Podcasts about security risks

3. Guest Charles Burton critiques Canada's decision to import Chinese electric vehicles in exchange for tariff reductions. He warns of Chinese influence operations, security risks, and Canada's misguided shift toward economic dependence on Beijing. (4)1920 TEXAS

Glenn Wiggle and Mike Sperrazza take on rising gas prices, the fallout from the conflict involving Iran, and what it could mean for the economy heading into the midterms. They dig into energy independence, frustration with the Republican establishment, and growing concerns about government corruption, double standards in the justice system, and the role of the so-called deep state in American politics. It's a wide-ranging, fiery conversation on war, power, and why so many voters feel completely disillusioned with Washington.(00:08:18) Implementing Term Limits to Restore Accountability(00:09:14) Influence and Control in Politics(00:11:56) Intelligence Community Influence in 2024 Election(00:15:48) Inconsistent Consequences for Political Wrongdoings(00:18:00) Rise of Crime Due to Lack of Accountability(00:25:09) "Political Candidate's Disqualification Over Sex Clubs"(00:40:57) Security Risks in Hillary Clinton's Email Use(00:42:08) Security Concerns Surrounding Clinton's Personal Email(00:44:09) Ethical Concerns Surrounding Political Power Abuse(00:51:21) Bukele's Political Corruption and Prisoner Extradition

00:00 Intro02:46 Trump May Delay China Trip, Calls China to Help With Hormuz 05:28 Allies Respond to Trump's Call to Secure Key Oil Route 06:57 U.S.-China Delegations Resume Trade Talks in Paris 09:42 CCP Resumes Military Pressure on Taiwan After Absence 11:35 Former U.S. Marine Indicted for Sharing Classified Information with China: DOJ 12:38 Lawmakers Criticize Nvidia H200 Chip Sales to China Over U.S. Security Risks 13:53 How Beijing Dehumanizes Christians in China

On this episode, Lisa Boothe speaks with FOX News Contributor & former FBI Agent, Nicole Parker about rising security concerns in the United States as tensions escalate with Iran and instability grows in the Middle East. Parker breaks down the suspected terrorist attack in Austin, Texas, explaining why “lone offender” attacks are among the most difficult threats for law enforcement to detect and stop. She also explains how individuals can be radicalized online, why soft targets like bars, concerts, and sporting events are often chosen, and what Americans should do in an active shooter situation using the FBI’s “Run, Hide, Fight” guidance. The conversation also dives into national security concerns tied to immigration and border policy, including reports of individuals on terror watch lists entering the United States. Parker discusses the challenges facing the Federal Bureau of Investigation and the Department of Homeland Security, and how joint terrorism task forces work with local law enforcement to stop threats before they happen. Finally, Parker warns that future attacks may not resemble September 11 attacks, emphasizing that cyber attacks on critical infrastructure—such as power grids, water systems, or emergency services—may pose an even greater risk. Topics covered include: The suspected terror attack in Austin and the rise of lone offender violence Radicalization and recruitment through social media and online networks Concerns over sleeper cells and unvetted border crossings Why cyber warfare may be the next major battlefield How the FBI and local police work together to stop attacks before they happen Parker also shares her perspective on reforms inside the FBI and the renewed focus on national security threats as the U.S. navigates an increasingly volatile global environment. Purchase Nicole's NEW Book HERESee omnystudio.com/listener for privacy information.

A part of the Techish Live Show that happened in London, 25TH March 2026.Exploring the future of AI, market disruptions, and strategies for navigating the evolving tech landscape. Insights range from market predictions to practical tips for builders and entrepreneurs.Chapters00:00 Introduction: Exploring AI's Future Impact00:25 Fictional Memo from 2028: A Workforce Apocalypse00:54 Market Cap Losses and AI's Disruptive Power01:18 Rational Agents and Transactional Shifts in Payment Systems01:48 Stock Market Predictions and Investor Sentiment02:03 The Hysteria Around Market Predictions02:29 The Role of Journalism and Fiction in Market Perceptions02:51 Long-term Investment Strategies and Index Funds03:40 Consumer Economy and AI Automation's Limits03:47 Universal Basic Income and AI's Economic Impact04:14 Global South Economies and AI Transformation04:32 The Fantasy of Building Personal Software05:03 Corporate Software Development and CTO Decisions05:44 The Reality of Enterprise Software Procurement06:55 Legacy Languages and AI Compatibility07:42 AI and Military/Surveillance Use Cases08:34 The Disruption of Entry-Level Jobs and Education09:22 Unemployment Trends in Hospitality and Retail10:30 AI's Role in Workplace Disillusionment and Diversity11:38 Changing Company Structures and Skill Requirements12:24 Automation and Talent Demand in Small Businesses13:32 Global Political Instability and Corporate Risk Management14:11 The Remote Work Hustler and Ethical Questions15:21 The Rise of Multi-Job Hustlers and Ethical Concerns16:07 Full Stack Builder: A New Role for Product Managers16:47 Security Risks of Agentic AI and OpenClaw18:00 Practical AI Tools for Builders and Entrepreneurs19:01 Opportunity in AI: Accelerated Development or Capitalism?19:45 Human Creativity vs Capitalistic AI Tools20:37 The Shift in Young Adults' Social and Career Habits21:35 Tychogenic Lifestyle: Increasing Luck and OpportunitiesThe Path to ExitFounders—thinking of selling or raising capital? Here's what you should know... Listen on: Apple Podcasts SpotifySupport the showJoin our Patreon for early content, extra-long episodes and ad-free content: https://www.patreon.com/techish Watch us on YouTube: https://www.youtube.com/@techishpod/Advertise on Techish: https://goo.gl/forms/MY0F79gkRG6Jp8dJ2———————————————————— Stay in touch with the hashtag #Techishhttps://www.instagram.com/techishpod/https://www.instagram.com/abadesi/https://www.instagram.com/michaelberhane_/ Email us at techishpod@gmail.com

What if the MCP server you installed last week is silently leaking your emails to a stranger? The AI tools boosting your productivity could already be your biggest security liability.MCP (Model Context Protocol) has quickly become the standard for connecting AI agents to external tools and data sources. But as adoption accelerates, so do the risks – from malicious servers harvesting your credentials in the background, to local processes exposed to your entire network with no authentication. Most developers install MCP servers without fully understanding what code is running or who wrote it, creating serious supply chain and shadow IT problems inside organizations.In this episode, Ariel Shiftan, CTO of MCPTotal, explains how MCP actually works, why there is a wide gap between its original design and how it is used in practice, and what that gap means for security. He also walks through real zero-days his team has discovered and shares practical advice for developers and enterprise leaders trying to adopt MCP without compromising their security posture.Key topics discussed:What MCP is and why it won the “USB for AI” raceWhy most MCP servers are just API wrappers done wrongReal zero-days found in popular, widely used MCPsHow malicious MCPs can silently leak your credentialsThe supply chain risks hiding inside your dev toolchainWhy banning MCP in your org is the wrong moveBest practices for writing well-designed MCP serversWhy agent permission prompts need better security defaultsTimestamps:(00:00:00) Trailer & Intro(00:02:49) What Is MCP and Why Is It Called the USB for AI?(00:07:22) How Does MCP Differ from Standard REST APIs?(00:13:40) What Can AI Agents Do with MCP Beyond Reading Data?(00:16:56) What Is RAG and How Did AI Evolve to Tool Calling?(00:19:54) Why Is MCP Misused as an API Catalog and What Does That Cost?(00:25:04) What Are AI Skills and How Do They Compare to MCP?(00:30:29) How Does MCP Server Architecture Work Under the Hood?(00:37:01) How Do Malicious and Vulnerable MCP Servers Put Organizations at Risk?(00:45:30) What Real-World MCP Vulnerabilities and Zero-Days Have Been Found?(00:50:30) How Should Enterprises Enable MCP Adoption Without Compromising Security?(00:53:16) What Are Best Practices for Writing a Well-Designed MCP Server?(00:59:14) How Should AI Agents Handle Permissions Without Overwhelming Users?(01:05:26) 3 Tech Lead Wisdom_____Ariel Shiftan's BioAriel is a software engineer and security expert with more than 20 years of hands-on and executive leadership experience across cybersecurity, distributed systems, and AI infrastructure. He holds a PhD in Computer Science, specializing in advanced algorithms and systems. Earlier in his career, Ariel founded NorthBit, a deep-tech cybersecurity firm that was acquired by Magic Leap in 2016, where he led product security globally, overseeing the security lifecycle across more than 700 engineers. He has also led applied AI breakthroughs, including heading an XPRIZE-winning team that used deep learning to fight malaria in Africa.Follow Ariel:LinkedIn – linkedin.com/in/shiftanMCPTotal's Website – mcptotal.ioLike this episode?Show notes & transcript: techleadjournal.dev/episodes/249.Follow @techleadjournal on LinkedIn, Twitter, and Instagram.Buy me a coffee or become a patron.

Josh Rogin explains how the CCP exploits academic integration through the Thousand Talents Plan and how Wall Street continues to resist decoupling despite national security risks. 6

Guest: Charles Burton. Canada lowers tariffs on Chinese EVs to court Beijing; Burton warns this "strategic partnership" ignores security risks regarding data collection and Chinese influence operations.GREENLAND.

A recent Capitol Hill policy briefing sponsored by the Center for Immigration Studies and the Ben Franklin Fellowship examined the long-term security implications of the Biden administration's Afghan evacuation program. Excerpts from the event are featured in this week's episode of Parsing Immigration Policy, titled “Stopping the Next Afghan Terrorist Attack: Mitigating the Vetting Failures, Fraud, and Corruption of the Biden-Era Evacuation Program.”Rep. Andy Biggs (R-AZ), a member of the House Judiciary Committee and co-chair of the Border Security Caucus, opened the discussion by warning that the Biden-era “Operation Allies Welcome” for Afghan nationals evolved into “an unmanageable and unsafe process.” He argued that safeguards became optional and that statutory vetting standards were weakened. “We're not abandoning allies,” Biggs said. “We're importing unvetted migrants. And the only promise we were breaking was our oath to keep American citizens safe and protect our borders and our people.” He emphasized that security vetting protects both Americans and the integrity of legitimate humanitarian programs.Andrew Veprek, Assistant Secretary of State for Population, Refugees, and Migration (PRM), detailed how the Afghan Special Immigrant Visa (SIV) program had expanded far beyond the original SIV statutory framework. He noted that while the traditional SIV category required 15 years of faithful service and chief-of-mission approval, the Afghan program extensively broadened eligibility and reduced verification standards, gutting statutory requirements. There are still roughly 120,000 principal applicants still in the SIV pipeline (not including family members, which could quintuple the total). President Trump has put a hold on these.James Rogers, a former Foreign Service officer and whistleblower, described systemic pressure for rapid visa processing and adjudication. He cited widespread document irregularities and estimated substantial fraud, potentially higher than 75%, within the applicant pool. Rogers called for structural whistleblower protections and reforms to separate investigative and defensive functions within the employee grievance process.Mark Krikorian, the Center's executive director and podcast host, concludes the podcast discussion by highlighting a recent development in Afghanistan that complicates U.S. policy even further: the Taliban's recent issuance of a new penal code that formally recognizes slavery. Krikorian argues that Afghan nationals seeking entry to the U.S. can now claim they are fleeing slavery, triggering asylum grants despite the impossibility of meaningful vetting. He advocates eliminating defensive asylum claims and instead transferring applicants to safe third countries willing to accept them.HostMark Krikorian is the Executive Director of the Center for Immigration StudiesGuestsRep. Andy Biggs (R-AZ) is a member of the House Judiciary Committee and co-chair of the Border Security CaucusAndrew Veprek is the Assistant Secretary of State for Population, Refugees, and Migration (PRM)James Rogers, is a former Foreign Service officer and whistleblowerRelatedThe Ben Franklin FellowshipIntro MontageVoices in the opening montage:Sen. Barack Obama at a 2005 press conference.Sen. John McCain in a 2010 election ad.President Lyndon Johnson, upon signing the 1965 Immigration Act.Booker T. Washington, reading in 1908 from his 1895 Atlanta Exposition speech.Laraine Newman as a "Conehead" on SNL in 1977.Hillary Clinton in a 2003 radio interview.Cesar Chavez in a 1974 interview.House Speaker Nancy Pelosi speaking to reporters in 2019.Prof. George Borjas in a 2016 C-SPAN appearance.Sen. Jeff Sessions in 2008 comments on the Senate floor.Candidate Trump in 2015 campaign speech.Charlton Heston in "Planet of the Apes".

Episode 285: Join us this week on TechTime Radio with Nathan Mumm: The Show That Makes You Go "HMMM." Welcome to our show as we guide you through all things tech with a lil' whiskey on the side.This week on TechTime Radio, we cut through a week where algorithms, automation, and accountability all collided. We opened with TikTok's regulatory shakeup, where EU pressure and U.S. oversight triggered an algorithm reset that left creators scrambling. The conversation centered on what responsible design looks like when addictive features meet real duty of care, especially for younger users.We shifted to the automotive world this week, from Waymo scraping parked cars to a D.C. robo‑minibus that froze in the middle of the lane after a minor crash. The show explained how fragile edge cases and confusing human handoffs still make these systems unreliable, even as automation becomes more common. We wrapped up with enterprise updates, new security concerns, and a hands-on look at Gwen Ways Gadget, the Ziea-One, the calendar-organizer clock robot, all finished off with a lively American whiskey tasting that sparked plenty of debate.Feed fatigue, robo-fender-benders, and a desk gadget with egg eyes take center stage as we untangle a week where regulation, automation, and attention collide. We start with TikTok's new reality: EU regulators label its design addictive, while U.S. oversight and ownership shifts trigger a jarring algorithm reset. Creators see their niche content vanish, reach plummet, and feeds feel sanitized or broken. We explore what accountability looks like when infinite scroll and autoplay meet duty of care—especially for younger users—and whether smarter design can keep discovery without weaponizing compulsion.Then we pivot to the streets, where autonomy hit a pothole. A Waymo vehicle, even with a specialist onboard, scraped parked cars; a D.C. robo-minibus froze mid-lane after a minor crash; and an AI-enhanced used-car listing offered up cobblestone floor mats and two gear shifters. It's funny until it isn't. We cut through the headlines to the heart of the problem: brittle edge cases, unclear handoffs, and the non-negotiable need for human-in-the-loop safeguards. From staged rollouts to geofencing and real-world failover plans, we map the practices that separate novelty from reliability.On the enterprise side, Microsoft's long goodbye to Exchange Web Services sounds mundane—until your calendar syncs and SaaS bridges hiccup. We explain the timeline, what's replacing EWS, and how to audit your hidden dependencies before 2027 arrives. To actually tame your day, we test-drive Zia One, a Kickstarter AI calendar that merges Google, Outlook, and more into a glanceable desktop display with voice commands, Pomodoro timers, and playful animations. It's a focused bet on ambient computing—and we share how to evaluate crowdfunded hardware for real-world viability.Security stakes stay high as Coinbase reports a contractor-enabled data access incident, complete with leaked screenshots of internal tools. We detail why outsourced support is a prime attack surface and lay out a practical blueprint for least privilege, session monitoring, and vendor governance. And yes, we sip through a four-bottle American whiskey flight, trade takes on flavor and finish, and crown a winner—with a few confident opinions that may not age well.Hit play for a fast, clear, and funny tour through the week's most consequential tech shifts, grounded in practical steps you can apply today. If you enjoy the show, subscribe, share it with a friend, and leave us a review—then tell us: which trend needs the toughest guardrails right now?Support the show

In this episode of Cybersecurity Today, host Jim Love discusses the latest advancements in AI-driven cyber attacks and their implications for security infrastructure. The episode covers a variety of topics, including the vulnerabilities in OpenClaw Marketplace, a rapid AI-assisted AWS attack, and data breaches linked to the Shiny Hunters group targeting Harvard and the University of Pennsylvania.  From discussing the porous architecture of AI agents to exploring how attackers exploited AWS credentials in unsecured S3 buckets, this episode sheds light on the accelerated risks posed by AI in cybersecurity. Additionally, Jim Love speaks about the critical need for proactive measures and the inadequacies in current security frameworks. Hashtag Trending would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/htt 00:00 Introduction and Sponsor Message 00:20 Open Clause Marketplace and AI Threats 00:46 AI Agents and Security Risks 01:09 OpenClaw's Vulnerabilities 02:06 Malicious Skills in OpenClaw 03:37 Strategies for CIOs 04:38 AWS Breach Accelerated by AI 08:27 Shiny Hunters and University Data Breaches 10:48 Conclusion and Sponsor Message

What does AI really mean in simple terms? What are the biggest security and privacy risks for companies—especially in healthcare? How can organizations manage these risks effectively and stay compliant with fast-changing AI regulations? And why should businesses and professionals consider getting certified in ISO 42001, the new international standard for AI management systems?In this episode, Punit Bhatia talks with Walter Haydock, an expert in AI security and compliance, about how companies can use ISO 42001 to manage AI responsibly. They discuss the real-world risks of AI, practical steps to reduce them, and why certification can help build trust, credibility, and resilience in an AI-powered world.

Acknowledgement of Country// Headlines//Public housing residents seek court injunction to stop Homes Victoria evictionsGaza and West Bank updateProtests against Herzog visit Tenant's personal details exposed online by real estate rental platforms 'compost:compose' Live Performance and Program//Rasha Tayeh, Palestinian artist, curator, herbalist, and founder of Beit e'Shai Teahouse, joined Inez to discuss the creation of 'compost : compose', an arts project inviting artists to reflect on the purpose of art in times of ongoing genocide, social decay and climate crisis. Through a live performance weaving music, poetry, and movement, the work responds to and asks, how we might compost old structures, tend to grief, and decompose inherited ways of being, to make space for the new composing new imaginaries — rooted in care, repair, and collective liberation.Live performance on Wednesday the 18th of February, 7PM @ Next Wave, 270 Sydney Rd, Brunswick. Sliding scale tickets available from $10.Free public program on Saturday the 21st February, 3PM @ Next Wave. RSVP is essential.Follow the artists here // 'Through Our Eyes' Photography Exhibition//wani toaishara (co-curator) and Hussein Abdirahman Mohamud (artist) joined Inez to discuss the upcoming 'Through Our Eyes' photography exhibition, inviting audiences into a living archive of African-Australian experiences and curated by returning guest Dr Ibukun Oloruntoba. The exhibition responds to the pressing need for self-representation and visibility for the African diaspora living in Australia, examining how experiences of love, belonging, and resilience emerge in everyday life. Each artist's work investigates love as a connective force, whether through the quiet intimacies of brotherhood, the collective sanctuary of community or the resilience nurtured in and beyond public housing estates.Join them for a very special opening night next Friday the 13th of February, 6PM @ Blakdot Gallery, 33 Saxon Street Brunswick - running until Sunday 8th of March.Follow the artists here.// Rent Tech and Tenant Data Security Risks//Digital justice advocate, writer and researcher Samantha Floreani is a digital justice advocate and writer, joined us to discuss the rise and risks of rental technology and how the integration of these platforms into rental tenancies creates a demonstrable threat to privacy and security. Samantha is currently undertaking PhD research into the ways that digital technologies in so-called Australia's private rental sector impacts renters and housing justice. You can read the report ‘Implications of tenant data collection in housing: protecting Australian renters', which Samantha contributed to, here, and this week's Guardian exclusive on rent tech privacy breaches here.// Planned Demolition of Older Persons' Public Housing Towers//Fiona York, Executive Officer of Housing for the Aged Action Group, spoke with us about the Allan Labor Government's announcement last week of plans to demolish 7 older persons' public housing towers in the next stage of its high-rise redevelopment program. This move will erase over half of Melbourne's dedicated high-rise public housing for people over the age of 55 years, sparking concern and condemnation by grassroots groups and the community sector about the impact that relocation and estate redevelopment will have on elderly public tenants. While the 13 older persons' towers are included in the overall high-rise redevelopment program, tenants and advocates were led to believe that these buildings would not be up for demolition until significantly later in the program. Read Housing for the Aged Action Group's statement on last week's announcement here, and catch Fiona and the HAAG crew on 3CR's Raise the Roof program every Wednesday from 5:30-6PM.//

Guest Angela Nakalembe, AI and Safety Expert, joins to discuss increase in AI technology, and the challenges to decipher what is real or fake online. Discussion of concerns to children, AI online bullying, tools for education, and more.  Democrats threaten another government shutdown until Congress defunds ICE. What? Discussion of appropriations process, Democrats attempt to redeem themselves for political gain during election season, and how far could a government shutdown go. 

Running a small business, especially from home, puts your data at risk in ways you might not expect. I'll discuss what I see as the five biggest security threats facing small teams.

In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news. They discuss: La France is tres sérieux about ditching US productivity software China's Salt Typhoon was snooping on Downing Street Trump wields the mighty DISCOMBOBULATOR ESET says the Polish power grid wiper was Russia's GRU Sandworm crew US cyber institutions CISA and NIST are struggling Voice phishing for MFA bypass is getting even more polished This episode is sponsored by Sublime Security. Brian Baskin is one of the team behind Sublime's 2026 Email Threat Research report. He joins to talk through what they see of attackers' use of AI, as well as the other trends of the year. This episode is also available on Youtube. Show notes France to ditch US platforms Microsoft Teams, Zoom for ‘sovereign platform' amid security concerns | Euronews Suite Numérique plan - Google Search China hacked Downing Street phones for years Cyberattack Targeting Poland's Energy Grid Used a Wiper Trump says U.S. used secret 'discombobulator' on Venezuelan equipment during Maduro raid | PBS News Risky Bulletin: Cyberattack cripples cars across Russia - Risky Business Media Lawmakers probe CISA leader over staffing decisions | CyberScoop Trump's acting cyber chief uploaded sensitive files into a public version of ChatGPT - POLITICO Acting CISA director failed a polygraph. Career staff are now under investigation. - POLITICO NIST is rethinking its role in analyzing software vulnerabilities | Cybersecurity Dive Federal agencies abruptly pull out of RSAC after organizer hires Easterly | Cybersecurity Dive Real-Time phishing kits target Okta, Microsoft, Google Phishing kits adapt to the script of callers On the Coming Industrialisation of Exploit Generation with LLMs – Sean Heelan's Blog GitHub - SeanHeelan/anamnesis-release: Automatic Exploit Generation with LLMs Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" - Ars Technica Bypassing Windows Administrator Protection - Project Zero Task Failed Successfully - Microsoft's “Immediate” Retirement of MDT - SpecterOps Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission WhatsApp's Latest Privacy Protection: Strict Account Settings - WhatsApp Blog Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch He Leaked the Secrets of a Southeast Asian Scam Compound. Then He Had to Get Out Alive | WIRED Key findings from the 2026 Sublime Email Threat Research Report

In the first podcast from issue 17 of Thinking Business, Partner Charlotte Clayson is joined by Rupert Small, Founder and CEO of Egregious, to explore the growing cyber risks associated with the rapid adoption of artificial intelligence in business.Rupert shares his perspective on the key cyber security, data protection and ethical challenges organisations face when implementing AI tools, from managing employee use of third party AI systems to safeguarding sensitive commercial and personal data. The discussion also looks at how businesses can reduce bias and discrimination risks, put practical protections in place, and strike the right balance between innovation, legal compliance and responsible AI use.

In this episode of the China Desk Podcast, Luke de Pulford of the Inter-Parliamentary Alliance on China (IPAC) joins host Steve Yates to examine China's proposed “mega embassy” in London, the national security risks tied to Five Eyes intelligence cables, and how Western governments are capitulating under economic pressure from Beijing. The conversation explores parliamentary resistance, grassroots opposition, CCP coercion tactics, and why Taiwan, supply chains, and global deterrence now define the century's central geopolitical struggle. Watch Full-Length Interviews: https://www.youtube.com/@ChinaDeskFNW

Podcast: Industrial Cybersecurity InsiderEpisode: Your New Equipment Just Shipped With Security Risks & Here's Why Your OEM Won't Fix ThemPub date: 2026-01-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Dino and Craig tackle one of manufacturing's most pressing challenges: the OEM blockade. They explore why brand-new equipment often ships with hundreds of unpatched vulnerabilities, how the gap between IT and OT teams creates operational blind spots, and why manufacturers can't rely on traditional IT solutions to secure their plant floors.From the CrowdStrike incident that took down HMIs to the "ghost in the machine" causing unexplained downtime, they reveal why OT teams must take ownership of their cybersecurity posture and build partnerships with the right ecosystem of OT-focused service providers.If you've ever wondered why your million-dollar machine center is running Windows 7 or why your cybersecurity reports don't match reality, this episode provides the answers—and a path forward.Chapters:(00:00:00) - The OEM Blockade Problem(00:01:00) - Understanding OEM Software Lock and Remote Access(00:03:00) - The Reality of Unpatched Vulnerabilities in New Equipment(00:06:00) - The IT/OT Blockade and Convergence Challenges(00:09:00) - Why IT Disciplines Don't Translate to OT Environments(00:11:00) - The CrowdStrike Incident: What Really Happened on Plant Floors(00:13:00) - The Lack of Due Diligence in Manufacturing M&A(00:16:00) - Chasing the Ghost in the Machine(00:19:00) - Process Integrity vs. Cybersecurity Tools(00:22:00) - Why OT Teams Must Take Ownership and Build the Right PartnershipsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. We take a short break from our 2-part series with Mike Volkov to review the issues arising from the Trump Administration's invasion of Venezuela. Matt Ellis joins Tom Fox to look at what all this means for companies looking to do business in Venezuela. They discuss the complex landscape of doing business in Venezuela, focusing on the rampant corruption, security challenges, and the implications of U.S. sanctions. They explore the risks associated with engaging with the national oil company, PdVSA, and the broader implications for U.S. companies considering re-entry into the Venezuelan market. The conversation also touches on Cuba's role, international organizations, and the potential for infrastructure rebuilding in Venezuela, emphasizing the need for long-term strategies and careful risk management. Key highlights: Navigating Corruption and Security Risks in Business Banking and Money Laundering Concerns Cuba's Role and Sanctions Implications International Organizations and Corruption Regulations Infrastructure Rebuilding in Venezuela Long-term Strategies for Companies Resources: Matt Ellis on LinkedIn Miller & Chevalier LLC Tom Fox Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Guest: Cleo Paskal. Paskal details severe corruption in Saipan, where Chinese interests have exploited visa loopholes and influenced local politics via a casino. Illegal entry by Chinese nationals poses security risks to nearby Guam, though Palau is receiving U.S. assistance to strengthen defenses against similar influence operations.1944 SAIPAN

Although geographically distant from Chinese shores, Latin America and the Caribbean occupy an important place in Chinese foreign policy. In the past decade, China has significantly expanded its influence in the region. The main vector of Chinese involvement has been economic, including securing access to commodities such as soybeans, copper, oil, and lithium, creating markets for Chinese companies, and deepening financial ties through trade, lending, and infrastructure investment.  On December 10, China released a new white paper on its relationship with Latin America and the Caribbean, the third such document following earlier editions in 2008 and 2016. The White Paper characterizes the region as “an essential force in the process toward a multipolar world and economic globalization.” Its release came on the heels of the Trump Administration's release of its National Security Strategy, which places unprecedented emphasis on the Western Hemisphere and asserts that the US seeks a region “free of hostile foreign incursion or ownership of key assets,” highlighting the growing strategic salience of Latin America and the Caribbean in US-China competition.  To discuss the new White Paper and the implications of China's policies in the LAC for the United States and US-China relations, we are joined by Dr. Evan Ellis. Dr. Ellis is a research professor of Latin American studies at the U.S. Army War College Strategic Studies Institute. He previously served on the Secretary of State's policy planning staff with responsibility for Latin America and the Caribbean as well as international narcotics and law enforcement issues.Timestamps:[00:00] Introduction[02:07] US and China on a Collision Course? [04:50] Chinese Priorities in Latin America [08:33] U.S. Security Risks from Chinese Port Investments[11:45] How China Uses CELAC to Advance Its Agenda[14:27] How Latin Americans View China's Growing Presence[17:22] Honduras and the Republic of China[21:22] How Beijing Might Address U.S. Concerns [25:09] China's Reaction to US and Venezuela  

Connect with Early Riders // Connect with OnrampPresented collaboratively by Early Riders & Onramp Media…Final Settlement is a weekly podcast covering capital markets, dealmaking, early-stage venture, bitcoin applications and protocol development.00:00 - Welcome Back and Market Overview02:47 - Inflation and Asset Trends05:44 - Regulatory Changes and Institutional Adoption08:53 - Security Risks and Custody Solutions11:52 - Market Sentiment and Long-Term Thinking14:57 - The Role of AI and Future Predictions33:15 - Navigating the Content Proliferation Challenge35:59 - The Future of Value in Digital Content40:19 - Stablecoins vs. Bitcoin: The Future of Transactions42:10 - Tether's Strategic Positioning in Global Markets48:43 - The Shift of Talent and Capital to Favorable Jurisdictions56:17 - Understanding the Economic Landscape and Future OpportunitiesIf you found this valuable, please subscribe to Early Riders Insights for access to the best content in the ecosystem weekly.Links discussed:https://x.com/exec_sum/status/2005751198725640395?s=20https://x.com/bearlyai/status/2006474217206985085?s=20https://x.com/paoloardoino/status/2002414704753586398?s=20Keep up with Michael:https://x.com/MTangumahttps://www.linkedin.com/in/mtanguma/Keep up with Brian:https://x.com/BackslashBTChttps://www.linkedin.com/in/brian-cubellis-00b1a660/Keep up with Liam:https://x.com/Lnelson_21https://www.linkedin.com/in/liam-nelson1/

In this episode, we cover Claude's Chrome plugin becoming available to all paid users and what the rollout means for everyday workflows. We also break down the potential security and privacy risks tied to browser-based AI tools and why users should be cautious as adoption accelerates.Try Delve: https://delve.co/Get the top 40+ AI Models for $20 at AI Box: ⁠⁠https://aibox.aiJoin my AI Hustle Community: https://www.skool.com/aihustleSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins Business Security Weekly to discuss the security challenges of Salesforce. Justin will discuss how proactive oversight and a strong security posture in Salesforce requires additional capabilities, including: Continuous monitoring of your Salesforce environment, Strict access controls of Salesforce users, and Automated backup of sensitive data. Think your data in Salesforce is safe and secure, think again. This segment is sponsored by AutoRABIT. Visit https://securityweekly.com/autorabit to learn more about them! In the leadership and communications segment, Boards Have a Digital Duty of Care, The CISO's greatest risk? Department leaders quitting, The 15 Habits of Highly Empathetic People, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-425

Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins Business Security Weekly to discuss the security challenges of Salesforce. Justin will discuss how proactive oversight and a strong security posture in Salesforce requires additional capabilities, including: Continuous monitoring of your Salesforce environment, Strict access controls of Salesforce users, and Automated backup of sensitive data. Think your data in Salesforce is safe and secure, think again. This segment is sponsored by AutoRABIT. Visit https://securityweekly.com/autorabit to learn more about them! In the leadership and communications segment, Boards Have a Digital Duty of Care, The CISO's greatest risk? Department leaders quitting, The 15 Habits of Highly Empathetic People, and more! Show Notes: https://securityweekly.com/bsw-425

Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins Business Security Weekly to discuss the security challenges of Salesforce. Justin will discuss how proactive oversight and a strong security posture in Salesforce requires additional capabilities, including: Continuous monitoring of your Salesforce environment, Strict access controls of Salesforce users, and Automated backup of sensitive data. Think your data in Salesforce is safe and secure, think again. This segment is sponsored by AutoRABIT. Visit https://securityweekly.com/autorabit to learn more about them! In the leadership and communications segment, Boards Have a Digital Duty of Care, The CISO's greatest risk? Department leaders quitting, The 15 Habits of Highly Empathetic People, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-425

Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins Business Security Weekly to discuss the security challenges of Salesforce. Justin will discuss how proactive oversight and a strong security posture in Salesforce requires additional capabilities, including: Continuous monitoring of your Salesforce environment, Strict access controls of Salesforce users, and Automated backup of sensitive data. Think your data in Salesforce is safe and secure, think again. This segment is sponsored by AutoRABIT. Visit https://securityweekly.com/autorabit to learn more about them! In the leadership and communications segment, Boards Have a Digital Duty of Care, The CISO's greatest risk? Department leaders quitting, The 15 Habits of Highly Empathetic People, and more! Show Notes: https://securityweekly.com/bsw-425

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, helps out helps listener Daniel switch their MFA from Authy to another app, and explains why it's going to be a more tedious process than with other MFA's. Don't forget to send in your questions for Mikah to answer during the show to hot@twit.tv! Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

CrowdStrike research into AI coding assistants reveals a new, subtle vulnerability surface: When DeepSeek-R1 receives prompts the Chinese Communist Party (CCP) likely considers politically sensitive, the likelihood of it producing code with severe security flaws increases by up to 50%. Stefan Stein, manager of the CrowdStrike Counter Adversary Operations Data Science team, joined Adam and Cristian for a live recording at Fal.Con 2025 to discuss how this project got started, the methodology behind the team's research, and the significance of their findings. The research began with a simple question: What are the security risks of using DeepSeek-R1 as a coding assistant? AI coding assistants are commonly used and often have access to sensitive information. Any systemic issue can have a major and far-reaching impact.  It concluded with the discovery that the presence of certain trigger words — such as mentions of Falun Gong, Uyghurs, or Tibet — in DeepSeek-R1 prompts can have severe effects on the quality and security of the code it produces. Unlike most large language model (LLM) security research focused on jailbreaks or prompt injections, this work exposes subtle biases that can lead to real-world vulnerabilities in production systems. Tune in for a fascinating deep dive into how Stefan and his team explored the biases in DeepSeek-R1, the implications of this research, and what this means for organizations adopting AI. 

In this episode of Alexa's Input (AI) Podcast, host Alexa Griffith sits down with Liana Tomescu, founder of Sonny Labs and host of the AI Hacks podcast. Dive into the world of AI security and compliance as Liana shares her journey from Microsoft to founding her own company. Discover the challenges and opportunities in making AI applications secure and compliant, and learn about the latest in AI regulations, including the EU AI Act. Whether you're an AI enthusiast or a tech professional, this episode offers valuable insights into the evolving landscape of AI technology.LinksSonnyLabs Website: https://sonnylabs.ai/SonnyLabs LinkedIn: https://www.linkedin.com/company/sonnylabs-ai/Liana's LinkedIn: https://www.linkedin.com/in/liana-anca-tomescu/Alexa's LinksLinkTree: https://linktr.ee/alexagriffithAlexa's Input YouTube Channel: https://www.youtube.com/@alexa_griffithWebsite: https://alexagriffith.com/LinkedIn: https://www.linkedin.com/in/alexa-griffith/Substack: https://alexasinput.substack.com/KeywordsAI security, compliance, female founder, Sunny Labs, EU AI Act, cybersecurity, prompt injection, AI agents, technology innovation, startup journeyChapters00:00 Introduction to Liana Tomescu and Sunny Labs02:53 The Journey of a Female Founder in Tech05:49 From Microsoft to Startup: The Transition09:04 Exploring AI Security and Compliance11:41 The Role of Curiosity in Entrepreneurship14:52 Understanding Sunny Labs and Its Mission17:52 The Importance of Community and Networking20:42 MCP: Model Context Protocol Explained23:54 Security Risks in AI and MCP Servers27:03 The Future of AI Security and Compliance38:25 Understanding Prompt Injection Risks45:34 The Shadow AI Phenomenon45:48 Navigating the EU AI Act52:28 Banned and High-Risk AI Practices01:00:43 Implementing AI Security Measures01:17:28 Exploring AI Security Training

PREVIEW. The DeepSeek AI Model: Low Cost, Open Source, and Security Risks. John Batchelor and Jack Burnham discuss the US-China AI contest and microchips, noting China's ban on the best chips. DeepSeek, an open-source, low-cost model, is appealing but may not perform as well as American models. Concerns persist about its true costs, potential use of Nvidia chips, and security flaws like providing CCP talking points. 1954

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

AI-powered web browsers are hitting the scene fast, but Steve and Leo unpack why these smart assistants could usher in an era of security chaos most users aren't ready for. Brace yourself for the wild risks, real-world scams, and the privacy questions no one else is asking. Secret radios discovered in Chinese-made busses. Edge & Chrome introduce LLM-based "scareware" blocking. A perfect example of what scareware blocking hopes to prevent. Aardvark: OpenAI's new vulnerability scanner for code. Italy to require age verification from 48 specific sites. Russia to require the use of only Russian software within Russia. Russia further clamping down on non-MAX Telegram and WhatsApp messaging. 187 new malicious NPM packages. Could AI help with that? BadCandy malware has infiltrated Australian Cisco routers. Github's 2025 report with the dominance of TypeScript. Windows 11 gets new extra-secure Admin Protection feature. A bunch of interesting feedback and listener thoughts. And why the new AI-driven web browsers may be bringing a whole new world of hurt Show Notes - https://www.grc.com/sn/SN-1050-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT canary.tools/twit - use code: TWIT bigid.com/securitynow threatlocker.com for Security Now

Send us a textSecurity gets sharper when we stop treating AI like magic and start treating it like an untrusted user. We sit down with Eric Galinkin to unpack the real-world ways red teams and defenders are using language models today, where they fall apart, and how to build guardrails that hold up under pressure. From MCP servers that look a lot like ordinary APIs to the messy truths of model hallucination, this conversation trades buzzwords for practical patterns you can apply right now.Eric shares takeaways from Offensive AI Con: how models help triage code and surface likely bug classes, why decomposed workflows beat “find all vulns” prompts, and what happens when toy benchmarks meet stubborn, real binaries. We explore reinforcement learning environments as a scalable way to train security behaviors without leaking sensitive data, and we grapple with the uncomfortable reality that jailbreaks aren't going away—so output validation, sandboxing, and principled boundaries must do the heavy lifting.We also dig into Garak, the open-source system security scanner that targets LLM-integrated apps where it hurts: prompted cross-site scripting, template injection in Jinja, and OS command execution. By mapping findings to CWE, Garak turns vague model “misbehavior” into concrete fixes tied to known controls. Along the way, we compare GPT, Claude, and Grok, talk through verification habits to counter confident nonsense, and zoom out on careers: cultivate niche depth, stay broadly literate, and keep your skepticism calibrated. If you've ever wondered how to harness AI without handing it the keys to prod, this one's for you.Enjoyed the episode? Follow, share with a teammate, and leave a quick review so more builders and defenders can find the show.Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifySupport the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast Affiliates➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh➡️ OffGrid Coupon Code: JOE➡️ Unplugged Phone: https://unplugged.com/Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.

On this episode of the Tudor Dixon Podcast, Nebraska Attorney General Mike Hilgers exposes the growing threats posed by foreign surveillance technology—especially from Chinese companies—and what it means for American privacy and national security. From everyday devices like baby monitors to popular apps such as TikTok, Hilgers warns how consumer technology can be weaponized for espionage, data harvesting, and misinformation campaigns. He underscores the urgent need for federal action and stronger safeguards while urging individuals to stay vigilant about the products and platforms they trust. The Tudor Dixon Podcast is part of the Clay Travis & Buck Sexton Podcast Network. For more visit TudorDixonPodcast.comSee omnystudio.com/listener for privacy information.