Podcasts about Sophos

Researchers uncover a major privacy violation involving tracking scripts from Meta and Yandex. A compliance automation firm discloses a data breach. PumaBot stalks vulnerable IoT devices. The Ramnit banking trojan gets repurposed for ICS intrusions. The North Face suffers a credential stuffing attack. Kaspersky says the Black Owl team is a cyber threat to Russia. CISA releases ISC advisories. An Indian grocery delivery startup suffers a devastating data wiping attack. The UK welcomes their new Cyber and Electromagnetic (CyberEM) Command. Our guest is Rohan Pinto, CTO of 1Kosmos, discussing the implications of AI deepfakes for biometric security. The cybersecurity sleuths at Sophos unravel a curious caper. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Rohan Pinto, CTO of 1Kosmos, and he is discussing the implications of AI deepfakes for biometric security. Selected Reading Meta and Yandex are de-anonymizing Android users' web browsing identifiers (Ars Technica) Vanta leaks customer data due to product code change (Beyond Machines) New Linux PumaBot Attacking IoT Devices by Brute-Forcing SSH Credentials (Cyber Security News) Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift (SecurityWeek) The North Face warns customers of April credential stuffing attack (Bleeping Computer) Pro-Ukraine hacker group Black Owl poses ‘major threat' to Russia, Kaspersky says (The Record) CISA Releases ICS Advisories Covering Vulnerabilities & Exploits (Cyber Security News) Indian grocery startup KiranaPro was hacked and its servers deleted, CEO confirms (TechCrunch) UK CyberEM Command to spearhead new era of armed conflict (The Register) Widespread Campaign Targets Cybercriminals and Gamers  (Infosecurity Magazine) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

En un contexto donde la sofisticación de los ataques obliga a reforzar las defensas, Sophos presenta MSP Elevate, un programa diseñado para que los proveedores de servicios gestionados eleven su oferta en ciberseguridad con soluciones exclusivas, optimización operativa y recompensas por crecimiento.

The European Vulnerability Database (EUVD) has officially launched, providing a vital platform for monitoring critical security flaws amid challenges faced by the U.S. in cybersecurity funding and management. This initiative aims to enhance transparency and deliver essential information on vulnerabilities, addressing gaps left by the U.S. Common Vulnerabilities and Exposures program, which has been hindered by budget cuts and operational delays. The EUVD not only identifies disclosed bugs but also offers real-time updates on critical vulnerabilities, ensuring users have access to the latest security risk information.As the EUVD begins operations, it highlights a strategic divergence in cybersecurity approaches between the EU and the U.S., which could have direct implications for Managed Service Providers (MSPs) and their clients. If U.S. vulnerability reporting continues to decline, there may be a shift towards EUVD as a primary source for global security tooling and threat feeds. This would necessitate a reevaluation of the sources used for threat detection and patch prioritization by providers, especially if vendor feeds start integrating EUVD data more directly.In the realm of artificial intelligence, tech executives are increasingly adopting agentic AI, with nearly half of respondents in a recent survey indicating they have begun implementing such systems. However, despite the enthusiasm, many organizations are struggling to achieve significant returns on their AI investments, with only a small percentage reporting successful scaling of AI initiatives. The disconnect between ambition and execution presents an opportunity for IT service providers to bridge the gap and help organizations effectively deploy AI solutions.Additionally, product-related news highlights the launch of new tools aimed at enhancing cybersecurity and operational efficiency for MSPs. Coro has introduced a Security Awareness Training module to combat phishing attacks, while Sophos has launched a program to help MSPs expand their cybersecurity offerings. FlexPoint and StackPak have also secured funding to enhance their platforms, focusing on automating payment processes and improving vendor management, respectively. These developments underscore the growing importance of AI-driven operational tools and the need for MSPs to deepen their involvement in their clients' business operations. Four things to know today 00:00 Europe Launches Public Vulnerability Database as U.S. Transparency Falters04:29 Despite Bold Claims on Agentic AI, Most Firms Struggle to Scale—AT&T's Open-Source Model Stands Out07:56 From Phishing Defense to AI Payments: Vendors Equip MSPs to Tackle Operational Complexity11:26 Overpatching May Be a Bigger Risk Than Underpatching, Gartner VP Warns Supported by:  https://afi.ai/office-365-backup/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

In a special episode of Behind the Deal live from Miami at Thoma Bravo's Annual Meeting in March 2025, Thoma Bravo Managing Partner Seth Boro welcomes two prominent leaders in the cybersecurity industry: Jill Popelka, CEO of Darktrace, and Joe Levy, CEO of Sophos. Cybersecurity has been a focus of Thoma Bravo's investment strategy since 2008, driven by the growing complexities of an increasingly digital world. Jill Popelka shares a perspective on Darktrace's pioneering use of AI in cybersecurity and the evolution of AI-driven software. Joe Levy of Sophos provides insights on scaling cybersecurity solutions and the future of the industry. Together, the leaders shared insights on how their companies are leading the cyber industry to protect their customers from advanced zero-day cyber threats. To learn more about listener data and our privacy practices visit: https://www.audacyinc.com/privacy-policy Learn more about your ad choices. Visit https://podcastchoices.com/adchoices

Elfogyott az adatkeret húsvét után? Most egy mozdulattal segíthetsz rajta Digital Hungary     2025-04-22 11:03:00     Mobiltech Hétvége Innováció Húsvét Yettel Az ünnepi hétvégék és hosszabb családi együttlétek után sokan szembesülnek vele, hogy az adatkeret nem minden esetben végtelen. Legyen szó húsvéti videóhívásokról, közösen nézett online filmekről vagy útvonaltervezésről, könnyen előfordulhat, hogy egy barát vagy családtag net nélkül marad – épp a legrosszabb pillanatban. A Yettel legújabb innováció Saját közösségi hálóval vágna vissza Musknak az OpenAI ICT Global     2025-04-22 05:03:24     Infotech Mesterséges intelligencia Elon Musk Instagram OpenAI Saját közösségi hálózat építését fontolgatja az OpenAI. Ezzel főként Elon Musk X-ének, valamint a Meta Instagramjának kíván konkurenciát állítani - tudta meg egy, a terveket ismerő forrástól a CNBC. Már 24 éves korban is lehet összefüggés az Alzheimer-kór rizikófaktorai és a kognitív funkciók között Telex     2025-04-22 13:28:47     Tudomány Alzheimer-kór Jóval korábban hatással lehetnek a gondolkodásra, mint eddig gondoltuk, ez is mutatja a korai prevenció fontosságát. Fény derült a rejtélyes emberi szerv funkciójára 24.hu     2025-04-22 14:20:31     Tudomány Az 1870-ben felfedezett rete ovariit egészen mostanáig csökevényesnek, haszontalannak hitték. Itt a tavasz, érkeznek a kullancsok – már egy appon keresztül is be lehet jelenteni a gyanús vérszívókat Helló Sajtó!     2025-04-22 10:45:08     Tudomány Tavasz Lyme-kór Kullancs Évek óta tart a HUN-REN Ökológiai Kutatóközpont Kullancsfigyelő programja. Mostantól a Kullancsfigyelő oldal mellett a PragmaTick mobilalkalmazás is segíti a nem őshonos Hyalomma kullancsok monitorozását. Mutatjuk, hogy működik az app. Továbbra is a zsarolóvírus a legnagyobb fenyegetés mmonline.hu     2025-04-22 07:53:48     Mobiltech Kiberbiztonság KKV Kibertámadás A Sophos kiadta a 2025-ös Éves Fenyegetettségi Jelentését ( Threat Report), amely kiemeli a 2024-ben a kis és középvállalkozásokat érő legnagyobb fenyegetéseket. A Sophos Incident Response (IR) és a Sophos Managed Detection and Response (MDR) esetei alapján a támadók leggyakrabban hálózati éleszközökön például tűzfalakon, routereken és VPN-eken ker Üresen, videók nélkül kezdett el megjelenni a YouTube kezdőoldala sokak gépén, mobilján PC Fórum     2025-04-22 08:00:00     Infotech Húsvét Google YouTube Böngésző Húsvét alatt a YouTube-felhasználók egy részét kellemetlen és zavarba ejtő meglepetés fogadta ha elindították az ismert videómegosztó alkalmazást, vagy megnyitották annak honlapját böngészőjükben. A Google szolgáltatásának kezdőlapja ugyanis abszolút videók nélkül, vagy a felhasználó korábban tanúsított érdeklődésével gyakorlatilag nulla kapcsolatb Rendszeresen tartanak alkoholmámoros lakomákat a bissau-guineai csimpánzok Qubit     2025-04-22 11:01:57     Tudomány Alkohol Guinea A táplálékon egyébként ritkán osztozkodó főemlősök az etanolosan erjedő kenyérgyümölcs érésekor vendégelik meg egymást. Kiberbiztonsági cég vásárol hackerfórumokon fiókokat, hogy bűnözők után kémkedjen NKI     2025-04-22 06:51:05     Infotech Svájc Kiberbiztonság Hacker Kibertámadás Kémkedés A svájci Prodaft kiberbiztonsági cég új programja keretében hitelesített és régebbi hackerfórum-fiókokat vásárol, hogy információkat gyűjtsön a kiberbűnözőkről. Régi korok eltűnt medreire bukkantak a Sárköz földjén Index     2025-04-22 14:57:00     Tudomány A Föld napján debütál a Sárköz – Terra Benedicta – A Dunamentének áldott földje című rövidfilm. Így képzeli el Jézus Krisztust a mesterséges intelligencia ATV     2025-04-22 01:33:00     Külföld Olaszország Mesterséges intelligencia A mesterséges intelligencia a torinói lepel alapján fotórealisztikus képet, majd animációt készített arról, hogyan nézhetett ki Jézus Krisztus. Elszabadulhat a szuperintelligencia a Google exvezére szerint – Már csak 3-5 éve van a világnak felkészülni erre Médiapiac     2025-04-22 08:00:00     Infotech Mesterséges intelligencia Google Eric Schmidt, a Google korábbi vezérigazgatója nemrégiben aggasztó jóslatot tett a mesterséges intelligencia (MI) jövőjéről. Ez már a valóság: a NASA-nál épül az emberiség első Hold körüli űrállomása vg.hu     2025-04-22 07:01:00     Külföld Világűr NASA Űrállomás A Halo az első modulja a Gatewaynek, amely a Hold körüli otthonuk lesz az űrhajósoknak. A további adásainkat keresd a podcast.hirstart.hu oldalunkon.

Elfogyott az adatkeret húsvét után? Most egy mozdulattal segíthetsz rajta Digital Hungary     2025-04-22 11:03:00     Mobiltech Hétvége Innováció Húsvét Yettel Az ünnepi hétvégék és hosszabb családi együttlétek után sokan szembesülnek vele, hogy az adatkeret nem minden esetben végtelen. Legyen szó húsvéti videóhívásokról, közösen nézett online filmekről vagy útvonaltervezésről, könnyen előfordulhat, hogy egy barát vagy családtag net nélkül marad – épp a legrosszabb pillanatban. A Yettel legújabb innováció Saját közösségi hálóval vágna vissza Musknak az OpenAI ICT Global     2025-04-22 05:03:24     Infotech Mesterséges intelligencia Elon Musk Instagram OpenAI Saját közösségi hálózat építését fontolgatja az OpenAI. Ezzel főként Elon Musk X-ének, valamint a Meta Instagramjának kíván konkurenciát állítani - tudta meg egy, a terveket ismerő forrástól a CNBC. Már 24 éves korban is lehet összefüggés az Alzheimer-kór rizikófaktorai és a kognitív funkciók között Telex     2025-04-22 13:28:47     Tudomány Alzheimer-kór Jóval korábban hatással lehetnek a gondolkodásra, mint eddig gondoltuk, ez is mutatja a korai prevenció fontosságát. Fény derült a rejtélyes emberi szerv funkciójára 24.hu     2025-04-22 14:20:31     Tudomány Az 1870-ben felfedezett rete ovariit egészen mostanáig csökevényesnek, haszontalannak hitték. Itt a tavasz, érkeznek a kullancsok – már egy appon keresztül is be lehet jelenteni a gyanús vérszívókat Helló Sajtó!     2025-04-22 10:45:08     Tudomány Tavasz Lyme-kór Kullancs Évek óta tart a HUN-REN Ökológiai Kutatóközpont Kullancsfigyelő programja. Mostantól a Kullancsfigyelő oldal mellett a PragmaTick mobilalkalmazás is segíti a nem őshonos Hyalomma kullancsok monitorozását. Mutatjuk, hogy működik az app. Továbbra is a zsarolóvírus a legnagyobb fenyegetés mmonline.hu     2025-04-22 07:53:48     Mobiltech Kiberbiztonság KKV Kibertámadás A Sophos kiadta a 2025-ös Éves Fenyegetettségi Jelentését ( Threat Report), amely kiemeli a 2024-ben a kis és középvállalkozásokat érő legnagyobb fenyegetéseket. A Sophos Incident Response (IR) és a Sophos Managed Detection and Response (MDR) esetei alapján a támadók leggyakrabban hálózati éleszközökön például tűzfalakon, routereken és VPN-eken ker Üresen, videók nélkül kezdett el megjelenni a YouTube kezdőoldala sokak gépén, mobilján PC Fórum     2025-04-22 08:00:00     Infotech Húsvét Google YouTube Böngésző Húsvét alatt a YouTube-felhasználók egy részét kellemetlen és zavarba ejtő meglepetés fogadta ha elindították az ismert videómegosztó alkalmazást, vagy megnyitották annak honlapját böngészőjükben. A Google szolgáltatásának kezdőlapja ugyanis abszolút videók nélkül, vagy a felhasználó korábban tanúsított érdeklődésével gyakorlatilag nulla kapcsolatb Rendszeresen tartanak alkoholmámoros lakomákat a bissau-guineai csimpánzok Qubit     2025-04-22 11:01:57     Tudomány Alkohol Guinea A táplálékon egyébként ritkán osztozkodó főemlősök az etanolosan erjedő kenyérgyümölcs érésekor vendégelik meg egymást. Kiberbiztonsági cég vásárol hackerfórumokon fiókokat, hogy bűnözők után kémkedjen NKI     2025-04-22 06:51:05     Infotech Svájc Kiberbiztonság Hacker Kibertámadás Kémkedés A svájci Prodaft kiberbiztonsági cég új programja keretében hitelesített és régebbi hackerfórum-fiókokat vásárol, hogy információkat gyűjtsön a kiberbűnözőkről. Régi korok eltűnt medreire bukkantak a Sárköz földjén Index     2025-04-22 14:57:00     Tudomány A Föld napján debütál a Sárköz – Terra Benedicta – A Dunamentének áldott földje című rövidfilm. Így képzeli el Jézus Krisztust a mesterséges intelligencia ATV     2025-04-22 01:33:00     Külföld Olaszország Mesterséges intelligencia A mesterséges intelligencia a torinói lepel alapján fotórealisztikus képet, majd animációt készített arról, hogyan nézhetett ki Jézus Krisztus. Elszabadulhat a szuperintelligencia a Google exvezére szerint – Már csak 3-5 éve van a világnak felkészülni erre Médiapiac     2025-04-22 08:00:00     Infotech Mesterséges intelligencia Google Eric Schmidt, a Google korábbi vezérigazgatója nemrégiben aggasztó jóslatot tett a mesterséges intelligencia (MI) jövőjéről. Ez már a valóság: a NASA-nál épül az emberiség első Hold körüli űrállomása vg.hu     2025-04-22 07:01:00     Külföld Világűr NASA Űrállomás A Halo az első modulja a Gatewaynek, amely a Hold körüli otthonuk lesz az űrhajósoknak. A további adásainkat keresd a podcast.hirstart.hu oldalunkon.

Mandy Andress joins our show to discuss leveraging cyber liability insurance for risk reduction. They explore the importance of strong broker relationships and key steps for selecting or renewing a policy—starting with assessing organizational needs. Learn strategies to lower premiums while increasing coverage. Segment Resources: https://www.elastic.co/ This segment is sponsored by Sophos. Visit https://cisostoriespodcast.com/sophos to learn more about them! Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-211

Episode 540: Neal and Toby dive into Klarna's IPO filing and how the CEO has publicly embraced trading human work for AI. Then, the latest Trump policies have put the US dollar in a precarious position of losing its world dominance while the euro is rising up the ranks. Also, Spirit Airlines exits bankruptcy at a time where travelers are looking to leave Southwest for another low-budget airline. Perfect timing? Meanwhile, the weekend's winners are law schools and NASA astronauts Butch Wilmore and Suni Williams. Finally, what's coming up in the week ahead. Learn more at Sophos.com Subscribe to Morning Brew Daily for more of the news you need to start your day. Share the show with a friend, and leave us a review on your favorite podcast app. Listen to Morning Brew Daily Here: https://link.chtbl.com/MBD Watch Morning Brew Daily Here: https://www.youtube.com/@MorningBrewDailyShow Learn more about your ad choices. Visit megaphone.fm/adchoices

What happens when a healthcare giant's legal threats ignite a Streisand Effect wildfire… while a ransomware gang appears to ditch the dark web for postage stamps?Find out about this, and more, in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:'We wanted to help': Students arrested after exposing FreeHour security flaw - Times of Malta.Medusa ransomware gang demands $2M from UK private health services provider - DataBreaches.net.Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach - DataBreaches.net.HCRG Care's lawyers claimed an injunction issued in a “private” hearing required us to remove two posts. We didn't comply - DataBreaches.net.Security firm leaves more than five billion records exposed on unsecured database - Graham Cluley.After threatening me with legal action, Keepnet Labs finally issues statement over data breach - Graham Cluley.Sophos apologises for going legal on school techies - The Register.Mail Scam Targeting Corporate Executives Claims Ties to Ransomware - IC3.One of the nastiest ransomware groups around may have a whole new way of doing things - TechRadar.Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear - GuidePoint Security.Severance - Apple TV+.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:1Password Extended Access Management – Secure every sign-in for every app on every device.Palo Alto Networks - Get the 2025 Unit 42 Global Incident Response report to discover emerging threat trends, attacker tactics and expert recommendations to safeguard your business.

Con motivo de la 32ª edición del gran evento anual en España organizado por la Asociación nacional de la industria tecnológica Aslan, hemos realizado una tertulia centrada en la ciberseguridad y la IA. Sobre cómo la inteligencia artificial ha revolucionado todo y las amenazas y oportunidades que ofrece. Sobre ello han hablado Fernando Feliu, Executive Managing Director de Virtual Cable; Iván Mateos, Sales Engineer de Sophos; Alejandro Reyeros, Manager Channel Systems Engineer de Fortinet; y Eduardo Brenes, Territory Manager de Sonicwall.

In this episode of the Cyber Uncut podcast, Aaron Bugal, field chief technology officer at Sophos, sits down with host Liam Garman to talk about the fight against ransomware, the growing threat to Australian businesses, and what can be done to tackle the problem. The podcast opens with a discussion of ransomware trends and how cyber criminals choose their targets based on vulnerability and opportunity. Bugal then expands on how AI is a tool both for malicious actors and cyber defenders and explains how Sophos is deploying AI to help businesses better protect themselves from an array of threats. Garman and Bugal wrap up the podcast with some practical advice for Australian businesses and how they can prepare to face a critical cyber incident. Enjoy the podcast, The Cyber Uncut team

Overview: In this episode of the SMB Community Podcast, hosts James and Amy discuss effective strategies for making the most out of attending industry events. They highlight the importance of sitting with different people at meals, asking questions during sessions, and breaking the ice in socially awkward situations. The conversation shifts to upcoming events, the challenges of event attendance, and relevant industry news, including Sophos's recent layoffs and industry forecasts for 2025.      Chapter Markers:   00:00 Introduction and Welcome   01:44 MSP Question of the Week: How do you get the most out of industry events?    04:11 Networking Tips for Industry Events   08:10 Choosing the Right Events to Attend   13:41 CRN Magazine's 2025 Outlook    17:52 Sophos Acquisition and Layoffs   19:54 Local Event Highlights and Closing Remarks   New Book Release: I'm proud to announce the release of my new book, The Anthology of Cybersecurity Experts! This collection brings together 15 of the nation's top minds in cybersecurity, sharing real-world solutions to combat today's most pressing threats. Whether you're an MSP, IT leader, or simply passionate about protecting your data, this book is packed with expert advice to help you stay secure and ahead of the curve. Available now on Amazon! https://a.co/d/f2NKASI   Sponsor Memo: Since 2006, Kernan Consulting has been through over 30 transactions in mergers & acquisitions - and just this past year, we have been involved in six (6). If you are interested in either buying, selling, or valuation information, please reach out. There is alot of activity and you can be a part of it. For more information, reach out at kernanconsulting.com

Slide, a new backup and disaster recovery appliance designed for managed service providers, was introduced by former Datto founders Austin McCord and Michael Fass at the right-of-boom cybersecurity conference in Las Vegas. The appliance, which is slightly larger than an Apple Mac Studio, boasts a storage capacity of up to 16 terabytes and operates at speeds capable of saturating a 10-gigabit network connection. McCord emphasized the appliance's speed and efficiency, claiming it is significantly faster than existing market solutions. The founders aim to foster a culture of connection and support, allowing users to easily cancel their service with a single click, which they view as a reflection of a customer-centric philosophy.Apple has unveiled its first in-house cellular modem, the C1, which will debut in the iPhone 16E, marking a significant step away from reliance on Qualcomm chips. The C1 modem is touted as the most power-efficient modem ever included in an iPhone, promising reliable 5G connectivity. While the iPhone 16 and 16 Pro will continue to use Qualcomm technology for the time being, Apple is strategically testing the C1 modem in a budget model to assess its performance without risking issues for premium users. This move aligns with Apple's broader goal of controlling its hardware stack and optimizing performance across its devices.In the realm of artificial intelligence, xAI has launched Grok 3, a new model that boasts enhanced capabilities and has been trained on a significantly larger dataset. Grok 3 has achieved impressive scores on various benchmarks, including math performance, and features a deep search capability that enhances its reasoning. However, early testing has revealed some limitations, such as citation accuracy and humor comprehension. The company plans to open-source Grok 2 to address previous criticisms regarding biases, while also introducing a new subscription plan for Grok 3.Lastly, the podcast discusses potential acquisition talks surrounding Trend Micro, a Japanese cybersecurity firm, which is reportedly valued at approximately $8.54 billion. The discussions involve several private equity firms, and if the acquisition goes through, it could lead to significant changes in Trend Micro's product roadmap and support structure. Additionally, Sophos has announced a partnership with Pax8 to streamline security management for service providers, indicating a trend towards consolidating vendor relationships in the cybersecurity space. This partnership aims to simplify access to a wide range of security solutions, although it remains to be seen whether Sophos can effectively compete with existing offerings in the marketplace. Four things to know today 00:00 Cancel Anytime with One Click? Slide's Backup Solution Calls Out the Industry's Biggest Flaws04:21 Apple Unveils C1 Modem in iPhone 16e, Taking First Steps Away from Qualcomm06:19 xAI's Grok 3 Hits the Scene with More Power, More Data, and… More Questions08:37 Big Money Meets Big Security: Trend Micro Buyout Talks Heat Up While Sophos Joins the Pax8 Party Supported by:  https://www.huntress.com/mspradio/https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Ransomware payments saw a 35% decline in 2024—what's driving the drop? Sophos finalizes its $859 million acquisition of SecureWorks, signaling more M&A activity in cybersecurity for 2025. Plus, DeepSeek AI is gaining traction in healthcare, but its data policies raise serious concerns.Remember, Stay a Little Paranoid Subscribe: This Week Health Twitter: This Week Health LinkedIn: Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.From earlier this week, The Docker Systems Status page reports an ongoing issue affecting Docker Desktop on macOS, where malware alerts are triggered by macOS identifying com.docker.vmnetd or com.docker.socket as potential threats. SafeBreach Labs has released a proof-of-concept (PoC) exploit for CVE-2024-49113, a critical vulnerability in the Lightweight Directory Access Protocol (LDAP) that impacts unpatched Windows Servers, including Active Directory Domain Controllers (DCs).The Halcyon RISE team has uncovered a novel ransomware campaign targeting Amazon S3 buckets, exploiting AWS's Server-Side Encryption with Customer-Provided Keys (SSE-C).A recent campaign has been targeting Fortinet FortiGate firewalls with exposed management interfaces, likely exploiting a zero-day vulnerability to gain unauthorized administrative access. Sophos recently reported on two distinct ransomware campaigns utilizing unique techniques to pressure victims and evade detection.

President Trump rolls back AI regulations and throws TikTok a lifeline. Attackers pose as Ukraine's CERT-UA tech support. A critical vulnerability is found in the Brave browser. Sophos observes hacking groups abusing Microsoft 365 services and exploiting default Microsoft Teams settings. Researchers uncover critical flaws in tunneling protocols. A breach exposes personal information of thousands of students and educators. Oracle patches 320 security vulnerabilities. Kaspersky reveals over a dozen vulnerabilities in a Mercedes-Benz infotainment system. Tim Starks from CyberScoop discusses executive orders on cybersecurity and the future of CISA. We preview coming episodes of Threat Vector.  Honesty isn't always the best policy.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector podcast preview today:  IoT devices are everywhere, with billions deployed globally in industries like healthcare, manufacturing, and critical infrastructure. But this explosion of connectivity brings unprecedented security challenges. Host David Moulton speaks with Dr. May Wang, CTO of IoT Security at Palo Alto Networks, about how AI is transforming IoT security. Stay tuned for the full conversation this Thursday.  CyberWire Guest Our guest is Tim Starks from CyberScoop discussing executive orders on cybersecurity and the future of CISA. You can read Tim's article on the recent Biden EO here.   Selected Reading Trump revokes Biden executive order on addressing AI risks (Reuters) TikTok is back up in the US after Trump says he will extend deadline (Bleeping Computer) Hackers impersonate Ukraine's CERT to trick people into allowing computer access (The Record)  Brave Browser Vulnerability Let Malicious Website Mimic as Legitimate One (Cyber Security News)  Ransomware Groups Abuse Microsoft Services for Initial Access (SecurityWeek) Tunneling Flaws Put VPNs, CDNs and Routers at Risk Globally (Hackread) Students, Educators Impacted by PowerSchool Data Breach (SecurityWeek) Oracle To Address 320 Vulnerabilities in January Patch Update (Infosecurity Magazine) Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities (SecurityWeek) Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes (SecurityWeek) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Hi again! (You got my note, right?) Off we go with a big bunch of Holding Tank goodness. It even gets a little funky… Start      Colin Rayment, Time Stands Still, Time Dilation11.29     John Scott Shepherd, Shifting Dreamscapes, Corridors Of The Mind16.01     Sophos, Systema Naturae (excerpt), Paradoxa28.54     Tobi Morare, Riptide, Whiplash31.10  […]

Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant cybersecurity updates, including the indictment of a Chinese hacker involved in attacks on Sophos firewalls. They explore the growing competition from Chinese electric vehicle manufacturers and the vulnerabilities of digital license plates. The conversation also covers the investigation into TP-Link routers due to national security concerns and the launch of a free tier for GitHub Copilot, enhancing accessibility for developers. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠https://youtu.be/_xXm3Gdr6rg⁠ ---------------------------------------------------- Documentation: https://www.justice.gov/opa/pr/china-based-hacker-charged-conspiring-develop-and-deploy-malware-exploited-tens-thousands https://www.wired.com/story/digital-license-plate-jailbreak-hack/ https://9to5mac.com/2024/12/18/most-popular-home-internet-routers-in-us-may-be-banned-as-national-security-risk/ https://github.blog/news-insights/product-news/github-copilot-in-vscode-free/ ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠ ---------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Russian hackers attack Ukraine's state registers. NotLockBit is a new ransomware strain targeting macOS and Windows. Sophos discloses three critical vulnerabilities in its Firewall product. The BadBox botnet infects over 190,000 Android devices. BeyondTrust patches two critical vulnerabilities. Hackers stole $2.2 billion from cryptocurrency platforms in 2024. Officials dismantle a live sports streaming piracy ring. Rockwell Automation patches critical vulnerabilities in a device used for energy control in industrial systems. A new report from Dragos highlights ransomware groups targeting industrial sectors. A Ukrainian national is sentenced to 60 months in prison for distributing the Raccoon Infostealer malware. We bid a fond farewell to our colleague Rick Howard, who's retiring after years of inspiring leadership, wisdom, and camaraderie. The LockBit gang tease what's yet to come.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest segment is bittersweet as we bid farewell to our beloved Rick Howard, who's retiring after years of inspiring leadership, wisdom, and camaraderie. Join us in celebrating his incredible journey, sharing heartfelt memories, and letting him know just how deeply he'll be missed by all of us here at N2K. Selected Reading Ukraine's state registers hit with one of Russia's largest cyberattacks, officials say (The Record) NotLockBit - Previously Unknown Ransomware Attack Windows & macOS (GB Hackers) Critical Sophos Firewall Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News) Botnet of 190,000 BadBox-Infected Android Devices Discovered (SecurityWeek) BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) (SOCRadar) Crypto-Hackers Steal $2.2bn as North Koreans Dominate (Infosecurity Magazine) Massive live sports piracy ring with 812 million yearly visits taken offline (Bleeping Computer) Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems (SecurityWeek) Ransomware Attackers Target Industries with Low Downtime Tolerance (Infosecurity Magazine) Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US (SecurityWeek) NetWalker Ransomware Operator Sentenced For Hacking Hundreds Of Organizations (Cyber Security News) LockBit Admins Tease a New Ransomware Version (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Real change isn't just about new tech. It's about people and how they work. For over 10 years, Pragati Sinh has helped companies across diverse industries make big changes with business and digital transformation projects. Prior to striking out on her own, she has worked with brands like Google, Sophos, Dunkin' Brands, Victoria's Secret, and Manulife Financial. As a Business Change Strategist, here's what she does: ✅ Look at the whole picture ✅ Help people get on board ✅ Make sure the changes stick ✅ Use numbers to show the change is working And I get to share space with another incredible guest at the Love Learning You podcast! Connect with Pragati on LinkedIN: https://www.linkedin.com/in/pragatisinha/

Microsoft MFA bypassed in AuthQuake attack Cybercrime marketplace Rydox taken down U.S. charges Chinese national for hacking thousands of Sophos firewall devices Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com. For the stories behind the headlines, head of CISOSeries.com.

Immer wieder berichten wir im heise Newsticker über APT-Angriffe gegen Firewalls und Security Appliances und deren teilweise haarsträubende Sicherheitslücken. Ein großer Hersteller solcher Geräte hat nun kurzerhand den Spieß umgedreht und seine Geräte in einigigen Fällen zu Lausch-Stationen umfunktioniert. Und zwar in China, wo sie offenbar von Exploit-Herstellern als Testgeräte für deren Malware genutzt wurden. Welches jahrelange Katz-und-Maus-Spiel der Hackback-Aktion vorausging und warum sie dieses Vorgehen für nicht ganz unproblematisch halten, diskutieren Sylvester und Christopher in der zwanzigsten "Passwort"-Folge. - [Diamond Model of Intrusion Analysis](https://www.threatintel.academy/wp-content/uploads/2020/07/diamond_summary.pdf) - [Timeline Pacific Rim](https://news.sophos.com/en-us/2024/10/31/pacific-rim-timeline/) - [Sophos-CISO Ross McKerchaw im Interview](https://youtu.be/QDh5-ZL3nis?t=1352) Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort

In this episode of Breaking Badness, we explore two fascinating cybersecurity stories. First, we delve into the unusual case of an ex-Disney employee who hacked menu systems, creating chaos in the happiest place on Earth. Next, we discuss Sophos' five-year-long battle with a determined group of attackers targeting their firewalls. Tune in as we break down the insider threat at Disney, the lessons learned from Sophos' transparency, and what it all means for the future of cybersecurity. Plus, don't miss our signature Gold, Guidance, and Grievances segment for unique insights and takeaways.

Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the recent T-Mobile breach attributed to Chinese state-sponsored hackers, emphasizing the importance of parsing corporate statements. They delve into the implications of cybersecurity threats, referencing a Sophos report detailing a five-year cat-and-mouse game with Chinese attackers. The conversation shifts to the rise of the new social media platform, Bluesky, exploring its potential to attract users from Twitter and its unique features. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠ ---------------------------------------------------- Documentation: https://www.cisa.gov/news-events/news/joint-statement-fbi-and-cisa-peoples-republic-china-prc-targeting-commercial-telecommunications https://www.sophos.com/en-us/content/pacific-rim https://www.bbc.com/news/articles/c8dm0ljg4y6o ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠ ---------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.MFASweep is a PowerShell script that attempts to log in to various Microsoft services using a provided set of credentials and will attempt to identify if MFA is enabled. CVE2CAPEC is a tool developed by Galeax that automates the process of mapping Common Vulnerabilities and Exposures (CVEs) to Common Weakness Enumerations (CWEs), Common Attack Pattern Enumeration and Classification (CAPEC), and MITRE ATT&CK Techniques.This tool helps security researchers identify vulnerabilities within macOS's sandbox restrictions, particularly targeting XPC services in the PID domain marked as "Application" services, which often lack adequate protection.Zscaler's recent blog discusses how North Korean IT professionals are increasingly finding remote work in Western companies, often under disguised identities.In a recent campaign, GootLoader malware has been targeting Bengal cat enthusiasts in Australia using SEO poisoning tactics.After a multi-month absence, the malware loader FakeBat—also known as Eugenloader or PaykLoader—has resurfaced, distributing malware through Google Ads, with a recent campaign exploiting ads for the popular app Notion.Over the past five years, Sophos has been engaged in a complex battle against Chinese state-sponsored cyber adversaries targeting its firewall products. This prolonged engagement, detailed in Sophos' "Pacific Rim" report, reveals a series of sophisticated attacks aimed at exploiting vulnerabilities in internet-facing devices, particularly those within critical infrastructure sectors across South and Southeast Asia.

Arion Kurtaj, a teenager from the UK, amassed a fortune through audacious cybercrimes. From stealing Grand Theft Auto 6 secrets to erasing Brazil's COVID vaccination data, his exploits were legendary. But his hacking spree took a bizarre turn when he was placed under police protection... in a Travelodge outside Oxford.Plus Bengal cat lovers in Australia should be on their guard, as your furry feline friends might be leading you into a dangerous trap., and there's yet more headaches for troubled 23andMe.All this and much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.Plus don't miss our featured interview with Paul Fryer from BlackBerry.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:FBI issues warning as crooks ramp up emergency data request scams - The Register.Optimistic father of LAPSUS$ hacking suspect says he's going to try to stop him using computers - Graham Cluley.LAPSUS$: GTA 6 hacker handed indefinite hospital order - BBC News.This Teenage Hacker Became a Legend Attacking Companies. Then His Rivals Attacked Him - Wall Street Journal.Bengal cat lovers in Australia get psspsspss'd in Google-driven Gootloader campaign - Sophos.Struggling DNA-testing site 23andMe to lay off 40% of its workers - BBC News.Remember That DNA You Gave 23andMe? - The Atlantic.Big Pharma Would Like Your DNA - The Atlantic.Addressing Data Security Concerns - Action Plan - 23andMe Blog.YTCH - YouTube-like cable TV.Space: 1999 opening titles - YouTube.Space: 1999 - Wikipedia.Wicked movie: Mattel 'deeply regrets' porn site misprint on dolls - BBC News.The Wicked Movie - Official Wicked Movie site.Mattel's 'Wicked' Movie Dolls Mistakenly List Porn Site on Packaging - Variety.Smashing Security merchandise (t-shirts, mugs,...

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Ken Athanasiou, CISO, VF Corporation Thanks to our show sponsor, Vanta As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews. Visit vanta.com to learn more about Questionnaire Automation. All links and the video of this episode can be found on CISO Series.com    

In this podcast Tom Uren and Patrick Gray talk about the Snowflake hack after the person allegedly responsible was arrested in Canada. Telegram is involved at all sorts of levels and Tom wonders if this crime would have occurred if Telegram didn't exist. They also discuss the impact of the Chinese hack of US telcos and Sophos' five-year cyber knife fight with Chinese APT crews. This episode is also available on Youtube.

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Sophos drops implants on Chinese firewall exploit devs Microsoft workshops better just-in-time Windows admin privileges Snowflake hacker arrested in Canada Okta has a fun, but not very impactful auth-bypass bug Russians bring dumb-but-smart RDP client attacks And much, much more. Special guest Sophos CISO Ross McKerchar joined us to talk about its “hacking back” campaign. The full interview is available on Youtube for those who want to really live vicariously through Sophos doing what every vendor probably wants to do. This week's episode is sponsored by attack surface mapping vendor runZero. Founder and CEO HD Moore joins to talk about marrying up the outside and inside views of your network. You can also watch this episode on Youtube Show notes Okta AD/LDAP Delegated Authentication - Username Above 52 Characters Security Advisory Does bcrypt have a maximum password length? - Information Security Stack Exchange Local Administrator Protection | Privilege Protection Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices | WIRED A Deeper Look at FortiJump (FortiManager CVE-2024-47575) | Bishop Fox Man Arrested for Snowflake Hacking Spree Faces US Extradition | WIRED Google uses large language model to discover real-world vulnerability GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI Thousands of hacked TP-Link routers used in yearslong account takeover attacks - Ars Technica CISA warns of foreign threat group launching spearphishing campaign using malicious RDP files | Cybersecurity Dive Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns India-Canada row: Canadian officials confess to leaking 'intel' against India to Washington Post - India Today Amid diplomatic row, Canada names India in ‘cyberthreat adversary' list, accuses it of ‘likely spying' | World News - The Indian Express The Untold Story of Trump's Failed Attempt to Overthrow Venezuela's President | WIRED Risky Biz News: The mystery at Mango Park North Korean hackers seen collaborating with Play ransomware group, researchers say

Forecast: CYBER WEATHER ALERT | Volt Typhoon bringing sustained APT activity across the Pacific Rim. Expect persistent perimeter probing with a 100% chance of state-sponsored shenanigans. Pack your EDR umbrella! ‍ This week's episode tackles a disturbing story from Disney World where a terminated employee allegedly hacked into their menu system to alter critical peanut allergy information. We dig into the attack details then don our tin-foil hats to explore the potential real-world consequences of malicious insider threats. We're excited to share Sophos' latest research on Pacific Rim, an extensive investigation into nation-state adversaries targeting edge devices. We hone in on this event through the filter of GreyNoise's analysis of this multi-year APT campaigns, and show you live threat data through the GreyNoise Visualizer to demonstrate the ongoing nature of these attacks. VulnCheck brings us two fascinating pieces - a deep examination of ABB vulnerabilities affecting industrial control systems, and an innovative new command-and-control feature called ShellTunnel in the go-exploit framework. GreyNoise has been especially busy, uncovering zero-day vulnerabilities in live streaming cameras using AI assistance. We'll discuss their technical breakdown of CVE-2024-8956 and CVE-2024-8957, which CISA just added to their Known Exploited Vulnerabilities catalog. The October NoiseLetter is out with the latest threat intelligence insights, and don't miss upcoming events including the Quarterly Roadmap Showcase and a special webinar on discovering zero-days with AI. Storm Watch Homepage >> Learn more about GreyNoise >>  

Three Buddy Problem - Episode 19: We explore Ivan Kwiatkowski's essay on the limits of threat intelligence, Sophos using kernel implants to surveil Chinese hackers, the concept of ‘hack-back' and legal implications, geopolitical layers of cyber espionage, CIA malware in Venezuela, Vatican/Mossad mentioned in high-profile Italy hacks, and Canada bracing for .gov attacks from India. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek).

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here. Show notes Risky Biz News: US removes Sandvine from sanctions list after pinky promise

CISA spins up an election operations war room. Microsoft neglected to restrict access to gender-detecting AI. Yahoo uncovers vulnerabilities in OpenText's NetIQ iManager. QNAP issues urgent patches for its NAS devices. Sysdig uncovers Emerald Whale. A malvertising campaign exploits Meta's ad platform to spread the SYS01 infostealer. Senator Ron Wyden wants to tighten rules aimed at preventing U.S. technologies from reaching repressive regimes. Researchers use AI to uncover an IoT zero-day. Sophos reveals a five year battle with firewall hackers. Our guest is Frederico Hakamine, Technology Evangelist from Axonius, talking about how threats both overlap and differ across individuals and critical infrastructure. Be afraid of spooky data. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Frederico Hakamine, Technology Evangelist from Axonius, talking about how threats both overlap and differ across individuals and critical infrastructure. Selected Reading CISA Opens Election War Room to Combat Escalating Threats (GovInfo Security) Agencies face ‘inflection point' ahead of looming zero-trust deadline, CISA official says (CyberScoop) Microsoft Provided Gender Detection AI on Accident (404 Media) Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution (SecurityWeek) QNAP patches critical SQLi flaw (Beyond Machines) EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files (Sysdig) Fake Meta Ads Hijacking Facebook Accounts to Spread SYS01 Infostealer (Hackread) Exclusive: Senator calls on Commerce to tighten proposed rules on exporting surveillance, hacking tech to problematic nations (CyberScoop) GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI (GreyNoise)  Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices (WIRED) Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats (Sophos News) Spooky Data at a Distance (LinkedIn) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

00:00:00 - PreShow Banter™ — Log Con00:11:41 - BHIS - Talkin' Bout [infosec] News 2024-10-2100:12:51 - Story # 1: Internet Archive exposed again – this time through Zendesk00:14:57 - Story # 1b: Hackers steal information from 31 million Internet Archive users00:20:42 - Story # 2: Sophos buys Secureworks for $859 mln to beef up cybersecurity portfolio00:24:21 - Story # 3: USDoD hacker behind National Public Data breach arrested in Brazil00:27:12 - Story # 4: Debunking Hype: China Hasn't Broken Military Encryption With Quantum00:32:14 - Story # 5: Microsoft said it lost weeks of security logs for its customers' cloud products00:35:03 - Story # 6: Should We Chat, Too? FAQ00:40:05 - Story # 7: More than two dozen countries have used internet outages to sway elections00:43:50 - Story # 8: Pokemon dev Game Freak confirms breach after stolen data leaks online00:46:32 - Story # 9: Hackers made robot vacuums randomly yell racial slurs00:49:19 - Story # 9b: We hacked a robot vacuum — and could watch live through its camera00:50:19 - Story # 10: The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks00:54:55 - Story # 11: Google's Chrome Browser Starts Disabling uBlock Origin01:01:00 - WWHF Recorvery

This week, we talk about Anthropic's new AI agent, cloud exits, and why BMC is splitting up. Plus, a quick update on the WordPress drama and some thoughts on Amsterdam's autumn weather. Watch the YouTube Live Recording of Episode (https://www.youtube.com/watch?v=kNQ8Bf-lfys) 490 (https://www.youtube.com/watch?v=kNQ8Bf-lfys) Runner-up Titles The Abyss Looks Into You ROI Stuff RTO Agent Rundown AI Agents The AI agents have arrived (https://www.platformer.news/anthropic-ai-agents-computer-use-consequences/?ref=platformer-newsletter) Amazon-backed Anthropic debuts AI agents that can do complex tasks, racing against OpenAI, Microsoft and Google (https://www.cnbc.com/2024/10/22/anthropic-announces-ai-agents-for-complex-tasks-racing-openai.html) Amazon-backed Anthropic debuts AI agents that can do complex tasks, racing against OpenAI, Microsoft and Google (https://www.cnbc.com/2024/10/22/anthropic-announces-ai-agents-for-complex-tasks-racing-openai.html) Wordpress Open source royalty and mad kings (https://world.hey.com/dhh/open-source-royalty-and-mad-kings-a8f79d16?utm_source=changelog-news) Casey Newton on Mullenweg (https://www.threads.net/@crumbler/post/DBHn6SIzPhd?xmt=AQGzYYKRz15k-2EYpfAqrwLcuO5a2HhwzbUZBCbGWhnvsg) Employees Describe an Environment of Paranoia and Fear Inside Automattic Over WordPress Chaos (https://www.404media.co/automattic-buyout-offer-wordpress-matt-mullenweg/) Cloud Exits Warren Buffett's GEICO repatriates work from the cloud (https://www.thestack.technology/warren-buffetts-geico-repatriates-work-from-the-cloud-continues-ambitious-infrastructure-overhaul/) Basecamp-maker 37Signals says its “cloud exit” will save it $10M over 5 years (https://arstechnica.com/information-technology/2024/10/basecamp-maker-37signals-says-its-cloud-exit-will-save-it-10m-over-5-years/) There's a lot of private cloud out there (https://newsletter.cote.io/p/theres-a-lot-of-private-cloud-out) BMC BMC Announces the Creation of Two Independent Companies (https://www.bmc.com/newsroom/releases/bmc-announces-the-creation-of-two-independent-companies.html) Doubling down on AI and splitting at BMC Connect 2024 (https://siliconangle.com/2024/10/21/doubling-ai-splitting-bmc-connect-2024/) Relevant to your Interests #1046 OpenCost Incubation Proposal (https://github.com/cncf/toc/pull/1046) US Weighs Google Breakup in Historic Big Tech Antitrust Case (https://www.bloomberg.com/news/articles/2024-10-09/us-says-it-s-weighing-google-breakup-as-remedy-in-monopoly-case) ChatGPT Crossed a Revenue Milestone and (Re)Started a Gold Rush (https://appfigures.com/resources/insights/20241004/4-chatgpt-crossed-a-revenue-milestone-and-(re)started-a-gold-rush) Ask HN: What happens to “.io” TLD after UK gives back the Chagos Islands? (https://simonwillison.net/2024/Oct/3/what-happens-to-io-after-uk-gives-back-chagos/) From AOL Time Warner to DirecTV and Dish: 20 years of media mergers (https://www.theverge.com/2024/10/4/24259360/directv-dish-merger-timeline-aol-timewarner) AT&T claims VMware offered it a 1,050 percent price rise (https://www.theregister.com/2024/10/01/att_broadcom_filings_update/) CEO Kurian: 'When I Started, Most People Told Me We Didn't Have a Chance' (https://accelerationeconomy.com/cloud-wars/ceo-kurian-when-i-started-most-people-told-me-we-didnt-have-a-chance/) AMD looks to new chips to grab share from Intel, Nvidia (https://www.axios.com/2024/10/10/amd-new-chips-intel-nvidia-ai) The list of major companies requiring employees to return to the office (https://www.businessinsider.com/companies-requiring-return-to-office-rto-mandate) Avoiding a Geopolitical Open Source Apocalypse (https://thenewstack.io/avoiding-a-geopolitical-open-source-apocalypse/) Overview of current needs and possibilities in enterprise-y FinOps (https://amalgaminsights.com/2024/10/14/the-evolution-and-expansion-of-it-finops/) Ward Christensen, BBS inventor and architect of our online age, dies at age 78 (https://arstechnica.com/gadgets/2024/10/ward-christensen-bbs-inventor-and-architect-of-our-online-age-dies-at-age-78/) Eric Schmidt on electronic warfare (https://x.com/tsarnick/status/1846300559374274904) 700 Ubisoft workers go on three-day strike to protest company's new return-to-office policy (https://gameworldobserver.com/2024/10/16/ubisoft-strike-remote-work-over-700-workers) Amazon's cloud boss on Thursday told employees who are unhappy with the company's new five-day in-office mandate they can leave for other companies. (https://www.threads.net/@cnbc/post/DBQ_E_gOuJw?xmt=AQGzlsObxUnGC2bk5CE_t4sW-QL_NQDcsH5QyN3SuCe43Q) Invisible text that AI chatbots understand and humans can't? Yep, it's a thing. (https://arstechnica.com/security/2024/10/ai-chatbots-can-read-and-write-invisible-text-creating-an-ideal-covert-channel/) Tesla Caught Using a Lazy Video Editing Trick to Make Its "Autonomous" Robots Look More Capable (https://futurism.com/the-byte/tesla-sped-up-video-optimus-robots) How Google is changing to compete with ChatGPT (https://www.theverge.com/2024/10/18/24273748/google-deepmind-gemini-search-chaptgpt-meta-ai-interview) Perplexity is reportedly looking to fundraise at an $8B valuation (https://techcrunch.com/2024/10/20/perplexity-is-reportedly-looking-to-fundraise-at-an-8b-valuation/) Sophos to Acquire Secureworks to Accelerate Cybersecurity Services and Technology for Organizations Worldwide (https://www.secureworks.com/about/press/sophos-to-acquire-secureworks) Chick-fil-A is releasing its own entertainment app, with family-friendly shows and podcasts (https://www.cnbc.com/2024/10/21/chick-fil-a-to-release-entertainment-app-play-with-shows-and-podcasts.html) Passwords have problems, but passkeys have more (https://world.hey.com/dhh/passwords-have-problems-but-passkeys-have-more-95285df9) Foursquare is killing its city guide app to focus on the check-in app Swarm (https://www.engadget.com/social-media/foursquare-is-killing-its-city-guide-app-to-focus-on-the-check-in-app-swarm-191054153.html) Citi reaps rewards from modernization investments (https://www.ciodive.com/news/citi-bank-digital-transformation-returns-cloud-legacy-applications/729929/) Comic Sans Got the Last Laugh (https://www.theatlantic.com/technology/archive/2024/10/comic-sans-debate/680319/?gift=201cWZnM2XBz2eP81zy0pGR9oxa-0Q1yRNNAyEiZV9s&utm_source=copy-link&utm_medium=social&utm_campaign=share) How Wiz Became the Fastest Software Company to Hit $500M & Its Path to $1B (https://softwareanalyst.substack.com/p/the-wiz-playbook-how-they-dominated) In a global first, quantum computers crack RSA and AES data encryption (https://www.thebrighterside.news/post/in-a-global-first-quantum-computers-crack-rsa-and-aes-data-encryption/) Google Executive Overseeing Search and Advertising Leaves Role (https://www.wsj.com/tech/google-executive-overseeing-search-and-advertising-leaves-role-7aaa7906) Google replaces executive in charge of Search and advertising (https://techcrunch.com/2024/10/17/google-replaces-executive-in-charge-of-search-and-advertising/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAADaAH8SfXbYvJfExfrdTBCk3FQFLK5Tq4uwcyTdvNqH_if1EMb7BiTaIutkBk7E_gi_XolToB8zShW4zMyhXnB3msBJgykhphfBnPzeDtrLww3XP-wNSyUDOl5UIOKZayfYH4AiVuRcNK835OQmS1p-grIHDeizDm3nlSEB9e55j) Concerns Raised Over Bitwarden Moving Further Away From Open-Source (https://www.phoronix.com/news/Bitwarden-Open-Source-Concerns) Intel and AMD are unlikely allies in new x86 ecosystem advisory group – "we'll remain fierce competitors" (https://www.tomshardware.com/pc-components/cpus/intel-and-amd-forge-x86-ecosystem-advisory-group-that-aims-to-ensure-a-unified-isa-moving-forward) The RVA23 profile is now ratified, so RISC-V gets satisfied (https://www.theregister.com/2024/10/23/rva23_profile_ratified/) Twitter users flock to Bluesky as 500,000 join in a day amid controversial blocking changes (https://www.financialexpress.com/life/technology-twitter-users-flock-to-bluesky-as-500000-join-in-a-day-amid-controversial-blocking-changes-3643898/) Nvidia's Blackwell AI Processors Are Sold Out For Next 12 Months (https://www.investors.com/news/technology/nvidia-stock-nvda-blackwell-on-schedule/) Announcing Amazon ElastiCache for Valkey - AWS (https://aws.amazon.com/about-aws/whats-new/2024/10/amazon-elasticache-valkey/) Nonsense What the Waffle House Index says about Hurricane Milton (https://www.pbs.org/newshour/science/what-the-waffle-house-index-says-about-hurricane-milton) Waffle House (@WaffleHouse) on X (https://x.com/WaffleHouse/status/1844438764547932507) The Hustlers Who Make $6,000 a Month by Gaming Citi Bikes (https://www.nytimes.com/2024/09/19/nyregion/citi-bike-scam-nyc.html?unlocked_article_code=1.RE4.D83k.4gVrI1ujtLw4&smid=url-share) The VW ID. Buzz was worth the seven-year wait (https://arstechnica.com/cars/2024/10/driving-the-2025-vw-id-buzz-was-worth-the-seven-year-wait/) Listener Feedback World's Largest Buffalo Monument (https://discoverjamestownnd.com/fun-things-to-do-in-jamestown-nd/all-things-buffalo/worlds-largest-buffalo-monument/) 20+ of Canada's Largest Roadside Attractions (https://www.readersdigest.ca/travel/canada/canadas-10-biggest-things/) Our big things vs their big things (https://www.nzherald.co.nz/travel/our-big-things-vs-their-big-things/HXA3VDO7GFRWPH3WJ2MXX3JRD4/) Conferences VMware Explore Barcelona (https://www.vmware.com/explore/eu), Nov 4-7, 2024, Coté speaking. GoTech World (https://www.gotech.world/), Bucharest, Nov 12- 13, 2204, Coté speaking. SREday Amsterdam (https://sreday.com/2024-amsterdam/), Nov 21, 2024, Coté speaking (https://sreday.com/2024-amsterdam/Michael_Cote_VMwarePivotal_We_Fear_Change), 20% off with code SRE20DAY DevOpsDayLA (https://www.socallinuxexpo.org/scale/22x/events/devopsday-la) at SCALE22x (https://www.socallinuxexpo.org/scale/22x), March 6-9, 2025, discount code DEVOP SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: Tailscale (https://tailscale.com) Ozlo Sleepbuds hands-on: resurrected and I've slept so good (https://www.theverge.com/2024/10/22/24275875/ozlo-sleepbuds-hands-on-bose-wearables-sleep-tracking) Coté: Hire Caleb (https://www.linkedin.com/feed/update/urn:li:activity:7250088425121267713/) Marques (https://www.linkedin.com/feed/update/urn:li:activity:7250088425121267713/) as an Cybersecurity Intern (Coté's N (https://www.linkedin.com/feed/update/urn:li:activity:7250088425121267713/)ephew (https://www.linkedin.com/feed/update/urn:li:activity:7250088425121267713/)) (https://www.linkedin.com/feed/update/urn:li:activity:7250088425121267713/) (https://www.linkedin.com/feed/update/urn:li:activity:7250088425121267713/) What Artists Wear (https://www.goodreads.com/book/show/58999216-what-artists-wear), Charlie Porter (much better cover on Penguin edition (https://www.penguin.co.uk/books/314590/what-artists-wear-by-porter-charlie/9780141991252)) Photo Credits Header (https://unsplash.com/photos/conjunction-bridge-under-white-sky-1JWmFju8vVg) Artwork (https://unsplash.com/photos/black-and-white-robot-toy-on-red-wooden-table-zwd435-ewb4)

On this episode of the podcast, I cover new developments in AI, security concerns for SolarWinds customers and much more! Reference Links: https://www.rorymon.com/blog/new-copilot-agents-announced-new-sophos-acquisition-microsoft-loses-customer-logs/

Marcos Godoy se suma a Tangente de Cultura con Juan Pablo Dardon y hablarán una vez al mes sobre gastronomía, arte, cultura y filosofía de la comida. Hoy presentan la historia del fiambre. No se lo pierdan #TangenteAlaMesa Gracias a nuestros patrocinadores: Sophos: https://www.sophosenlinea.com/ Bravecto: Party Smart: http://himalaya.com.gt/es/products/partysmart.htm San Miguel: https://sanmiguelmadera.com/productos/ Síguenos en nuestras redes sociales: Whatsapp: https://whatsapp.com/channel/0029VaFGJYN7z4ko8qL0Rk3U Spotify: https://open.spotify.com/show/6nwrSBjxwubm0nJlEDoJdD?si=c1759488729a4fbe Tiktok: https://www.tiktok.com/@tangentepodcast Twitter: https://twitter.com/tangentegt Facebook: https://www.facebook.com/TanGenteGt Instagram: https://www.instagram.com/tangente_gt

At Open Compute Summit this past week, key trends shaping the future of computing and infrastructure were discussed. One major concern is the global data center energy consumption, which is projected to triple by 2030, highlighting the urgent need for more efficient energy solutions. As technology advances, the shift from a 3nm process to a 2nm process is proving costly, with design costs estimated to reach a staggering $725 million, according to ARM. In response to both power demands and design challenges, liquid cooling is gaining momentum, emerging as a vital technology to improve efficiency and manage the increasing heat output from advanced computing systems. Time Stamps: 0:00 - Welcome to the Rundown 1:36 - BMC Starts Two New Companies 4:06 - CEO Indicted for Fraud 7:10 - Microsoft goes agentic AI 10:37 - Amazon Teams Up with US Department of Justice 14:30 - Perplexity Is getting Sued by Media Giants 16:44 - Sophos Acuires Secureworks 20:00 - Exciting Developments from Open Compute Summit 31:41 - The Weeks Ahead 32:56 - Thanks for Watching Hosts: Tom Hollingsworth: https://www.linkedin.com/in/networkingnerd/ Jon Swartz: https://www.linkedin.com/in/jonswartz/ Follow Gestalt IT Website: https://www.GestaltIT.com/ Twitter: https://www.twitter.com/GestaltIT LinkedIn: https://www.linkedin.com/company/Gestalt-IT #Rundown, #OCPSummit24, #AgenticAI, @NetworkingNerd, @JSwartz, @GestaltIT, @TechstrongGroup, @TechstrongTV, @TheFuturumGroup, @BMCSoftware, @Microsoft, @AWSCloud, @Sophos, @Secureworks, @perplexity_ai, @OpenComputePrj,

Sophos to acquire Secureworks, Microsoft announces 10 new AI agents, DJI sues the US Department of Defense for being listed as a “Chinese military company.” MP3 Please SUBSCRIBE HERE. You can get an ad-free feed of Daily Tech Headlines for $3 a month here. A special thanks to all our supporters–without you, none of thisContinue reading "iOS 18.1 Will Include Using Airpods Pro 2 As Hearing Aids – DTH"

Podcast: Error Code (LS 26 · TOP 10% what is this?)Episode: EP 47: Hacking Smart BuildingsPub date: 2024-10-08If you are in IT, you are probably not thinking about the risks associated with the Otis Elevator or the Coke machine. Maybe you should. Chester Wisnieski, the director and global field CTO at Sophos, points out that IoT devices, big and small, create an outsized threat to any organization. And that's why IoT vendors need to secure these devices, even if they only “phone home” for more Coke. If they're on your network, they need to be secured. The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

If you are in IT, you are probably not thinking about the risks associated with the Otis Elevator or the Coke machine. Maybe you should. Chester Wisnieski, the director and global field CTO at Sophos, points out that IoT devices, big and small, create an outsized threat to any organization. And that's why IoT vendors need to secure these devices, even if they only “phone home” for more Coke. If they're on your network, they need to be secured.

From family tree to jail cell? A hacker is alleged to have exploited information on genealogy websites to steal millions from public companies. Meanwhile, Kaspersky's US customers are wondering - what on earth is UltraAV?All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme - US Department of Justice.Sophos punts anti-virus for Klingons - The Register.Designating Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks - US Department of Treasury.Kaspersky says Uncle Sam snubbed its verification proposal - The Register.Use Kaspersky Antivirus Software? You'll Be Migrated to Pango's UltraAV - PC Mag. Kaspersky software replaced by 'UltraAV' on some US PCs - The Register.Need Instructions on Refunds for those who bought multi-year subscriptions - Kaspersky.US bans Kaspersky antivirus software for alleged Russian links - BBC News.Who gave you permission to put UltraAV on my computer? - Kaspersky Total Security.MusicBrainz Picard - Cross-platform music tagger powered by the MusicBrainz database.100 Chefs Will Slice Through the Competition in Culinary Class Wars - Netflix.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:SentinelOne - secure and protect every aspect of your cloud in real-time.1Password Extended Access Management – Secure every sign-in for every app on every device.Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing

In the latest episode of Tech Talks Daily, I bring you an insightful conversation with Andy Bradshaw, CEO of SHL, the global leader in HR technology and psychometric science.  As AI continues to reshape the workforce in 2024, Andy's expertise couldn't be more timely or relevant. With over 25 years of experience in technology and service businesses, including renowned companies like Hewlett-Packard, Microsoft, and Sophos, Andy brings a unique perspective to the table. His passion for leveraging human insights to enhance business and individual performance shines through in this engaging discussion. The episode kicks off with Andy explaining SHL's remarkable transformation into a talent intelligence powerhouse. He reveals how the company now leverages an astounding 45 billion data points across 150 countries to provide unparalleled workforce insights. As the conversation unfolds, Andy delves into the critical importance of early career recruitment in today's global talent shortage. He offers valuable strategies for tackling this challenge, emphasizing the need for organizations to recognize recruitment as a two-way process and focus on potential and motivation rather than just specific job skills. One of the most fascinating segments of the interview explores the power of internal mobility in solving critical talent problems. Andy shares eye-opening statistics on the increased filling of internal roles post-pandemic and discusses the numerous benefits this approach brings to both employers and employees. The discussion then shifts to a fresh perspective on hiring tech talent, with Andy advocating for looking beyond skills to focus on durable "soft" or "human" skills. He introduces SHL's identification of 11 key human skills for early career success, explaining how this approach allows for future job flexibility and can help reduce salary inflation for niche skills. Andy talks about how organizations are moving from talk to action, setting concrete targets, and using independent data sources to reduce bias in hiring and talent management processes. The conversation concludes with an exploration of AI's role in recruitment. Andy outlines how SHL integrates AI into assessment products, candidate experience, and big data interpretation while emphasizing the importance of transparent and ethical AI use.

What's it like being at the helm of a security operation that safeguards thousands of businesses worldwide, with new cyber threats emerging every single day? In this episode, host Heather Haskin meets with Raja Patel, Chief Product Officer at Sophos, to uncover the strategies that keep one of the world's leading cybersecurity companies ahead in an ever-evolving digital landscape. As cyber threats become more sophisticated and relentless, Patel shares his unique approach to building resilient security solutions that not only anticipate future challenges but also empower teams to think creatively and collaboratively. Discover how Sophos is pushing the boundaries of cybersecurity by blending innovation, strategic foresight, and a people-first mindset to protect organizations worldwide. Featuring: Raja Patel, Chief Product Officer, Sophos The Catalyst by Softchoice is the podcast dedicated to exploring the intersection of humans and technology. 

In today's episode, we explore the latest cybersecurity issues, including Sophos' discovery of the new EDRKillShifter utility used in RansomHub ransomware attacks, vulnerabilities in Microsoft's Azure Health Bot Service, and the implications of the recent CrowdStrike outage. We also discuss the White House's $11M plan to enhance open-source security, emphasizing the importance of robust protective measures and collaboration. Tune in to stay informed on the evolving landscape of cybersecurity threats and defenses. Video Episode: https://youtu.be/-BIB59LxVpQ 00:00 - Intro 01:14 - Ransomware attackers introduce new EDR killer to their arsenal 02:30 - White House details $11M plan to help secure open source 04:42 - Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service 07:01 - Misguided lessons from CrowdStrike outage could be disastrous Article URLs: https://news.sophos.com/en-us/2024/08/14/edr-kill-shifter/ https://www.cybersecuritydive.com/news/white-house-11-million-secure-open-source/724223/ https://thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in_0471960302.html https://www.cybersecuritydive.com/news/misguided-lessons-crowdstrike-outage/723991/ Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Sophos, EDRKillShifter, ransomware, endpoint protection, cybersecurity, Biden administration, open source software, infrastructure, Azure Health Bot Service, patient data, breaches, CrowdStrike, automated patching, cyber resilience Search Phrases: What are today's top cybersecurity news stories? Newest threats in cybersecurity today How to protect against ransomware in 2023 Effective endpoint protection strategies Latest updates on the Open Source Software Prevalence Initiative How to secure open source software Cybersecurity measures for healthcare organizations Preventing breaches in AI-powered healthcare bots Benefits of automated patching versus manual updates Ensuring cyber resilience with automated patching

It is important to have a lawyer assist with a separation agreement to safeguard your legal rights, including the right to honest financial disclosure from the other party. Most couples choose a no-fault divorce, which allows them to end their marriage without proving any wrongdoing. However, factors such as career choices, parenting differences, division of household labor, relationships with family and friends, finances, and health choices can still lead to conflict. According to a Forbes Advisor survey, the most significant conflicts for divorced couples were career choices (46%) and parenting differences (43%).   Jonathan D. Steele has had a successful legal career, starting at Nadler, Pritikin & Mirabelli LLC, and later moving to Beermann LLP. He has been recognized as a Rising Star by Illinois Super Lawyers magazine, an honor given to less than 2.5% of attorneys under 40 in the state. He has also been designated as an Emerging Lawyer by Leading Lawyers magazine, an accolade given to fewer than 2% of Illinois attorneys annually. This recognition underscores his expertise in family law and his exceptional professional achievement. In addition to his courtroom successes, Jonathan possesses a strong understanding of the Illinois Supreme Court rules and the Rules of Civil Procedure, as well as technical proficiency in legal practice that equips him to handle complex legal challenges. His areas of expertise include advanced trial advocacy, a deep understanding of the rules of evidence, and specialized knowledge in the Illinois Marriage and Dissolution of Marriage Act, Domestic Violence Act, and the Stalking No Contact Order Act. Jonathan places a high priority on the privacy and security of his clients, integrating cutting-edge digital protection strategies to safeguard sensitive information—a critical asset in today's interconnected world. Outside the courtroom, Jonathan is committed to community service, offering pro bono legal aid through JUF Community Legal Services and contributing to medical research initiatives as a board member of the Medical Research Junior Board Foundation at Ann & Robert H. Lurie Children's Hospital of Chicago.   Transitioning from law to cybersecurity, Jonathan has spent years researching all aspects of cybersecurity and privacy. He has become well-versed in the Sophos ecosystem, setting up MDM solutions across a fleet of iOS devices, configuring next-gen enterprise-grade Sophos XG firewalls for home use, and setting up Synology NAS solutions for self-hosting calendar solutions, surveillance systems, photo storage, and video hosting. He is proficient in ZTNA and VPN setup and configuration, end-to-end encrypted solutions, privacy-respecting software and hardware solutions, and compartmentalization strategies. His expertise also extends to multifactor authentication, setup and management of self-hosted IDP solutions, custom DNS filtering and configuration, website setup, configuration, security and management, and macOS, Windows, iOS setup and configuration to enhance security and privacy. He joined me this week to tell me more.   For more information, visit: https://www.steelefamlaw.com/

Computers blue-screen-of-death around the world! The Paris Olympics is at risk of attack! And the FBI pull off the biggest sting operation in history by running a secret end-to-end encrypted messaging app!All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by industry veterans Graham Cluley and Carole Theriault, joined this week by cybersecurity journalist and the author of “Dark Wire”, Joseph Cox.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:How a single IT update caused global havoc - BBC News.Anti-Virus Software Sees Self as Malware, Deletes Itself - NBC News report about Sophos snafu in 2012.Tweet about CrowdStrike outage by Kaspersky - Twitter.“Dark Wire” by Joseph Cox.Inside the Biggest FBI Sting Operation in History - WIRED.Trump shooter's online activity shows searches of rally site, use of encrypted platforms, officials say - CBS News.Mass Surveillance - Privacy International.338 sites internet frauduleux de revente de billets recensés à quelques semaines du début de la compétition - France Info.From wiretapping to geolocation data collection: AI mass surveillance for the Paris Olympics draws privacy concerns - Fast Company.Heading to the Paris Olympics? Don't Fall for These Scams - PC Mag.AI mass surveillance at Paris Olympics – a legal scholar on the security boon and privacy nightmare - Scientific American.AI mass surveillance at Paris Olympics – a legal scholar on the security boon and privacy nightmare - The Conversation.Paris 2024: Medal table predictions, facts, opening day schedule and records that could be broken - Euronews.Paris Olympics 2024: Your ultimate guide - The Telegraph.

A Crowdstrike update takes down IT systems worldwide. A U.S. District Court judge dismissed most charges against SolarWinds. Sophos examines the ransomware threat to the energy sector. European web hosting companies suspend Doppelgänger propaganda. An Australian digital prescription services provider confirms a ransomware attack affecting nearly 13 million. A pair of Lockbit operators plead guilty. N2K's CSO Rick Howard speaks with AWS' CISO Chris Betz about strong security cultures and AI. A look inside the world's largest live-fire cyber-defense exercise.  Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Dave is joined by Andy Ellis, to discuss today's top story on the CrowdStrike-induced Microsoft outage. N2K's CSO Rick Howard recently caught up with AWS' CISO Chris Betz at the AWS re:Inforce 2024 event. They  discuss strong security cultures and AI. You can watch Chris' keynote from the event here. Read Chris' blog post, “How the unique culture of security at AWS makes a difference.” Selected Reading Huge Microsoft Outage Linked to CrowdStrike Takes Down Computers Around the World (WIRED) Counting the Costs of the Microsoft-CrowdStrike Outage (The New York Times) Major Microsoft 365 outage caused by Azure configuration change (Bleeping Computer) Most of SolarWinds hacking suit filed by SEC dismissed (SC Magazine) Ransomware Remains a Major Threat to Energy (BankInfoSecurity) Investigation prompts European hosting companies to suspend accounts linked to Russian disinfo (The Record) MediSecure Data Breach Impacts 12.9 Million Individuals (SecurityWeek) Russians plead guilty to involvement in LockBit ransomware attacks (Bleeping Computer) Inside the world's largest ‘live-fire' cyber-defense exercise (CSO Online) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

OpenAI insiders describe a culture of recklessness and secrecy. Concerns over Uganda's biometric ID system. Sophos uncovers a Chinese cyberespionage operation called Crimson Palace. Poland aims to sure up cyber defenses against Russia. Zyxel warns of critical vulnerabilities in legacy NAS products. Arctic Wolf tracks an amateurish ransomware variant named Fog. A TikTok zero-day targets high profile accounts. Cisco patches a Webex vulnerability that exposed German government meetings. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey, diving into Domain 7, Security Operations. A Canadian data breach leads to a class action payday.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K's comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe dive into Domain 7, Security Operations, and tackle the following question: Which of the following is the MOST important goal of Disaster Recovery Planning? Business continuity Critical infrastructure restoration Human Safety Regulatory compliance Selected Reading OpenAI Whistle-Blowers Describe Reckless and Secretive Culture (The New York Times) Uganda: Yoweri Museveni's Critics Targeted Via Biometric ID System (Bloomberg) Chinese South China Sea Cyberespionage Campaign Unearthed (GovInfo Security) Palau confirms 'major' cyberattack, points to China (Digital Journal) Poland to invest $760 million in cyberdefense as Russian pressure mounts (The Record) 'NsaRescueAngel' Backdoor Account Again Discovered in Zyxel Products (SecurityWeek) Arctic Wolf sniffs out new ransomware variant (CSO Online) CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs (Security Affairs) Cisco Patches Webex Bugs Following Exposure of German Government Meetings (SecurityWeek) ICBC must pay $15K to all who had data breached before JIBC attacks (Vancouver Sun)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

UnitedHealth's CEO testimony before congress reveals details of the massive data breach. Major US mobile carriers are hit with hefty fines for sharing customer data. Muddling Meerkat manipulates DNS. A report from Sophos says ransomware payments skyrocketed this past year. The DOE addresses risks and benefits of AI. LightSpy malware targets macOS. A crucial Kansas City weather and traffic system is disabled by a cyberattack. A Canadian pharmacy chain shuts down temporarily following a cyberattack. Guest Kayla Williams, CISO from Devo, joins us to share CISO insights into the pressure of their roles they feel mounting on them and gives us a look into their plans for RSAC 2024. Pay attention - that AWS meter may be running.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Kayla Williams, CISO from Devo, joins us to share CISO insights into the pressure of their roles they feel mounting on them and gives us a look into their plans for RSAC 2024. Selected Reading Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO (TechCrunch) FCC Fines Carriers $200m For Selling User Location Data (Infosecurity Magazine) Muddling Meerkat hackers manipulate DNS using China's Great Firewall (Bleeping Computer) Ransom Payments Surge by 500% to an Average of $2m (Infosecurity Magazine) US DOE rolls out initial assessment report on AI benefits and risks for critical energy infrastructure (Industrial Cyber)  LightSpy malware has made a comeback, and this time it's coming after your macOS devices (ITPro) Kansas City system providing roadside weather, traffic info taken down by cyberattack (The Record) London Drugs pharmacy chain closes stores after cyberattack (Bleeping Computer) An Empty S3 Bucket Can Make Your AWS Bills Explode (GB Hackers) - kicker How an empty S3 bucket can make your AWS bill explode (Medium) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.