Podcasts about Spyware

(Presented by ThreatLocker (https://threatlocker.com/threebuddyproblem): Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 75: We dig into a CVSS 10/10 unauthenticated RCE bug causing chaos across the internet and early signs that Chinese APTs are already launching exploits, the cascading patch chaos, and a long tail of malware intrusions to come. Plus, commentary on Chrome's telemetry collection, Microsoft and the "SFI success story," newest BRICKSTORM backdoor intrusions, the US national security strategy, Anthropic's AI popping smart-contract bugs, a secret FBI ransomware-hunting unit getting weird, and a pair of sad stories in the security community. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Disclaimer: We are not professionals. This podcast is opinioned based and from life experience. This is for entertainment purposes only. Opinions helped by our guests may not reflect our own. But we love a good conversation.In this 2 Be Better Podcast episode, Chris and Peaches walk you through a full list of cheating apps for 2025, from “news” and calculator clones to secret chat apps, vaults, and full blown spyware designed to hide affairs. They break down how apps like disguised news feeds, private messengers, secret calculators, vault stock, private message boxes, and hidden photo folders actually work, including fake icons, decoy vaults, self destructing chats, and notifications that look like harmless news alerts. They also cover spying tools like Spynger, GPS spoofers, keyloggers, and screen recorders marketed as “catch a cheating spouse” apps, and talk bluntly about how dangerous this tech is when it gets into the hands of controlling or abusive partners. From there, the conversation shifts to what all of this really means for trust, infidelity, and emotional safety in relationships. You will hear hard truth on online cheating, porn as a form of infidelity, anxiety and BPD spirals, and why if you are tempted to install a spy app on your partner's phone, the real issue is that the relationship is already broken. Chris and Peaches give you a clear framework for when to leave instead of snooping, how to own your insecurity and start healing, and how to protect your kids from the dark side of smartphones with things like kid safe phones and simple tools like AirTags instead of handing them full internet access. If you are searching for “cheating apps 2025,” “secret messaging apps,” “how to catch a cheater,” “hidden vault apps,” or answers about privacy, trust, and boundaries in marriage and dating, this video will give you clarity, language, and a path forward instead of feeding your paranoia.Become a supporter of this podcast: https://www.spreaker.com/podcast/2-be-better--5828421/support.

Predator spyware spotted across several countries Russia blocks FaceTime Draft US cyber strategy set for January release Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO

Send us a textA week where the lawful intercept backdoor became the front door, a supply chain hop hit 200+ companies, a bargain app faced a malware lawsuit, and a university breach turned into a donor-targeting roadmap. We share simple moves to lower risk fast and set guardrails that actually hold.• Salt Typhoon abusing CALEA at major US telecoms• Negligence, unpatched routers and weak passwords• Why SMS is transparent and how to switch to Signal• Kill SMS 2FA and use authenticators or YubiKey• Gainsight-to-Salesforce island hopping at scale• Audit connected apps and revoke stale API keys• Arizona AG lawsuit calling Timu malware• Shop via browser sandbox and use masked payments• UPenn donor data leak and Oracle exploit• Whaling protections with voice verification and data scrubbing• Practical recap: trust nothing, verify everythingPlease follow us or subscribe on your podcast app, and watch the video on our YouTube or at theproblemlounge.com. If you have topics or guest ideas, we would love to hear from you Support the show

(Presented by Material Security (https://material.security): We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 74: We attempt to parse the rumor-fog around Microsoft's CISO at CYBERWARCON and what it reveals about the company's shifting posture on intel sharing, regulation, and its outsized grip on the security ecosystem. Plus, coverage of the Shai-Hulud npm supply-chain mess, CISA's mobile spyware guidance, NSO's legal contortions, a sharp new GRU-linked intrusion from Arctic Wolf. We also discuss the FCC retreating on telco security rules, and the emerging AI arms race shaping how cloud giants hunt threats and how Washington misunderstands all of it. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Bongani Bingwa speaks to Paula Cristina Roque, Executive Director of IntelWatch, about mounting allegations that President Samia Suluhu Hassan’s government orchestrated a deadly post-election crackdown in 2025, with reports estimating that up to 10,000 people may have been killed in what critics describe as one of East Africa’s worst political bloodbaths; as civil society organisations, including IntelWatch, prepare to take the matter to the International Criminal Court, citing grave human rights abuses alongside digital-era violations such as surveillance, spyware deployment, and internet blackouts used to mask state repression, Roque unpacks the evidence, the potential legal precedent, and what this landmark case could mean for justice, accountability, and digital rights across Africa. 702 Breakfast with Bongani Bingwa is broadcast on 702, a Johannesburg based talk radio station. Bongani makes sense of the news, interviews the key newsmakers of the day, and holds those in power to account on your behalf. The team bring you all you need to know to start your day Thank you for listening to a podcast from 702 Breakfast with Bongani Bingwa Listen live on Primedia+ weekdays from 06:00 and 09:00 (SA Time) to Breakfast with Bongani Bingwa broadcast on 702: https://buff.ly/gk3y0Kj For more from the show go to https://buff.ly/36edSLV or find all the catch-up podcasts here https://buff.ly/zEcM35T Subscribe to the 702 Daily and Weekly Newsletters https://buff.ly/v5mfetc Follow us on social media: 702 on Facebook: https://www.facebook.com/TalkRadio702 702 on TikTok: https://www.tiktok.com/@talkradio702 702 on Instagram: https://www.instagram.com/talkradio702/ 702 on X: https://x.com/Radio702 702 on YouTube: https://www.youtube.com/@radio702See omnystudio.com/listener for privacy information.

Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Spyware attacks messaging applications in part by triggering vulnerabilities in messaging applications but also by deploying tools like keystroke loggers and screenshot applications. https://www.cisa.gov/news-events/alerts/2025/11/24/spyware-allows-cyber-threat-actors-target-users-messaging-applications Stop Putting Your Passwords Into Random Websites Yes. Just Stop! https://labs.watchtowr.com/stop-putting-your-passwords-into-random-websites-yes-seriously-you-are-the-problem/ Fluentbit Vulnerability https://www.oligo.security/blog/critical-vulnerabilities-in-fluent-bit-expose-cloud-environments-to-remote-takeover Happy Thanksgiving. Next podcast on Monday after Thanksgiving.

This week, Lois Houston and Nikita Abraham are joined by Principal OCI Instructor Orlando Gentil to explore what truly keeps data safe, and what puts it at risk.   They discuss the CIA triad, dive into hashing and encryption, and shed light on how cyber threats like malware, phishing, and ransomware try to sneak past defenses.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. ------------------------------------------ Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services. Nikita: Hey everyone! Last week, we discussed how you can keep your data safe with authentication and authorization. Today, we'll talk about various security risks that could threaten your systems. 00:48 Lois: And to help us understand this better, we have Orlando Gentil, Principal OCI Instructor, back with us. Orlando, welcome back! Let's start with the big picture—why is security such a crucial part of our digital world today? Orlando: Whether you are dealing with files stored on a server or data flying across the internet, one thing is always true—security matters. In today's digital world, it's critical to ensure that data stays private, accurate, and accessible only to the right people.  01:20 Nikita: And how do we keep data private, secure, and unaltered? Is there a security framework that we can use to make sense of different security practices? Orlando: The CIA triad defines three core goals of information security.  CIA stands for confidentiality. It's about keeping data private. Only authorized users should be able to access sensitive information. This is where encryption plays a huge role. Integrity means ensuring that the data hasn't been altered, whether accidentally or maliciously. That's where hashing helps. You can compare a stored hash of data to a new hash to make sure nothing's changed. Availability ensures that data is accessible when it's needed. This includes protections like system redundancy, backups, and anti-DDoS mechanisms. Encryption and hashing directly support confidentiality and integrity. And they indirectly support availability by helping keep systems secure and resilient. 02:31 Lois: Let's rewind a bit. You spoke about something called hashing. What does that mean? Orlando: Hashing is a one-way transformation. You feed in data and it produces a unique fixed length string called a hash. The important part is the same input always gives the same output, but you cannot go backward and recover the original data from the hash. It's commonly used for verifying integrity. For example, to check if a file has changed or a message was altered in transit. Hashing is also used in password storage. Systems don't store actual passwords, just their hashes. When you log in, the system hashes what you type it and compare the stored hash. If they match, you're in. But your actual password was never stored or revealed. So hashing isn't about hiding data, it's about providing it hasn't changed. So, while hashing is all about protecting integrity, encryption is the tool we use to ensure confidentiality. 03:42 Nikita: Right, the C in CIA. And how does it do that? Orlando: Encryption takes readable data, also known as plaintext, and turns it into something unreadable called ciphertext using a key. To get the original data back, you need to decrypt it using the right key. This is especially useful when you are storing sensitive files or sending data across networks. If someone intercepts the data, all they will see is gibberish, unless they have the correct key to decrypt it. Unlike hashing, encryption is reversible as long as you have the right key. 04:23 Lois: And are there different types of encryption that serve different purposes? Orlando: Symmetric and asymmetric encryption. With symmetric encryption, the same key is used to both encrypt and decrypt the data. It's fast and great for securing large volumes of data, but the challenge lies in safely sharing the key. Asymmetric encryption solves that problem. It uses a pair of keys: public key that anyone can use to encrypt data, and a private key that only the recipient holds to decrypt it. This method is more secure for communications, but also slower and more resource-intensive. In practice, systems often use both asymmetric encryption to exchange a secure symmetric key and then symmetric encryption for the actual data transfer. 05:21 Nikita: Orlando, where is encryption typically used in day-to-day activities? Orlando: Data can exist in two primary states: at rest and in transit. Data at rest refers to data stored on disk, in databases, backups, or object storage. It needs protection from unauthorized access, especially if a device is stolen or compromised. This is where things like full disk encryption or encrypted storage volumes come in. Data in transit is data being sent from one place to another, like a user logging into a website or an API sending information between services. To protect it from interception, we use protocols like TLS, SSL, VPNs, and encrypted communication channels. Both forms data need encryption, but the strategies and threats can differ. 06:19 Lois: Can you do a quick comparison between hashing and encryption? Orlando: Hashing is one way. It's used to confirm that data hasn't changed. Once data is hashed, it cannot be reversed. It's perfect for use cases like password storage or checking the integrity of files. Encryption, on the other hand, it's two-way. It's designed to protect data from unauthorized access. You encrypt the data so only someone with the right key can decrypt and read it. That's what makes it ideal for keeping files, messages, or network traffic confidential. Both are essential for different reasons. Hashing for trust and encryption for privacy. 07:11 Adopting a multicloud strategy is a big step towards future-proofing your business and we're here to help you navigate this complex landscape. With our suite of courses, you'll gain insights into network connectivity, security protocols, and the considerations of working across different cloud platforms. Start your journey to multicloud today by visiting mylearn.oracle.com.  07:39 Nikita: Welcome back! When we talk about cybersecurity, we hear a lot about threats and vulnerabilities. But what do those terms really mean? Orlando: In cybersecurity, a threat is a potential danger and a vulnerability is a weakness an asset possess that a threat can exploit. When a threat and a vulnerability align, it creates a risk of harm. A threat actor then performs an exploit to leverage that vulnerability, leading to undesirable impact, such as data loss or downtime. After an impact, the focus shifts to response and recovery to mitigate damage and restore operations.  08:23 Lois: Ok, let's zero in on vulnerabilities. What counts as a vulnerability, and what categories do attackers usually target first?  Orlando: Software and hardware bugs are simply unintended flaws in a system's core programming or design. Misconfigurations arise when systems aren't set up securely, leaving gaps. Weak passwords and authentication provide easy entry points for attackers. A lack of encryption means sensitive data is openly exposed. Human error involves mistakes made by people that unintentionally create security risks. Understanding these common vulnerability types is the first step in building more resilient and secure systems as they represent the critical entry points attackers leverage to compromise systems and data. By addressing these, we can significantly reduce our attack surface and enhance overall security.  09:28 Nikita: Can we get more specific here? What are the most common cybersecurity threats that go after vulnerabilities in our systems and data? Orlando: Malware is a broad category, including viruses, worms, Trojans, and spyware. Its goal is to disrupt or damage systems. Ransomware has been on the rise, targeting everything from hospitals to government agencies. It lock your files and demands a ransom, usually in cryptocurrency. Phishing relies on deception. Attackers impersonate legitimate contacts to trick users into clicking malicious links or giving up credentials. Insider threats are particularly dangerous because they come within employees, contractors, or even former staff with lingering access. Lastly, DDoS attacks aim to make online services unavailable by overwhelming them with traffic, often using a botnet—a network of compromised devices. 10:34 Lois: Orlando, can you walk us through how each of these common cybersecurity threats work? Orlando: Malware, short for malicious software, is one of the oldest and most pervasive types of threats. It comes in many forms, each with unique methods and objectives. A virus typically attaches itself to executable files and documents and spreads when those are shared or opened. Worms are even more dangerous in networked environments as they self-replicate and spread without any user action. Trojans deceive users by posing as harmless or helpful applications. Once inside, they can steal data or open backdoors for remote access. Spyware runs silently in the background, collecting sensitive information like keystrokes or login credentials. Adware might seem like just an annoyance, but it can also track your activity and compromise privacy. Finally, rootkits are among the most dangerous because they operate at a low system level, often evading detection tools and allowing attackers long-term access. In practice, malware can be a combination of these types. Attackers often bundle different techniques to maximize damage.  12:03 Nikita: And what about ransomware? Why it is such a serious threat? Orlando: Ransomware has become one of the most disruptive and costly types of cyber attacks in recent years. Its goal is simple but devastating, to encrypt your data and demand payment in exchange for access. It usually enters through phishing emails, insecure remote desktop protocol ports or known vulnerabilities. Once inside, it often spreads laterally across the network before activating, ensuring maximum impact. There are two common main forms. Crypto ransomware encrypts user files, making them inaccessible. Locker ransomware goes a step further, locking the entire system interface, preventing any use at all. Victims are then presented with a ransom note, typically requesting cryptocurrency payments in exchange for the decryption key. What makes ransomware so dangerous is not just the encryption itself, but the pressure it creates. Healthcare institutions, for instance, can't afford the downtime, making them prime targets.  13:18 Lois: Wow. Thanks, Orlando, for joining us today.  Nikita: Yeah, thanks Orlando. We'll be back next week with more on how you use security models to tackle these threats head-on. And if you want to learn about the topics we covered today, go to mylearn.oracle.com and search for the Cloud Tech Jumpstart  course. Until next time, this is Nikita Abraham… Lois: And Lois Houston, signing off! 13:42 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Google's Threat Intelligence Group has observed a significant shift in 2025, threat actors are no longer using AI to just speed up operations, they are now integrating LLMs directly into the malware.Unit 42 has identified a previously undocumented Android spyware family, named LandFall, discovered during an investigation into iOS exploit chains involving malicious DNG images.Microsoft's November Patch Tuesday rollout includes fixes for over 60 vulnerabilities, one of which is a zero-day privilege escalation flaw in the Windows kernel that has already been exploited in the wild.Former executive at L3Harris Trenchant, Peter Williams, has pleaded guilty in U.S. federal court to selling 8 trade secrets valued at over 1.3 million to a Russian-based software broker involved in the zero-day exploit market.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Hacking, Ransomware Attack, Phishing, Spyware, Network Intrusion, Data Theft-Breach. Jeff Kiple, owner/founder of Kelpie Security, LLC discusses with Lincoln and Mark what businesses and organizations face in a connected world and how to help protect vital business records and more.

Government surveillance vendors want us to believe their spyware products are only used in limited and targeted operations against terrorists and serious criminals. That claim is increasingly difficult to justify, given the broad range of victims — journalists, activists, and now political consultants — that have come forward. AI isn't all or nothing, and even good bets can turn sour if you aren't careful about how you make them. Learn more about your ad choices. Visit podcastchoices.com/adchoices

runC flaws could allow hackers to escape Docker containers Lost iPhone scam warning Landfall Android spyware targets Samsung Galaxy phones Huge thanks to our sponsor, Vanta What's your 2 AM security worry?   Is it "Do I have the right controls in place?"   Or "Are my vendors secure?"   ....or the really scary one: "how do I get out from under these old tools and manual processes?   Enter Vanta.   Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit-ready—ALL…THE…TIME. With Vanta, you get everything you need to move faster, scale confidently—and get back to sleep.   Get started at vanta.com/headlines   Find the stories behind the headlines at CISOseries.com.

Season 09 Episode 02: Spyware - Yah, baby! It's all the rageThe team debate a question in workplace dismissals: “Was the sacking harsh, unjust, or unreasonable?”Alan presents the new way of working as an inspector – using body-worn cameras in investigations. He argues, “If you are capturing someone's personal information, a video of them, a voice recording, and their interactions, the person should receive a copy of what has been captured.” Trajce and Sara weigh in on the debate, with workplace trends rampant in the use of spyware software, tracking keystrokes, and meeting attendance. Sara reminds the team of provisions to constrain ‘unnecessary surveillance' in psychosocial risk management mandates. Alan explains, “it's so much easier if you have stated the scope of surveillance in a policy.”In another story, Trajce is humoured by the idea that spending up to an hour a day to online shop for personal items at work is permissible in some jurisdictions, yet workers yearn for a right to disconnect from work on their home time.For more on Psychosocial Risk Management, check out: PRAiSE (Psychosocial Risk Assessment and Integrated Solutions for Employers) – Certified Assessor and Manager programs - and PRA, the new task-based Psychosocial Risk Analyser feature within the ErgoAnalyst software platform. These tools are helping teams visualise, quantify, qualify, and respond to both contextualised physical and psychosocial workplace risks, merging technical rigour with empathy-driven co-design.

00:00: ☀️ Bom dia Tech!01:12: ⚡ OpenAI pede apoio do governo dos EUA para acelerar construção de data centers de IA02:35:

Referências do EpisódioLANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung DevicesWhisper Leak: A novel side-channel attack on remote language modelsRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

A newly identified Android spyware targeted Galaxy devices for close to a year, including users in the Middle East, researchers exclusively tell TechCrunch. In addition, the congressional research office confirmed a breach, but did not comment on the cause. A security researcher suggested the hack may have originated because CBO failed to patch a firewall for more than a year. Learn more about your ad choices. Visit podcastchoices.com/adchoices

We don't do holiday themed episodes in this house, so no tricks, but we have some treats for you. First we discuss the problem of shadow AI (1:00) and how it seems like we're just repeating the mistakes of previous tech waves in ignoring security until it's too late. Then we dig into a new report from Kaspersky about a crazy exploit they discovered for a Chrome sandbox escape that led them to identify the new version of Hacking Team's spyware called Dante (23:00). Finally, we provide some important updates on our respective wildlife encounters (33:00).Kaspersky report: https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/ Support the show

Rachel Maddow explains that while much of Donald Trump's abuse of power is typical of authoritarians, Trump has a new tool that no authoritarian before him has had: extremely advanced spyware. Trump is already deploying this new weapon through ICE, which intends to use this surveillance technology against immigrants but also against Americans who protest against ICE, and anyone they might snare with an extremely loose definition of "anti-fascist."Rachel Maddow considers reasons why protesting against authoritarians is important, from feeling empowered to ensuring that important rights don't atrophy or get taken away when they're not in use. But another important use for protest is to send a message to the people and entities that would capitulate and become accomplices in the authoritarian's abuses.Marc Elias, attorney and founder of Democracy Docket, talks with Rachel Maddow about the fight he expects Donald Trump to put up as Trump's unpopularity makes a clean election victory less likely. Even as Trump will abuse the power and credibility of the Justice Department to serve his ends, his past bad faith in making bogus election fraud accusations gives his legal opponents an advantage. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Atlas browser hijacked Bye, bye Twitter birdie Dante spyware surfaces Huge thanks to our sponsor, Conveyor Security reviews don't have to feel like a hurricane. Most teams are buried in back-and-forth emails and never-ending customer requests for documentation or answers. But Conveyor takes all that chaos and turns it into calm. AI fills in the questionnaires, your trust center is always ready, and sales cycles move without stalls. Breathe easier—check out Conveyor at www.conveyor.com.

Three Buddy Problem - Episode 69: We dig into news that Apple's iOS 26 has quietly killed the shutdown.log forensic artifact used to spot signs of infections and what it means for threat hunters. Plus, whispers of a million-dollar WhatsApp zero-click exploit that never materialized at Pwn2Own, a surreal court case linking a Trenchant exploit developer to Russian buyers, and Chinese threat intel reports pointing fingers at the NSA. We also discuss calls for the US government to build a structured, lawful ecosystem for private-sector offensive operations to address existing chaos and market gaps. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

A change in iOS is deleting-clues of old spyware infections, Starlink disables 2,500 terminals at scam compounds, a Caribbean hospital is still down 5 months after a ransomware attack, and officials are charged in Poland's Pegasus spyware scandal. Show notes Risky Bulletin: iOS 26 change deletes clues of old spyware infections

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

A foreign threat actor breached a key U.S. nuclear weapons manufacturing site. The cyberattack on Jaguar Land Rover is the most financially damaging cyber incident in UK history. A new report from Microsoft' warns that AI is reshaping cybersecurity at an unprecedented pace. The ToolShell vulnerability fuels Chinese cyber operations across four continents. Fake browser updates are spreading RansomHub, LockBit, and data-stealing malware. Hackers deface LA Metro bus stop displays. A Spyware developer is warned by Apple of a mercenary spyware attack. Pwn2Own payouts proceed. Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on a Federal Whistle Blower from the SSA. When the cloud goes down, beds heat up.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on a Federal Whistle Blower from the SSA. If you enjoyed Ben's conversation, be sure to check out more from him over on the Caveat Podcast. 2025 Microsoft Digital Defense Report To learn more about the 2025 Microsoft Digital Defense Report, join our partners on The Microsoft Threat Intelligence Podcast. On today's episode, host Sherrod DeGrippo is joined by Chloé Messdaghi and Crane Hassold to unpack the key findings of the 2025 Microsoft Digital Defense Report; a comprehensive look at how the cyber threat landscape is accelerating through AI, automation, and industrialized criminal networks. You can listen to new episodes of The Microsoft Threat Intelligence Podcast every other Wednesday on your favorite podcast app. Selected Reading Foreign hackers breached a US nuclear weapons plant via SharePoint flaws (CSO Online) JLR hack is costliest cyber attack in UK history, say analysts (BBC) Microsoft 2025 digital defense report flags rising AI-driven threats, forces rethink of traditional defenses (Industrial Cyber) The New Frontlines of Cybersecurity: Lessons from the 2025 Digital Defense Report (The Microsoft Threat Intelligence Podcast)   Sharepoint ToolShell attacks targeted orgs across four continents (Bleeping Computer) SocGholish Malware Using Compromised Sites to gDeliver Ransomware (Hackread) LA Metro digital signs taken over by hackers (KTLA) Apple alerts exploit developer that his iPhone was targeted with government spyware (TechCrunch) Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025 (SecurityWeek) AWS crash causes $2,000 Smart Beds to overheat and get stuck upright (Dexerto) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Think your mouse is harmless? Steve and Leo uncover how modern optical mice might be secretly "listening" in, and reveal why satellite data pouring down on us is almost entirely unsecured. The long awaited lawsuit to block Texas SB2420. Embattled Texas SB2420 also impacts Google Play. At long last, NIST modernizes their password policy. Scattered LAPSUS$ Hunters demise was exaggerated. China claims that the NSA has been hacking them. Half of all geosynchronous satellite traffic is unencrypted. The AWS outage highlights the rising risk of Internet monoculture. A terrific collection of listener feedback and... Could your PC's mousehave much bigger ears than you know? https://www.grc.com/sn/SN-1048-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: Melissa.com/twit hoxhunt.com/securitynow threatlocker.com for Security Now joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Three Buddy Problem - Episode 67: We discuss the rise of automated red-teaming, Apple's $2 million exploit chain bounties aimed at outbidding spyware brokers and the iPhone maker's focus on wireless proximity attacks and “tactical suitcase” Wi-Fi exploits. We also hit the news of Paragon spyware targeting European executives and the bizarre story of NSO Group's supposed US investor buyout. Plus, an update on Oracle's zero-day ransomware fiasco, Ivanti's endless patch delays, the ethics of journalists enabling ransomware operations on leak sites, Europe's latest failed push for Chat Control, and VirusTotal's new pricing tiers. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Jen Roberts, Associate Director of the Atlantic Council's Cyber Statecraft Initiative, and Sarah Graham, Research Consultant with the Atlantic Council's Cyber Statecraft Initiative, who are coauthors along with Nitansha Bansal of the recent paper, “Mythical Beasts: Diving Into the Depths of the Global Spyware Market,” join Lawfare's Justin Sherman to discuss the global spyware industry, how it has evolved in recent years, and what its future holds. They also discuss the geographic concentration of key spyware entities in several countries; a rise in U.S. investors in the spyware industry; how “strategic jurisdiction hopping,” name changes, and corporate structure shifts impact spyware firms' evolution and transparency into their activities; and how U.S. policymakers should approach the global spyware market going forward.To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also support Lawfare by making a one-time donation at https://givebutter.com/lawfare-institute.Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.

A federal workers' union is suing the Education Department after agency employees on furlough or administrative leave discovered that their automatic email replies had been changed to a message blaming Democratic lawmakers for the ongoing government shutdown. The complaint, filed by the American Federation of Government Employees, asks a court to prohibit the Education Department's alleged efforts to “put political speech in federal employees' mouths.” “Forcing civil servants to speak on behalf of the political leadership's partisan agenda is a blatant violation of federal employees' First Amendment rights,” the suit stated, adding that “employees are now forced to involuntarily parrot the Trump Administration's talking points with emails sent out in their names.” The suit came one day after some furloughed workers discovered that their automatic out-of-office email replies were changed without their knowledge, from neutral language to partisan messaging that blamed Democrats for the shutdown, which began last Wednesday. Three House Democrats questioned the Department of Homeland Security on Monday over a reported Immigration and Customs Enforcement contract with a spyware provider that they warn potentially “threatens Americans' freedom of movement and freedom of speech.” Their letter follows publication of a notice that ICE had lifted a stop-work order on a $2 million deal with Israeli spyware company Paragon Solutions, a contract that the Biden administration had frozen one year ago pending a review of its compliance with a spyware executive order. Paragon is the maker of Graphite, and advertises it as having more safeguards than competitors that have received more public and legal scrutiny, such as NSO Group's Pegasus, a claim researchers have challenged. A report earlier this year found suspected deployments of Graphite in countries across the globe, with targets including journalists and activists. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

This week, we are joined by Martin Zugec, Technical Solutions Director from Bitdefender, sharing their work and findings on "EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company. A newly identified Chinese APT group has been observed deploying a sophisticated, fileless malware framework called EggStreme against a Philippine military company. The multi-stage toolkit uses DLL sideloading and in-memory execution to evade detection, with its core backdoor, EggStremeAgent, enabling reconnaissance, lateral movement, keylogging, and data theft. Researchers note the campaign's persistence and stealth highlight professional, geopolitically motivated espionage activity linked to Chinese national interests. The research can be found here: EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by Martin Zugec, Technical Solutions Director from Bitdefender, sharing their work and findings on "EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company. A newly identified Chinese APT group has been observed deploying a sophisticated, fileless malware framework called EggStreme against a Philippine military company. The multi-stage toolkit uses DLL sideloading and in-memory execution to evade detection, with its core backdoor, EggStremeAgent, enabling reconnaissance, lateral movement, keylogging, and data theft. Researchers note the campaign's persistence and stealth highlight professional, geopolitically motivated espionage activity linked to Chinese national interests. The research can be found here: EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode we look at how Immigration and Customs Enforcement is believed to have access to Graphite—powerful spyware capable of silently hacking smartphones and reading encrypted apps like WhatsApp and Signal. At issue is what Graphite can do, the legal red lines it risks crossing, and what it means for civil liberties inside the U.S. if you carry a phone. Joining us are Eric O'Neill, a former FBI counterintelligence operative, author, and current national security strategist with Nexasure, and Theresa Payton, CEO of Fortalice Solutions and former White House Chief Information Officer.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Tom Uren and Amberleigh Jack talk about why it is good news that US investment in spyware vendors has skyrocketed. They also discuss the in-principle agreement for TikTok to remain in the US. It's a win-win: a win for China and a win for TikTok, but not so much a win for US national security. This episode is also available on YouTube. Show notes

Longterm and short-term security work from Apple on this week's Checklist. First, the company's warning individuals in France of potential spyware attacks. We'll look at what they're looking for and advice for staying safe. Plus - the iPhones Apple announced this week are bringing a new memory safety feature. We'll familiarize ourselves with Memory Integrity Enforcement on this edition of The Checklist, brought to you by SecureMac. Check out our show notes: SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com

SonicWall SSL VPN flaws now being actively exploited Acting federal cyber chief outlines his priorities U.S. based investors in spyware firms nearly tripled in 2024 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.    

The feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs, which are some of the most common vulnerabilities exploited by spyware developers and makers of phone forensic devices used by law enforcement.  Learn more about your ad choices. Visit podcastchoices.com/adchoices

Apple notifies French users of spyware attacks, China will increase fines for data breaches Google pays $1.6mil for cloud bugs at a hackathon event, and no more hacked free laundry for Dutch students Show notes Risky Bulletin: Most UK school hacks are caused by their own students

Three Buddy Problem - Episode 61: We cover a pair of software supply chain breaches (Salesforce Salesloft Drift and NPM/GitHub) that raises big questions about SaaS integrations and the ripple effects across major security vendors. Plus, Apple's new Memory Integrity Enforcement in iPhone 17 and discussion on commercial spyware infections and the value of Apple notifications; concerns around Chinese hardware and surveillance equipment in US infrastructure; Silicon Valley profiting from China's surveillance ecosystem; and controversy around a Huntress disclosure of an attacker's operations after an EDR agent was mistakenly installed. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

China holds a military parade with Vladimir Putin and Kim Jong Un, the U.S. military strikes an alleged Tren de Aragua drug boat, killing 11, the Thai government seeks House dissolution as the opposition backs a rival's Prime Minister bid, U.K. Deputy Prime Minister Rayner admits to stamp duty underpayment, the Trump administration lifts a hold on a $2M ICE spyware contract, U.S. deportees to Eswatini are allegedly held without charge, Jeffrey Epstein survivors hold a news conference with Congressional representatives, a judge orders Google to share search data but rejects breaking up the tech giant, an AI surveillance startup says it can end crime in America, and a new study calculates sea level rise at only 1.5 mm per year. Sources: www.verity.news

How to Protect Yourself Against Government's Latest Spyware by Nick Espinosa, Chief Security Fanatic

Jon looks at crimes across the country, including comments from Gov. Walz regarding capitol security in light of a recent arrest. Jon has thoughts on a impending State law for social media usage.

Sharepoint Server vulnerability looks a lot like Hafnium to us. Microsoft has stopped using China based engineers to work on DoD cloud systems. Older CD-ROM not working on new PC, Spyware developer used Google Servers as repository but never secured it. Took Google a month to remove it. Cognizant just gave away passwords and now is getting sued! My USB ports are flaky, Google email summary bothers me, MS Office 2021 having issues Launching Outlook should I replace my backup media?

Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia's financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state portal cyberattack.  Hungarian police arrest a man accused of launching DDoS attacks on independent media outlets. On our Threat Vector segment guest host ⁠Michael Sikorski⁠ ⁠and Michael Daniel⁠ of the Cyber Threat Alliance (CTA) explore cybersecurity collaboration. A Spyware kingpin wants back in. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On our Threat Vector segment, host David Moulton turns the mic over to guest host ⁠Michael Sikorski⁠ and his guest ⁠Michael Daniel⁠ of the Cyber Threat Alliance (CTA) for a deep dive into cybersecurity collaboration. You can hear Michael and Michael's full discussion on Threat Vector ⁠⁠⁠here⁠⁠⁠ and catch new episodes every Thursday on your favorite podcast app. Selected Reading ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets (SecurityWeek) Microsoft: Windows Server KB5062557 causes cluster, VM issues (Bleeping Computer)  File transfer company CrushFTP warns of zero-day exploit seen in the wild (The Record) UK to lead crackdown on cyber criminals with ransomware measures (GOV.UK) Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims (Infosecurity Magazine) Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks (Infosecurity Magazine) WordPress spam campaign abuses Google Tag Manager scripts (SC Media) After website hack, Arizona election officials unload on Trump's CISA (CyberScoop) Hungarian police arrest suspect in cyberattacks on independent media (The Record) Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry (TechCrunch) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Edition No197 | 22-07-2025 - Putin is tightening the digital noose in Russia, as the crackdown on the internet intensifies. We explore What It Signals in this episode. The Kremlin isn't just at war with Ukraine — it's at war with its own population, and the internet itself. Connectivity blackouts are plaguing regions of Russia, and now spyware is being installed on every internet capable device. The Victory Day disconnections of internet coverage were just a foretaste of the censorship and control that is rapidly approaching. The edges are emerging of what promises to be a terrifying blueprint for new a “digital gulag.” But this isn't just about censorship. It's about what Russia might be preparing for next — why the regime has such a sense of urgency to gain control of the Russian internet, and what that means for Ukraine and for the rest of us.----------DESCRIPTION:Putin's Digital Gulag: Why Russia is Shutting Down its InternetIn this episode of Silicon Bites, we delve into Vladimir Putin's aggressive efforts to control and restrict internet access in Russia. We explore the Kremlin's increasing crackdown on digital freedom and what it means for Russia's population, the ongoing conflict with Ukraine, and potential geopolitical ramifications. Key points include the intensification of censorship, the spread of spyware on consumer devices, and the Kremlin's urgency to isolate the Russian internet by autumn 2025. We also discuss possible reasons behind this rapid digital suppression including further mobilization, preparing for war with NATO, economic collapse, or autocratic whims. Discover how these unprecedented moves might signify a strategy to escalate the war or manage looming internal and external crises.----------SUPPORT THE CHANNEL:https://www.buymeacoffee.com/siliconcurtainhttps://www.patreon.com/siliconcurtain----------CHAPTERS:00:00 Introduction: Putin's Attempt to Break the Internet00:30 The Digital Noose Tightens01:26 The Big Digital Squeeze03:00 Technical Details of the Crackdown04:24 Spyware and the Digital Gulag05:52 Hypotheses Behind the Crackdown10:10 The Autumn Trap: Why Now?11:39 Conclusion: The Global Implications----------SOURCES: https://www.youtube.com/watch?v=Cx3hF3Yk2rYhttps://jamestown.org/program/russia-ramps-up-internet-censorship/https://www.businessinsider.com/russia-cut-internet-access-victory-day-ukraine-drone-strikes-putin-2025-5https://www.thetimes.com/world/russia-ukraine-war/article/putin-moscow-whatsapp-ban-plan-max-app-launch-b789tt6tshttps://united24media.com/latest-news/putins-new-orders-could-reshape-russian-internet-heres-whats-next-10019https://www.independent.co.uk/news/world/europe/russia-kremlin-instagram-atms-ukraine-b2791385.htmlhttps://meduza.io/en/feature/2025/07/07/mapping-russia-s-internet-blackoutshttps://www.themoscowtimes.com/2025/07/01/russia-to-disconnect-foreigners-who-have-not-submitted-biometric-data-from-mobile-internet-a89635https://www.washingtonpost.com/world/2025/07/17/russia-internet-censorship/https://www.kyivpost.com/post/56473https://www.bloomberg.com/news/articles/2025-07-03/russian-internet-outages-soar-as-kremlin-boosts-wartime-controls----------TRUSTED CHARITIES ON THE GROUND:Save Ukrainehttps://www.saveukraineua.org/Superhumans - Hospital for war traumashttps://superhumans.com/en/UNBROKEN - Treatment. Prosthesis. Rehabilitation for Ukrainians in Ukrainehttps://unbroken.org.ua/Come Back Alivehttps://savelife.in.ua/en/Chefs For Ukraine - World Central Kitchenhttps://wck.org/relief/activation-chefs-for-ukraineUNITED24 - An initiative of President Zelenskyyhttps://u24.gov.ua/Serhiy Prytula Charity Foundationhttps://prytulafoundation.orgNGO “Herojam Slava”https://heroiamslava.org/kharpp - Reconstruction project supporting communities in Kharkiv and Przemyślhttps://kharpp.com/NOR DOG Animal Rescuehttps://www.nor-dog.org/home/----------

A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because "ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect.Meanwhile, Carole checks the rear-view mirror on the driverless car industry. Whatever happened to those million Tesla robotaxis Elon Musk promised by 2020? Spoiler: they're here — sort of — but they sometimes drive into oncoming traffic.Plus: Leighton House, heatwave survival gadgets, and an unflushable toilet situation (not what you think).All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Mexican drug cartel hacker spied on FBI official's phone to track and kill informants, report says - TechCrunch.Audit of the Federal Bureau of Investigation's Efforts to Mitigate the Effects of Ubiquitous Technical Surveillance - US Department of Justice Office of the Inspector General.Tesla driver tells police he was using 'self-drive' system when his car hit a parked police vehicle - AP News.‘Lidar is lame': why Elon Musk's vision for a self-driving Tesla taxi faltered - The Guardian.Tesla invited influencers to test its robotaxi. Here's what they had to say - USA Today Europe.Elon Musk Hails 'Successful' Tesla Robotaxis Launch in Austin Amid Reported Glitches - eWEEK.A Fatal Tesla Crash Shows the Limits of Full Self-Driving - Bloomberg.The Arab Hall at Leighton House.Spandau Ballet's “Gold” - shot at Leighton House!Shark FlexBreeze Fan With InstaCool Mist Attachment - Shark.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Vanta– Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!Trelica by 1Password- Access Governance for every SaaS app.

No Agenda Episode 1760 - "Mercenary Spyware" "Mercenary Spyware" Executive Producers: Anonymous Black Sheep Scott Horton Abby Paulsons Commadore of the Human Resources Producers Sir Marcus Sir Milkman Zadoc Brown III SDG Brock Reinhold Jon Tucker Laurens De Ceuster Sir Dibs on Living Angel Dechter Wirt Fuller Rick W Cable Brandon Foster Associate Executive Producers: Rich Geisler Chad Finkbeiner Eli the coffee guy Linda Lu Duchess of jobs & writer of resumes Erin Parr Commodores: Commodore Anonymous Black Sheep Commodore Scott Horton Commodore of the Human Resources Producers Commodore Mark of Crow Wing County"? Commodore Sir Milkman of Evington Commodore Zadoc Brown III Commodore SDG Commodore Brock Reinhold Commodore Jon Tucker Become a member of the 1761 Club, support the show here Boost us with with Podcasting 2.0 Certified apps: Podverse - Podfriend - Breez - Sphinx - Podstation - Curiocaster - Fountain Knights & Dames Sir Tom > Baron Tom, Warden of the Frozen Tundra. Art By: Dennis Roebecker End of Show Mixes: Nautilis K - David Keckta Engineering, Stream Management & Wizardry Mark van Dijk - Systems Master Ryan Bemrose - Program Director Back Office Jae Dvorak Chapters: Dreb Scott Clip Custodian: Neal Jones Clip Collectors: Steve Jones & Dave Ackerman NEW: and soon on Netflix: Animated No Agenda Sign Up for the newsletter No Agenda Peerage ShowNotes Archive of links and Assets (clips etc) 1760.noagendanotes.com Directory Archive of Shownotes (includes all audio and video assets used) archive.noagendanotes.com RSS Podcast Feed Full Summaries in PDF No Agenda Lite in opus format Last Modified 05/01/2025 16:55:14This page created with the FreedomController Last Modified 05/01/2025 16:55:14 by Freedom Controller