Podcasts about SharePoint

  • 721PODCASTS
  • 3,951EPISODES
  • 34mAVG DURATION
  • 2DAILY NEW EPISODES
  • Aug 1, 2025LATEST

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about SharePoint

Show all podcasts related to sharepoint

Latest podcast episodes about SharePoint

Security Conversations
Rethinking APT Attribution: Dakota Cary on Chinese Contractors and Espionage-as-a-Service

Security Conversations

Play Episode Listen Later Aug 1, 2025 111:42


Three Buddy Problem - Episode 56: China-focused researcher Dakota Cary joins the buddies to dig into China's sprawling cyber ecosystem, from the HAFNIUM indictments and MSS tasking pipelines to the murky world of APT contractors and the ransomware hustle. We break down China's “entrepreneurial” model of intelligence collection, why public visibility into these threat actors is so hard to get right, and how companies like Microsoft get caught in the geopolitical crossfire. Plus: a deep dive on suspected MAPP leaks and Sharepoint zero-days, Singapore targeted by extremely sophisticated China-nexus hacking group, soft censorship in corporate threat-intel, and whether the U.S. should rethink how it fills its intelligence gaps. Cast: Dakota Cary (https://www.linkedin.com/in/dakotacary/), Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Security Now (MP3)
SN 1036: Inside the SharePoint 0-day - Is Our Data Safe Anywhere?

Security Now (MP3)

Play Episode Listen Later Jul 30, 2025 178:21 Transcription Available


Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

Risky Business
Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP

Risky Business

Play Episode Listen Later Jul 30, 2025 53:37


On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Did the SharePoint bug leak out of the Microsoft MAPP program? Expel retracts its FIDO bypass writeup The mess surrounding the women-only dating-safety app Tea gets worse Broadcom customers struggle to get patches for VMWare hypervisor escapes Aeroflot gets hacked by the Cyber Partisans, disrupting flights This week's episode is sponsored by Push Security. Satisfied Push customer Daniel Cuthbert from Santander Bank joins on their behalf. He explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future. This episode is also available on Youtube. Show notes Microsoft Probing Whether Cyber Alert Tipped Off Chinese Hackers Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble | The Record from Recorded Future News What we know about the Microsoft SharePoint attacks | Cybersecurity Dive An important update (and apology) on our PoisonSeed blog Tea User Files Class Action After Women's Safety App Exposes Data A Second Tea Breach Reveals Users' DMs About Abortions and Cheating Top Lawyer for National Security Agency Is Fired From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 VMware prevents some perpetual license holders from downloading patches Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel - Ars Technica КИБЕРУДАР ПО АЭРОФЛОТУ РФ!v Treasury sanctions North Koreans involved in IT-worker schemes | Cybersecurity Dive Minnesota governor activates National Guard amid St. Paul cyberattack | StateScoop Outage was result of cyberattack, Post Luxembourg says Clorox files $380 million suit blaming Cognizant for 2023 cyberattack | Cybersecurity Dive Cisco network access security platform vulnerabilities under active exploitation | CyberScoop Arizona woman sentenced to 8.5 years for running North Korean laptop farm | The Record from Recorded Future News Cybercrime forum Leak Zone publicly exposed its users' IP addresses | TechCrunch

All TWiT.tv Shows (MP3)
Security Now 1036: Inside the SharePoint 0-day

All TWiT.tv Shows (MP3)

Play Episode Listen Later Jul 30, 2025 178:21 Transcription Available


Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

Security Now (Video HD)
SN 1036: Inside the SharePoint 0-day - Is Our Data Safe Anywhere?

Security Now (Video HD)

Play Episode Listen Later Jul 30, 2025 178:21 Transcription Available


Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

Security Now (Video HI)
SN 1036: Inside the SharePoint 0-day - Is Our Data Safe Anywhere?

Security Now (Video HI)

Play Episode Listen Later Jul 30, 2025 178:21 Transcription Available


Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

Radio Leo (Audio)
Security Now 1036: Inside the SharePoint 0-day

Radio Leo (Audio)

Play Episode Listen Later Jul 30, 2025 178:21 Transcription Available


Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

Security Now (Video LO)
SN 1036: Inside the SharePoint 0-day - Is Our Data Safe Anywhere?

Security Now (Video LO)

Play Episode Listen Later Jul 30, 2025 178:21 Transcription Available


Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

Reimagining Cyber
"As Bad as it Gets" Inside the SharePoint Breach - Ep 160

Reimagining Cyber

Play Episode Listen Later Jul 30, 2025 11:42


“It's got a [vulnerability] score of a 9.8, and this is on a scale of 10 and I've really never seen 10. So 9.8 is basically just as bad as it gets.”This episode is inspired by an ongoing global cybersecurity incident. In mid‑July attackers began actively exploiting Microsoft SharePoint vulnerabilities in what's now known as the “ToolShell” exploit chain.This flaw is classified as a remote code execution vulnerability with an extremely high CVSS (Common Vulnerability Scoring System ) score of 9.8, making it highly dangerous.Featuring Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity, the episode explores the severity of this 9.8 CVSS score vulnerability and its impact on organizations that haven't applied the necessary patches. Learn about the attack kill chain, what makes this flaw so dangerous, and practical steps to safeguard your systems. Patch immediately, audit your access logs, and stay ahead of the threat. CSA Advisory:https://www.csa.gov.sg/alerts-and-advisories/advisories/ad-2025-016Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

All TWiT.tv Shows (Video LO)
Security Now 1036: Inside the SharePoint 0-day

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Jul 30, 2025 178:21 Transcription Available


Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

Tech Café
Peluche dehors, poison dedans

Tech Café

Play Episode Listen Later Jul 30, 2025 76:43


Le compagnon par intelligence artificielle de Grok d'Elon Musk est tout simplement honteux… Un bonhomme tout mignon qui mettra à mal votre capacité à ne pas réagir à ses insultes. On parle aussi du projet Opal de Google, bracelets connectés Bee rachetés par Amazon, faille de sécurité dans SharePoint, et chatbot IA respectueux de la […]

The Practical 365 Podcast
SharePoint On-Prem Exploited & Keeping on top of changes in M365: Practical 365 Podcast S04E42

The Practical 365 Podcast

Play Episode Listen Later Jul 30, 2025 48:58


Join Steve Goodman, Paul Robichaux, and Bastiaan Verdonk as they delve into the critical security vulnerabilities affecting on-premises SharePoint servers, including the "ToolShell" exploit chain (CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, CVE-2025-53771) which enables unauthenticated remote code execution. They discuss the scale of the problem, the threat actors involved, and the crucial need for immediate patching and robust operational practices for any remaining on-premises deployments.The conversation then shifts to the overwhelming challenge of managing the constant stream of updates and changes within Microsoft 365. Special guest Tom Arbuthnot shares insights from his work with Empowering Cloud and their "Change Pilot" service, detailing how they use AI and expert review to help organizations navigate the deluge of Message Center notifications, prioritize impactful changes, and manage the communication around them. Discover practical strategies for staying ahead of the curve in the fast-paced world of Microsoft 365.Want to stay up to date on all things Practical 365? Follow us on Twitter, Facebook, and Linkedin to stay up to date on all things Microsoft!

Radio Leo (Video HD)
Security Now 1036: Inside the SharePoint 0-day

Radio Leo (Video HD)

Play Episode Listen Later Jul 30, 2025 178:21 Transcription Available


Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Tuesday, July 29th, 2025:Parasitic Exploits; Cisco ISE Exploit; MyASUS Vuln

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jul 29, 2025 5:35


Parasitic SharePoint Exploits We are seeing attacks against SharePoint itself and attempts to exploit backdoors left behind by attackers. https://isc.sans.edu/diary/Parasitic%20Sharepoint%20Exploits/32148 Cisco ISE Vulnerability Exploited A recently patched vulnerability in Cisco ISE is now being exploited. The Zero Day Initiative has released a blog detailing the exploit chain to obtain code execution as an unauthenticated user. https://www.zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability MyAsus Vulnerablity The MyAsus tool does not store its access tokens correctly, potentially providing an attacker with access to sensitive functions https://www.asus.com/content/security-advisory/

Raw Data By P3
The Million-Token Myth and the Magic of Digital Colleagues

Raw Data By P3

Play Episode Listen Later Jul 29, 2025 29:08


AI looks unstoppable… until you hand it a hundred pages of meeting notes. Rob and Justin dig into why context windows and token limits quietly run the show. That “million-token” brag from Google? More like weighing the Titanic in bananas. From Shakespeare to SharePoint, this episode shows why AI remembers the Roman Empire better than your company history—and why that's not a bad thing. Rob also introduces Griff, a digital colleague that fires off P3-flavored ideas like it's had three espressos. It's practical AI that's actually fun to use. Hit play to find out where AI is brilliant, where it falls flat, and how to make it work for you without the hype. Also on this episode: Million Token Context Windows? Myth Busted—Limits & Fixes

Defense & Aerospace Report
Defense & Aerospace Technology Report [Jul 30, 25] Dr Jim Lewis on US AI Efforts

Defense & Aerospace Report

Play Episode Listen Later Jul 29, 2025 34:34


On today's Technology Report podcast, Dr. Jim Lewis, a distinguished fellow with the Tech Policy Program at the Center for European Policy Analysis, joins Defense & Aerospace Report Editor Vago Muradian to discuss President Trump's new strategy to maintain America's artificial intelligence lead against rising competitors; status of the Stargate Project AI effort launched by the administration in January; whether cuts to technology investment accounts impacting US government, academic and industry research will undermine efforts to preserve America's technological leadership; data rights in an AI age; quantum computing and communications as the US Air Force prepares to launch Boeing's X-37B spaceplane on it's eight mission to test laser communication and quantum positioning technologies that are jam proof; China's hack of Microsoft's SharePoint servers that hold top secret US data including from the National Nuclear Security Administration that oversees America's nuclear weapons; the administration's cybersecurity strategy and how cuts across government will impact security; and an analysis of the latest version of the Cybersecurity Maturity Model Certification that will soon be adopted by the Pentagon to improve industrial base cybersecurity.

Blue Security
SharePoint Server, Help Desk Security, Terminating IT Admins

Blue Security

Play Episode Listen Later Jul 29, 2025 52:20


SummaryIn this episode, Adam Brewer and Andy Jaw discuss recent SharePoint vulnerabilities, the importance of data protection and governance, and the implications of the Clorox cyber attack. They explore the challenges of managing insider threats in IT, emphasizing the need for robust security measures and proactive communication with customers. The conversation highlights the critical nature of cybersecurity in today's digital landscape and the responsibilities of organizations to protect their data and systems.----------------------------------------------------YouTube Video Link: https://youtu.be/gH8jS0mai2U----------------------------------------------------Documentation:https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/?msockid=247fdde1b8b2631d1f8bc80db91a6238https://arstechnica.com/security/2025/07/how-do-hackers-get-passwords-sometimes-they-just-ask/https://flaglerlive.com/it-attack-firing/----------------------------------------------------Contact Us:Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpodYouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠----------------------------------------------------Adam BrewerTwitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewerLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

This Week in Tech (Audio)
TWiT 1042: Well Played Astronomer - The Stats Behind Google's AI Mode Search

This Week in Tech (Audio)

Play Episode Listen Later Jul 28, 2025 140:03


OpenAI prepares to launch GPT-5 in August Trump's AI Action Plan Is a Crusade Against 'Bias'—and Regulation UN tech chief pleads for global AI regulatory cooperation Trump, who promised to save TikTok, threatens to shut down TikTok Google AI Mode has 100M users, 2.5 Pro & Deep Search rolls out FDA's New Drug Approval AI Is Generating Fake Studies: Report Tesla is set to face off with the California DMV over claims it exaggerated Autopilot's and FSD's capabilities and misled consumers, in a five-day Oakland trial Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day A look at Tea, a woman-only safety app with 4M users that lets users anonymously assign red or green flags to local men, as it goes viral with 900K new signups People in the UK now have to take an age verification selfie to watch porn online Intel is laying off tens of thousands and cancelling factories AMD CEO Sees Chips From TSMC's US Plant Costing 5%-20% More Spotify Publishes AI-Generated Songs From Dead Artists Without Permission DJI couldn't confirm or deny it disguised this drone to evade a US ban FCC approves Skydance-Paramount merger Gwyneth Paltrow is the new face of a kiss-cam tech scandal Julian LeFay, 'Father of The Elder Scrolls,' Has Died Aged 59 Tom Lehrer, Musical Satirist With a Dark Streak, Dies at 97 Host: Leo Laporte Guests: Molly White, Janko Roettgers, and Jacob Ward Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: smarty.com/twit zscaler.com/security expressvpn.com/twit uscloud.com spaceship.com/twit

Morning Somewhere
2025.07.28: Reedus By Proxy

Morning Somewhere

Play Episode Listen Later Jul 28, 2025 28:41


Burnie and Ashley discuss Fantastic Four [no spoilers], box office analysis rules, Gwyneth Paltrow to the rescue, Astronmer's PSA, saving your job during a coporate PR crisis, the Tea hack, Norman Reedus as a workaround, Sharepoint's woes, and giving our past selves all the latest entertainment news.

Packet Pushers - Full Podcast Feed
NB536: Fortinet FortiOS Goes Post-Quantum; Intel Scales Back Global Projects

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Jul 28, 2025 27:43


Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »

This Week in Tech (Video HI)
TWiT 1042: Well Played Astronomer - The Stats Behind Google's AI Mode Search

This Week in Tech (Video HI)

Play Episode Listen Later Jul 28, 2025 140:03


OpenAI prepares to launch GPT-5 in August Trump's AI Action Plan Is a Crusade Against 'Bias'—and Regulation UN tech chief pleads for global AI regulatory cooperation Trump, who promised to save TikTok, threatens to shut down TikTok Google AI Mode has 100M users, 2.5 Pro & Deep Search rolls out FDA's New Drug Approval AI Is Generating Fake Studies: Report Tesla is set to face off with the California DMV over claims it exaggerated Autopilot's and FSD's capabilities and misled consumers, in a five-day Oakland trial Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day A look at Tea, a woman-only safety app with 4M users that lets users anonymously assign red or green flags to local men, as it goes viral with 900K new signups People in the UK now have to take an age verification selfie to watch porn online Intel is laying off tens of thousands and cancelling factories AMD CEO Sees Chips From TSMC's US Plant Costing 5%-20% More Spotify Publishes AI-Generated Songs From Dead Artists Without Permission DJI couldn't confirm or deny it disguised this drone to evade a US ban FCC approves Skydance-Paramount merger Gwyneth Paltrow is the new face of a kiss-cam tech scandal Julian LeFay, 'Father of The Elder Scrolls,' Has Died Aged 59 Tom Lehrer, Musical Satirist With a Dark Streak, Dies at 97 Host: Leo Laporte Guests: Molly White, Janko Roettgers, and Jacob Ward Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: smarty.com/twit zscaler.com/security expressvpn.com/twit uscloud.com spaceship.com/twit

All TWiT.tv Shows (MP3)
This Week in Tech 1042: Well Played Astronomer

All TWiT.tv Shows (MP3)

Play Episode Listen Later Jul 28, 2025 140:03


OpenAI prepares to launch GPT-5 in August Trump's AI Action Plan Is a Crusade Against 'Bias'—and Regulation UN tech chief pleads for global AI regulatory cooperation Trump, who promised to save TikTok, threatens to shut down TikTok Google AI Mode has 100M users, 2.5 Pro & Deep Search rolls out FDA's New Drug Approval AI Is Generating Fake Studies: Report Tesla is set to face off with the California DMV over claims it exaggerated Autopilot's and FSD's capabilities and misled consumers, in a five-day Oakland trial Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day A look at Tea, a woman-only safety app with 4M users that lets users anonymously assign red or green flags to local men, as it goes viral with 900K new signups People in the UK now have to take an age verification selfie to watch porn online Intel is laying off tens of thousands and cancelling factories AMD CEO Sees Chips From TSMC's US Plant Costing 5%-20% More Spotify Publishes AI-Generated Songs From Dead Artists Without Permission DJI couldn't confirm or deny it disguised this drone to evade a US ban FCC approves Skydance-Paramount merger Gwyneth Paltrow is the new face of a kiss-cam tech scandal Julian LeFay, 'Father of The Elder Scrolls,' Has Died Aged 59 Tom Lehrer, Musical Satirist With a Dark Streak, Dies at 97 Host: Leo Laporte Guests: Molly White, Janko Roettgers, and Jacob Ward Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: smarty.com/twit zscaler.com/security expressvpn.com/twit uscloud.com spaceship.com/twit

Packet Pushers - Network Break
NB536: Fortinet FortiOS Goes Post-Quantum; Intel Scales Back Global Projects

Packet Pushers - Network Break

Play Episode Listen Later Jul 28, 2025 27:43


Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »

Radio Leo (Audio)
This Week in Tech 1042: Well Played Astronomer

Radio Leo (Audio)

Play Episode Listen Later Jul 28, 2025 140:03


OpenAI prepares to launch GPT-5 in August Trump's AI Action Plan Is a Crusade Against 'Bias'—and Regulation UN tech chief pleads for global AI regulatory cooperation Trump, who promised to save TikTok, threatens to shut down TikTok Google AI Mode has 100M users, 2.5 Pro & Deep Search rolls out FDA's New Drug Approval AI Is Generating Fake Studies: Report Tesla is set to face off with the California DMV over claims it exaggerated Autopilot's and FSD's capabilities and misled consumers, in a five-day Oakland trial Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day A look at Tea, a woman-only safety app with 4M users that lets users anonymously assign red or green flags to local men, as it goes viral with 900K new signups People in the UK now have to take an age verification selfie to watch porn online Intel is laying off tens of thousands and cancelling factories AMD CEO Sees Chips From TSMC's US Plant Costing 5%-20% More Spotify Publishes AI-Generated Songs From Dead Artists Without Permission DJI couldn't confirm or deny it disguised this drone to evade a US ban FCC approves Skydance-Paramount merger Gwyneth Paltrow is the new face of a kiss-cam tech scandal Julian LeFay, 'Father of The Elder Scrolls,' Has Died Aged 59 Tom Lehrer, Musical Satirist With a Dark Streak, Dies at 97 Host: Leo Laporte Guests: Molly White, Janko Roettgers, and Jacob Ward Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: smarty.com/twit zscaler.com/security expressvpn.com/twit uscloud.com spaceship.com/twit

Packet Pushers - Fat Pipe
NB536: Fortinet FortiOS Goes Post-Quantum; Intel Scales Back Global Projects

Packet Pushers - Fat Pipe

Play Episode Listen Later Jul 28, 2025 27:43


Take a Network Break! In our Red Alert section we note that memory safety bugs bug Firefox and Thunderbird, and on-prem SharePoint instances are under attack. In tech news, Fortinet adds support for Post Quantum Cryptography in FortiOS, Cato Networks integrates Azure Virtual WANs to its SASE offering, and we weigh the pros and cons... Read more »

The Segment: A Zero Trust Leadership Podcast
The Monday Microsegment for the week of 7/28/2025

The Segment: A Zero Trust Leadership Podcast

Play Episode Listen Later Jul 28, 2025 6:52


The Monday Microsegment for the week of July 28th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.More than 400 organizations compromised in a fast-moving SharePoint attack campaign.Researchers are blaming China-based threat groups for the attacksAnd researchers ask: did well-meaning vulnerability disclosures tip them off?And John Kindervag joins us for a "Kindervag's Compass" segment. Head to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand

Talking Drupal
Talking Drupal #513 - Back To The Office

Talking Drupal

Play Episode Listen Later Jul 28, 2025 52:51


Today we are talking about Working from home, heading back to the office, and the current state of remote work with guest Kaleem Clarkson. We'll also cover Microsoft 365 Connector as our module of the week. For show notes visit: https://www.talkingDrupal.com/513 Topics Exploring Remote Work with Kaleem Clarkson Trust Issues in Management Employee Red Flags and Data-Driven Decisions Managerial Concerns with Return to Office Policies Respectful Implementation of Return to Office Challenges of Enforcing Office Mandates Benefits of In-Person Work Hybrid Work Models and Their Challenges Variations in Hybrid Work Policies Impact of Seniority on Office Policies Cutting DEI Initiatives: Fear and Legal Risks Employer Brand and Social Contracts Resources Blend Me Inc Guests Kaleem Clarkson - kclarkson Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Rich Lawson - richlawson.co rklawson MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted your Drupal site to integrate with Microsoft 365, so users can log in with their Azure AD credentials, and then have direct access to shared files, see recent emails, and more? There's a module for that. Module name/project name: Microsoft 365 Connector Brief history How old: created in July 2019 by immoreel, though the most recent release is by Boris Doesborg (batigolix), both of Finalist, a Dutch Drupal shop Versions available: 5.0.22 and 5.1.0-beta1, the latter of which supports Drupal 9.4, 10, and 11 Maintainership Actively maintained Security coverage Test coverage Two documentation guide available Number of open issues: 18 open issues, 1 of which is a bug, though it is postponed waiting for more info Usage stats: 365 sites Module features and usage This module integrates your Drupal site with the Microsoft Graph API, a unified API that provides a single endpoint for accessing data and intelligence from Microsoft 365 services, including Exchange, SharePoint, OneDrive, and more Microsoft 365 Connector includes more than a dozen submodules, each of which provide specific capabilities like Single Sign-On, syncing data to Drupal user accounts, sending Teams messages from within Drupal, and more You can also use this module to do things like automatically add an event node to your Outlook calendar, and invite other people at the same time It's worth noting that in the documentation guide the submodules are named “Office 365”, which is probably what the module was named until around 5 years ago when Microsoft retired the Office 365 name Finally, setting up this module requires registering an app in Azure AD, so it's not for the casual user. But if you're working on an intranet or similar collaboration platform for an organization that is heavily invested in the Microsoft 365 suite, this could make for a compelling integration

365 Message Center Show
What's new in the Microsoft 365 Message Center? | Ep 388

365 Message Center Show

Play Episode Listen Later Jul 28, 2025 35:18


M365 Copilot in PowerPoint will be able to access the SharePoint Org Assets Library. When you write prompts to create a slide deck, you set Copilot to use the library for images in your slides. But it is going to take some work to add metadata to the images so it can be used by Copilot. Also, Outlook Newsletters are coming soon to New Outlook. This week we learn how to control who can create them and read them.  What else will Daniel and Darrell discuss?  – Updates to SharePoint video sharing  – New Outlook for Windows and Web: Outlook Newsletters – General Availability begins for Targeted Release  – Microsoft Viva – New support for branded themes and typography in Viva Amplify  – Microsoft 365 Copilot | PowerPoint now supports enterprise image libraries via SharePoint OAL or Templafy  – Introducing the New Workflows Experience in Microsoft Teams  Join Daniel Glenn and Darrell as a Service Webster as they cover the latest messages in the Microsoft 365 Message Center.   Check out Darrell & Daniel's own YouTube channels at:  Darrell - https://youtube.com/modernworkmentor  Daniel - https://youtube.com/DanielGlenn   

All TWiT.tv Shows (Video LO)
This Week in Tech 1042: Well Played Astronomer

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Jul 28, 2025 140:03


OpenAI prepares to launch GPT-5 in August Trump's AI Action Plan Is a Crusade Against 'Bias'—and Regulation UN tech chief pleads for global AI regulatory cooperation Trump, who promised to save TikTok, threatens to shut down TikTok Google AI Mode has 100M users, 2.5 Pro & Deep Search rolls out FDA's New Drug Approval AI Is Generating Fake Studies: Report Tesla is set to face off with the California DMV over claims it exaggerated Autopilot's and FSD's capabilities and misled consumers, in a five-day Oakland trial Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day A look at Tea, a woman-only safety app with 4M users that lets users anonymously assign red or green flags to local men, as it goes viral with 900K new signups People in the UK now have to take an age verification selfie to watch porn online Intel is laying off tens of thousands and cancelling factories AMD CEO Sees Chips From TSMC's US Plant Costing 5%-20% More Spotify Publishes AI-Generated Songs From Dead Artists Without Permission DJI couldn't confirm or deny it disguised this drone to evade a US ban FCC approves Skydance-Paramount merger Gwyneth Paltrow is the new face of a kiss-cam tech scandal Julian LeFay, 'Father of The Elder Scrolls,' Has Died Aged 59 Tom Lehrer, Musical Satirist With a Dark Streak, Dies at 97 Host: Leo Laporte Guests: Molly White, Janko Roettgers, and Jacob Ward Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: smarty.com/twit zscaler.com/security expressvpn.com/twit uscloud.com spaceship.com/twit

AVWeek - MP3 Edition
Vulnerabilities Found in Microsoft's Sharepoint | AVWeek 727

AVWeek - MP3 Edition

Play Episode Listen Later Jul 28, 2025 32:59


From the rise of enterprise-grade networking to the complexities of command center interoperability, the AV world is evolving at lightning speed. And with new cybersecurity threats looming, how can companies protect themselves?In this episode of AVWeek, Patrick Norton steps in as guest host, joined by top industry guests to explore the importance of robust networks in commercial AV, the growing role of IP in command centers, and how businesses can safeguard themselves against the latest Microsoft SharePoint vulnerabilities.Host: Patrick NortonGuests:Jennifer Weaver – Jennifer on LinkedInDanny Hayasaka – Danny on LinkedInSamantha Potter – Samantha on LinkedInThis Week In AV:AV Magazine – Tomorrowland Stage ReconstructionSCN – Panasonic's Deal with ORIX Falls ThroughAVNation – Registration Opens for CEDIA Expo/Commercial Integrator ExpoThe Verge – Google Killing their Short LinksRoundtable Topics:Commercial Integrator – Networks in Enterprise-Grade ProjectsAV Network – Interoperability for Command & Control SpacesThe Verge – Vulnerability Found in Microsoft SharepointSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Radio Leo (Video HD)
This Week in Tech 1042: Well Played Astronomer

Radio Leo (Video HD)

Play Episode Listen Later Jul 28, 2025 140:03


OpenAI prepares to launch GPT-5 in August Trump's AI Action Plan Is a Crusade Against 'Bias'—and Regulation UN tech chief pleads for global AI regulatory cooperation Trump, who promised to save TikTok, threatens to shut down TikTok Google AI Mode has 100M users, 2.5 Pro & Deep Search rolls out FDA's New Drug Approval AI Is Generating Fake Studies: Report Tesla is set to face off with the California DMV over claims it exaggerated Autopilot's and FSD's capabilities and misled consumers, in a five-day Oakland trial Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day A look at Tea, a woman-only safety app with 4M users that lets users anonymously assign red or green flags to local men, as it goes viral with 900K new signups People in the UK now have to take an age verification selfie to watch porn online Intel is laying off tens of thousands and cancelling factories AMD CEO Sees Chips From TSMC's US Plant Costing 5%-20% More Spotify Publishes AI-Generated Songs From Dead Artists Without Permission DJI couldn't confirm or deny it disguised this drone to evade a US ban FCC approves Skydance-Paramount merger Gwyneth Paltrow is the new face of a kiss-cam tech scandal Julian LeFay, 'Father of The Elder Scrolls,' Has Died Aged 59 Tom Lehrer, Musical Satirist With a Dark Streak, Dies at 97 Host: Leo Laporte Guests: Molly White, Janko Roettgers, and Jacob Ward Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: smarty.com/twit zscaler.com/security expressvpn.com/twit uscloud.com spaceship.com/twit

Target Market Insights: Multifamily Real Estate Marketing Tips
Bonus Depreciation and Cost Segregation with Gian Pazzia, Ep. 733

Target Market Insights: Multifamily Real Estate Marketing Tips

Play Episode Listen Later Jul 25, 2025 39:07


Gian Pazzia is a seasoned cost segregation expert and structural engineer who has spent over 25 years helping real estate investors unlock powerful tax strategies. As a former engineer at Arthur Andersen and current leader at costsegregation.com and KBKG, Gian has worked with everyone from small landlords to major casinos and Fortune 500 companies to help them accelerate depreciation and reduce their tax burdens.    

Software Defined Talk
Episode 530: His proper name is Sasquatch

Software Defined Talk

Play Episode Listen Later Jul 25, 2025 47:37


This week, we cover AI going rogue, Cloudflare declaring independence, and the secure container craze. Plus, Matt bravely judges 9 new emoji. Watch the YouTube Live Recording of Episode (https://www.youtube.com/live/lRlWChvJ_m8?si=cZJ-0kzBrEH5ERZh) 530 (https://www.youtube.com/live/lRlWChvJ_m8?si=cZJ-0kzBrEH5ERZh) Runner-up Titles VP of getting it on Neutral trombone Good Margin Independent from what? The New Benevolence I have plenty of cynicism for other things Rundown Emojis Australian Bigfoot (https://en.wikipedia.org/wiki/Yowie) Unicode's new emoji refuses to put respect on Bigfoot's name (https://www.engadget.com/mobile/unicodes-new-emoji-refuses-to-put-respect-on-bigfoots-name-184412935.html) Matt's Rankings: Hairy Creature Trombone Treasure Chest Fight Cloud Orca Landslide Apple Core Ballet Dancers Distorted Face AI coding platform goes rogue during code freeze and deletes entire company database — Replit CEO apologizes after AI engine says it 'made a catastrophic error in judgment' and 'destroyed all production data' (https://www.tomshardware.com/tech-industry/artificial-intelligence/ai-coding-platform-goes-rogue-during-code-freeze-and-deletes-entire-company-database-replit-ceo-apologizes-after-ai-engine-says-it-made-a-catastrophic-error-in-judgment-and-destroyed-all-production-data) Cloudflare Cloudflare 1.1.1.1 Incident on July 14, 2025 (https://blog.cloudflare.com/cloudflare-1-1-1-1-incident-on-july-14-2025/) Content Independence Day: no AI crawl without compensation! (https://blog.cloudflare.com/content-independence-day-no-ai-crawl-without-compensation/) Accidental Tech Podcast: 649: Prove It With Cameras (https://atp.fm/649) Anubis Web AI Firewall (https://github.com/TecharoHQ/anubis) Announcing Model Context Protocol (MCP) Server for AWS Price List (https://aws.amazon.com/about-aws/whats-new/2025/07/model-context-protocol-server-price-list/) Chainguard builds a market, everyone else wants in. (https://redmonk.com/jgovernor/2025/07/18/chainguard-builds-a-market-everyone-else-wants-in/) Bitnami Secure Images (https://github.com/bitnami/charts/issues/35164) Relevant to your Interests Browser extensions turn Trojan and infect 2.3 million Chrome and Edge users (https://cybernews.com/security/chrome-edge-hijacked-by-eighteen-malicious-extensions/) Code was the least interesting part of my multi-agent app, and here's what that means to me (https://seroter.com/2025/07/17/code-was-the-least-interesting-part-of-my-multi-agent-app-and-heres-what-that-means-to-me/) Dell employees are not OK (https://www.yahoo.com/news/dell-employees-not-ok-135038218.html) How Uber Became A Cash-Generating Machine (https://len-sherman.medium.com/how-uber-became-a-cash-generating-machine-ef78e7a97230) Clouded Judgement 7.18.25 - The Return of the Point Solution (https://cloudedjudgement.substack.com/p/clouded-judgement-71825-the-return?utm_source=post-email-title&publication_id=56878&post_id=168595292&utm_campaign=email-post-title&isFreemail=true&r=2l9&triedRedirect=true&utm_medium=email) Mid-Year 2025 CNCF Open Source Project Velocity (https://www.cncf.io/blog/2025/07/18/a-mid-year-2025-look-at-cncf-linux-foundation-and-the-top-30-open-source-projects/) new Date("wtf") (https://jsdate.wtf/) Intel axes Clear Linux, the fastest distribution on the market — company ends support, effective immediately (https://www.tomshardware.com/software/linux/intel-axes-clear-linux-the-fastest-distribution-on-the-market-company-ends-support-effective-immediately) The Epic Battle for AI Talent—With Exploding Offers, Secret Deals and Tears (https://www.wsj.com/tech/ai/meta-ai-recruiting-mark-zuckerberg-sam-altman-140d5861?st=pBmtib&reflink=article_copyURL_share) Cursor snaps up enterprise startup Koala in challenge to GitHub Copilot (https://techcrunch.com/2025/07/18/cursor-snaps-up-enterprise-startup-koala-in-challenge-to-github-copilot/) Lovable becomes a unicorn with $200M Series A just 8 months after launch (https://techcrunch.com/2025/07/17/lovable-becomes-a-unicorn-with-200m-series-a-just-8-months-after-launch/) Apple details how it trained its new AI models, see highlights (https://9to5mac.com/2025/07/21/apple-details-how-it-trained-its-new-ai-models-4-interesting-highlights/) Instacart's former CEO is taking the reins of a big chunk of OpenAI (https://www.theverge.com/openai/710836/instacarts-former-ceo-is-taking-the-reins-of-a-big-chunk-of-openai) The Enshittification of American Power (https://www.wired.com/story/enshittification-of-american-power/) Customer guidance for SharePoint vulnerability CVE-2025-53770 (https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/) Mike Lynch's Estate Ordered to Pay Hewlett Packard $945 Million (https://www.nytimes.com/2025/07/22/business/dealbook/mike-lynch-hp.html) OpenAI announces ChatGPT agent for web browsing (https://mashable.com/article/openai-announces-chatgpt-agent-web-browsing) OpenAI's new ChatGPT Agent can control an entire computer and do tasks for you (https://www.theverge.com/ai-artificial-intelligence/709158/openai-new-release-chatgpt-agent-operator-deep-research) ChatGPT Numbers (https://www.threads.com/@axios/post/DMXssSjuHax?xmt=AQF0UNyFv8CGZkBsSBbi7XWeXnW67U-Y-ZWQEwDod8lyhA) Move Mesos to the Attic (https://lists.apache.org/list.html?dev@mesos.apache.org) Anthropic hired back two of its employees — just two weeks after they left for a competitor. (https://www.theverge.com/ai-artificial-intelligence/708521/anthropic-hired-back-two-of-its-employees-just-two-weeks-after-they-left-for-a-competitor) Investors Float Deal Valuing Anthropic at More Than $100 Billion (https://www.theinformation.com/articles/investors-float-deal-valuing-anthropic-100-billion) Nonsense Coldplay's Kiss Cam Exposes Astronomer's CEO Andy Byron Alleged Affair With HR Chief Kristin Cabot (https://www.yahoo.com/entertainment/articles/coldplay-kiss-cam-exposes-astronomer-142620411.html) Unicode's new emoji refuses to put respect on Bigfoot's name (https://www.engadget.com/mobile/unicodes-new-emoji-refuses-to-put-respect-on-bigfoots-name-184412935.html) Atari Is Re-Releasing Its 2600+ To Celebrate Pac-Man's 45th Birthday (https://www.timeextension.com/news/2025/07/atari-is-re-releasing-its-2600plus-to-celebrate-pac-mans-45th-birthday) Conferences Sydney Wizdom Meet-Up (https://www.wiz.io/events/sydney-wizdom-meet-up-aug-2025), Sydney, August 7. Matt will be there. SpringOne (https://www.vmware.com/explore/us/springone?utm_source=organic&utm_medium=social&utm_campaign=cote), Las Vegas, August 25th to 28th, 2025. See Coté's pitch (https://www.youtube.com/watch?v=f_xOudsmUmk). Explore 2025 US (https://www.vmware.com/explore/us?utm_source=organic&utm_medium=social&utm_campaign=cote), Las Vegas, August 25th to 28th, 2025. See Coté's pitch (https://www.youtube.com/shorts/-COoeIJcFN4). Wiz Capture the Flag (https://www.wiz.io/events/capture-the-flag-brisbane-august-2025), Brisbane, August 26. Matt will be there. SREDay London (https://sreday.com/2025-london-q3/), Coté speaking, September 18th and 19th. Civo Navigate London (https://www.civo.com/navigate/london/2025), Coté speaking, September 30th. Texas Linux Fest (https://2025.texaslinuxfest.org), Austin, October 3rd to 4th. CFP closes August 3rd (https://www.papercall.io/txlf2025). CF Day EU (https://events.linuxfoundation.org/cloud-foundry-day-europe/), Frankfurt, October 7th, 2025. AI for the Rest of Us (https://aifortherestofus.live/london-2025), Coté speaking, October 15th to 16th, London. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: Magic Keyboard with Touch ID and Numeric Keypad for Mac (https://www.apple.com/shop/product/MXK83LL/A/magic-keyboard-with-touch-id-and-numeric-keypad-for-mac-models-with-apple-silicon-usb-c-us-english-black-keys?fnode=9586aab2077eb774c28648c4795309d1121a0be316d0cef51e8ecb4f03f94a17a88ca466c99d3d3ce977c5a3933a01e4a9d465d8c36e6a9db43dcd2fdd97c814f69fee0a947209242f7e16f10d07223c5fa2dd831c66ffc4bca1a0c99c10f58ec0b7562aa4f1a834e276771b7ef3bfa8&fs=f%3Dkeyboard%26fh%3D36f4%252B4603) Matt: Spirited (https://www.imdb.com/title/tt1524415/) Photo Credits Header (https://unsplash.com/photos/a-statue-of-a-gorilla-sitting-on-top-of-a-wooden-bench-p9uwu_LDmoc)

Security Conversations
Microsoft Sharepoint security crisis: Faulty patches, Toolshell zero-days

Security Conversations

Play Episode Listen Later Jul 25, 2025 115:13


Three Buddy Problem - Episode 55: A SharePoint zero-day exploit chain from Pwn2Own Berlin becomes a full-blown security crisis with Chinese nation-state actors exploiting vulnerabilities that Microsoft struggled to patch properly, leading to trivial bypasses and a cascade of new CVEs. The timeline is messy, the patches are faulty, and ransomware groups are lining up to join the party. We also revisit the ProPublica bombshell about Microsoft's "digital escorts" and U.S. government data exposure to Chinese adversaries and the company's "oops, we will stop" response. Plus, trusting Google's Big Sleep AI claims and a cautionary tale about AI agents gone rogue that wiped out a production database. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Cyber Security Today
Sharepoint Hack Reaches Crisis Level and more: Cybersecurity Today for July 25, 2025

Cyber Security Today

Play Episode Listen Later Jul 25, 2025 13:07


The recent Sharepoint hack is spreading like wildfire through unpatched systems. All this and more on today's episode with guest host David Shipley. 

Check Point CheckMates Cyber Security Podcast
S07E12: SharePoint CVEs and More!

Check Point CheckMates Cyber Security Podcast

Play Episode Listen Later Jul 25, 2025 10:11


PhoneBoy plays an excerpt from our SharePoint CVEs Deep Dive, 3 Features You Should Start Using, different DNS servers per domain, using dnsmasq prior to R82, interpreting fwaccel stat output, ordered versus inline layers, and a SmartConsole cheat cheat.

The CyberWire
Powering AI with politics.

The CyberWire

Play Episode Listen Later Jul 24, 2025 29:09


The White House unveils its plan for global AI dominance. Microsoft warns that recent SharePoint server exploitation may extend to ransomware. A phishing campaign targeting the U.S. Department of Education's grants portal. The FBI issues a warning about “The Com” cybercriminal group. SonicWall urges users to patch a critical vulnerability. A new supply chain attack has compromised several popular NPM packages. Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals. Japanese police release a free decryption tool for Phobos ransomware. AI takes the wheel and drives right off a cliff. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals, highlighting severe vulnerabilities that small businesses often overlook. If you want to hear more from Joe, head over to the Hacking Humans page. Selected Reading From Tech Podcasts to Policy: Trump's New AI Plan Leans Heavily on Silicon Valley Industry Ideas (SecurityWeek) Hackers hit more than 400 organizations in Microsoft SharePoint hacks (Axios) Microsoft says some SharePoint server hackers now using ransomware (Reuters) Hackers Clone U.S. Department of Education's Grant Site in Credential Theft Campaign (TechNadu) Copilot Vision on Windows 11 sends data to Microsoft servers (The Register) FBI: Thousands of people involved in 'The Com' targeting victims with ransomware, swatting (The Record) SonicWall urges admins to patch critical RCE flaw in SMA 100 devices (Bleeping Computer) High-Value NPM Developers Compromised in New Phishing Campaign (SecurityWeek) Free decryptor for victims of Phobos ransomware released (Fortra) 'I destroyed months of your work in seconds' says AI coding tool after deleting a dev's entire database during a code freeze: 'I panicked instead of thinking' (PC Gamer) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Thursday, July 24th, 2025: Reversing SharePoint Exploit; NPM “is” Compromise;

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jul 24, 2025 6:53


Reversing SharePoint Toolshell Exploits CVE-2025-53770 and CVE-2025-53771 A quick walk-through showing how to decode the payload of recent SharePoint exploits https://isc.sans.edu/diary/Analyzing%20Sharepoint%20Exploits%20%28CVE-2025-53770%2C%20CVE-2025-53771%29/32138 Compromised JavaScript NPM is Package The popular npm package is was compromised by malware. Luckily, the malicious code was found quickly, and it was reversed after about five hours. https://socket.dev/blog/npm-is-package-hijacked-in-expanding-supply-chain-attack Microsoft Quick Machine Recovery Microsoft added a new quick machine recovery feature to Windows 11. If the system is stuck in a reboot loop, it will boot to a rescue partition and attempt to find fixes from Microsoft. https://learn.microsoft.com/en-gb/windows/configuration/quick-machine-recovery/?tabs=intune

Tech News Weekly (MP3)
TNW 397: Meta's New Muscle-Reading Wristband - Meta's Prototype Wrist-Based Controllers

Tech News Weekly (MP3)

Play Episode Listen Later Jul 24, 2025 69:36


Dan Moren joins Mikah Sargent for this episode of Tech News Weekly! A zero-day bug was discovered in Microsoft's SharePoint. T-Mobile's new satellite texting service, T-Satellite. Apple announces AppleCare One. And Meta's Reality Labs published new papers on the latest advancements in its wrist-based controllers. Mikah shares details about the zero-day bug discovered in Microsoft's SharePoint on Monday, which affected over 400 organizations worldwide. Jeff Carlson of CNET spent some time using T-Mobile's new satellite-based texting service, T-Satellite, and shares his thoughts on the company's Starlink-based service. Dan Moren talks about Apple's latest iteration of its device coverage program, AppleCare One, a $19.99/month subscription that covers up to three devices of your choice. Breaking news as Apple's iOS 26 Public Beta arrives Thursday morning! And Mikah talks about the latest on Meta's wrist-based controllers that use surface electromyography (sEMG) to allow you to interact with paired devices. Hosts: Mikah Sargent and Dan Moren Guest: Jeff Carlson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsor: zocdoc.com/tnw

Tech News Weekly (Video HI)
TNW 397: Meta's New Muscle-Reading Wristband - Meta's Prototype Wrist-Based Controllers

Tech News Weekly (Video HI)

Play Episode Listen Later Jul 24, 2025 69:36


Dan Moren joins Mikah Sargent for this episode of Tech News Weekly! A zero-day bug was discovered in Microsoft's SharePoint. T-Mobile's new satellite texting service, T-Satellite. Apple announces AppleCare One. And Meta's Reality Labs published new papers on the latest advancements in its wrist-based controllers. Mikah shares details about the zero-day bug discovered in Microsoft's SharePoint on Monday, which affected over 400 organizations worldwide. Jeff Carlson of CNET spent some time using T-Mobile's new satellite-based texting service, T-Satellite, and shares his thoughts on the company's Starlink-based service. Dan Moren talks about Apple's latest iteration of its device coverage program, AppleCare One, a $19.99/month subscription that covers up to three devices of your choice. Breaking news as Apple's iOS 26 Public Beta arrives Thursday morning! And Mikah talks about the latest on Meta's wrist-based controllers that use surface electromyography (sEMG) to allow you to interact with paired devices. Hosts: Mikah Sargent and Dan Moren Guest: Jeff Carlson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsor: zocdoc.com/tnw

All TWiT.tv Shows (MP3)
Tech News Weekly 397: Meta's New Muscle-Reading Wristband

All TWiT.tv Shows (MP3)

Play Episode Listen Later Jul 24, 2025 69:36 Transcription Available


Dan Moren joins Mikah Sargent for this episode of Tech News Weekly! A zero-day bug was discovered in Microsoft's SharePoint. T-Mobile's new satellite texting service, T-Satellite. Apple announces AppleCare One. And Meta's Reality Labs published new papers on the latest advancements in its wrist-based controllers. Mikah shares details about the zero-day bug discovered in Microsoft's SharePoint on Monday, which affected over 400 organizations worldwide. Jeff Carlson of CNET spent some time using T-Mobile's new satellite-based service, T-Satellite, and shares his thoughts on the company's Starlink-based service. Dan Moren talks about Apple's latest iteration of its device coverage program, AppleCare One, a $19.99/month subscription that covers up to three devices of your choice. Breaking news as Apple's iOS 26 Public Beta arrives Thursday morning! And Mikah talks about the latest on Meta's wrist-based controllers that use surface electromyography (sEMG) to allow you to interact with paired devices. Hosts: Mikah Sargent and Dan Moren Guest: Jeff Carlson Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsor: zocdoc.com/tnw

TechLinked
Nvidia N1X Delay, U.S. A.I. Action Plan + more!

TechLinked

Play Episode Listen Later Jul 24, 2025 8:50


Timestamps: 0:00 Nvidia's N1X Arm CPU delayed 1:28 US AI Action Plan 4:22 N-able! 5:04 QUICK BITS INTRO 5:11 Switch 2 is fastest-selling game hardware 5:43 SharePoint cyberattacks update 6:12 PS5 eco-friendly Power Saver mode 6:49 Meta's gesture control wristband 7:22 Google Photos can become videos NEWS SOURCES: https://lmg.gg/xkNAq Learn more about your ad choices. Visit megaphone.fm/adchoices

Paul's Security Weekly
Protecting G-Suite/MS365 and Security News - Abhishek Agrawal - PSW #884

Paul's Security Weekly

Play Episode Listen Later Jul 24, 2025 131:14


We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: Google Sues Badbox operators Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me Ring cameras that were not hacked Malicous AURs Killing solar farms Weak passwords are all it takes Microsoft's UEFI keys are expiring Kali Linux and Raspberry PI Wifi updates Use lots of electricity, get a visit from law enforcement Sharepoint, vulnerabilities, nuclear weapons, and why you should use the cloud The time to next exploit is short Sonicwall devices are getting exploited How not to vibe code SMS blasters This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to see purpose-built Google Workspace and Office 365 security in action! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-884

Caveat
The clock's ticking and the bots are clicking.

Caveat

Play Episode Listen Later Jul 24, 2025 40:43


This week, Ben's story is on the looming expiration of the Cybersecurity Information Sharing Act (CISA 2015), a widely supported but currently stalled law that enables cyber threat data sharing between the private sector and government, now at risk of lapsing by September 30 due to congressional inaction and conflicting priorities. Dave's got the story of how a Georgia court's AI-fueled legal blunder has sparked growing concern that overworked judges nationwide could increasingly miss fake citations generated by AI, prompting urgent calls for better tech training, oversight, and ethical guidance to safeguard the integrity of the U.S. justice system. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Complete our annual ⁠⁠audience survey⁠⁠ before August 31. Links to today's stories: Time's running out on a key cyber info-sharing law It's “frighteningly likely” many US courts will overlook AI errors, expert says ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠Caveat Briefing⁠⁠⁠ covers a major cyber espionage campaign exploiting a zero-day flaw in Microsoft's SharePoint server software, compromising about 100 organizations—mostly in the U.S. and Germany—including government entities. Researchers warn that thousands more servers could be at risk, and while Microsoft has issued patches, experts stress that full remediation requires more than just updating software, as a China-linked threat actor may be behind the ongoing intrusions. ⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

Morning Announcements
Wednesday, July 23rd, 2025 - Epstein files vote blocked; Trump's latest oval rant; China hacks SharePoint; 28 countries condemn Israel & more

Morning Announcements

Play Episode Listen Later Jul 23, 2025 9:12


Today's Headlines: House Speaker Mike Johnson ended the congressional session early to block a vote on releasing Jeffrey Epstein case files, just as the House Oversight Committee moved to subpoena Ghislaine Maxwell. Trump's deputy AG (and personal lawyer) is set to visit Maxwell in prison, while Trump dismissed it all as a “witch hunt.” During an Oval Office sit-in with Philippine President Marcos Jr., Trump called for Barack Obama to be charged with treason over the Russia investigation—prompting a rare rebuke from Obama's office. Trump also claimed he'll receive $20 million in ad commitments from Skydance Media—soon to merge with Paramount—on top of a recent $16 million settlement, prompting Senator Warren to consider an investigation. Meanwhile, Microsoft warned of a major China-linked cyberattack on SharePoint, impacting nearly 100 institutions. Abroad, 28 countries condemned Israel's aid blockade in Gaza after 80 Palestinians were killed near an aid drop, and U.S.-Israel-Syria talks are expected amid Israeli strikes on Damascus. Trump also announced a new trade deal with Japan involving “reciprocal tariffs” and a vague $550 billion investment. Finally, the U.S. Olympic Committee banned trans women from competing in women's sports, following a Trump executive order. Resources/Articles mentioned in this episode: Axios: House bails early for its August recess amid Epstein files uproar  WaPo: Justice Dept. seeks meeting with Ghislaine Maxwell amid Epstein outrage  AP News: Trump rehashes Russia investigation grievances after intelligence report  WSJ: Trump Expects $20 Million More in Ad Dollars From ‘60 Minutes' Settlement Axios: Microsoft hack risk spreads as cybercriminals and nation-states pile in ABC News: 28 countries sign statement calling for end of war in Gaza Axios: Scoop: U.S. to mediate Israel-Syria meeting Thursday to avoid new crises WSJ: Trump Says U.S. and Japan Reach Trade Deal Axios: U.S. Olympic committee bans trans women from competing in women's sports Morning Announcements is produced by Sami Sage and edited by Grace Hernandez-Johnson Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
SharePoint springs a leak.

The CyberWire

Play Episode Listen Later Jul 23, 2025 30:55


The National Nuclear Security Administration was among the organizations impacted by the SharePoint zero-day. Experts testify before congress that OT security still lags.The FBI warns healthcare and critical infrastructure providers about Interlock ransomware. New York proposes new cybersecurity regulations for water and wastewater systems along with grants to fund them. Researchers uncover an active cryptomining campaign targeting cloud environments. A new variant of the Coyote banking trojan exploits Microsoft's Windows UI Automation (UIA) framework for credential theft. The DoD pilots an agentic AI project aimed at helping military planners critique and enhance war plans. Clorox sues its former IT service provider for $380 million. Our guest is Tim Starks from CyberScoop discussing sanctions on Russian hackers and spies. Pirate Prime, do the time. CyberWire Guest Today we are joined by Tim Starks from CyberScoop discussing research on "UK sanctions Russian hackers, spies as US weighs its own punishments for Russia.” Selected Reading US nuclear weapons agency reportedly breached in Microsoft SharePoint attacks (The Verge) Fully Operational Stuxnet 15 Years Later & the Evolution of Cyber Threats to Critical Infrastructure (US House of Representatives Cybersecurity and Infrastructure Protection Subcommittee Hearing) European healthcare network AMEOS Group hit by cyberattack (Beyond Machines) FBI urges vigilance against Interlock ransomware group behind recent healthcare attacks (The Record) New York unveils new cyber regulations, $2.5 million grant program for water systems (The Record) Soco404: Multiplatform Cryptomining Campaign (Wiz) Coyote malware abuses Windows accessibility framework for data theft (Bleeping Computer) Thunderforge Brings AI Agents to Wargames (IEEE Spectrum) Clorox Sues Cognizant for Causing 2023 Cyber-Attack (Infosecurity Magazine) Operator of Jetflix illegal streaming service gets 7 years in prison (Bleeping Computer) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Techmeme Ride Home
Wed. 07/28 – Don't Sleep On That SharePoint Exploit

Techmeme Ride Home

Play Episode Listen Later Jul 23, 2025 17:15


Don't sleep on that SharePoint exploit from earlier this week as it seems to have led to a ton of still active breaches. Apple has a new insurance plan for you. Elon wants even more money for xAI. The Chinese are still churning ahead with their AI models. And three different stories about AI and privacy.Links:Microsoft links Sharepoint ToolShell attacks to Chinese hackers (BleepingComputer)Apple Launches $20-a-Month AppleCare One Plan Covering Up to Three Devices (Bloomberg)Musk Allies to Raise Up to $12 Billion for xAI Chips as Startup Burns Through Cash (WSJ)Qwen3-Coder: Agentic Coding in the World (Simon Willison)Alibaba's new open source Qwen3-235B-A22B-2507 beats Kimi-2 and offers low compute version (VentureBeat)Amazon buys Bee AI wearable that listens to everything you say (The Verge)Proton is launching a privacy-focused AI chatbot (The Verge)OpenAI CEO Sam Altman warns of an AI ‘fraud crisis' (CNN)See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday, July 23rd, 2025: Sharepoint 2016 Patch; MotW Privacy and WinZip; Interlock Ransomware; Sophos Patches

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jul 23, 2025 6:17


Microsoft Updates SharePoint Vulnerability Guidance CVE-2025-53770 and CVE-2025-53771 Microsoft released its update for SharePoint 2016, completing the updates across all currently supported versions. https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ WinZip MotW Privacy Starting with version 7.10, WinZip introduced an option to no longer include the download URL in zip files as part of the Mark of the Web (MotW). https://isc.sans.edu/diary/WinRAR%20MoTW%20Propagation%20Privacy/32130 Interlock Ransomware Several government agencies collaborated to create an informative and comprehensive overview of the Interlock ransomware. Just like prior writeups, this writeup is very informative, including many technical details useful to detect and block this ransomware. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a Sophos Firewall Updates Sophos patched five different vulnerabilities in its firewalls. Two of them are critical, but these only affect a small percentage of users. https://www.sophos.com/en-us/security-advisories/sophos-sa-20250721-sfos-rce

Risky Business
Risky Business #799 -- Everyone's Sharepoint gets shelled

Risky Business

Play Episode Listen Later Jul 23, 2025 73:55


Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss: Microsoft tried to make outsourcing the Pentagon's cloud maintenance to China okay (it was not) She shells Sharepoint by the sea-shore (by ‘she' we mean ‘China') Four (alleged) Scattered Spider members arrested (and bailed) in the UK Hackers spend $2700 to buy creds for a Brazilian payment system, steal $100M Fortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things! This week's episode is sponsored by Airlock Digital. CEO David Cottingham talks through what it takes to build a mature, resilient management platform for a security critical system. This episode is also available on Youtube. Show notes Update on DOD's cloud services Microsoft to stop using engineers in China for tech support of US military, Hegseth orders review A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers While DOD policy bans unauthorized apps like TikTok from being on employees phones over national security risks Microsoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on Security National Guard was hacked by China's 'Salt Typhoon' group, DHS says Suspected contractor for China's Hafnium group arrested in in Italy | Cybersecurity Dive Singapore accuses Chinese state-backed hackers of attacking critical infrastructure networks | The Record from Recorded Future News UK Arrests Four in ‘Scattered Spider' Ransom Group – Krebs on Security Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods Brazilian police arrest IT worker over $100 million cyber theft | The Record from Recorded Future News At Least 750 US Hospitals Faced Disruptions During Last Year's CrowdStrike Outage, Study Finds | WIRED Hacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment | The Record Indian crypto exchange CoinDCX says $44 million stolen from reserves | The Record Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks | The Record PoisonSeed bypassing FIDO keys to ‘fetch' user accounts Risky Bulletin: Browser extensions hijacked for web scraping botnet A Startup is Selling Data Hacked from Peoples' Computers to Debt Collectors A surveillance vendor was caught exploiting a new SS7 attack to track people's phone locations | TechCrunch Ukrainian hackers wipe databases at Russia's Gazprom in major cyberattack, intelligence source says File transfer company CrushFTP warns of zero-day exploit seen in the wild | The Record HPE warns of hardcoded passwords in Aruba access points Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) Researchers, CISA confirm active exploitation of critical Citrix Netscaler flaw | Cybersecurity Dive Google finds custom backdoor being installed on SonicWall network devices - Ars Technica Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years

The CyberWire
The SharePoint siege goes strategic.

The CyberWire

Play Episode Listen Later Jul 22, 2025 33:17


Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia's financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state portal cyberattack.  Hungarian police arrest a man accused of launching DDoS attacks on independent media outlets. On our Threat Vector segment guest host ⁠Michael Sikorski⁠ ⁠and Michael Daniel⁠ of the Cyber Threat Alliance (CTA) explore cybersecurity collaboration. A Spyware kingpin wants back in. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector segment, host David Moulton turns the mic over to guest host ⁠Michael Sikorski⁠ and his guest ⁠Michael Daniel⁠ of the Cyber Threat Alliance (CTA) for a deep dive into cybersecurity collaboration. You can hear Michael and Michael's full discussion on Threat Vector ⁠⁠⁠here⁠⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets (SecurityWeek) Microsoft: Windows Server KB5062557 causes cluster, VM issues (Bleeping Computer)  File transfer company CrushFTP warns of zero-day exploit seen in the wild (The Record) UK to lead crackdown on cyber criminals with ransomware measures (GOV.UK) Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims (Infosecurity Magazine) Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks (Infosecurity Magazine) WordPress spam campaign abuses Google Tag Manager scripts (SC Media) After website hack, Arizona election officials unload on Trump's CISA (CyberScoop) Hungarian police arrest suspect in cyberattacks on independent media (The Record) Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry (TechCrunch) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices