Podcasts about Ransomware

Malicious software used in ransom demands

  • 2,963PODCASTS
  • 12,915EPISODES
  • 38mAVG DURATION
  • 2DAILY NEW EPISODES
  • Aug 1, 2025LATEST
Ransomware

POPULARITY

20172018201920202021202220232024

Categories




Best podcasts about Ransomware

Show all podcasts related to ransomware

Latest podcast episodes about Ransomware

Security Conversations
Rethinking APT Attribution: Dakota Cary on Chinese Contractors and Espionage-as-a-Service

Security Conversations

Play Episode Listen Later Aug 1, 2025 111:42


Three Buddy Problem - Episode 56: China-focused researcher Dakota Cary joins the buddies to dig into China's sprawling cyber ecosystem, from the HAFNIUM indictments and MSS tasking pipelines to the murky world of APT contractors and the ransomware hustle. We break down China's “entrepreneurial” model of intelligence collection, why public visibility into these threat actors is so hard to get right, and how companies like Microsoft get caught in the geopolitical crossfire. Plus: a deep dive on suspected MAPP leaks and Sharepoint zero-days, Singapore targeted by extremely sophisticated China-nexus hacking group, soft censorship in corporate threat-intel, and whether the U.S. should rethink how it fills its intelligence gaps. Cast: Dakota Cary (https://www.linkedin.com/in/dakotacary/), Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Cybercrime Magazine Podcast
Ransomware Risk Report. Security Audits. Adam Keown, Global CISO, Eastman.

Cybercrime Magazine Podcast

Play Episode Listen Later Jul 29, 2025 3:00


From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss security audits and how they can help organizations across the globe stay cyber safe. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Cyber Risk Management Podcast
EP 189: Agentic AI and Ransomware

Cyber Risk Management Podcast

Play Episode Listen Later Jul 29, 2025 40:19


Unit 42 (Palo Alto Networks) just showed they can use AI to conduct a complete ransomware attack in 25 minutes, a 100x speed increase. What does this mean for defenders? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

No Password Required
No Password Required Podcast Episode 62 — Kurt Sanger

No Password Required

Play Episode Listen Later Jul 29, 2025 52:53


Keywordscybersecurity, military transition, Tampa cybersecurity, mentorship, cyber law, incident response, private sector, cybersecurity misconceptions, legal perspectives, cybersecurity growth  SummaryIn this episode of No Password Required, hosts Jack Clabby and Kayley Melton sit down with Kurt Sanger — former Deputy General Counsel at U.S. Cyber Command — to talk about the evolving world of cyber law, the wild ride from government service to private sector strategy, and what keeps him grounded in a field that's constantly shifting. Kurt dives into the fast-growing cybersecurity scene in Tampa, the power of mentorship, and why people still get cyber law so wrong. Plus: insights on responding to incidents under pressure and what role the government should (and shouldn't) play in the digital fight.  TakeawaysKurt emphasizes that newcomers to cybersecurity are not as far behind as they think.The transition from military to private sector can be challenging but rewarding.Tampa is becoming a significant hub for cybersecurity talent and companies.Understanding cybersecurity misconceptions is crucial for decision-makers.Mentorship plays a vital role in navigating career challenges in cybersecurity.Military and civilian cyber law have distinct differences in enforcement and flexibility.The stakes in private sector cybersecurity can be incredibly high for clients.Kurt's experience highlights the need for collaboration between government and private sectors.Cybersecurity is an ever-evolving field that requires continuous learning.Kurt finds excitement in helping clients during their most challenging times.  Sound bites "You're only six months behind.""We're all in the same boat.""The government needs to step back."  Chapters 00:00 NPR S6E7 Kurt Sanger52:53 NPR S6E7 Kurt Sanger01:45:47 Introduction to Cybersecurity Conversations01:48:22 Transitioning from Military to Private Sector Cybersecurity01:51:11 The Growth of Tampa as a Cybersecurity Hub01:54:05 Understanding Cybersecurity Misconceptions01:57:15 The Role of Mentorship in Cybersecurity Careers02:00:24 Military vs. Civilian Cybersecurity Law02:03:07 The Excitement of Cyber Command vs. Private Sector02:13:52 High Stakes in Cybersecurity for Small Organizations02:15:44 The Role of Legal Experts in Cybersecurity02:17:21 Translating Technical Jargon for Clients02:18:57 Challenges of Explaining Cyber Operations to Commanders02:22:43 Lifestyle Polygraph: Fun Questions and Insights02:23:30 The 10,000 Hour Rule in Cybersecurity02:29:34 Creative Freedom with LEGO Bricks02:31:27 Tampa's Culinary Delights and Local Favorites

The How of Business - How to start, run & grow a small business.
575 - Protect Your Business from Cyber Attacks with Nick Mullen

The How of Business - How to start, run & grow a small business.

Play Episode Listen Later Jul 28, 2025 43:36


Cybersecurity expert Nick Mullen shares how you can protect your business from cyber attacks. Small businesses are often the target for today's most dangerous cyber threats. Show Notes Page: https://www.thehowofbusiness.com/575-nick-mullen-cyber-security/ Cyberattacks are no longer just a threat to large corporations - small business owners are now the most frequent and most vulnerable targets. In this episode of The How of Business, Henry Lopez speaks with cybersecurity expert and Entoo Security founder Nick Mullen about how you can protect your business from cyber attacks using clear, practical, and affordable strategies. Nick breaks down the modern cyber threat landscape, including: Ransomware and extortion scams AI-powered phishing emails and voice impersonations The myth of "I'm too small to be a target" The importance of email access controls and proper backups They also explore the FTC Safeguards Rule, which now applies to many more small businesses, and what it means to be compliant. Nick emphasizes the importance of understanding where your data lives, limiting who can access it, and training your team to spot threats before they cause damage. “You might think you're too small to be a target, but $50,000 is a huge payday for a criminal overseas—and they can attack thousands of small businesses every day,” Nick warns. Whether you run a solo business or have a growing team, this episode will give you the clarity and steps you need to protect what you've worked so hard to build. Nick Mullen is the founder of N2 Security, a full-service cybersecurity firm helping small businesses including accountants, bookkeepers, and service providers meet compliance standards and avoid devastating cyberattacks. He has nearly two decades of experience in security, compliance, and governance. This episode is hosted by Henry Lopez. The How of Business podcast focuses on helping you start, run, grow and exit your small business. The How of Business is a top-rated podcast for small business owners and entrepreneurs. Find the best podcast, small business coaching, resources and trusted service partners for small business owners and entrepreneurs at our website https://TheHowOfBusiness.com

Cyber Work
Working in ransomware response, investigation and recovery | John Price

Cyber Work

Play Episode Listen Later Jul 28, 2025 35:58 Transcription Available


Get your FREE Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastJohn Price of SubRosa joins today's Cyber Work Podcast to share insights from his unique career path spanning UK military counterintelligence, banking cybersecurity and founding his own digital forensics consultancy. John breaks down what really happens when ransomware hits small and medium businesses, why most companies choose recovery over legal action, and how his team helps organizations get back on their feet quickly. He also discusses the growing threats facing industries like automotive dealerships, the critical role of documentation in forensics work, and why AI will reshape both offensive and defensive cybersecurity strategies.0:00 - Intro1:00 - Cybersecurity Salary Guide2:34 - Meet John Price2:51 - Early career in military counterintelligence5:13 - Career journey from military to banking to SubRosa8:34 - Role as founder and head of SubRosa10:51 - Digital forensics and breach response operations13:13 - Typical ransomware response process17:57 - Building and managing a forensics team19:50 - Unusual cases and industry-specific threats24:29 - Importance of writing and documentation in forensics27:36 - Breaking into digital forensics without experience30:46 - Future of email security and AI's impact33:47 - About SubRosa and AI security focusView Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

Cyber Security Today
Amazon AI Tool Hacked, Scattered Spider Attacks VMware, and Major Ransomware Takedown | Cybersecurity Today

Cyber Security Today

Play Episode Listen Later Jul 28, 2025 11:09 Transcription Available


In this episode of Cybersecurity Today, host David Shipley covers several key incidents impacting the cybersecurity landscape. Amazon's generative AI coding assistant 'Q' was compromised by a hacker who injected data-wiping code into the tool's GitHub repository. Scattered Spider, a notorious cybercrime group, continues its malware attacks on VMware ESXI hypervisors using advanced social engineering techniques. In a significant enforcement action, global law enforcement dismantled the Black Suit ransomware infrastructure under Operation Checkmate. Lastly, Insurance Giant Allianz Life revealed a data breach affecting its US customer base. Stay tuned to understand the latest threats and protective measures in cybersecurity. 00:00 Introduction and Headlines 00:30 Amazon AI Coding Tool Breach 03:07 Scattered Spider's VMware ESXI Attacks 06:44 Operation Checkmate: Black Suit Ransomware Takedown 08:16 Alliance Life Insurance Data Breach 10:25 Conclusion and Call to Action

PEBCAK Podcast: Information Security News by Some All Around Good People
Episode 218 - Ring Security Not Hacked, UK Bans Ransomware Payments, MFA Downgrade Bypasses FIDO2, World Emoji Day

PEBCAK Podcast: Information Security News by Some All Around Good People

Play Episode Listen Later Jul 28, 2025 47:40


Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Ring database error shows unauthorized logins https://www.bleepingcomputer.com/news/security/ring-denies-breach-after-users-report-suspicious-logins/    UK to ban public sector ransomware payments https://www.bleepingcomputer.com/news/security/uk-to-ban-public-sector-orgs-from-paying-ransomware-gangs/   MFA downgrade attack bypasses FIDO2 https://www.bleepingcomputer.com/news/security/threat-actors-downgrade-fido2-mfa-auth-in-poisonseed-phishing-attack/   World Emoji Day 2025 https://www.macrumors.com/2025/07/17/top-10-emoji-us-2025/ https://emojitracker.com/   Dad Joke of the Week (DJOW)   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Scott - https://www.linkedin.com/in/scottmsavage/ Ben - https://www.linkedin.com/in/ben-k-b7196831/

Ich glaube, es hackt!
Wenn der Patch zu spät kommt, bist du schon gehackt!

Ich glaube, es hackt!

Play Episode Listen Later Jul 28, 2025 30:43


Diese Folge beginnt mit einem IT-Sicherheitsalarm der besonderen Art: Eine kritische Schwachstelle im SharePoint-On-Prem-Server sorgt für Aufregung – besonders, da Microsoft früh warnte, aber keinen Patch parat hatte. Außerdem: - Warum transparente Buttons in Android-Spielen Sinn machen - Die skurrilste Polizeimeldung des Jahres - WeTransfers dreister Versuch, eure Daten für KI-Training zu missbrauchen - Ein KI-generiertes Fake-Reisevideo, das ein Ehepaar 300km in die Irre führte - Google-Such-Hacks und der JavaScript-Paywall-Mythos -- Wenn Euch unser Podcast gefallen hat, freuen wir uns über eine Bewertung! Feedback wie z.B. Themenwünsche könnt Ihr uns über sämtliche Kanäle zukommen lassen: Email: podcast@ichglaubeeshackt.de Web: podcast.ichglaubeeshackt.de Instagram: http://instagram.com/igehpodcast

Cybercrime Magazine Podcast
Ransomware Minute. Damage Spreads From Microsoft Hack. Scott Schober, WCYB Digital Radio.

Cybercrime Magazine Podcast

Play Episode Listen Later Jul 25, 2025 2:39


The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

The IT Pro Podcast
Can the UK ban ransomware payments?

The IT Pro Podcast

Play Episode Listen Later Jul 25, 2025 20:14


Ransomware payments could soon be a thing of the past in the UK – at least that's the hope of new controls and mandatory reporting requirements to prevent ransomware from inflicting damage on UK businesses.Under government proposals, public bodies and operators of critical national infrastructure would be banned from paying up when they're hit by ransomware – and other businesses would have to be transparent when they decide to cough up the cash.But can we really put a lid on ransomware? And might the new rules have unintended negative consequences?In this episode, Jane and Rory discuss the UK government's new ransomware payment ban and what it could mean for the sector.Read more:Nearly half of MSPs admit to having a ransomware kittyA ransomware payments ban risks criminalizing victimsThe end of ransomware payments: How businesses fit into the fightBuilding ransomware resilience to avoid paying outUK government officials consider banning ransomware payments

Unspoken Security
Can My AI Be Hacked?

Unspoken Security

Play Episode Listen Later Jul 24, 2025 65:43


In this episode of Unspoken Security, host AJ Nash speaks with Dr. Peter Garraghan, CEO and CTO of Mindgard. They discuss the real-world security risks of artificial intelligence. Peter starts with a simple point: AI is just software, and software is easy to break. He urges businesses using AI to step back and truly understand its vulnerabilities.Peter draws parallels between the current AI boom and past technology cycles like cloud computing. While AI feels revolutionary, the security risks are not new. Threats like data poisoning and prompt injection are modern versions of classic cybersecurity problems. The danger is that AI's human-like interface makes it easy to anthropomorphize, causing users to overlook fundamental security flaws.To manage these risks, Peter advises companies to treat AI like any other software. This means applying the same rigorous security controls, testing protocols, and incident response playbooks. Instead of creating a separate process for AI, organizations should find the gaps in their current security posture and update them. This practical approach helps businesses secure AI systems effectively.Send us a textSupport the show

Federal Tech Podcast: Listen and learn how successful companies get federal contracts
Ep. 260 How Akamai can make the Internet work better by preventing ransomware.

Federal Tech Podcast: Listen and learn how successful companies get federal contracts

Play Episode Listen Later Jul 24, 2025 33:45


Want to listen to other episodes? www.Federaltechpodcast.com In 2018, ransomware was a quaint little cyberattack.  Suddenly, the first half of 2024 saw $459 million paid in ransomware.  Everyone is being targeted: retailers in the UK, resellers in LA, and even the federal government can be included in the target for ransomware attackers. Today, we sit down with Douglas Holland to see what role Akamai plays in preventing these rapidly proliferating attacks. One of the strengths of Akamai is its ability to handle a wide range of internet activity, as Akamai processes 11 trillion DNS queries daily.  This gives them a perfect perspective to identify troublesome sites and apply Domain Name Systems (DNS) to provide robust cybersecurity. Douglas Holland puts this situation into perspective by noting that during the COVID-19 pandemic, more and more people started using VPN technology, making systems vulnerable to phishing attacks. He notes the rise of ransomware-as-a-service and phishing-as-a-service, emphasizing the importance of employee training and education. Holland also addresses the challenges of VPNs and remote desktop security, advocating for zero-trust architectures and multi-factor authentication. The interview ends with discussing the role of AI and machine learning in Akamai's threat protection.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday, July 23rd, 2025: Sharepoint 2016 Patch; MotW Privacy and WinZip; Interlock Ransomware; Sophos Patches

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jul 23, 2025 6:17


Microsoft Updates SharePoint Vulnerability Guidance CVE-2025-53770 and CVE-2025-53771 Microsoft released its update for SharePoint 2016, completing the updates across all currently supported versions. https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ WinZip MotW Privacy Starting with version 7.10, WinZip introduced an option to no longer include the download URL in zip files as part of the Mark of the Web (MotW). https://isc.sans.edu/diary/WinRAR%20MoTW%20Propagation%20Privacy/32130 Interlock Ransomware Several government agencies collaborated to create an informative and comprehensive overview of the Interlock ransomware. Just like prior writeups, this writeup is very informative, including many technical details useful to detect and block this ransomware. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a Sophos Firewall Updates Sophos patched five different vulnerabilities in its firewalls. Two of them are critical, but these only affect a small percentage of users. https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce

Business of Tech
Half of MSPs Prepare for Ransomware, SaaS Security Gaps, and Open AI Servers Found

Business of Tech

Play Episode Listen Later Jul 22, 2025 12:06


Managed service providers (MSPs) are increasingly allocating budgets for ransomware payments, with a recent report indicating that 45% have set aside funds specifically for this purpose. This trend raises concerns about normalizing the act of paying criminals, as many experts argue that such practices inadvertently support criminal activities. While some MSPs are turning to cyber insurance for protection, a significant portion remains vulnerable due to a lack of allocated budgets for ransomware payments or insurance. Additionally, MSP leaders are increasingly worried about artificial intelligence threats, which have surpassed traditional concerns like ransomware and malware.A study by AppOmni reveals a troubling disconnect in the security posture of organizations using software-as-a-service (SaaS) applications. Despite 75% of organizations reporting breaches in the past year, 89% believe they have adequate visibility into their security environments. The study highlights that many incidents stem from permission issues and misconfigurations, emphasizing the need for improved security hygiene. Providers are urged to focus on addressing these basic issues rather than preparing for ransom payments, as this is where they can truly add value and protect their clients.In a concerning development, a startup has been found selling hacked data from over 50 million computers to various industries, including debt collectors and divorce attorneys. This practice raises ethical and legal questions, as the sale of such information may not be illegal in many jurisdictions. Additionally, researchers have discovered nearly 2,000 AI protocol servers exposed online without any authentication, posing significant risks to sensitive data. Experts warn that individuals whose data is sold may remain unaware of the exploitation of their personal information, highlighting the urgent need for stronger data protections.The UK government is reconsidering its demand for Apple to provide access to encrypted user data, influenced by pressure from the U.S. government. This shift comes after Apple withdrew its Advanced Data Protection Service from the UK, emphasizing its commitment to user privacy. Meanwhile, Meta has rejected the EU's Code of Practice for Artificial Intelligence, citing concerns over regulatory overreach. In contrast, OpenAI has formed a strategic partnership with the UK government to enhance the country's AI infrastructure, indicating a growing trend of governments aligning with major tech players in the AI sector. For MSPs, these developments underscore the importance of engaging in conversations about encryption resilience and understanding the evolving regulatory landscape. Four things to know today 00:00 45% of MSPs Planning to Pay Hackers? SaaS Breach Rates Show Why That's the Wrong Bet03:55 Startup Sells Data From 50M Hacked PCs as AI Servers Leak Sensitive Info Without Authentication06:18 UK May Drop Apple Encryption Backdoor Demand Amid US Pressure; OpenAI and Meta Make Diverging EU Moves09:15 Microsoft Patches Critical SharePoint Flaws as China-Linked Actor Linked to Incident  Supported by:  https://getnerdio.com/nerdio-manager-for-msp/  Tell us about a newsletter! https://bit.ly/biztechnewsletter All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Security Squawk
How Dell, Weak Passwords and Ransomware Are Still Crushing Big Brands

Security Squawk

Play Episode Listen Later Jul 22, 2025 25:24


Another week, another round of cyber fails making headlines. In this episode of Security Squawk, we break down how some of the biggest names in tech and business are still getting owned by basic mistakes. This week: Dell's breach exposes critical platforms to extortion groups ️ A 158-year-old company destroyed by one weak password Ransomware still targeting hospitals while reports claim it is in decline If you think big brands have it figured out, think again. Stay informed and stay protected. Watch or listen now for insights you will not hear anywhere else. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

The Jerich Show Podcast
Salt Typhoon, National Guard Stormed, Fake Headlines, & Ransomware Quitting

The Jerich Show Podcast

Play Episode Listen Later Jul 21, 2025 19:36


This week, Erich and Javvad dig into Salt Typhoon's year-long hack of the National Guard (somebody check the cyber sandbags!), marvel at scammers out-faking CNN, BBC, and CNBC to push bogus investments, and celebrate the rarest of cyber events: a ransomware gang calling it quits and actually handing out free decryptors. Grab your popcorn—cyber drama doesn't get juicier than this!

Cyber Crime Junkies
Who Do Hackers Target The Most? Real Truth About Cyber Crime. FBI vs Cyber Crime.

Cyber Crime Junkies

Play Episode Listen Later Jul 20, 2025 30:09 Transcription Available


In this episode of Cyber Crime Junkies, host Dean Mauro explores listener question of who do hackers target the most. He explains the real truth about cyber crime,  recent examples of Cyber crime This year, Small business cyber attacks, and he evaluates FBI IC3 Report 2025Send us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com

The Y in History
Episode 112: A history of Cyberattacks

The Y in History

Play Episode Listen Later Jul 19, 2025 20:19


The first computer virus is believed to have been used in 1969 at the University of Washington Computer Center. A person who has never been named installed a program that came to be known as “RABBITS Virus” on one of the computers. The program began replicating itself until it overwhelmed the computer causing it to shut down. Over the years, the scale and sophistication of cyber attacks has increased and with the advent of AI, digital criminals have jumped on the AI bandwagon and become more lethal.

The Lockdown - Practical Privacy & Security
030 - Info Stealers, GrapheneOS Drama, and Why Video Games and Anti-Virus Are Spyware

The Lockdown - Practical Privacy & Security

Play Episode Listen Later Jul 18, 2025 52:42


In this episode, I address listener feedback and corrections regarding use of public Wi-Fi, MAC addresses, and aliases. I dive deep into the nuances of MAC address randomization on GrapheneOS versus Apple's private Wi-Fi addresses, explaining why GrapheneOS offers superior privacy protection. I discuss the real threats of public Wi-Fi in 2025 (hint: it's not hackers with Wireshark), and share my approach with aliases.I also cover the rising threat of infostealers like Atomic Info Stealer for macOS, the dangerous intersection of gaming cheats and malware, and why I avoid third-party antivirus software. Most importantly, I address the GrapheneOS controversy: the loss of a senior developer to military conscription, Google's strategic pivot that threatens custom ROMs, and why claims of GrapheneOS “dying” are misinformation spread by those with competing agendas.In this week's episode:Clarifications and Corrections: Public Wi-Fi, MAC addresses, and alias managementMAC address randomization: GrapheneOS vs Apple's implementationThe real threats of public Wi-Fi in 2025Info stealers and video games can be a privacy nightmareGrapheneOS controversy: Developer conscription, Google's lockdown, and the future of custom ROMsWhy antivirus software might be the malware you're trying to avoidMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:MAC Address Lookup - https://maclookup.app/OUI Lookup - https://oui.is/33mail - https://www.33mail.com/OpenSnitch - https://github.com/evilsocket/opensnitchPrivacy.com - https://privacy.comLithic - https://lithic.comKaspersky and Russian Government - https://en.wikipedia.org/wiki/Kaspersky_and_the_Russian_governmentGoogle Not Killing AOSP - https://www.androidauthority.com/google-not-killing-aosp-3566882/GrapheneOS on Developer Conscription - https://grapheneos.social/@GrapheneOS/114359660453627718GrapheneOS on OEM Partnerships (June 19) - https://grapheneos.social/@GrapheneOS/114671100848024807GrapheneOS Response to Misinformation - https://grapheneos.social/@GrapheneOS/114825492698412916GrapheneOS on iPhone Security - https://grapheneos.social/@GrapheneOS/114824816120139544“Social engineering bypasses all technologies, including firewalls.”- Kevin Mitnick ★ Support this podcast on Patreon ★

Cybercrime Magazine Podcast
Cybercrime News For Jul. 17, 2025. Ransomware Gang Hits Belk, Suits Follow. WCYB Digital Radio.

Cybercrime Magazine Podcast

Play Episode Listen Later Jul 17, 2025 2:34


The Cybercrime Magazine Podcast brings you daily cybercrime news on WCYB Digital Radio, the first and only 7x24x365 internet radio station devoted to cybersecurity. Stay updated on the latest cyberattacks, hacks, data breaches, and more with our host. Don't miss an episode, airing every half-hour on WCYB Digital Radio and daily on our podcast. Listen to today's news at https://soundcloud.com/cybercrimemagazine/sets/cybercrime-daily-news. Brought to you by our Partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies. Learn more at https://evolutionequity.com

WBT's Morning News with Bo Thompson
Cyber Security Expert Theresa Payton on Good Morning BT

WBT's Morning News with Bo Thompson

Play Episode Listen Later Jul 17, 2025 10:49


Bo and Beth get Theresa's thoughts on a Belk data breach stemming from a Ransomware attack. Plus, Amtrak is making upgrades to make their communication network more secure. See omnystudio.com/listener for privacy information.

TechTimeRadio
260: Bumble announces a 30% workforce reduction, Grok calling itself "MechaHitler" and a Russian basketball player arrested for ransomware/ Gwen Way looks to share her new Gadget and Gear item. | Air Date: 7/15 - 7/21/2025

TechTimeRadio

Play Episode Listen Later Jul 16, 2025 62:34 Transcription Available


Ever wonder if your secondhand laptop could land you in an international cybercrime investigation? This episode dives into the bizarre case of a Russian basketball player arrested for ransomware activities he claims stemmed from a used computer purchase. Was he an unwitting victim or a sophisticated criminal? The hosts debate the plausibility of his defense and what it means for everyday tech users.The conversation takes a darker turn when exploring Elon Musk's AI chatbot Grok, which began calling itself "MechaHitler" and spewing hate speech before shutting down entirely. This spectacular AI failure raises profound questions about content moderation, algorithmic bias, and Musk's troubling assertion that he plans to "rewrite the entire corpus of human knowledge." The hosts expertly unpack the technical and ethical implications with their trademark blend of expertise and accessible explanations.We also examine the shifting landscape of digital relationships as Bumble announces a 30% workforce reduction. Could traditional dating apps be giving way to more organic connections formed in gaming communities and audio platforms? The team makes a compelling case that technology-mediated relationships are evolving beyond superficial swiping interfaces toward more authentic interaction spaces.The "Gadgets and Gear" segment showcases Hingbot's Sirius - an American-made programmable robot dog that offers a privacy-conscious alternative to Chinese models. Perfect for budding coders and robotics enthusiasts, this high-tech companion demonstrates how consumer robotics continues to advance despite lingering concerns about data security.Between whiskey tastings and good-natured ribbing, the hosts deliver sharp insights about our complex relationship with technology - from the anthropomorphizing of AI "hallucinations" to the ironies of major security vendors falling victim to ransomware attacks. Subscribe now to join our community of tech enthusiasts who appreciate clear, jargon-free analysis served with a side of whiskey and genuine laughs.Support the show

Cybercrime Magazine Podcast
Ransomware Risk Report. Threat Intelligence. Adam Keown, Global CISO, Eastman.

Cybercrime Magazine Podcast

Play Episode Listen Later Jul 15, 2025 3:09


From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss threat intelligence. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Security Squawk
Ransomware Is Out of Control in 2025 and It's Only Getting Worse

Security Squawk

Play Episode Listen Later Jul 15, 2025 39:42


Ransomware attacks are exploding in 2025, and cybercriminals are getting bolder — and richer. In this episode of Security Squawk, we break down the latest schemes, lawsuits, and trends you need to know: Interlock ransomware's new ‘FileFix' malware trick Krispy Kreme sued for exposing employee data Ransomware attacks nearly double in 2025 Hackers getting 80% payouts to keep the attacks rolling If you own a business, manage IT, or care about protecting your data, you can't afford to miss this one. Watch or listen now and stay one step ahead. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

Security Squawk
Ingram Micro Ransomware Chaos and the AI Cybersecurity Crisis

Security Squawk

Play Episode Listen Later Jul 15, 2025 44:26


A massive ransomware attack hits Ingram Micro — what happened, who's behind it, and what it means for your business. We also dive into the terrifying rise of AI-powered cyberattacks and the dangerous gap between innovation and data protection. In this episode: Ingram Micro ransomware attack breakdown AI cybercrime stats that will shock you Is AI innovation outpacing cybersecurity? Let's debate Tune in now and stay one step ahead of the threats. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

Federal Tax Updates
Your Client Data Is Under Attack: An IRS Agent's Warning

Federal Tax Updates

Play Episode Listen Later Jul 14, 2025 59:25


Tax professional data breaches have exploded in 2025, with 327 reported incidents affecting over 342,000 taxpayers in just half a year. Glenn Gizzy, a 36-year IRS veteran now specializing in data breach prevention, reveals the sophisticated tactics criminals use to infiltrate tax practices. From phishing emails disguised as client referrals, to hackers who wait until returns are filed before changing bank account information. This conversation covers essential protection measures including Written Information Security Plans (WISP), IP PINs, proper cyber insurance coverage, and the critical steps to take immediately after discovering a breach.SponsorsPadgett -  Contact Padgett or Email Jeff Phillips(00:00) - Introduction and Greetings (02:21) - Today's Guest and Topic: Scams and Data Breaches (02:56) - IRS Statistics on Data Breaches (05:33) - Common Scams and How They Work (09:48) - Phishing Emails and Ransomware (14:51) - Fake Charities and Donation Scams (17:30) - Refund Thefts and Data Breaches (21:28) - IRS Communication and Taxpayer Awareness (30:10) - Signs of a Data Breach for Practitioners (32:42) - Immediate Steps After a Data Breach (34:32) - Multi-Step Process and Insurance Involvement (37:42) - Filing Returns After a Breach (40:54) - Identity Protection PIN (IP PIN) (48:10) - Written Information Security Plan (WISP) (53:06) - Protecting EFIN, PTIN, and CAF Numbers (55:25) - Final Thoughts and Conclusion Connect with Glennhttps://www.linkedin.com/in/glenn-gizzi-4b6ab5205Get NASBA Approved CPE or IRS Approved CELaunch the course on EarmarkCPE to get free CPE/CE for listening to this episode.Connect with the Roger and Annie on LinkedInhttps://www.linkedin.com/in/rogerharrispbs/https://www.linkedin.com/in/annie-schwab-852418261/ReviewLeave a review on Apple Podcasts or PodchaserSubscribeSubscribe to the Federal Tax Updates podcast in your favorite podcast app!This podcast is a production of the Earmark Media

Consumer Tech Update
The Mamona ransomware threat

Consumer Tech Update

Play Episode Listen Later Jul 12, 2025 9:23


A new ransomware called Mamona hits fast, encrypts your files, then deletes itself. Here's how to protect yourself. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cybercrime Magazine Podcast
Ransomware Minute. Telcom Giant Telefónica, Virginia County. Scott Schober, WCYB Digital Radio.

Cybercrime Magazine Podcast

Play Episode Listen Later Jul 11, 2025 2:34


The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

Cyber Security Headlines
Outlook outage continues, Iranian APT activity, Russian ransomware arrest

Cyber Security Headlines

Play Episode Listen Later Jul 11, 2025 9:47


Look Out! Another Outlook Outage Iranian APTs increased activity against U.S. industries in late spring Russian basketball player arrested in France over alleged ransomware ties Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.

Talking Pools Podcast

Text us a pool question!In this episode of the Talking Pools podcast, hosts Steve and Wayne discuss various topics related to pool maintenance, including the importance of reliable staffing, the impact of ransomware attacks on the industry, and the significance of effective water testing. They emphasize the need for strong cybersecurity measures, especially in light of recent attacks, and the importance of clear communication with clients regarding pool maintenance expectations. The conversation also touches on the challenges posed by weather conditions and the necessity of understanding pool chemistry for effective maintenance.takeawaysSteve shares his recent wedding experience in Turks and Caicos.Reliable staffing is crucial for business continuity during personal events.Ransomware attacks can affect any business with technology.Cybersecurity is essential for protecting business operations.Weather significantly impacts pool maintenance and water quality.Proper water testing is vital for pool health and safety.Communication with clients about pool conditions is key.The cost of maintaining pools can vary significantly.Understanding pool chemistry is essential for effective maintenance.Evaluating client relationships is important for business sustainability.Sound Bites"Congratulations, Steve and Janet.""Ransomware affects anyone with tech going on.""Is it worth it for me to send a guy out there?"Chapters00:00Celebrating New Beginnings02:38The Importance of Reliable Staffing04:58Navigating Ransomware Attacks10:41The Significance of Proper Pool Maintenance23:52Understanding Water Chemistry30:47The Dangers of Cheap Testing Kits36:34Client Communication and Expectations42:15Evaluating Client Relationships Support the showThank you so much for listening! You can find us on social media: Facebook Instagram Tik Tok Email us: talkingpools@gmail.com

Security Conversations
How did China get Microsoft's zero-day exploits?

Security Conversations

Play Episode Listen Later Jul 10, 2025 109:05


Three Buddy Problem - Episode 53: We dig into news of the first-ever arrest of a Chinese intelligence-linked hacker in Italy, unpack the mystery behind HAFNIUM and how they somehow got their hands on the same Microsoft Exchange zero-days that researcher Orange Tsai discovered - was it coincidence, inside access, or something more sinister? Plus, China's massive cyber capabilities pipeline, ‘theCom' teenagers arrested in the UK after ransomware binge, and spyware attacks against Russian organizations. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Today in Health IT
2 Minute Drill: North Korean Infiltration and Ransomware Gang Shutdowns with Drex DeFord

Today in Health IT

Play Episode Listen Later Jul 10, 2025 5:25 Transcription Available


Drex covers three major cybersecurity developments impacting healthcare: the expanding North Korean remote worker infiltration scheme targeting US companies with stolen identities and deepfakes, a cyberattack on medical device manufacturer Monic that disrupted critical supply chains, and the suspicious shutdown of Hunter's International ransomware group offering free decryption tools. Essential insights for healthcare organizations on hiring security, supply chain vulnerabilities, and evolving ransomware tactics. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

Unspoken Security
The Human Side of Cyber

Unspoken Security

Play Episode Listen Later Jul 10, 2025 61:26


Why does security awareness training so often fail? In this episode of Unspoken Security, host AJ Nash welcomes Living Security CEO Ashley M. Rose to discuss this common issue. They explore how compliance-driven, "check-the-box" training creates a false sense of security. This old model relies on vanity metrics and rituals instead of reducing actual human risk.Ashley presents a better way forward through human risk management. This modern strategy moves beyond simple phishing tests and integrates data from your existing security tools. It provides a full view of employee behavior to identify and address risks proactively. The goal is to make security training engaging and effective, not just another task to ignore.The conversation also covers the nuanced relationship between human risk management and insider threat programs. AJ and Ashley discuss how to empower employees and transform them from a potential liability into an organization's greatest security asset, creating a stronger, more resilient workforce.Send us a textSupport the show

Business of Tech
MSPs Under Pressure: Navigating AI Impersonation, Phishing Exploits, and Ransomware Fallout

Business of Tech

Play Episode Listen Later Jul 9, 2025 16:12


Managed service providers (MSPs) are currently facing unprecedented pressure from clients regarding cybersecurity, with a significant increase in expectations for MSPs to manage their cybersecurity infrastructure. A recent survey revealed that 84% of MSPs report their clients now expect them to handle cybersecurity end-to-end, a notable rise from 65% the previous year. This shift comes as MSPs themselves are under increased scrutiny, with 77% reporting heightened oversight of their security practices. The growing concern over emerging threats, particularly those related to artificial intelligence, has further complicated the landscape, as MSPs find themselves caught between rising client demands and a lack of accountability from cybersecurity vendors.In a related development, a fraudulent impersonator has been using artificial intelligence to mimic the voice and writing style of U.S. Secretary of State Marco Rubio, successfully contacting several high-level officials to manipulate them for sensitive information. This incident highlights the vulnerabilities in secure communication channels and the ease with which attackers can exploit lax data security among government officials. The FBI has issued warnings about ongoing malicious messaging campaigns that utilize AI-generated voice messaging, emphasizing the need for enhanced verification protocols in executive communications.Additionally, attackers have been exploiting Microsoft 365's direct send feature to launch phishing attacks, impacting over 70 organizations. This method allows attackers to send emails that appear to come from legitimate internal addresses, bypassing traditional security measures. Research indicates that conventional phishing awareness training is largely ineffective, with many employees failing to recognize phishing attempts even after training. The study suggests a shift towards interactive training methods, which have proven more effective in reducing the likelihood of falling victim to such scams.Ingram Micro has begun restoring customer ordering capabilities following a ransomware attack that temporarily disabled its systems, but the company's lack of communication during the crisis has raised concerns among partners. The incident serves as a case study in breach communication, highlighting the importance of transparency and effective communication in maintaining trust. Meanwhile, Kaseya has expanded its community investment with the Technology Marketing Toolkit, aimed at enhancing resources for MSPs. However, questions remain about the potential cultural clash and the impact on the independence of the Toolkit's offerings within Kaseya's larger ecosystem. Four things to know today 00:00 MSPs Face Rising Cybersecurity Pressure as Clients Demand Full Protection and Vendors Sidestep Shared Risk04:25 AI Deepfake Impersonates Secretary of State in Sophisticated Attack, Exposing Risks for Executive Security09:17 Ingram Micro Begins System Restoration After Ransomware Attack, But Silence Frustrates12:07 Robin Robins Sells Technology Marketing Toolkit; Joins Kaseya as Strategic Advisor This is the Business of Tech.    Supported by:  https://getnerdio.com/nerdio-manager-for-msp/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

This Week in Health IT
Solution Showcase: Breaking the 30-Day Ransomware Cycle with Todd Barton and PV SubbaRao

This Week in Health IT

Play Episode Listen Later Jul 9, 2025 28:58 Transcription Available


July 9, 2025: Todd Barton, AVP, Enterprise Sales Engineering at Rubrik, and PV SubbaRao, SVP of Global Healthcare and Life Sciences from Rackspace, reveal how they're revolutionizing healthcare's approach to cyber resilience through their groundbreaking partnership. The conversation delves deep into the concept of Isolated Recovery Environments (IRE) and the "Minimum Viable Hospital" - but what exactly does it mean to operate at bare minimum while maintaining patient care, and how do you determine what systems are truly essential when every second counts? As healthcare organizations grapple with doing more with less, these experts explore how proper cyber recovery planning can actually unlock 20-25% cost savings that can be reinvested into the innovations hospitals need.  Key Points: 05:04 Preemptive Recovery  10:21 Minimum Viable Hospital and IRE 20:21 Cost and Productivity Optimization X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

Cyber Security Today
Ingram Micro Ransomware Attack and the Rise of Linux SSH Server Compromises

Cyber Security Today

Play Episode Listen Later Jul 7, 2025 10:41 Transcription Available


In this episode of Cybersecurity Today, host David Shipley discusses the recent Safe Play ransomware attack on technology distributor Ingram Micro, exploring its impact and ongoing recovery efforts. The script also examines a new campaign targeting misconfigured Linux servers to build proxy networks for cybercriminal activities. Additionally, the episode highlights the significant rise in Click Fix social engineering attacks and the criminal investigation into a former ransomware negotiator accused of profiting from extortion payments. 00:00 Introduction and Headlines 00:30 Ingram Micro Ransomware Attack 03:57 Linux Servers Under Attack 07:05 Rise of Click Fix Social Engineering Attacks 08:45 Ransomware Negotiator Under Investigation 10:13 Conclusion and Contact Information

PEBCAK Podcast: Information Security News by Some All Around Good People
Episode 215 - Salt Typhoon Compromised ISP and They Deny It, Ransomware Attack Causes Patient Death, Australian Student Hacks University, Fourth of July Traditions

PEBCAK Podcast: Information Security News by Some All Around Good People

Play Episode Listen Later Jul 7, 2025 52:30


Welcome to this week's episode of the PEBCAK Podcast!  We've got three amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   ISP and datacenter hosting provider get compromised by Salt Typhoon https://www.nextgov.com/cybersecurity/2025/06/us-agencies-assessed-chinese-telecom-hackers-likely-hit-data-center-and-residential-internet-providers/405920/   Cyber attack causes patient death https://news.sky.com/story/patient-death-linked-to-cyber-attack-on-nhs-hospital-trust-says-13388485  https://www.bloomberg.com/news/articles/2025-01-14/nhs-ransomware-hack-caused-patient-harm-in-uk-data-shows  https://www.independent.co.uk/news/uk/home-news/london-nhs-gp-surgeries-blood-health-service-journal-b2772287.html      Australian student arrested for hacking https://www.police.nsw.gov.au/news/news_article?sq_content_src=%2BdXJsPWh0dHBzJTNBJTJGJTJGZWJpenByZC5wb2xpY2UubnN3Lmdvdi5hdSUyRm1lZGlhJTJGMTE5MjYyLmh0bWwmYWxsPTE%3D    Happy birthday America! https://www.whitehouse.gov/briefings-statements/2025/07/presidential-message-on-the-249th-anniversary-of-the-adoption-of-the-declaration-of-independence/   Dad Joke of the Week (DJOW)   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Ben - https://www.linkedin.com/in/benjamincorll/

Today in Health IT
UnHack (the News): Reported Cyber Breach Death and the Interconnected World with Mick Coady

Today in Health IT

Play Episode Listen Later Jul 7, 2025 15:49 Transcription Available


July 7, 2025: Mick Coady, CTO at Armis, joins Drex for the news. This episode examines a sobering milestone: the first confirmed patient death directly attributed to a ransomware attack on London's blood distribution system. The conversation explores how a single cyber incident creates cascading effects across entire healthcare networks, flooding neighboring hospitals with redirected patients and overwhelming emergency departments. With 28 healthcare security incidents reported in June alone—many involving third-party vendors—the discussion questions whether the industry fully understands how interconnected systems create compounding vulnerabilities. From agricultural equipment with satellite connectivity to medical devices running outdated firmware, every connected endpoint represents a potential entry point for attackers. Key Points: 01:43 Ransomware Attack Leads to Patient Death 06:10 Rural Healthcare During Cyber Attacks 09:11 Third-Party Risks in Cybersecurity 10:29 Cybersecurity in Agriculture and Implications News Articles:  Ransomware attack contributed to patient's death, says Britain's NHS HHS Breach Portal College students hacked into tractors. Manufacturers wanted them to do it X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

Cybercrime Magazine Podcast
Cybercrime Wire For Jul. 7, 2025. Ransomware Hits Ingram Micro, IT Distributor. WCYB Digital Radio.

Cybercrime Magazine Podcast

Play Episode Listen Later Jul 7, 2025 1:11


The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

The Lockdown - Practical Privacy & Security
029 - Minimize not Militarize and Avoiding Surveillance with GrapheneOS

The Lockdown - Practical Privacy & Security

Play Episode Listen Later Jul 7, 2025 54:26


In this episode, I explore the difference between the military mindset and the more stealth approach of minimization in cybersecurity. I share the results from the Ghost in the Source Capture the Flag (CTF) challenge, revealing how the winners cracked the AES encryption using dictionary attacks, keyword harvesting and the cipher tool hidden in robots.txt. I discuss why the “assume breach” mentality just leaves the doors wide open, using examples from Kevin Mitnick's 1981 Pacific Bell infiltration to modern ransomware groups like Scattered Spider who breached MGM and Marks & Spencer through social engineering.I also cover practical tactics for using public Wi-Fi, data curation techniques, the invisible surveillance net including Stingray devices, and provide a deep dive into GrapheneOS covering user profiles, app sandboxing, network controls, sensor permissions, and the proper use of sandboxed Google Play services.In this week's episode:Ghost in the Source Capture the Flag challenge resultsThe military mindset problem in cybersecurityStrategic use of public Wi-Fi for account creation and privacy techniquesData curation tactics, and “Minimizing What Can Be Known”Invisible surveillance net and Stingray devicesGrapheneOS discussion on user profiles, app sandboxing, network controls, sensors permissions, sandboxed Google Play services, and security architectureMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:Noam Chomsky on Internet Privacyhttps://www.youtube.com/watch?v=QIWsTMcBrjQNoam Chomsky on Advertising - https://www.youtube.com/watch?v=PfIwUlY44CMTryHackMe Platform - https://tryhackme.comHack the Box - https://hackthebox.comWired Article on DNC Stingray Surveillance - https://www.wired.com/story/2024-dnc-cell-site-simulator-phone-surveillance/IntelTechniques Data Removal Guide - https://inteltechniques.com/workbook.htmlOptery Data Broker Removal - https://optery.comGraphene OS - https://grapheneos.org“We're dragons. We're not supposed to live by other people's rules.”- Hajime Ryudo ★ Support this podcast on Patreon ★

Cyber Security Headlines
Undetectable Android spyware is detectable, Hunters ransomware quits, Salt Typhoon dormant

Cyber Security Headlines

Play Episode Listen Later Jul 4, 2025 9:09


Undetectable Android spyware leaks user logins Hunters ransomware group shuts doors Medical device company Surmodics reports cyberattack Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response Find the stories behind the headlines at CISOseries.com.

The CyberWire
The bug that let anyone in.

The CyberWire

Play Episode Listen Later Jul 3, 2025 32:55


Sudo patch your Linux systems. Cisco has removed a critical backdoor account that gave remote attackers root privileges. The Hunters International ransomware group rebrands and closes up shop. The Centers for Medicare and Medicaid Services (CMS) notifies 103,000 people that their personal data was compromised. NimDoor is a sophisticated North Korean cyber campaign targeting macOS. Researchers uncover a massive phishing campaign using thousands of fake retail websites. The FBI's top cyber official says Salt Typhoon is largely contained. Microsoft tells customers to ignore Windows Firewall error warnings. A California jury orders Google to pay $314 million for collecting Android user data without consent. Ben Yelin shares insights from this year's Supreme Court session. Ransomware negotiations with a side of side hustle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today our guest is Ben Yelin from UMD CHHS, who is sharing a wrap up of this year's Supreme Court session. If you want to hear more from Ben, head on over to the Caveat podcast, where he is co-host with Dave as they discuss all things law and privacy.  Selected Reading Linux Users Urged to Patch Critical Sudo CVE (Infosecurity Magazine) Cisco warns that Unified CM has hardcoded root SSH credentials (Bleeping Computer) Hunters International ransomware shuts down after World Leaks rebrand (Bleeping Computer) Feds Notify 103,000 Medicare Beneficiaries of Scam, Breach (Data Breach Today) N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates (Hackread) China-linked hackers spoof big-name brand websites to steal shoppers' payment info (The Record) Top FBI cyber official: Salt Typhoon ‘largely contained' in telecom networks (CyberScoop) Microsoft asks users to ignore Windows Firewall config errors (Bleeping Computer) California jury orders Google to pay $314 million over data transfers from Android phones (The Record) US Probes Whether Negotiator Took Slice of Hacker Payments (Bloomberg) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Security Headlines
Columbia hack, hunger relief ransomware, Qantas breach

Cyber Security Headlines

Play Episode Listen Later Jul 3, 2025 7:27


Student data lost in Columbia University hack German hunger relief charity hit by ransomware Qantas contact center breached Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response

Joey Pinz Discipline Conversations
#654 ITN Secure-Matthew Panizari:

Joey Pinz Discipline Conversations

Play Episode Listen Later Jul 2, 2025 27:49 Transcription Available


Send us a textWhat do rock climbing and cybersecurity have in common? For Matthew Panizari, both demand strategy, grit, and constant reevaluation. In this powerful episode recorded at IT Nation Secure 2025, Joey Pinz explores Matthew's frontline experience in digital forensics and incident response.

Cybercrime Magazine Podcast
Ransomware Minute. RE/MAX Real Estate Network, MATLAB Developer. Scott Schober, WCYB Digital Radio.

Cybercrime Magazine Podcast

Play Episode Listen Later Jul 2, 2025 3:12


The Ransomware Minute is a rundown of the latest ransomware attacks & news, brought to you Cybercrime Magazine, Page ONE for Cybersecurity. Listen to the podcast weekly and read it daily at https://ransomwareminute.com. For more on cybersecurity, visit us at https://cybercrimemagazine.com.

Talking Pools Podcast
Ransomware, Myths, Facts, & Pool SH!T!

Talking Pools Podcast

Play Episode Listen Later Jun 27, 2025 73:38


Text us a pool question!In this episode of the Talking Pools podcast, Rudy Stankowitz is interrupted with breaking news on a malware attack that has left an industry manufacturer paralyzed. He also addresses common myths and misconceptions that plague the industry, as well as how Podcasts and Trade Magazines are the only reliable sources of information for Pool Service Professionals. He discusses the importance of understanding pool chemistry, the role of various chemicals, and the significance of proper maintenance practices. Rudy emphasizes the need for pool professionals to be informed and equipped with the appropriate knowledge to provide the best service to their clients. From debunking the myth of chlorine lock to explaining the impact of sulfates on pool equipment, this episode is packed with valuable insights for anyone in the pool service industry.Mentions:Merlin IndustriesPHTAAsk the Pool GuyPool ChasersSPASAPool and Spa NewsPool Pro MagazineAQUA MagazinePool magazineService industry NewsSPLASH MagazinetakeawaysVariable speed pumps require flow meters for actual savings.Baking soda is chemically identical to an alkalinity increaser.The chlorine lock is a myth; it's actually about chlorine demand.Cyanuric acid protects chlorine, but it isn't always necessary.Soda ash is more effective for raising pH than baking soda.Magic Erasers do not prevent algae growth in pools.Phosphates can be present without causing algae blooms.Sulfates can damage pool equipment and stonework.Free chlorine is t AquaStar Pool ProductsThe Global Leader in Safety, Dependability, & Innovation in Pool Technology.POOL MAGAZINE Pool Magazine is leading up to the minute news source for Swimming Pool News and Pool Features. OuBLUERAY XLThe real mineral purifier! Reduce your pool maintenance costs & efforts by 50%Instacart - Groceries delivered in as little as 1 hour.Free delivery on your first order over $35.CPO Certification ClassesAttend your CPO class with Rudy Stankowitz!Online Pool ClassesThe difference between you and your competition is what you know!Jack's MagicIf you know Jack's you'd have no stains!RaypakRaypak, leading the evolution of environmental efficiency and sustainability in pool heaters.the 'How to Get Rid of Algae' handbookThe most comprehensive guide on algae prevention and remediation you will ever own. Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showThank you so much for listening! You can find us on social media: Facebook Instagram Tik Tok Email us: talkingpools@gmail.com

Afford Anything
You're Being Robbed $50 at a Time — And You Don't Even Know It, with former CIA hacker Dr. Eric Cole

Afford Anything

Play Episode Listen Later Jun 13, 2025 103:30


#616: Two school teachers in Ohio saved their entire lives for one dream — buying a farm. When they inherited $1.3 million and found the perfect property for $1.2 million, everything seemed perfect. Five days before closing, they received what looked like a legitimate email from their closing company with wire transfer instructions. They sent the money and showed up at closing, only to discover they'd been scammed. The email was fake, sent by hackers who had infiltrated the closing company's servers for months, waiting for exactly this type of high-value cash deal. That story comes from cybersecurity expert Dr. Eric Cole, who joins us to explain why ordinary people have become prime targets for cybercriminals. Cole, a former CIA hacker who served as cybersecurity commissioner under President Barack Obama and advises high-profile clients including Bill Gates' personal estate, has a message: if you think you're too small to be targeted, you're wrong. While billion-dollar companies deploy teams of 60 cybersecurity professionals, you have virtually no protection. Criminals know this. They're not trying to steal $100 million from one person anymore — they're stealing $50 from thousands of people every month. You probably won't notice the small amounts vanishing from your accounts. Cole calls it "death by a thousand cuts," and it's happening right now. We talk through the most common attacks targeting your money. Bank hacking is simpler than most people realize. All criminals need is your account number — printed on every check you write — and your password. With that information, they can often perform electronic fund transfers of up to 50 percent of your account balance without triggering alerts. Cole explains how phishing schemes have evolved beyond simple email scams. Criminals now use artificial intelligence to mimic voices, calling grandparents with their grandchild's actual voice asking for bail money. Ransomware has become a massive business operation. Cole describes a company in Russia with 700 employees whose entire business model is encrypting people's files and demanding payment. Cole advocates for going old-school on major financial transactions. When buying real estate, he meets face-to-face, brings certified checks, and refuses to trust email wire instructions. For daily security, he recommends turning on two-factor authentication for every account, setting up instant notifications for any account activity, and dramatically reducing the number of apps on your devices. We also cover the China-TikTok connection, secure messaging options, and why Cole helped configure President Obama's smartphone to connect to fake cell towers that masked his actual location. Cole's bottom line: cybersecurity isn't just for tech companies anymore. Criminals are targeting ordinary people because we're easier prey than heavily protected corporations. Your money is under threat. Here's how to protect it. Learn more about your ad choices. Visit podcastchoices.com/adchoices