Podcasts about Spyware

We don't do holiday themed episodes in this house, so no tricks, but we have some treats for you. First we discuss the problem of shadow AI (1:00) and how it seems like we're just repeating the mistakes of previous tech waves in ignoring security until it's too late. Then we dig into a new report from Kaspersky about a crazy exploit they discovered for a Chrome sandbox escape that led them to identify the new version of Hacking Team's spyware called Dante (23:00). Finally, we provide some important updates on our respective wildlife encounters (33:00).Kaspersky report: https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/ Support the show

Rachel Maddow explains that while much of Donald Trump's abuse of power is typical of authoritarians, Trump has a new tool that no authoritarian before him has had: extremely advanced spyware. Trump is already deploying this new weapon through ICE, which intends to use this surveillance technology against immigrants but also against Americans who protest against ICE, and anyone they might snare with an extremely loose definition of "anti-fascist."Rachel Maddow considers reasons why protesting against authoritarians is important, from feeling empowered to ensuring that important rights don't atrophy or get taken away when they're not in use. But another important use for protest is to send a message to the people and entities that would capitulate and become accomplices in the authoritarian's abuses.Marc Elias, attorney and founder of Democracy Docket, talks with Rachel Maddow about the fight he expects Donald Trump to put up as Trump's unpopularity makes a clean election victory less likely. Even as Trump will abuse the power and credibility of the Justice Department to serve his ends, his past bad faith in making bogus election fraud accusations gives his legal opponents an advantage. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Atlas browser hijacked Bye, bye Twitter birdie Dante spyware surfaces Huge thanks to our sponsor, Conveyor Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles move without stalls. Breathe easier—check out Conveyor at www.conveyor.com.

Three Buddy Problem - Episode 69: We dig into news that Apple's iOS 26 has quietly killed the shutdown.log forensic artifact used to spot signs of infections and what it means for threat hunters. Plus, whispers of a million-dollar WhatsApp zero-click exploit that never materialized at Pwn2Own, a surreal court case linking a Trenchant exploit developer to Russian buyers, and Chinese threat intel reports pointing fingers at the NSA. We also discuss calls for the US government to build a structured, lawful ecosystem for private-sector offensive operations to address existing chaos and market gaps. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

A change in iOS is deleting-clues of old spyware infections, Starlink disables 2,500 terminals at scam compounds, a Caribbean hospital is still down 5 months after a ransomware attack, and officials are charged in Poland's Pegasus spyware scandal. Show notes Risky Bulletin: iOS 26 change deletes clues of old spyware infections

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

A foreign threat actor breached a key U.S. nuclear weapons manufacturing site. The cyberattack on Jaguar Land Rover is the most financially damaging cyber incident in UK history. A new report from Microsoft' warns that AI is reshaping cybersecurity at an unprecedented pace. The ToolShell vulnerability fuels Chinese cyber operations across four continents. Fake browser updates are spreading RansomHub, LockBit, and data-stealing malware. Hackers deface LA Metro bus stop displays. A Spyware developer is warned by Apple of a mercenary spyware attack. Pwn2Own payouts proceed. Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on a Federal Whistle Blower from the SSA. When the cloud goes down, beds heat up.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on a Federal Whistle Blower from the SSA. If you enjoyed Ben's conversation, be sure to check out more from him over on the Caveat Podcast. 2025 Microsoft Digital Defense Report To learn more about the 2025 Microsoft Digital Defense Report, join our partners on The Microsoft Threat Intelligence Podcast. On today's episode, host Sherrod DeGrippo is joined by Chloé Messdaghi and Crane Hassold to unpack the key findings of the 2025 Microsoft Digital Defense Report; a comprehensive look at how the cyber threat landscape is accelerating through AI, automation, and industrialized criminal networks. You can listen to new episodes of The Microsoft Threat Intelligence Podcast every other Wednesday on your favorite podcast app. Selected Reading Foreign hackers breached a US nuclear weapons plant via SharePoint flaws (CSO Online) JLR hack is costliest cyber attack in UK history, say analysts (BBC) Microsoft 2025 digital defense report flags rising AI-driven threats, forces rethink of traditional defenses (Industrial Cyber) The New Frontlines of Cybersecurity: Lessons from the 2025 Digital Defense Report (The Microsoft Threat Intelligence Podcast)   Sharepoint ToolShell attacks targeted orgs across four continents (Bleeping Computer) SocGholish Malware Using Compromised Sites to gDeliver Ransomware (Hackread) LA Metro digital signs taken over by hackers (KTLA) Apple alerts exploit developer that his iPhone was targeted with government spyware (TechCrunch) Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025 (SecurityWeek) AWS crash causes $2,000 Smart Beds to overheat and get stuck upright (Dexerto) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Three Buddy Problem - Episode 67: We discuss the rise of automated red-teaming, Apple's $2 million exploit chain bounties aimed at outbidding spyware brokers and the iPhone maker's focus on wireless proximity attacks and “tactical suitcase” Wi-Fi exploits. We also hit the news of Paragon spyware targeting European executives and the bizarre story of NSO Group's supposed US investor buyout. Plus, an update on Oracle's zero-day ransomware fiasco, Ivanti's endless patch delays, the ethics of journalists enabling ransomware operations on leak sites, Europe's latest failed push for Chat Control, and VirusTotal's new pricing tiers. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Jen Roberts, Associate Director of the Atlantic Council's Cyber Statecraft Initiative, and Sarah Graham, Research Consultant with the Atlantic Council's Cyber Statecraft Initiative, who are coauthors along with Nitansha Bansal of the recent paper, “Mythical Beasts: Diving Into the Depths of the Global Spyware Market,” join Lawfare's Justin Sherman to discuss the global spyware industry, how it has evolved in recent years, and what its future holds. They also discuss the geographic concentration of key spyware entities in several countries; a rise in U.S. investors in the spyware industry; how “strategic jurisdiction hopping,” name changes, and corporate structure shifts impact spyware firms' evolution and transparency into their activities; and how U.S. policymakers should approach the global spyware market going forward.To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also support Lawfare by making a one-time donation at https://givebutter.com/lawfare-institute.Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.

Nachdem die Bundesregierung der Chatkontrolle – also der europaweiten Durchsuchung privater Nachrichten – eine Absage erteilt hat, wird die EU-Abstimmung darüber auf Dezember verschoben. Gleichzeitig ignoriert die EU-Kommission seit Jahren massive Überwachungsskandale in den Mitgliedsstaaten. In Spanien, Polen, Ungarn und Griechenland haben Regierungen mit Spyware wie Pegasus und Predator Journalistinnen, Oppositionelle sowie Anwälte ausspioniert. Ein EU-Untersuchungsausschuss bestätigte diesen systematischen Missbrauch – doch statt Konsequenzen folgte Schweigen. Auch Deutschland kaufte intransparent und unter Ausschluss der Öffentlichkeit eine modifizierte Pegasus-Version für das BKA. Das Problem: Außerhalb der Sicherheitsbehörden hat niemand diese Software je zu Gesicht bekommen. Selbst Bundestagsabgeordnete erhalten oft nur geschwärzte Unterlagen. Diese Intransparenz macht eine Kontrolle nahezu unmöglich, ob die mächtigste Spionagesoftware der Welt missbraucht wird. Das Fazit ist ernüchternd: Die EU kann sich selbst nicht kontrollieren, wenn Überwachung im Spiel ist. Mitgliedsstaaten berufen sich auf "nationale Sicherheit" und blockieren jede Reform. Gleichzeitig drängen dieselben Regierungen auf neue Überwachungsbefugnisse wie die Chatkontrolle. Wie konnte es so weit kommen? Was würde das Ende der Verschlüsselung für unsere Demokratie bedeuten? Und wer schützt uns vor dem Staat, wenn Kontrolle zur Macht wird? Über all das sprechen Dilan Gropengiesser und Holger Stark, stellvertretender Chefredakteur und Ressortleiter Investigative Recherche und Daten bei DIE ZEIT, in Folge 112 von Was jetzt? – Die Woche.

A federal workers' union is suing the Education Department after agency employees on furlough or administrative leave discovered that their automatic email replies had been changed to a message blaming Democratic lawmakers for the ongoing government shutdown. The complaint, filed by the American Federation of Government Employees, asks a court to prohibit the Education Department's alleged efforts to “put political speech in federal employees' mouths.” “Forcing civil servants to speak on behalf of the political leadership's partisan agenda is a blatant violation of federal employees' First Amendment rights,” the suit stated, adding that “employees are now forced to involuntarily parrot the Trump Administration's talking points with emails sent out in their names.” The suit came one day after some furloughed workers discovered that their automatic out-of-office email replies were changed without their knowledge, from neutral language to partisan messaging that blamed Democrats for the shutdown, which began last Wednesday. Three House Democrats questioned the Department of Homeland Security on Monday over a reported Immigration and Customs Enforcement contract with a spyware provider that they warn potentially “threatens Americans' freedom of movement and freedom of speech.” Their letter follows publication of a notice that ICE had lifted a stop-work order on a $2 million deal with Israeli spyware company Paragon Solutions, a contract that the Biden administration had frozen one year ago pending a review of its compliance with a spyware executive order. Paragon is the maker of Graphite, and advertises it as having more safeguards than competitors that have received more public and legal scrutiny, such as NSO Group's Pegasus, a claim researchers have challenged. A report earlier this year found suspected deployments of Graphite in countries across the globe, with targets including journalists and activists. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

This week, we are joined by Martin Zugec, Technical Solutions Director from Bitdefender, sharing their work and findings on "EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company. A newly identified Chinese APT group has been observed deploying a sophisticated, fileless malware framework called EggStreme against a Philippine military company. The multi-stage toolkit uses DLL sideloading and in-memory execution to evade detection, with its core backdoor, EggStremeAgent, enabling reconnaissance, lateral movement, keylogging, and data theft. Researchers note the campaign's persistence and stealth highlight professional, geopolitically motivated espionage activity linked to Chinese national interests. The research can be found here: EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by Martin Zugec, Technical Solutions Director from Bitdefender, sharing their work and findings on "EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company. A newly identified Chinese APT group has been observed deploying a sophisticated, fileless malware framework called EggStreme against a Philippine military company. The multi-stage toolkit uses DLL sideloading and in-memory execution to evade detection, with its core backdoor, EggStremeAgent, enabling reconnaissance, lateral movement, keylogging, and data theft. Researchers note the campaign's persistence and stealth highlight professional, geopolitically motivated espionage activity linked to Chinese national interests. The research can be found here: EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode we look at how Immigration and Customs Enforcement is believed to have access to Graphite—powerful spyware capable of silently hacking smartphones and reading encrypted apps like WhatsApp and Signal. At issue is what Graphite can do, the legal red lines it risks crossing, and what it means for civil liberties inside the U.S. if you carry a phone. Joining us are Eric O'Neill, a former FBI counterintelligence operative, author, and current national security strategist with Nexasure, and Theresa Payton, CEO of Fortalice Solutions and former White House Chief Information Officer.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Tom Uren and Amberleigh Jack talk about why it is good news that US investment in spyware vendors has skyrocketed. They also discuss the in-principle agreement for TikTok to remain in the US. It's a win-win: a win for China and a win for TikTok, but not so much a win for US national security. This episode is also available on YouTube. Show notes

It's everywhere. You cannot run from it. What do we do about it?

Longterm and short-term security work from Apple on this week's Checklist. First, the company's warning individuals in France of potential spyware attacks. We'll look at what they're looking for and advice for staying safe. Plus - the iPhones Apple announced this week are bringing a new memory safety feature. We'll familiarize ourselves with Memory Integrity Enforcement on this edition of The Checklist, brought to you by SecureMac. Check out our show notes: SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com

SonicWall SSL VPN flaws now being actively exploited Acting federal cyber chief outlines his priorities U.S. based investors in spyware firms nearly tripled in 2024 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.    

The feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs, which are some of the most common vulnerabilities exploited by spyware developers and makers of phone forensic devices used by law enforcement.  Learn more about your ad choices. Visit podcastchoices.com/adchoices

Apple notifies French users of spyware attacks, China will increase fines for data breaches Google pays $1.6mil for cloud bugs at a hackathon event, and no more hacked free laundry for Dutch students Show notes Risky Bulletin: Most UK school hacks are caused by their own students

Read the article on my BlogApple's new iPhone 17 and iPhone Air promise next-level protection with the A19 chip and spyware-resistant memory safety. But is it really worth the premium price—or will competitors soon catch up? Let's break down what this means for your security and whether the upgrade is a smart move.I used ChatGPT 5 and ScreenPal to put this information together.

Three Buddy Problem - Episode 61: We cover a pair of software supply chain breaches (Salesforce Salesloft Drift and NPM/GitHub) that raises big questions about SaaS integrations and the ripple effects across major security vendors. Plus, Apple's new Memory Integrity Enforcement in iPhone 17 and discussion on commercial spyware infections and the value of Apple notifications; concerns around Chinese hardware and surveillance equipment in US infrastructure; Silicon Valley profiting from China's surveillance ecosystem; and controversy around a Huntress disclosure of an attacker's operations after an EDR agent was mistakenly installed. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

China holds a military parade with Vladimir Putin and Kim Jong Un, the U.S. military strikes an alleged Tren de Aragua drug boat, killing 11, the Thai government seeks House dissolution as the opposition backs a rival's Prime Minister bid, U.K. Deputy Prime Minister Rayner admits to stamp duty underpayment, the Trump administration lifts a hold on a $2M ICE spyware contract, U.S. deportees to Eswatini are allegedly held without charge, Jeffrey Epstein survivors hold a news conference with Congressional representatives, a judge orders Google to share search data but rejects breaking up the tech giant, an AI surveillance startup says it can end crime in America, and a new study calculates sea level rise at only 1.5 mm per year. Sources: www.verity.news

How to Protect Yourself Against Government's Latest Spyware by Nick Espinosa, Chief Security Fanatic

Jon looks at crimes across the country, including comments from Gov. Walz regarding capitol security in light of a recent arrest. Jon has thoughts on a impending State law for social media usage.

Sharepoint Server vulnerability looks a lot like Hafnium to us. Microsoft has stopped using China based engineers to work on DoD cloud systems. Older CD-ROM not working on new PC, Spyware developer used Google Servers as repository but never secured it. Took Google a month to remove it. Cognizant just gave away passwords and now is getting sued! My USB ports are flaky, Google email summary bothers me, MS Office 2021 having issues Launching Outlook should I replace my backup media?

The spyware maker was banned from the surveillance industry in 2021, but was caught flouting the ban less than a year later. Now the founder wants the ban lifted altogether. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia's financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state portal cyberattack.  Hungarian police arrest a man accused of launching DDoS attacks on independent media outlets. On our Threat Vector segment guest host ⁠Michael Sikorski⁠ ⁠and Michael Daniel⁠ of the Cyber Threat Alliance (CTA) explore cybersecurity collaboration. A Spyware kingpin wants back in. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector segment, host David Moulton turns the mic over to guest host ⁠Michael Sikorski⁠ and his guest ⁠Michael Daniel⁠ of the Cyber Threat Alliance (CTA) for a deep dive into cybersecurity collaboration. You can hear Michael and Michael's full discussion on Threat Vector ⁠⁠⁠here⁠⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets (SecurityWeek) Microsoft: Windows Server KB5062557 causes cluster, VM issues (Bleeping Computer)  File transfer company CrushFTP warns of zero-day exploit seen in the wild (The Record) UK to lead crackdown on cyber criminals with ransomware measures (GOV.UK) Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims (Infosecurity Magazine) Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks (Infosecurity Magazine) WordPress spam campaign abuses Google Tag Manager scripts (SC Media) After website hack, Arizona election officials unload on Trump's CISA (CyberScoop) Hungarian police arrest suspect in cyberattacks on independent media (The Record) Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry (TechCrunch) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Edition No197 | 22-07-2025 - Putin is tightening the digital noose in Russia, as the crackdown on the internet intensifies. We explore What It Signals in this episode. The Kremlin isn't just at war with Ukraine — it's at war with its own population, and the internet itself. Connectivity blackouts are plaguing regions of Russia, and now spyware is being installed on every internet capable device. The Victory Day disconnections of internet coverage were just a foretaste of the censorship and control that is rapidly approaching. The edges are emerging of what promises to be a terrifying blueprint for new a “digital gulag.” But this isn't just about censorship. It's about what Russia might be preparing for next — why the regime has such a sense of urgency to gain control of the Russian internet, and what that means for Ukraine and for the rest of us.----------DESCRIPTION:Putin's Digital Gulag: Why Russia is Shutting Down its InternetIn this episode of Silicon Bites, we delve into Vladimir Putin's aggressive efforts to control and restrict internet access in Russia. We explore the Kremlin's increasing crackdown on digital freedom and what it means for Russia's population, the ongoing conflict with Ukraine, and potential geopolitical ramifications. Key points include the intensification of censorship, the spread of spyware on consumer devices, and the Kremlin's urgency to isolate the Russian internet by autumn 2025. We also discuss possible reasons behind this rapid digital suppression including further mobilization, preparing for war with NATO, economic collapse, or autocratic whims. Discover how these unprecedented moves might signify a strategy to escalate the war or manage looming internal and external crises.----------SUPPORT THE CHANNEL:https://www.buymeacoffee.com/siliconcurtainhttps://www.patreon.com/siliconcurtain----------CHAPTERS:00:00 Introduction: Putin's Attempt to Break the Internet00:30 The Digital Noose Tightens01:26 The Big Digital Squeeze03:00 Technical Details of the Crackdown04:24 Spyware and the Digital Gulag05:52 Hypotheses Behind the Crackdown10:10 The Autumn Trap: Why Now?11:39 Conclusion: The Global Implications----------SOURCES: https://www.youtube.com/watch?v=Cx3hF3Yk2rYhttps://jamestown.org/program/russia-ramps-up-internet-censorship/https://www.businessinsider.com/russia-cut-internet-access-victory-day-ukraine-drone-strikes-putin-2025-5https://www.thetimes.com/world/russia-ukraine-war/article/putin-moscow-whatsapp-ban-plan-max-app-launch-b789tt6tshttps://united24media.com/latest-news/putins-new-orders-could-reshape-russian-internet-heres-whats-next-10019https://www.independent.co.uk/news/world/europe/russia-kremlin-instagram-atms-ukraine-b2791385.htmlhttps://meduza.io/en/feature/2025/07/07/mapping-russia-s-internet-blackoutshttps://www.themoscowtimes.com/2025/07/01/russia-to-disconnect-foreigners-who-have-not-submitted-biometric-data-from-mobile-internet-a89635https://www.washingtonpost.com/world/2025/07/17/russia-internet-censorship/https://www.kyivpost.com/post/56473https://www.bloomberg.com/news/articles/2025-07-03/russian-internet-outages-soar-as-kremlin-boosts-wartime-controls----------TRUSTED CHARITIES ON THE GROUND:Save Ukrainehttps://www.saveukraineua.org/Superhumans - Hospital for war traumashttps://superhumans.com/en/UNBROKEN - Treatment. Prosthesis. Rehabilitation for Ukrainians in Ukrainehttps://unbroken.org.ua/Come Back Alivehttps://savelife.in.ua/en/Chefs For Ukraine - World Central Kitchenhttps://wck.org/relief/activation-chefs-for-ukraineUNITED24 - An initiative of President Zelenskyyhttps://u24.gov.ua/Serhiy Prytula Charity Foundationhttps://prytulafoundation.orgNGO “Herojam Slava”https://heroiamslava.org/kharpp - Reconstruction project supporting communities in Kharkiv and Przemyślhttps://kharpp.com/NOR DOG Animal Rescuehttps://www.nor-dog.org/home/----------

Foldable Frenzy: Samsung's Slim, Stacked, and Snazzy Smartphones Spill.  Inked Innovation: AI's Artistic Advance in Tattooing.  Sirens on Smartphones: September's Safety Signal.  Solar Sabotage: Smart Inverter Infiltration Threatens Power Stability.  Radiation Rebellion: Rethinking Renewable Rules.  Grok's Growing Gaffes: Musk's Politically Incorrect AI Push.  Methane Mishap: Missing Satellite Sparks Space Setback.  Spyware, Spiders, and Simulators: A Security Shake-Up.  Sentiment Streets: Smart Cities Map Moods with Machine Learning. 

In this episode, I address listener feedback and corrections regarding use of public Wi-Fi, MAC addresses, and aliases. I dive deep into the nuances of MAC address randomization on GrapheneOS versus Apple's private Wi-Fi addresses, explaining why GrapheneOS offers superior privacy protection. I discuss the real threats of public Wi-Fi in 2025 (hint: it's not hackers with Wireshark), and share my approach with aliases.I also cover the rising threat of infostealers like Atomic Info Stealer for macOS, the dangerous intersection of gaming cheats and malware, and why I avoid third-party antivirus software. Most importantly, I address the GrapheneOS controversy: the loss of a senior developer to military conscription, Google's strategic pivot that threatens custom ROMs, and why claims of GrapheneOS “dying” are misinformation spread by those with competing agendas.In this week's episode:Clarifications and Corrections: Public Wi-Fi, MAC addresses, and alias managementMAC address randomization: GrapheneOS vs Apple's implementationThe real threats of public Wi-Fi in 2025Info stealers and video games can be a privacy nightmareGrapheneOS controversy: Developer conscription, Google's lockdown, and the future of custom ROMsWhy antivirus software might be the malware you're trying to avoidMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:MAC Address Lookup - https://maclookup.app/OUI Lookup - https://oui.is/33mail - https://www.33mail.com/OpenSnitch - https://github.com/evilsocket/opensnitchPrivacy.com - https://privacy.comLithic - https://lithic.comKaspersky and Russian Government - https://en.wikipedia.org/wiki/Kaspersky_and_the_Russian_governmentGoogle Not Killing AOSP - https://www.androidauthority.com/google-not-killing-aosp-3566882/GrapheneOS on Developer Conscription - https://grapheneos.social/@GrapheneOS/114359660453627718GrapheneOS on OEM Partnerships (June 19) - https://grapheneos.social/@GrapheneOS/114671100848024807GrapheneOS Response to Misinformation - https://grapheneos.social/@GrapheneOS/114825492698412916GrapheneOS on iPhone Security - https://grapheneos.social/@GrapheneOS/114824816120139544“Social engineering bypasses all technologies, including firewalls.”- Kevin Mitnick ★ Support this podcast on Patreon ★

Analysis: In calling itself an ethical spyware vendor, Paragon has opened itself up to scrutiny of its government customers. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Four members of President Trump's cabinet impersonated Is this some kind of a game? Batavia attacks Russian industrial companies Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

Undetectable Android spyware leaks user logins Hunters ransomware group shuts doors Medical device company Surmodics reports cyberattack Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud security teams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attacks with real-time cloud security that includes AI-powered protection, detection and automated response capabilities. Threats are stopped in minutes instead of days, and teams can finally protect cloud environments at the speed and scale of modern attacks. To learn more about how Cortex Cloud stops cloud attacks before they become breaches, visit: paloaltonetworks.com/cortex/cloud-detection-and-response Find the stories behind the headlines at CISOseries.com.

A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because "ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect.Meanwhile, Carole checks the rear-view mirror on the driverless car industry. Whatever happened to those million Tesla robotaxis Elon Musk promised by 2020? Spoiler: they're here — sort of — but they sometimes drive into oncoming traffic.Plus: Leighton House, heatwave survival gadgets, and an unflushable toilet situation (not what you think).All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mexican drug cartel hacker spied on FBI official's phone to track and kill informants, report says - TechCrunch.Audit of the Federal Bureau of Investigation's Efforts to Mitigate the Effects of Ubiquitous Technical Surveillance - US Department of Justice Office of the Inspector General.Tesla driver tells police he was using 'self-drive' system when his car hit a parked police vehicle - AP News.‘Lidar is lame': why Elon Musk's vision for a self-driving Tesla taxi faltered - The Guardian.Tesla invited influencers to test its robotaxi. Here's what they had to say - USA Today Europe.Elon Musk Hails 'Successful' Tesla Robotaxis Launch in Austin Amid Reported Glitches - eWEEK.A Fatal Tesla Crash Shows the Limits of Full Self-Driving - Bloomberg.The Arab Hall at Leighton House.Spandau Ballet's “Gold” - shot at Leighton House!Shark FlexBreeze Fan With InstaCool Mist Attachment - Shark.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Vanta– Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Trelica by 1Password- Access Governance for every SaaS app.

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: New York Times gets a little stolen Russian FSB data as a treat iVerify spots possible evidence of iOS exploitation against the Harris-Walz campaign Researcher figures out a trick to get Google account holders' full names and phone numbers Major US food distributor gets ransomwared The Com's social engineering of Salesforce app authorisations is a harbinger of our future problems Australian Navy forgets New Zealand has computers, zaps Kiwis with their giant radar. This week's episode is sponsored by identity provider Okta. Long-time friend of the show Alex Tilley is Okta's Global Threat Research Coordinator, and he joins to discuss how organisations can use both human and technical signals to spot North Koreans in their midst. This episode is also available on Youtube. Show notes How The Times Obtained Secret Russian Intelligence Documents - The New York Times Ukraine's military intelligence claims cyberattack on Russian strategic bomber maker | The Record from Recorded Future News Harris-Walz campaign may have been targeted by iPhone hackers, cybersecurity firm says iVerify Uncovers Evidence of Zero-Click Mobile Exploitation in the U.S. Spyware maker cuts ties with Italy after government refused audit into hack of journalist's phone | The Record from Recorded Future News Italian lawmakers say Italy used spyware to target phones of immigration activists, but not against journalist | TechCrunch Android chipmaker Qualcomm fixes three zero-days exploited by hackers | TechCrunch Cellebrite to acquire mobile testing firm Corellium in $200 million deal | CyberScoop Apple Gave Governments Data on Thousands of Push Notifications A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account Bruteforcing the phone number of any Google user Acreed infostealer poised to replace Lumma after global crackdown | The Record from Recorded Future News BidenCash darknet forum taken down by US, Dutch law enforcement | The Record from Recorded Future News NHS calls for 1 million blood donors as UK stocks remain low following cyberattack | The Record from Recorded Future News Major food wholesaler says cyberattack impacting distribution systems | The Record from Recorded Future News Kettering Health confirms attack by Interlock ransomware group as health record system is restored | The Record from Recorded Future News Hackers abuse malicious version of Salesforce tool for data theft, extortion | Cybersecurity Dive shubs on X: "IP whitelisting is fundamentally broken. At @assetnote, we've successfully bypassed network controls by routing traffic through a specific location (cloud provider, geo-location). Today, we're releasing Newtowner, to help test for this issue: https://t.co/X3dkMz9gwK" / X Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect | WIRED Australian navy ship causes radio and internet outages to parts of New Zealand

Is your phone suddenly running hot? That might not just be a glitch. It could be some creep spying in on your phone. Learn more about your ad choices. Visit megaphone.fm/adchoices

A jury orders NSO Group to pay $167 millions dollars to Meta over spyware allegations. CISA warns of hacktivists targeting U.S. ICS and SCADA systems. Researcher Micah Lee documents serious privacy risks in the TM SGNL app used by high level Trump officials. The NSA plans significant workforce cuts. Nations look for alternatives to U.S. cloud providers. A medical device provider discloses a cyberattack disrupting its ability to ship customer orders. The Panda Shop smishing kit impersonates trusted brands. Accenture's CFO thwarts a deepfake attempt. Our temporary intern Kevin Magee from Microsoft wraps up his reporting from the RSAC show floor.  Server room shenanigans, with romance, retaliation, and root access. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Wrapping up RSAC 2025, we're joined by our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Kevin brings the energy with a high-octane medley of interviews directly from the show floor, featuring sharp insights and bold ideas from some of cybersecurity's most influential voices. It's the perfect, fast-paced finale to our RSAC coverage—check out the show notes for links to all the guests featured! In this segment, you'll hear from Eoin Wickens, Director of Threat Intelligence of HiddenLayer, Jordan Shaw-Young, Chief of Staff for Security Services at BlueVoyant, Gil Barak, co-founder and CEO of Blink Ops, and Paul St Vil, VP of Field Engineering at Zenity. You can also catch Kevin on our Microsoft for Startups⁠ Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi⁠ of ⁠Cerby⁠, ⁠Travis Howerton⁠ of ⁠RegScale⁠, and ⁠Karl Mattson⁠ of ⁠Endor Labs⁠. Whether you are building your own startup or just love a good innovation story, listen and learn more here. Selected Reading Spyware-maker NSO ordered to pay $167 million for hacking WhatsApp (The Washington Post) CISA Warns of Hackers Attacking ICS/SCADA Systems in Oil and Natural Gas Companies (Cyber Security News) Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs (Micha Flee) NSA to cut up to 2,000 civilian roles as part of intel community downsizing' (The Record) NIST loses key cyber experts in standards and research (Cybersecurity Dive) A coherent European/non-US cloud strategy: building railroads for the cloud economy (Bert Hubert) Medical device giant Masimo says cyberattack is limiting ability to fill customer orders (The Record) New Chinese Smishing Kit Dubbed 'Panda Shop' Steal Google, Apple Pay & Credit Card Details (Cyber Security News) Accenture: What we learned when our CEO got deepfaked (Computing) IT Worker from Computacenter Let Girlfriend Into Deutsche Bank's Restricted Areas (GB Hackers) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Flight from fight response. After India attacks Pakistan and Pakistan authorizes "corresponding action", a journalist in Kashmir tells us the threat of escalation has people unsure what to do or where to go.Search me. American authorities in a Washington state border town inspect cars and question drivers heading toward Canada. A local lawyer says that might destroy whatever was left of the town's cross-border business. Spyware and tear. An Israeli cyber-intelligence firm is ordered to pay more than 2-hundred and 30 million Canadian in damages, for surveilling hundreds of WhatsApp users.Your chance to pontiff-icate. While the conclave is in session, Italians are guessing who the next Pope will be -- by playing a fantasy-league game called "Fantapapa". A true sensation about real sensations. A graduate student in Finland wins this year's "Dance Your PhD" contest with a powerful performance about the science behind sensations such as burning, cooling, and tingling.And...villain the blanks. A British woman is given tens of thousands in compensation, after her colleagues filled out a Star Wars-related personality test on her behalf -- and declared her a "Darth Vader".As It Happens, the Wednesday Edition. Radio that survives a near-Darth experience. 

Netflix rolls out a redesign of its Apple tvOS app, Spyware maker NSO Group must pay WhatsApp $167M, Amazon unveils warehouse robot “Vulcan” MP3 Please SUBSCRIBE HERE for free or get DTNS Live ad-free. A special thanks to all our supporters–without you, none of this would be possible. If you enjoy what you see youContinue reading "US v. Google: Eddy Cue says Apple is actively looking at reshaping Safari – DTH"

In this episode, host Jim Love discusses various cybersecurity topics including a book deal from CRC Press for those interested in cybersecurity, auditing, and leadership. Major cyber incidents involving two UK retailers, Co-op and Marks & Spencer's, are detailed, highlighting the challenges they face. Apple's notifications to users in 100 countries about targeted mercenary spyware attacks are covered, emphasizing the importance of taking these alerts seriously. Additionally, a malicious WordPress plugin has been discovered that grants attackers unauthorized access, and an open letter from cybersecurity professionals calls on President Donald Trump to cease investigations into former CISA Director Chris Krebs. The episode concludes by previewing an upcoming segment covering the B Side and RSA shows. 00:00 Introduction and Special Announcement 00:16 Cybersecurity Book Deals 01:37 Major Cyber Attacks on UK Retailers 03:48 Apple's Spyware Alerts 06:22 Malicious WordPress Plugin Discovered 08:19 Open Letter Supporting Chris Krebs 10:57 Conclusion and Upcoming Events

No Agenda Episode 1760 - "Mercenary Spyware" "Mercenary Spyware" Executive Producers: Anonymous Black Sheep Scott Horton Abby Paulsons Commadore of the Human Resources Producers Sir Marcus Sir Milkman Zadoc Brown III SDG Brock Reinhold Jon Tucker Laurens De Ceuster Sir Dibs on Living Angel Dechter Wirt Fuller Rick W Cable Brandon Foster Associate Executive Producers: Rich Geisler Chad Finkbeiner Eli the coffee guy Linda Lu Duchess of jobs & writer of resumes Erin Parr Commodores: Commodore Anonymous Black Sheep Commodore Scott Horton Commodore of the Human Resources Producers Commodore Mark of Crow Wing County"? Commodore Sir Milkman of Evington Commodore Zadoc Brown III Commodore SDG Commodore Brock Reinhold Commodore Jon Tucker Become a member of the 1761 Club, support the show here Boost us with with Podcasting 2.0 Certified apps: Podverse - Podfriend - Breez - Sphinx - Podstation - Curiocaster - Fountain Knights & Dames Sir Tom > Baron Tom, Warden of the Frozen Tundra. Art By: Dennis Roebecker End of Show Mixes: Nautilis K - David Keckta Engineering, Stream Management & Wizardry Mark van Dijk - Systems Master Ryan Bemrose - Program Director Back Office Jae Dvorak Chapters: Dreb Scott Clip Custodian: Neal Jones Clip Collectors: Steve Jones & Dave Ackerman NEW: and soon on Netflix: Animated No Agenda Sign Up for the newsletter No Agenda Peerage ShowNotes Archive of links and Assets (clips etc) 1760.noagendanotes.com Directory Archive of Shownotes (includes all audio and video assets used) archive.noagendanotes.com RSS Podcast Feed Full Summaries in PDF No Agenda Lite in opus format Last Modified 05/01/2025 16:55:14This page created with the FreedomController Last Modified 05/01/2025 16:55:14 by Freedom Controller

We are all vulnerable to digital surveillance, as there's little protection to prevent our phones from getting hacked. Mercenary spyware products like Pegasus are powerful and sophisticated, marketed to government clients around the world. Cybersecurity expert Ron Deibert tells IDEAS, "the latest versions can be implanted on anyone's device anywhere in the world and as we speak, there is literally no defence against it.” Deibert is the founder of the Citizen Lab at the University of Toronto, a group of tech-savvy researchers who dig into the internet, looking for the bad actors in the marketplace for high-tech surveillance and disinformation. In his new book, Chasing Shadows, he shares notorious cases he and his colleagues have worked on and reveals the dark underworld of digital espionage and subversion.