Podcasts about security research

Today we have Tomer Bar, VP of Security Research at SafeBreach Labs, discussing their work on "Prince of Persia: A Decade of Iranian Nation-State APT Campaign Activity under the Microscope". In this first installment of SafeBreach's deep dive into the Iranian-linked APT known as “Prince of Persia,” originally exposed by Palo Alto Networks Unit 42, researchers reveal that the group never truly went dark after 2022—but instead evolved. Led by Tomer, the investigation uncovers new variants of Foudre and Tonnerre malware, expanded campaign scale, active C2 infrastructure through late 2025, and a shift toward Telegram-based command-and-control. The research provides rare, sustained visibility into nearly a decade of Iranian nation-state cyber operations, offering fresh indicators of compromise and insight into how the group continues to refine its tooling, obfuscation, and targeting. The research can be found here: Prince of Persia, Part 1: A Decade of Iranian Nation-State APT Campaign Activity under the Microscope Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we have Tomer Bar, VP of Security Research at SafeBreach Labs, discussing their work on "Prince of Persia: A Decade of Iranian Nation-State APT Campaign Activity under the Microscope". In this first installment of SafeBreach's deep dive into the Iranian-linked APT known as “Prince of Persia,” originally exposed by Palo Alto Networks Unit 42, researchers reveal that the group never truly went dark after 2022—but instead evolved. Led by Tomer, the investigation uncovers new variants of Foudre and Tonnerre malware, expanded campaign scale, active C2 infrastructure through late 2025, and a shift toward Telegram-based command-and-control. The research provides rare, sustained visibility into nearly a decade of Iranian nation-state cyber operations, offering fresh indicators of compromise and insight into how the group continues to refine its tooling, obfuscation, and targeting. The research can be found here: Prince of Persia, Part 1: A Decade of Iranian Nation-State APT Campaign Activity under the Microscope Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we have Ziv Mador, VP of Security Research from LevelBlue SpiderLabs discussing their work on "SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp." Researchers at LevelBlue SpiderLabs have identified a new Brazilian banking Trojan dubbed Eternidade Stealer, spread through WhatsApp hijacking and social engineering campaigns that use a Python-based worm to steal contacts and distribute malicious MSI installers. The Delphi-compiled malware targets Brazilian victims, profiles infected systems, dynamically retrieves its command-and-control server via IMAP email, and deploys banking overlays to harvest credentials from financial institutions and cryptocurrency platforms. The campaign reflects the continued evolution of Brazil's cybercrime ecosystem, combining WhatsApp propagation, geofencing, encrypted C2 communications, and process injection to maintain stealth and persistence. The research can be found here: SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we have Ziv Mador, VP of Security Research from LevelBlue SpiderLabs discussing their work on "SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp." Researchers at LevelBlue SpiderLabs have identified a new Brazilian banking Trojan dubbed Eternidade Stealer, spread through WhatsApp hijacking and social engineering campaigns that use a Python-based worm to steal contacts and distribute malicious MSI installers. The Delphi-compiled malware targets Brazilian victims, profiles infected systems, dynamically retrieves its command-and-control server via IMAP email, and deploys banking overlays to harvest credentials from financial institutions and cryptocurrency platforms. The campaign reflects the continued evolution of Brazil's cybercrime ecosystem, combining WhatsApp propagation, geofencing, encrypted C2 communications, and process injection to maintain stealth and persistence. The research can be found here: SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp Learn more about your ad choices. Visit megaphone.fm/adchoices

The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this ISACA Podcast episode, host Safia Kazi, Principal Research Analyst – Privacy, is joined by Dirk Schrader, VP of Security Research at Netwrix, to discuss how generative AI is revealing long-standing gaps in enterprise data security and governance. This episode builds on insights from a recent ISACA webinar that explored how generative AI is exposing weaknesses in enterprise data security and governance. The discussion examines why many organizations lack visibility into where sensitive data resides and who can access it, particularly across hybrid and cloud environments. The conversation also addresses emerging risks introduced by AI tools, including non-human access and overexposed data. Listeners will gain practical, governance-focused guidance on how DSPM helps organizations assess risk, support compliance, and prepare data responsibly for AI initiatives. Related Resources: Watch the ISACA Webinar from the ISACA Virtual Summit 2025: “Securing Data in the Age of AI with DSPM” https://www.isaca.org/training-and-events/online-training/virtual-summits/ai-governance-strategies Learn more from Netwrix: https://netwrix.com/en/resources/ Explore more ISACA Podcasts: https://www.isaca.org/resources/news-and-trends/isaca-podcast-library ISACA on YouTube: https://www.youtube.com/@IsacaHq

Trevor Hilligoss, Head of Security Research at SpyCloud  and former FBI agent, joins the show to discuss why humans remain the biggest security risk facing organizations today. From reused credentials to commoditized cybercrime tools, Trevor breaks down how attackers actually gain access — and why focusing on real-world human behavior is more effective than worrying about sophisticated nation-state threats. Trevor: www.linkedin.com/in/thilligoss/ SpyCloud: spycloud.com Jon: www.linkedin.com/in/jon-mclachlan Sasha: www.linkedin.com/in/aliaksandr-sinkevich YSecurity: www.ysecurity.io

In dieser Podcast-Folge sprechen wir mit Sebastian Halbritter (Business & Technology Development Manager, dissecto) darüber, wie Cybersecurity die Transformation aktiv mitgestaltet. Im Fokus stehen regulatorische Hürden wie der Hackerparagraph, DSGVO-Fragen und die Komplexität moderner Fahrzeugarchitekturen – sowie praktische Antworten darauf: Security frühzeitig einbinden, Automatisierung nutzen, Skalierbarkeit sicherstellen und Teams gezielt entwickeln. Wir beleuchten außerdem die Rolle regionaler und internationaler Netzwerke, aktuelle Markttrends und die Bedeutung von Austausch für wirksame Cybersecurity-Strategien. Abschließend beschreibt Sebastian, welche Anforderungen sichere softwaredefinierte Mobilität künftig prägen könnten – und welche Schritte Unternehmen heute bereits unterstützen. Relevante Links und Kontaktdaten: https://dissec.to/ https://www.linkedin.com/in/sebastian-halbritter-7a217926 https://www.linkedin.com/company/dissecto

Taiwanese worry about living costs and their everyday lives while pushing the prospect of action from China to the back of their mindsTaiwanese people are used to air raid sirens and preparations for action ahead of any Chinese invasion, but life must be lived well in the mean timeGuests: Mark Hanson - journalist, publisher White FungusDr Ming-Shih Shen, Institute for National Defense and Security Research, TaiwanDr Jie Zhong - Institute for National Defense and Security Research, TaiwanKelly Sloan - Sloan & Associates, DenverYurii Poita - Ukraine scholar, specialist on Asia Pacific securityLearn more:Find The Detail on Newsroom or RNZ Go to this episode on rnz.co.nz for more details

Podcast: IoT Security Podcast (LS 25 · TOP 10% what is this?)Episode: Hacking Culture, Community, and Curiosity: Evolving Security Research in a Modern WorldPub date: 2025-09-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe dynamic evolution of hacker culture, the ongoing transformation of cybersecurity conferences, and the importance of resilience and curiosity among security researchers are all topics covered in this episode through stories of past and present with Dhillon Kannabhiran, CEO and Founder of Hack In The Box (HITB) and Out Of The Box.  He and Phillip Wylie examine the shift from open knowledge sharing and exploration to the monetization and commercialization of cybersecurity exploits. Dhillon offers insights into the unique approaches Hack In The Box and Out of the Box conferences have taken, encouraging people the valuing of persistence and the collaborative spirit that push the community forward.Dhillon Kannabhiran on LinkedIn: https://www.linkedin.com/in/l33tdawg/Dhillon Kannabhiran on X: https://x.com/l33tdawgKey Points/Topics Covered:Evolution of hacker culture and the foundational role of resilience and curiosityHistory, mission, and format of Hack In The Box and Out of the Box conferencesShifts in conference and research communities post-COVID and the influence of commercialization on sharingThe continuing need for community, knowledge sharing, and supporting new talent in cybersecurityThe changing landscape of security research and bug hunting with the advent of AI and new technology Let's connect about IoT Security!Follow Phillip Wylie at https://www.linkedin.com/in/phillipwyliehttps://youtube.com/@phillipwylieThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The dynamic evolution of hacker culture, the ongoing transformation of cybersecurity conferences, and the importance of resilience and curiosity among security researchers are all topics covered in this episode through stories of past and present with Dhillon Kannabhiran, CEO and Founder of Hack In The Box (HITB) and Out Of The Box.  He and Phillip Wylie examine the shift from open knowledge sharing and exploration to the monetization and commercialization of cybersecurity exploits. Dhillon offers insights into the unique approaches Hack In The Box and Out of the Box conferences have taken, encouraging people the valuing of persistence and the collaborative spirit that push the community forward.Dhillon Kannabhiran on LinkedIn: https://www.linkedin.com/in/l33tdawg/Dhillon Kannabhiran on X: https://x.com/l33tdawgKey Points/Topics Covered:Evolution of hacker culture and the foundational role of resilience and curiosityHistory, mission, and format of Hack In The Box and Out of the Box conferencesShifts in conference and research communities post-COVID and the influence of commercialization on sharingThe continuing need for community, knowledge sharing, and supporting new talent in cybersecurityThe changing landscape of security research and bug hunting with the advent of AI and new technology Let's connect about IoT Security!Follow Phillip Wylie at https://www.linkedin.com/in/phillipwyliehttps://youtube.com/@phillipwylieThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Episode 139: In this episode of Critical Thinking - Bug Bounty Podcast Justin finally sits down with the great James Kettle to talk about HTTP Proxys, metagaming research, avoiding burnout, and why HTTP/1.1 must die!Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Guest: https://x.com/albinowaxhttps://jameskettle.com====== This Week in Bug Bounty ======Building an Android Bug Bounty labMobile Hacking Toolkit====== Resources ======CVE-2022-22720So you want to be a web security researcher?Hunting Evasive Vulnerabilities: Finding Flaws That Others Miss by James KettleHTTP/1.1 Must Die! The Desync EndgamePractical HTTP Host header attacks====== Timestamps ======(00:00:00) Introduction(00:05:01) Apache MITM-powered pause-based client-side desync(00:15:33) HTTP Proxys and Burp Suite HTTP/2 in Repeater(00:24:52) AI intagrations, life structure, and avoiding burnout(00:35:23) Client-side to server-side progression(00:47:39) The 'metagame' of security research(01:29:43) Host Header Attacks & HTTP/1.1 Must Die! (02:02:34) Is HTTP/2 the solution?

To try everything Brilliant has to offer for free for a full 30 days, visit https://brilliant.org/davidbombal or scan the QR code onscreen – You'll also get 20% off an annual premium subscription. In this 2025 deep-dive, David Bombal sits down with John Hammond to map the real state of hacking: classic ransomware/infostealers meet AI-assisted malware (including code that leverages LLMs). We unpack the ClickFix and FileFix social-engineering patterns, fake CAPTCHA and “save/upload” flows that trick users into running payloads, and the practical Windows mitigations (policy/registry ideas) you should know. John shares why he estimates 20–30% of attacks now have some AI touch, how social engineering scales, and where defenders can push back. For your career, he argues opportunities are expanding: use CTFs, show your work on GitHub/video, and consider OSCP for signaling. He also introduces Just Hacking Training (JHT), handson hack-alongs, archived CTFs, free upskill challenges, and pay-what-you-want courses with industry all-stars. What you'll learn: • How ClickFix/FileFix actually trick users • Realistic mitigation tactics you can apply • The current role of AI in malware • Career roadmap: CTFs → OSCP → portfolio • Where to get hands-on: JHT resources // John Hammond's SOCIALS // YouTube: / @_johnhammond X: https://x.com/_johnhammond LinkedIn: / johnhammond010 Discord: / discord Instagram: / _johnhammond TikTok: / johnhammond010 GitHub: https://github.com/JohnHammond Humble Bundle: https://www.humblebundle.com/?partner... Just Hacking Training: https://www.justhacking.com/ ClickFix Website: https://clickfix-wiki.github.io/ // YouTube video REFERENCE // Linux got hacked with this AI Image: • Linux got Hacked with this AI image! Hackers trick everyone to run malware (FileFix): • hackers trick everyone to run malware (Fil... OSINT Tools to track you down: • OSINT tools to track you down. You cannot ... // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:58 - Intro & Current State of Hacking 03:42 - Brilliant Advert 05:14 - The Wave of AI Attacks 07:43 - Click(Fix) Hack 10:10 - FileFix: The Future Hacks 11:14 - Current Affairs & Social Engineering 15:17 - Raising Awareness 19:18 - Security Research 20:51 - Is There a Future for Younger People in This Industry? 22:54 - What Should I Do to Get There? 24:11 - Recommended Certifications 26:34 - Where Do I Start? 28:26 - About John Hammond's Work 31:12 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.

In this thought leadership session, ITSPmagazine co-founders Sean Martin and Marco Ciappelli moderate a dynamic conversation with five industry leaders offering their take on what will dominate the show floor and side-stage chatter at Black Hat USA 2025.Leslie Kesselring, Founder of Kesselring Communications, surfaces how media coverage is shifting in real time—no longer driven solely by talk submissions but now heavily influenced by breaking news, regulation, and public-private sector dynamics. From government briefings to cyberweapon disclosures, the pressure is on to cover what matters, not just what's scheduled.Daniel Cuthbert, member of the Black Hat Review Board and Global Head of Security Research at Banco Santander, pushes back on the hype. He notes that while tech moves fast, security research often revisits decades-old bugs. His sharp observation? “The same bugs from the ‘90s are still showing up—sometimes discovered by researchers younger than the vulnerabilities themselves.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners, shifts the conversation to operational risk. He raises concern over Model-Chained Prompting (MCP) and how AI agents can rewrite enterprise processes without visibility or traceability—especially alarming in environments lacking kill switches or proper controls.Richard Stiennon, Chief Research Analyst at IT-Harvest, offers market-level insights, forecasting AI agent saturation with over 20 vendors already present in the expo hall. While excited by real advancements, he warns of funding velocity outpacing substance and cautions against the cycle of overinvestment in vaporware.Rupesh Chokshi, SVP & GM at Akamai Technologies, brings the product and customer lens—framing the security conversation around how AI use cases are rolling out fast while security coverage is still catching up. From OT to LLMs, securing both AI and with AI is a top concern.This episode is not just about placing bets on buzzwords. It's about uncovering what's real, what's noise, and what still needs fixing—no matter how long we've been talking about it.___________Guests:Leslie Kesselring, Founder at Cyber PR Firm Kesselring Communications | On LinkedIn: https://www.linkedin.com/in/lesliekesselring/“This year, it's the news cycle—not the sessions—that's driving what media cover at Black Hat.”Daniel Cuthbert, Black Hat Training Review Board and Global Head of Security Research for Banco Santander | On LinkedIn: https://www.linkedin.com/in/daniel-cuthbert0x/“Why are we still finding bugs older than the people presenting the research?”Richard Stiennon, Chief Research Analyst at IT-Harvest | On LinkedIn: https://www.linkedin.com/in/stiennon/“The urge to consolidate tools is driven by procurement—not by what defenders actually need.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners | On LinkedIn: https://www.linkedin.com/in/michael-parisi-4009b2261/“Responsible AI use isn't a policy—it's something we have to actually implement.”Rupesh Chokshi, SVP & General Manager at Akamai Technologies | On LinkedIn: https://www.linkedin.com/in/rupeshchokshi/“The business side is racing to deploy AI—but security still hasn't caught up.”Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In this thought leadership session, ITSPmagazine co-founders Sean Martin and Marco Ciappelli moderate a dynamic conversation with five industry leaders offering their take on what will dominate the show floor and side-stage chatter at Black Hat USA 2025.Leslie Kesselring, Founder of Kesselring Communications, surfaces how media coverage is shifting in real time—no longer driven solely by talk submissions but now heavily influenced by breaking news, regulation, and public-private sector dynamics. From government briefings to cyberweapon disclosures, the pressure is on to cover what matters, not just what's scheduled.Daniel Cuthbert, member of the Black Hat Review Board and Global Head of Security Research at Banco Santander, pushes back on the hype. He notes that while tech moves fast, security research often revisits decades-old bugs. His sharp observation? “The same bugs from the ‘90s are still showing up—sometimes discovered by researchers younger than the vulnerabilities themselves.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners, shifts the conversation to operational risk. He raises concern over Model-Chained Prompting (MCP) and how AI agents can rewrite enterprise processes without visibility or traceability—especially alarming in environments lacking kill switches or proper controls.Richard Stiennon, Chief Research Analyst at IT-Harvest, offers market-level insights, forecasting AI agent saturation with over 20 vendors already present in the expo hall. While excited by real advancements, he warns of funding velocity outpacing substance and cautions against the cycle of overinvestment in vaporware.Rupesh Chokshi, SVP & GM at Akamai Technologies, brings the product and customer lens—framing the security conversation around how AI use cases are rolling out fast while security coverage is still catching up. From OT to LLMs, securing both AI and with AI is a top concern.This episode is not just about placing bets on buzzwords. It's about uncovering what's real, what's noise, and what still needs fixing—no matter how long we've been talking about it.___________Guests:Leslie Kesselring, Founder at Cyber PR Firm Kesselring Communications | On LinkedIn: https://www.linkedin.com/in/lesliekesselring/“This year, it's the news cycle—not the sessions—that's driving what media cover at Black Hat.”Daniel Cuthbert, Black Hat Training Review Board and Global Head of Security Research for Banco Santander | On LinkedIn: https://www.linkedin.com/in/daniel-cuthbert0x/“Why are we still finding bugs older than the people presenting the research?”Richard Stiennon, Chief Research Analyst at IT-Harvest | On LinkedIn: https://www.linkedin.com/in/stiennon/“The urge to consolidate tools is driven by procurement—not by what defenders actually need.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners | On LinkedIn: https://www.linkedin.com/in/michael-parisi-4009b2261/“Responsible AI use isn't a policy—it's something we have to actually implement.”Rupesh Chokshi, SVP & General Manager at Akamai Technologies | On LinkedIn: https://www.linkedin.com/in/rupeshchokshi/“The business side is racing to deploy AI—but security still hasn't caught up.”Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Cyber threat intelligence (CTI) is no longer just a technical stream of indicators or a feed for security operations center teams. In this episode, Ryan Patrick, Vice President at HITRUST; John Salomon, Board Member at the Cybersecurity Advisors Network (CyAN); Tod Beardsley, Vice President of Security Research at runZero; Wayne Lloyd, Federal Chief Technology Officer at RedSeal; Chip Witt, Principal Security Analyst at Radware; and Jason Kaplan, Chief Executive Officer at SixMap, each bring their perspective on why threat intelligence must become a leadership signal that shapes decisions far beyond the security team.From Risk Reduction to OpportunityRyan Patrick explains how organizations are shifting from compliance checkboxes to meaningful, risk-informed decisions that influence structure, operations, and investments. This point is reinforced by John Salomon, who describes CTI as a clear, relatable area of security that motivates chief information security officers to exchange threat information with peers — cooperation that multiplies each organization's resources and builds a stronger industry front against emerging threats.Real Business ContextTod Beardsley outlines how CTI can directly support business and investment moves, especially when organizations evaluate mergers and acquisitions. Wayne Lloyd highlights the importance of network context, showing how enriched intelligence helps teams move from reactive cleanups to proactive management that ties directly to operational resilience and insurance negotiations.Chip Witt pushes the conversation further by describing CTI as a business signal that aligns threat trends with organizational priorities. Jason Kaplan brings home the reality that for Fortune 500 security teams, threat intelligence is a race — whoever finds the gap first, the defender or the attacker, determines who stays ahead.More Than DefenseThe discussion makes clear that the real value of CTI is not the data alone but the way it helps organizations make decisions that protect, adapt, and grow. This episode challenges listeners to see CTI as more than a defensive feed — it is a strategic advantage when used to strengthen deals, influence product direction, and build trust where it matters most.Tune in to hear how these leaders see the role of threat intelligence changing and why treating it as a leadership signal can shape competitive edge.________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.

Cyber threat intelligence (CTI) is no longer just a technical stream of indicators or a feed for security operations center teams. In this episode, Ryan Patrick, Vice President at HITRUST; John Salomon, Board Member at the Cybersecurity Advisors Network (CyAN); Tod Beardsley, Vice President of Security Research at runZero; Wayne Lloyd, Federal Chief Technology Officer at RedSeal; Chip Witt, Principal Security Analyst at Radware; and Jason Kaplan, Chief Executive Officer at SixMap, each bring their perspective on why threat intelligence must become a leadership signal that shapes decisions far beyond the security team.From Risk Reduction to OpportunityRyan Patrick explains how organizations are shifting from compliance checkboxes to meaningful, risk-informed decisions that influence structure, operations, and investments. This point is reinforced by John Salomon, who describes CTI as a clear, relatable area of security that motivates chief information security officers to exchange threat information with peers — cooperation that multiplies each organization's resources and builds a stronger industry front against emerging threats.Real Business ContextTod Beardsley outlines how CTI can directly support business and investment moves, especially when organizations evaluate mergers and acquisitions. Wayne Lloyd highlights the importance of network context, showing how enriched intelligence helps teams move from reactive cleanups to proactive management that ties directly to operational resilience and insurance negotiations.Chip Witt pushes the conversation further by describing CTI as a business signal that aligns threat trends with organizational priorities. Jason Kaplan brings home the reality that for Fortune 500 security teams, threat intelligence is a race — whoever finds the gap first, the defender or the attacker, determines who stays ahead.More Than DefenseThe discussion makes clear that the real value of CTI is not the data alone but the way it helps organizations make decisions that protect, adapt, and grow. This episode challenges listeners to see CTI as more than a defensive feed — it is a strategic advantage when used to strengthen deals, influence product direction, and build trust where it matters most.Tune in to hear how these leaders see the role of threat intelligence changing and why treating it as a leadership signal can shape competitive edge.________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.

Security teams often rely on scoring systems like Common Vulnerability Scoring System (CVSS), Exploit Prediction Scoring System (EPSS), and Stakeholder-Specific Vulnerability Categorization (SSVC) to make sense of vulnerability data—but these frameworks don't always deliver the clarity needed to act. In this episode, Tod Beardsley, Vice President of Security Research at runZero, joins host Sean Martin at InfoSec Europe 2025 to challenge how organizations use these scoring systems and to explain why context is everything when it comes to exposure management.Beardsley shares his experience navigating the limitations of vulnerability scoring. He explains why common outputs—like a CVSS score of 7.8—often leave teams with too many “priorities,” forcing them into ineffective, binary patch-or-don't-patch decisions. By contrast, he highlights the real value in understanding factors like access vectors and environmental fit, which help security teams focus on what's relevant to their specific networks and business-critical systems.The conversation also explores SSVC's ability to drive action through decision-tree logic rather than abstract scores, enabling defenders to justify priorities to leadership based on mission impact. This context-centric approach requires a deep understanding of both the asset and its role in the business—something Beardsley notes can be hard to achieve without support.That's where runZero steps in. Beardsley outlines how the platform identifies unmanaged or forgotten devices—including IoT, legacy systems, and third-party gear—without needing credentials or agents. From uncovering multi-homed light bulbs that straddle segmented networks to scanning for default passwords and misconfigurations, RunZero shines a light into the forgotten corners of corporate infrastructure.The episode closes with a look at merger and acquisition use cases, where runZero helps acquiring companies understand the actual tech debt and exposure risk in the environments they're buying. As Beardsley puts it, the goal is simple: give defenders the visibility and context they need to act now—not after something breaks.Whether you're tracking vulnerabilities, uncovering shadow assets, or preparing for your next acquisition, this episode invites you to rethink what visibility really means—and how you can stop chasing scores and start reducing risk.Learn more about runZero: https://itspm.ag/runzero-5733Note: This story contains promotional content. Learn more.Guest: Tod Beardsley, Vice President of Security Research at runZero | On Linkedin: https://www.linkedin.com/in/todb/ResourcesLearn more and catch more stories from runZero: https://www.itspmagazine.com/directory/runzeroAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, tod beardsley, runzero, exposure, vulnerability, asset, risk, ssdc, cvss, iot, brand story, brand marketing, marketing podcast, brand story podcast

As the RSAC 2025 Conference approaches, key themes are emerging that are set to dominate the world's largest cybersecurity gathering. Industry dynamics are shifting rapidly – from AI enabling higher velocity threats, an intensified platform consolidation debate, high-profile M&A, rising interest in AI agents (with somewhat tepid adoption in cyber), and shifting security budget priorities.Our research shows that though cybersecurity remains a top priority for information technology leaders, it is not immune from macroeconomic headwinds. Moreover, geopolitical tensions have heightened perceived and actual threats, causing a large portion of customers to change their spending habits. On balance, cybersecurity remains the most challenging sector in tech, where 100% success is virtually unattainable; and failure can cripple a firm's brand.In this Breaking Analysis, we dig into Enterprise Technology Research's Annual State of Security Research (free download). We'll examine the macro picture in cybersecurity, share the shifting spending patterns and priorities exposed in the research, examine the hype and realities of platform consolidation, and share which companies chief information security officers feel are helping them innovate to fight the fight.

As China increases its ‘grey zone' pressure, can Taiwan defend its sovereignty without sparking open conflict? In this episode of Global Security Briefing, host Neil Melvin speaks with Dr. Philip Shetler-Jones, RUSI Senior Research Fellow for Indo-Pacific Security, Sze-Fung Lee an independent researcher specialising in Chinese hybrid warfare, and Dr. Jyun-yi Lee, Associate Research Fellow at Taiwan's Institute for National Defense and Security Research to examine how Taiwan is confronting the growing coercive pressure from China, a pressure which falls just below the threshold of war. Drawing on a new RUSI report, they explore what grey zone tactics are, how Taiwan is responding, and what lessons can be shared between Europe and the Indo-Pacific. With rising tensions in the Taiwan Strait, this episode asks: Can grey zone threats be deterred – and how close are we to open conflict? This episode is brought to you as part of our Indo-Pacific Security Programme, under which our research on the grey zone and lawfare receives sponsorship from the Taipei Relations Office in London.

See the full podcast! https://chinauncensored.tv/programs/podcast-290 Joining us in person for the first time is GUERMANTES 'G-MAN' LAILARI. He is a retired US Air Force Foreign Area Officer specializing in the Middle East and Europe, as well as strategy, irregular warfare, and missile defense. He's also a visiting researcher at the Institute for National Defense and Security Research in Taipei. Read Lailari's article: Keeping Taiwan Safe: Best Possible Options https://www.taipeitimes.com/News/editorials/archives/2025/03/03/2003832770 And check out our other channel, China Uncensored: https://www.youtube.com/ChinaUncensored Our social media: X: https://www.x.com/ChinaUncensored Facebook: https://www.facebook.com/ChinaUncensored Instagram: https://www.instagram.com/ChinaUncensored #China

See the full podcast! https://chinauncensored.tv/programs/podcast-290 Joining us in person for the first time is GUERMANTES 'G-MAN' LAILARI. He is a retired US Air Force Foreign Area Officer specializing in the Middle East and Europe, as well as strategy, irregular warfare, and missile defense. He's also a visiting researcher at the Institute for National Defense and Security Research in Taipei. Read Lailari's article: Keeping Taiwan Safe: Best Possible Options https://www.taipeitimes.com/News/editorials/archives/2025/03/03/2003832770 And check out our other channel, China Uncensored: https://www.youtube.com/ChinaUncensored Our social media: X: https://www.x.com/ChinaUncensored Facebook: https://www.facebook.com/ChinaUncensored Instagram: https://www.instagram.com/ChinaUncensored #China

See the full podcast! https://chinauncensored.tv/programs/podcast-290 Joining us in person for the first time is GUERMANTES 'G-MAN' LAILARI. He is a retired US Air Force Foreign Area Officer specializing in the Middle East and Europe, as well as strategy, irregular warfare, and missile defense. He's also a visiting researcher at the Institute for National Defense and Security Research in Taipei. Read Lailari's article: Keeping Taiwan Safe: Best Possible Options https://www.taipeitimes.com/News/editorials/archives/2025/03/03/2003832770 And check out our other channel, China Uncensored: https://www.youtube.com/ChinaUncensored Our social media: X: https://www.x.com/ChinaUncensored Facebook: https://www.facebook.com/ChinaUncensored Instagram: https://www.instagram.com/ChinaUncensored #China

Seth and Ken are happy to announce that Clint Gibler (@clintgibler), the force behind TL;DRSec (tldrsec.com) and head of Security Research at Semgrep, will be coming on as a guest again on the Absolute AppSec podcast. The conversation starts with background on his experience with TL;DRSec and writing a newsletter. Followed up by an indepth discussion on secure defaults and how Semgrep and other tools help push security in organizations.

Are the world's most popular websites using outdated password policies?

Do you use Android at work, but don't really understand it?In this episode Hahna Kane Latonick teaches an Android cybersecurity masterclass for cyber GRC teams:Here are a few highlights from this episode:How the Android project is managedHow Android devices are compromisedThe many steps to update Android devicesMost important steps to secure Android devicesIs Apple more secure than Android?Hahna is the Director of Security Research at Dark Wolf Solutions. Some of her focuses include Android reverse engineering and exploit development. She has been featured on national media outlets including Fox Business News, ABC News, and many others!Too often companies integrate mobile devices at work without truly understanding how they work and the risks involved.Hahna explained these concepts so well! And of course, we had some back and forth on what is more secure, Android or Apple.I really enjoyed this episode and learned more about Android myself! What were your takeaways?Follow Hahna on LinkedIn: https://www.linkedin.com/in/hahnakane/Dark Wolf Solutions Website: https://darkwolfsolutions.com/Android Security Research Playbook: https://asrp.darkwolf.io/-----------Thanks to our sponsor Vanta!Want to save time filling out security questionnaires?Experience questionnaire automation here: https://vanta.com/grcacademy-----------Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e38&utm_campaign=courses#android #cybersecurity #informationsecurity

Three Buddy Problem - Episode 20: We revisit the ‘hack-back' debate, the threshold for spying on adversaries, Palo Alto watching EDR bypass research to track threat actors, hot nuggets in Project Zero's Clem Lecinge's Hexacon talk, Apple's new iOS update rebooting iPhones in law enforcement custody, the mysterious GoblinRAT backdoor, and physical ‘meatspace' Bitcoin attacks and more details on North Korean cryptocurrency theft. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek).

What does it take for organizations to stay one step ahead of cyber threats in an increasingly digital world? In this episode, I sit down with Dirk Schrader, Field CISO EMEA and VP of Security Research at Netwrix, to explore the state of cybersecurity and the findings from Netwrix's latest annual security report. The conversation reveals a stark reality: 79% of organizations experienced a cyberattack in the past year, a rise from 68% in 2023, with ransomware remaining one of the most significant threats. Dirk offers insights into what these trends mean for organizations today, especially as cloud-based infrastructure attacks are now matching on-premise incidents. He highlights how identity compromise has become the primary attack vector, particularly for privileged identities, underscoring the importance of identity and privilege management. Throughout the episode, Dirk shares the protective measures organizations can adopt, from fostering a positive security culture that encourages reporting and proactive engagement to utilizing just-in-time privilege approaches and identity threat detection systems. We also discuss the challenges and opportunities brought by remote work and the increasing reliance on cloud services, which demand a shift in traditional security practices. Dirk advocates for a flexible but resilient approach to cyber risk management, where understanding sector-specific needs and balancing regulatory compliance play crucial roles. Lastly, we touch on the role of AI in the evolving cybersecurity landscape—both as a defense mechanism and as a potential tool for adversaries, especially with threats like deepfake voice calls and scalable persuasive phishing on the horizon. Tune in to understand how Netwrix's research and Dirk's expertise can help your organization anticipate risks, fortify defenses, and foster a robust security strategy in an era where cyber resilience is paramount. What cybersecurity challenges have you faced in your organization, and what steps are you taking to address them? Let us know your thoughts.

Mastering Cybersecurity: From AI Threats to Quantum Encryption - Insights with CDW Join host Jim Love in a riveting discussion with Ivo Wiens, Field CTO for CDW Canada, as they review CDW's cyber security research and discussions with CISO's about the state of cyber security in Canada.  Delve into the sophistication of cyber attacks driven by organized crime and nation-states, and learn about the importance of cyber security frameworks like zero trust and NIST standards. The conversation also explores the role of AI in both enhancing phishing attacks and defending against cyber threats, as well as the challenges and strategies in implementing AI security within organizations. Gain insights on vendor management complexities, platformization, quantum cryptography, and the future of cyber encryption. Listen to practical advice on navigating business risks, enhancing user experiences, and adopting zero trust models in today's digital landscape.  00:00 Introduction to Cybersecurity Today 00:26 Understanding CDW and Its Role 01:08 CDW's Approach to Cybersecurity 04:16 Research and Insights from CDW 05:40 The Growing Sophistication of Cyber Attacks 08:24 Adopting Cybersecurity Frameworks 12:12 The Importance of Tabletop Exercises 17:01 Human Vulnerabilities and AI in Cybersecurity 18:12 The Sophistication of Phishing Attacks 19:03 Emotional Manipulation in Cyber Attacks 21:09 AI in Cybersecurity: Opportunities and Risks 22:30 Implementing AI in Business Operations 25:08 Balancing AI and Privacy Concerns 34:09 The Future of Cybersecurity: Quantum Computing 36:53 Final Thoughts and Advice for Organizations

Mastering Cybersecurity: From AI Threats to Quantum Encryption - Insights with CDW Join host Jim Love in a riveting discussion with Ivo Wiens, Field CTO for CDW Canada, as they review CDW's cyber security research and discussions with CISO's about the state of cyber security in Canada.  Delve into the sophistication of cyber attacks driven by organized crime and nation-states, and learn about the importance of cyber security frameworks like zero trust and NIST standards. The conversation also explores the role of AI in both enhancing phishing attacks and defending against cyber threats, as well as the challenges and strategies in implementing AI security within organizations. Gain insights on vendor management complexities, platformization, quantum cryptography, and the future of cyber encryption. Listen to practical advice on navigating business risks, enhancing user experiences, and adopting zero trust models in today's digital landscape.  00:00 Introduction to Cybersecurity Today 00:26 Understanding CDW and Its Role 01:08 CDW's Approach to Cybersecurity 04:16 Research and Insights from CDW 05:40 The Growing Sophistication of Cyber Attacks 08:24 Adopting Cybersecurity Frameworks 12:12 The Importance of Tabletop Exercises 17:01 Human Vulnerabilities and AI in Cybersecurity 18:12 The Sophistication of Phishing Attacks 19:03 Emotional Manipulation in Cyber Attacks 21:09 AI in Cybersecurity: Opportunities and Risks 22:30 Implementing AI in Business Operations 25:08 Balancing AI and Privacy Concerns 34:09 The Future of Cybersecurity: Quantum Computing 36:53 Final Thoughts and Advice for Organizations

Starlink ger teknikentreprenören Elon Musk makt att avgöra vem som får tillgång till satellit-internet. Och vem som ska stängas av. Lyssna på alla avsnitt i Sveriges Radio Play. Elon Musks bolag Starlink äger två tredjedelar av alla satelliter som cirklar runt jorden. Vissa talar om honom som en interntgud.Hans nya satellitbundna internet fungerar när annat nät slagits ut som i krigets Ukraina. Och på otillgängliga platser på jorden som regnskogens Amazonas som tidigare inte haft någon uppkoppling.Samtidigt väcker hans kontakt med personer som Trump, Putin och Xi Jingping farhågor kring hur Elon Musk använder sig av den här makten.Följ med till Amazonas i Brasilien, rebellkontrollerade områden i Myanmar och till Donetsk i Ukraina.Medverkande: Milton Mueller, professor i cybersäkerhetspolicy vid Georgia Tech university i Atlanta, USA, Jesse Rodrigues, lokal ledare i Amazonas, Pedro Ekman, ordförande för Intervoces, en organisation som verkar för att fler brasilianare ska få tillgång till internet, Joel Araújo, chef för den brasilianska miljömyndigheten Ibama, Yisou Tzeng chef för cybersäkerhetsavdelningen vid Taiwans Institute for National Defense and Security Research, Saw Tender, Karen-folkets politiske ledare i Myanmar, samt läkare, guldgrävare, lärare, spelande barn och alla andra som använder internet.Reportrar: Lubna El-Shanti, Ukrainakorrespondent, Axel Kronholm, Sydostasienkorrespondent, Lotten Collin, Latinamerikakorrespondent, Juliana Faddul, frilansare Brasilien.Programledare: Kajsa Boglindkajsa.boglind@sr.seProducent: Ulrika Bergqvistulrika.bergqvist@sr.seTekniker: Emilia Ström

Why does Cloud Security Research matter in 2024? At fwd:cloudsec EU in Brussels, we sat down with Scott Piper, a renowned cloud security researcher at Wiz, to discuss the growing importance of cloud security research and its real-world impact. Scott spoke to us about the critical differences between traditional security testing and cloud security research, explaining how his team investigates cloud providers to find out vulnerabilities, improve detection tools, and safeguard data. Guest Socials:⁠ ⁠⁠⁠⁠⁠⁠Scott's Linkedin + Scott's Twitter Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction (02:07) A bit about Scott Piper (02:48) What is a Cloud Security Research Team? (04:30) Difference between traditional and Cloud Security Research (07:21) Cloud Pentesting vs Cloud Security Research (08:10) What is request collapsing? (10:26) GitHub Actions and OIDC Research (13:47) How has cloud security evolved? (17:02) Tactical things for Cloud Security Program (18:41) Impact of Kubernetes and AI on Cloud (20:37) How to become a Cloud Security Researcher (22:46) AWS Cloud Security Best Practices (26:35) Trends in AWS Cloud Security Research (28:11) Fun Questions (30:22) A bit about fwd:cloudsec Resources mentioned during the interview: Wiz.io - Cloud Security Podcast listeners can also get a free cloud security health scan PEACH framework Wiz Research Blog Avoiding security incidents due to request collapsing A security community success story of mitigating a misconfiguration Cloudmapper flaws.cloud fwd:cloudsec CTFs The Big IAM Challenge Prompt Airlines , AI Security Challenge Kubernetes LAN Party

Len Noe, a professional ethical hacker, is a technical evangelist for CyberArk. Living with 10 microchips implanted in his body, Noe calls himself a "transhuman," and is hacking his body for security research. In this episode, he joins host Charlie Osborne to discuss his experience in detail, including what implants he has experimented with, how they can be used to conduct cyberattacks, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Shachar Menashe, Senior Director of Security Research at JFrog, is talking about "When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI." A security vulnerability in the Vanna.AI tool, called CVE-2024-5565, allows hackers to exploit large language models (LLMs) by manipulating user input to execute malicious code, a method known as prompt injection. This poses a significant risk when LLMs are connected to critical functions, highlighting the need for stronger security measures. The research can be found here: When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI Learn more about your ad choices. Visit megaphone.fm/adchoices

Shachar Menashe, Senior Director of Security Research at JFrog, is talking about "When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI." A security vulnerability in the Vanna.AI tool, called CVE-2024-5565, allows hackers to exploit large language models (LLMs) by manipulating user input to execute malicious code, a method known as prompt injection. This poses a significant risk when LLMs are connected to critical functions, highlighting the need for stronger security measures. The research can be found here: When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI Learn more about your ad choices. Visit megaphone.fm/adchoices

In this Risky Business News sponsored interview, Tom Uren talks to Rob King, Director of Security Research at runZero, about keeping up with the stream of vulnerabilities in the KEV list and OT devices and runZero's research into the SSH protocol.

China is building alliances all over the world. But the US is building its own alliances to fight back. GUERMANTES 'G-MAN' LAILARI. He is a retired US Air Force Foreign Area Officer specializing in the Middle East and Europe, as well as strategy, irregular warfare, and missile defense. He's also a visiting researcher at the Institute for National Defense and Security Research. Don't forget to subscribe to the channel and hit that bell icon to get notified when new videos come out: https://bit.ly/3u1eKSZ And check out our other channel China Uncensored: https://youtube.com/channel/UCgFP46yVT-GG4o1TgXn-04Q Merchandise: https://www.chinaunscripted.com/merchandise Our website: https://www.chinaunscripted.com/ YouTube demonetizes our videos, which is why we rely on support from viewers like you. Please join our 50¢ army at: https://www.patreon.com/chinaunscripted https://www.chinauncensored.locals.com https://www.chinaunscripted.com/support Our social media: Twitter: https://www.twitter.com/ChinaUncensored Facebook: https://www.facebook.com/ChinaUncensored Instagram: https://www.instagram.com/ChinaUncensored #China

The author of “White Sun War: The Campaign for Taiwan" discusses shoring up defenses against a blockade or invasion.  Guest: Mick Ryan, retired Australian Army major general, strategist, and author. Sources: “White Sun War: The Campaign for Taiwan,” by Mick Ryan, published May 2023; "Chinese Warship Activities around Taiwan," by Si-Fu Ou, director of the Division of Chinese Politics, Military and Warfighting Concepts at the Institute for National Defense and Security Research in Taiwan; “From Coercion to Capitulation, How China Can Take Taiwan Without a War,” by the Institute for the Study of War, May 2024.

In this episode of the No More Secrets Podcast, listen in as our group discusses patch Tuesday, Microsoft's "hard" line about doing security, and the dangers of extorting a company where you used to work! Also, we discuss with our Special Guest, Justin Hall, Sr. Manager of Security Research at Tenable, feeling like impostors and how we might overcome that trap!  Hosts: Ryan Hamrick & Chris DeBrunner Editor & Producer: Lance Hart Executive Producers: Gabby Scott & Jana Korfhagen Contact email: nmspod@protonmail.com

Dor Dali, Head of Security Research at Cyolo, joins Nic Fillingham on this week's episode of The BlueHat Podcast. They delve into Dor's journey into cybersecurity, from pranking friends as a teenager to his professional roles, including his involvement in the Blue Hat conference through GE, where he helped create the Capture The Flag (CTF) challenge. Dor details the vulnerabilities in the RDP protocol by closely following the protocol specifications and identifying discrepancies that led to security flaws. They detail a vulnerability related to RDP Gateway's UDP cookie authentication process, the implications of Dor's research for other security researchers and hackers and the importance of leveraging available resources, such as protocol specifications and open-source implementations, to understand closed-source systems better and potentially uncover vulnerabilities. In This Episode You Will Learn: The unique perspective Dor has with RDP security research How to approach security research when following the protocol specifications The importance of clear documentation in preventing security vulnerabilities Some Questions We Ask: How did you design and build the Capture the Flag event? Did you face any unexpected hurdles while researching the RDP protocol's security? Have you found other security vulnerabilities by closely adhering to protocol specifications? Resources: View Dor Dali on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

871: In the age of artificial intelligence, cybersecurity has become of utmost importance to protect private information and customer data. In this episode of Technovation, host Peter High speaks with Gafnit Amiga, leader of the security research group at Outshift by Cisco, where they delve into the evolving landscape of cloud and artificial intelligence security. Gafnit, having a substantial background in application and cloud security, shares her journey from Lightspin to Cisco, highlighting her team's focus on identifying and mitigating potential security vulnerabilities in cloud services, Kubernetes, software supply chains, and AI. She shares insights on the unique challenges AI presents to security, the importance of observability, and the continuous game of staying ahead of threats. Gafnit also discusses the diversity and approach of her research team in tackling security challenges, reflecting on the transition from a startup to being part of Cisco, and offers advice to CIOs and CISOs on safeguarding against emerging security threats.

871: In the age of artificial intelligence, cybersecurity has become of utmost importance to protect private information and customer data. In this episode of Technovation, host Peter High speaks with Gafnit Amiga, leader of the security research group at Outshift by Cisco, where they delve into the evolving landscape of cloud and artificial intelligence security. Gafnit, having a substantial background in application and cloud security, shares her journey from Lightspin to Cisco, highlighting her team's focus on identifying and mitigating potential security vulnerabilities in cloud services, Kubernetes, software supply chains, and AI. She shares insights on the unique challenges AI presents to security, the importance of observability, and the continuous game of staying ahead of threats. Gafnit also discusses the diversity and approach of her research team in tackling security challenges, reflecting on the transition from a startup to being part of Cisco, and offers advice to CIOs and CISOs on safeguarding against emerging security threats.

With the sudden surge of conflict in the Middle East, how much of a hand did China have in it? Turns out, the answer could be a lot. Read the article: China's Support of Hamas: Evidence and Actions https://www.jewishpolicycenter.org/2024/04/02/chinas-support-of-hamas-evidence-and-actions/ Joining us once again is GUERMANTES 'G-MAN' LAILARI. He is a retired US Air Force Foreign Area Officer specializing in the Middle East and Europe, as well as strategy, irregular warfare, and missile defense. He's also a member of the Jewish Policy Center Board of Fellows, and a visiting researcher at the Institute for National Defense and Security Research. Don't forget to subscribe to the channel and hit that bell icon to get notified when new videos come out: https://bit.ly/3u1eKSZ And check out our other channel China Uncensored: https://youtube.com/channel/UCgFP46yVT-GG4o1TgXn-04Q Merchandise: https://www.chinaunscripted.com/merchandise Our website: https://www.chinaunscripted.com/ YouTube demonetizes our videos, which is why we rely on support from viewers like you. Please join our 50¢ army at: https://www.patreon.com/chinaunscripted https://www.chinauncensored.locals.com https://www.chinaunscripted.com/support Our social media: Twitter: https://www.twitter.com/ChinaUncensored Facebook: https://www.facebook.com/ChinaUncensored Instagram: https://www.instagram.com/ChinaUncensored

- What are some of the most interesting developments in the world of software supply chain security (SSCS) in the last 12 months or so?- It's now been a couple of years since the major fall out of notable incidents such as SolarWinds and Log4j, do you feel like the industry is making headway in addressing software supply chain threats?- For organizations either just starting or looking to mature their software supply chain maturity, where are some key areas you recommend organizations focus their attention?- We have a complex landscape from extensive use of open source, SaaS and Cloud providers, partners and third parties, how have you seen firms successfully handle this complexity when it comes to activities such as incident response? - There's a bit of a heated debate in the industry underway on point products vs. platforms. I know Checkmarx has a comprehensive AppSec platform. How do you view this debate, and do you think we will always have and see the need for point products, best of breed and comprehensive platforms in the industry?- You spend a fair bit of time focused on SSCS research, how does your team approach these activities and sharing the insights with the community?- Checkmarx shares a tremendous amount of informative and insightful research around SSCS. Where can folks learn more and what are some of the interesting projects you all are currently working on?

Larry Cashdollar, Principal Security Intelligence Response Engineer from Akamai Technologies, joins Dave to talk about their research on "KmsdBot: The Attack and Mine Malware." Akamai's Security Research team has found a new malware that infected their honeypot, which they have dubbed KmsdBot.  The research states "The malware attacks using UDP, TCP, HTTP POST, and GET, along with a command and control infrastructure (C2), which communicates over TCP." The botnet targets weak login credentials and then infects systems via an SSH connection. The research can be found here: KmsdBot: The Attack and Mine Malware

Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT

With the relentless advancements in technology and a workforce more digitally-enabled than ever before, businesses today face an unprecedented challenge of protecting their sensitive information from cybercriminals. Infostealer malware, often disguised as innocuous files or hidden within legitimate-looking emails, stealthily infiltrate employee and contractor devices – managed and unmanaged – exfiltrating all manner of data for the purposes of executing follow-on attacks including ransomware. The data at risk includes customer details, financial information, intellectual property, and R&D plans stolen from compromised applications that were accessed from infostealer-exfiltrated authentication data like credentials and active session cookies/tokens. This episode digs into the proliferation of infostealers and provides actionable steps for businesses of any size or industry to mitigate the threat. In this episode of CyberWire-X, N2K's CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined in the first half by Hash Table member Rick Doten to discuss the early days of incident response and the current thinking of post-infection remediation (PIR) actions. In the second half of the show, CyberWire podcast host Dave Bittner talks with our episode sponsor SpyCloud's Director of Security Research, Trevor Hilligoss. They chat about the challenges for enterprises and security leaders to identify what was stolen from malware-infected devices and how proper post-infection remediation implemented into existing incident response workflows can help prevent this data from causing ransomware. Trevor shares highlights from an industry report of over 300+ security leaders from North America and the UK on where they stand on malware identification and remediation, and what additional work can be done to minimize cybercriminals' access and impact.

What are the latest trends in the ransomware-as-a-service ecosystem? Since at least May 27, the CL0P ransomware gang has been exploiting a previously unknown vulnerability to exfiltrate data from financial services organizations, energy corporations, government agencies, and even universities. The group appears to be changing tactics—while it was previously known for its use of the “double extortion” tactic of stealing and encrypting victim data, it seems to now be relying mostly on data exfiltration instead.To discuss the latest changes in the ransomware ecosystem, Eugenia Lostri, Lawfare's Fellow in Technology Policy and Law, sat down with Charl van der Walt, Head of Security Research at Orange Cyberdefense. Charl is one of the authors of a report analyzing recent cyber extortion activity. They talked about the ransomware-as-a-service ecosystem, the impact the Russian invasion of Ukraine had on ransomware activity in the past year, and what law enforcement is doing to disrupt cybercriminal networks.Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.

Daniel dos Santos, Forescout's Head of Security Research is sharing insights from a recent exercise his team conducted on AI-assisted attacks for OT and unmanaged devices. Using ChatGPT, Forescout's research team converted an existing OT exploit developed in Python to run on Windows to demonstrate how easy it is to create an AI-assisted attack that converts the original exploit into alternative programming languages. The research states "our goal was to convert an existing OT exploit developed in Python to run on Windows to the Go language using ChatGPT." This would then allow it to run faster on Windows and run easily on a variety of embedded devices. The research can be found here: AI-Assisted Attacks Are Coming to OT and Unmanaged Devices – the Time to Prepare Is Now