenberg, Strategic Analysis Team Lead, to break down key findings from Q4 2025's Cisco Talos Incident Response Quarterly Trends Report. From the top threats facing organizations — like the persistent exploitation of public-facing applications and the rise of new vulnerabilities such as Oracle EBS and React2Shell — to the unexpected drop in ransomware cases, this episode is packed with useful info. Episode resources:Q4 2025 Quarterly Trends Report: https://blog.talosintelligence.com/ir-trends-q4-2025/Qilin blog: https://blog.talosintelligence.com/uncovering-qilin-attack-methods-exposed-through-multiple-cases/Cybersecurity on a Budget blog: https://blog.talosintelligence.com/cybersecurity-on-a-budget-strategies-for-an-economic-downturn/

The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

Ivanti zero-days trigger emergency warnings around the globe. Singapore blames a China-linked spy crew for hitting all four major telcos. DHS opens a privacy probe into ICE surveillance. Researchers flag a zero-click RCE lurking in LLM workflows. Ransomware knocks local government payment systems offline in Florida and Texas. Chrome extensions get nosy with your URLs. BeyondTrust scrambles to patch a critical RCE. A Polish data breach suspect is caught eight years later. It's the Monday Business Breakdown. Ben Yelin gives us the 101 on subpoenas. And federal prosecutors say two Connecticut men bet big on fraud, and lost. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Ben Yelin, Program Director for Public Policy & External Affairs at the University of Maryland Center for Cyber Health and Hazard Strategies, talking about weaponized administrative subpoenas. Selected Reading EU, Dutch government announce hacks following Ivanti zero-days (The Record) Singapore says China-linked hackers targeted telecom providers in major spying campaign (The Record) Inspector General Investigating Whether ICE's Surveillance Tech Breaks the Law (404 Media) Critical 0-Click RCE Vulnerability in Claude Desktop Extensions Exposes 10,000+ Users to Remote Attacks (Cyber Security News)  Payment tech provider for Texas, Florida governments working with FBI to resolve ransomware attack (The Record) Chrome extensions can use unfixable time-channel to leak tab URLs (CyberInsider) BeyondTrust warns of critical RCE flaw in remote support software (Bleeping Computer) Hacker Poland's largest data leaks arrested (TVP World) LevelBlue will acquire MDR provider Alert Logic from Fortra. (N2K Pro Business Briefing) Men charged in FanDuel scheme fueled by thousands of stolen identities (Bleeping Computer) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

What happens after you discover ransomware? You have to talk to the attackers. And that conversation can make or break your entire response.In this episode, Wade Gettle, a professional ransomware negotiator, pulls back the curtain on the high-stakes world of threat actor negotiations. Wade is the person who gets the call at 2 AM when organizations are facing their worst moment, and he's handled negotiations across every scenario imaginable.You'll learn:What actually happens in the first 72 hours of a ransomware incidentThe psychological tactics threat actors use to manufacture urgency and pressureWhy those 24-hour deadlines aren't real—and how to buy yourself timeHow threat actors research your financials, insurance policies, and supply chain before making contactWhen data validation saves companies from paying ransoms for data that isn't even theirsThe real cost of ransomware (spoiler: it's 10x the ransom amount)Why paying doesn't guarantee your data back—or that you won't get hit againThird-party breaches: the biggest risk vector right nowKey takeaway: Ransomware negotiations are psychological warfare disguised as business transactions. The best defense is being more prepared than the attackers expect you to be.Resources mentioned in this episode:ransomware.live (ransomware group tracking, info, conversations and more)ransomlook.io (ransomware group tracking and statistics)ChatGPT Ransomware Negotiation Simulator: https://chatgpt.com/g/g-679a6253574c8191a998145044b9c651-ransomsim-ransomware-negotiation-trainerWade Gettle on LinkedIn: https://www.linkedin.com/in/wade-gettle-7733704a/About the guest: Wade Gettle is a Senior Advisor at Flashpoint and serves as a Cyber Mission Planner for the New York Army National Guard. With a background in intelligence analysis, incident response, and threat intelligence, Wade brings calm to the storm when organizations face their most critical security incidents.Contact, Courses, and More: For feedback, reviews, guest pitches, or to get in contact with me for any other reason, head to blueprintpodcast.live! Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn