Podcasts about threat intelligence

Please enjoy this encore of Word Notes. Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs, Derek Manky, shares his story from programmer to cybersecurity and how it all came together. Derek started his career teaching programming because he had such a passion for it. When he joined Fortinet, Derek said putting where it "really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real-world applications." Derek advises that it doesn't need to be complicated getting into the cybersecurity field and that there are many avenues to enter the field. He hopes to have made a real dent, or "hopefully a crater" in cyber crime when he ends his career. We thank Derek for sharing his story with us.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore of Career Notes. Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs, Derek Manky, shares his story from programmer to cybersecurity and how it all came together. Derek started his career teaching programming because he had such a passion for it. When he joined Fortinet, Derek said putting where it "really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real-world applications." Derek advises that it doesn't need to be complicated getting into the cybersecurity field and that there are many avenues to enter the field. He hopes to have made a real dent, or "hopefully a crater" in cyber crime when he ends his career. We thank Derek for sharing his story with us.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Podcast: Simply ICS CyberEpisode: S2 E6: Keeping Up With ICS Threat IntelligencePub date: 2025-10-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe industrial threat landscape never stands still — and neither can defenders. In this episode of Simply ICS Cyber, Don and Tom sit down with Joe Slowik, a globally recognized expert in cyber threat intelligence (CTI), detection engineering, and incident response for ICS, OT, and critical infrastructure environments.With over 15 years of experience spanning offensive operations, threat research, and leadership roles in both government and private sectors, Joe brings an unparalleled perspective on how adversaries target industrial systems — and how defenders can stay ahead.Listeners will hear how Joe's work connects cutting-edge artificial intelligence and detection development with the real-world challenges of protecting operational environments. His insights reveal where the next evolution of ICS threat intelligence is headed — and what teams should focus on now to stay resilient.⚙️ Tune in to learn how threat intelligence is evolving across industrial control systems and what it takes to keep pace in a rapidly changing landscape.Connect with Joe on LinkedIn: Joe Slowikhttps://www.linkedin.com/in/joe-slowik

This special Playbook episode distills the most important lessons from previous discussions — not as stories, but as rules. A framework for those who still believe digital safety is something they possess rather than something they must earn. If you think you understand the risk, start here and test that belief.Click here to send future episode recommendationSupport the showSubscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.

Google DeepMind's Cell2Sentence-Scale 27B model has marked a significant milestone in biomedical research by predicting and validating a novel cancer immunotherapy. By analyzing over 4,000 compounds, the AI pinpointed silmitasertib as a “conditional amplifier” that boosts immune response in the presence of interferon. Lab tests verified a 50% increase in antigen presentation, enabling the immune system to detect previously undetectable tumors. This discovery, absent from prior scientific literature, highlights AI's ability to uncover hidden biological mechanisms.Microsoft is integrating its Copilot AI into Windows 11, transforming the operating system into an interactive digital assistant. With “Hey, Copilot” voice activation and a Vision feature that allows the AI to “see” the user's screen, Copilot can guide users through tasks in real time. The new Actions feature enables Copilot to perform operations like editing folders or managing background processes. This move reflects Microsoft's broader vision to embed AI seamlessly into everyday workflows, redefining the PC experience by making the operating system a proactive partner rather than a passive platform.Signal has achieved a cryptographic breakthrough by implementing quantum-resistant end-to-end encryption. Its new Triple Ratchet protocol incorporates the CRYSTALS-Kyber algorithm, blending classical and post-quantum security. Engineers overcame the challenge of large quantum-safe keys by fragmenting them into smaller, message-sized pieces, ensuring smooth performance. This upgrade is celebrated as the first user-friendly, large-scale post-quantum encryption deployment, setting a new standard for secure communication in an era where quantum computing could threaten traditional encryption.Using just $750 in consumer-grade hardware, researchers intercepted unencrypted data from 39 geostationary satellites, capturing sensitive information ranging from in-flight Wi-Fi and retail inventory to military and telecom communications. Companies like T-Mobile and Walmart acknowledged misconfigurations after the findings were disclosed. The study exposes the vulnerability of critical infrastructure still relying on unencrypted satellite links, demonstrating that low-cost eavesdropping can breach systems banking on “security through obscurity,” which A foreign actor exploited vulnerabilities in Microsoft SharePoint to infiltrate the Kansas City National Security Campus, a key U.S. nuclear weapons contractor. While the attack targeted IT systems, it raised concerns about potential access to operational technology. Suspected actors include Chinese or Russian groups, likely pursuing strategic espionage. The breach underscores how enterprise software flaws can compromise national defense and highlights the slow pace of securing critical operational infrastructure.Google's Threat Intelligence team uncovered UNC5342, a North Korean hacking group using EtherHiding to embed malware in public blockchains like Ethereum. By storing malicious JavaScript in immutable smart contracts, the technique ensures persistence and low-cost updates. Delivered via fake job interviews targeting developers, this approach marks a new era of cyber threats, leveraging decentralized technology as a permanent malware host.Kohler's Dekoda toilet camera ($599 + subscription) monitors gut health and hydration by scanning waste, using fingerprint ID and encrypted data for privacy. While Kohler claims the camera only views the bowl, privacy advocates question the implications of such intimate surveillance, even with “end-to-end encryption.”In a daring eight-minute heist, thieves used a crane to steal royal jewels from the Louvre, exposing significant security gaps. An audit revealed outdated defenses, delayed modernization, and blind spots, serving as a stark reminder that even the most prestigious institutions are vulnerable to breaches when security measures lag.

A nation-state attacker quietly lived inside F5's network and walked away with BIG-IP source code and undisclosed vulnerability details. In this episode we pull apart why a breach of a cybersecurity company is far more dangerous than a breach of a bank or retailer — and what individuals and businesses can do to protect themselves when even the “experts” get compromised.Click here to send future episode recommendationSupport the showSubscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.

This episode features Dr. Chase Cunningham, Chief Strategy Officer at Demo-Force.com.Widely known as “Dr. Zero Trust”, he's the creator of the Zero Trust Extended Framework and former Forrester principal analyst. With decades of experience supporting the NSA, U.S. Navy, FBI Cyber, and other government missions, Chase brings deep expertise on how nation-states wage digital conflict.In this episode, Chase explains how China, Russia, and North Korea use cyber operations to advance long-term strategic goals, why critical infrastructure has become a silent battlefield, and why attribution makes retaliation so difficult. He shares practical guidance for hardening defenses, outpacing common attackers, and avoiding becoming the “slowest gazelle in the herd.”This is a sobering look at how geopolitics fuels cyber risk, and the urgent realities every security leader must prepare for now.Guest Bio Creator of the Zero Trust eXtended framework and a cybersecurity expert with decades of operational experience in NSA, US Navy, FBI Cyber, and other government mission groups, Chase is responsible for ZTEdge's overall strategy and technology alignment. Chase was previously VP and Principal Analyst at Forrester Research; Director of Threat Intelligence for Armor; Director of Cyber Analytics for Decisive Analytics; and Chief Cryptologic Technician, US Navy. He's the author of the Cynja series and Cyber Warfare: Truth, Tactics, and Strategies.Guest Quote" Putin has even been noted as saying that chaos is the goal. You do that via cyber. You don't do that by putting boots on ground anymore. That is very important for everybody that's connected or digital to understand, you are operating in a live fire battlefield environment. You're not just on the internet.”Time stamps 01:04 Meet Dr. Chase Cunningham: Dr. Zero Trust 02:47 The Fifth Horseman: Cyber Threats 04:24 Geopolitical Implications of Cyber Warfare 09:05 Understanding China's Approach to Cyber 17:27 Breaking Down Defensive Cyber 20:17 Understanding North Korea's Approach to Cyber 22:25 Russia's Cyber Chaos Tactics 24:35 Cyber Leadership Gaps in the U.S. Government 27:22 Final Thoughts and AdviceSponsorThe HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world's leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more.LinksConnect with Chase on LinkedInLearn more about Demo-Force.comChase's HIPConf 2024 Talk: Cyber Threat: The Fifth Horseman of the Apocalypse Connect with Sean on LinkedIn Don't miss future episodesRegister for HIP Conf 2025Learn more about Semperis

In this episode of Unspoken Security, host A.J. Nash sits down with LaurenZabierek, Senior Vice President for the Future of Digital Security at theInstitute for Security and Technology. Together, they examine how thetraditional view of national security often overlooks the people it seeks toprotect. Lauren shares why national security must move beyond militaryand government, and instead focus on the everyday risks that affecteveryone—whether that's cybersecurity, healthcare, or even climate safety.Lauren makes a strong case for widening the lens on security. She explainswhy protecting people requires new thinking and fresh policies, not justmore funding for defense. She also describes the need for face-to-faceconnections and open dialogue to rebuild trust and unity in a fracturedworld.The conversation turns to software and the Secure by Design movement.Lauren outlines how changing incentives for software companies can leadto safer products. She draws on lessons from automotive and aviationsafety to show paths forward, and encourages listeners to help drivedemand for secure technology across all industries.Send us a textSupport the show

John Fokker, Head of Threat Intelligence at Trellix is discussing "Gang Wars: Breaking Trust Among Cyber Criminals." Trellix researchers reveal how the once-organized ransomware underworld is collapsing under its own paranoia. Once united through Ransomware-as-a-Service programs, gangs are now turning on each other — staging hacks, public feuds, and exit scams as trust evaporates. With affiliates jumping ship and rival crews sabotaging each other, the RaaS model is fracturing fast, signaling the beginning of the end for ransomware's criminal empires. The research can be found here: ⁠⁠⁠⁠Gang Wars: Breaking Trust Among Cyber Criminals Learn more about your ad choices. Visit megaphone.fm/adchoices

John Fokker, Head of Threat Intelligence at Trellix is discussing "Gang Wars: Breaking Trust Among Cyber Criminals." Trellix researchers reveal how the once-organized ransomware underworld is collapsing under its own paranoia. Once united through Ransomware-as-a-Service programs, gangs are now turning on each other — staging hacks, public feuds, and exit scams as trust evaporates. With affiliates jumping ship and rival crews sabotaging each other, the RaaS model is fracturing fast, signaling the beginning of the end for ransomware's criminal empires. The research can be found here: ⁠⁠⁠⁠Gang Wars: Breaking Trust Among Cyber Criminals Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of Unspoken Security, host A.J. Nash sits down with Marley Salveter, Director of Marketing at Unspoken Security. They explore how digital privacy and security awareness look different for younger generations who have grown up in a world where sharing personal data is routine, not a choice. Marley shares her perspective on adapting to life online, where building a personal brand and protecting personal information often overlap for today's professionals.Marley explains how her generation views data privacy as an accepted tradeoff, not a conscious decision, and why traditional corporate security training rarely feels relevant. She discusses the real risks of living in public—how threats feel less urgent until they get personal and why the rapid response of tech platforms can mask the lasting impact of breaches. She and A.J. dig into the challenge of communicating security risks to a connected generation that rarely sees tangible consequences.Together, they reflect on how open conversations bridge generational gaps and why storytelling and relatable dialogue help people internalize security lessons. Marley argues that making security personal is key to lasting change—especially for those building their careers and brands in the public eye.Send us a textSupport the show

Shawn Loveland is the Chief Operating Officer of Resecurity. In this episode, he joins host Paul John Spaulding to discuss cyber threat intelligence (CTI) and how it differs from traditional fraud monitoring, as well as why organizations should integrate it across their businesses, the technology's future as AI evolves, and more. The Power of Threat Intelligence, a Cybercrime Magazine podcast series brought to you by Resecurity, which offers real-time threat monitoring, dark web surveillance, and predictive analytics to identify risks before digital threat actors victimize your company and customers, ensuring your business remains secure. To learn more about our sponsor, visit https://resecurity.com

The cybersecurity industry operates on a fundamental misconception: that consumers want to understand and manage their digital security. After 17 years at F-Secure and extensive consumer research, Dmitri Vellikok has reached a different conclusion—people simply want security problems to disappear without their involvement.This insight has driven F-Secure's transformation from traditional endpoint protection to what Vellikok calls "embedded ecosystem security." The company, which holds 55% global market share in operator-delivered consumer security, has moved beyond the conventional model of asking consumers to install and manage security software.F-Secure's approach centers on embedding security capabilities directly into applications and services consumers already use. Rather than expecting people to download separate security software, the company partners with telecom operators, insurance companies, and financial institutions to integrate protection into existing customer touchpoints.This embedded strategy addresses what Vellikok identifies as cybersecurity's biggest challenge: activation and engagement. Traditional security solutions fail when consumers don't install them, don't configure them properly, or abandon them due to complexity. By placing security within existing applications, F-Secure automatically reaches more consumers while reducing friction.The company's research reveals the extent of consumer overconfidence in digital security. Seventy percent of people believe they can easily spot scams, yet 43% of that same group admits to having been scammed. This disconnect between perception and reality drives F-Secure's focus on proactive, invisible protection rather than relying on consumer vigilance.Central to this approach is what F-Secure calls the "scam kill chain"—a framework for protecting consumers at every stage of fraudulent attempts. The company analyzes scam workflows to identify intervention points, from initial contact through trust-building phases to final exploitation. This comprehensive view enables multi-layered protection that doesn't depend on consumers recognizing threats.F-Secure's partnership with telecom operators provides unique advantages in this model. Operators see network traffic, website visits, SMS messages, and communication patterns, giving them visibility into threat landscapes that individual security solutions cannot match. However, operators typically don't communicate their protective actions to customers, creating an opportunity for F-Secure to bridge this gap.The company combines operator-level data with device-level protection and user interface elements that inform consumers about threats blocked on their behalf. This creates what Vellikok describes as a "protective ring" around users' digital lives while maintaining transparency about security actions taken.Artificial intelligence and machine learning have been core to F-Secure's operations for over a decade, but recent advances enable more sophisticated predictive capabilities. The company processes massive data volumes to identify patterns and predict threats before they materialize. Vellikok estimates that within 18 to 24 months, F-Secure will be able to warn consumers three days in advance about likely scam attempts.This predictive approach represents a fundamental shift from reactive security to proactive protection. Instead of waiting for threats to appear and then blocking them, the system identifies risk patterns and steers users away from dangerous situations before threats fully develop.The AI integration also serves as a translation layer between technical security events and consumer-friendly communications. Rather than presenting technical alerts about blocked URLs or filtered emails, the system provides context about threats in language consumers can understand and act upon.F-Secure's evolution reflects broader industry recognition that consumer cybersecurity requires different approaches than enterprise security. While businesses can mandate security training and complex protocols, consumers operate in environments where convenience and simplicity drive adoption. The embedded security model acknowledges this reality while maintaining protection effectiveness.The company's global reach through operator partnerships positions it to address cybersecurity as a systemic challenge rather than an individual consumer problem. By aggregating threat data across millions of users and multiple communication channels, F-Secure creates network effects that improve protection for all users as the system learns from new attack patterns.Looking forward, Vellikok anticipates cybersecurity challenges will continue evolving in waves. Current focus on scam protection will likely shift to AI-driven threats, followed by quantum computing challenges. The embedded security model provides a framework for adapting to these changes while maintaining consumer protection without requiring users to understand or manage evolving threat landscapes. Learn more about F-Secure: https://itspm.ag/f-secure-2748Note: This story contains promotional content. Learn more. Guest: Dmitri Vellikok, Product and Business Development at F-Secure  On LinkedIn: https://www.linkedin.com/in/dmitrivellikok/ResourcesCompany Directory:https://www.itspmagazine.com/directory/f-secure Learn more about creating content with Sean Martin & Marco Ciappelli:  https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/purchase-programs Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of Unspoken Security, host AJ Nash welcomes Ivan Novikov, CEO of Wallarm, to discuss the fundamental shifts in API security. They explore how APIs have evolved from internal tools to the public-facing backbone of mobile apps, IoT, and AI. This change has dramatically expanded the threat surface, making traditional security methods obsolete.Ivan explains why older approaches, like signature-based detection and RegEx, fail against modern attacks. He details Wallarm's unique solution: a real-time decompiler that analyzes the actual payload of API requests. This technique allows for deep inspection of complex and nested data formats, identifying malicious code that standard tools miss.The conversation also looks to the future, examining the security risks posed by the rapid adoption of AI agents. Ivan concludes with a stark comparison between physical and cyber threats. In the digital world, attacks are constant and aggressive. Success depends less on the tools you have and more on who you are and how you use them.Send us a textSupport the show

No Kubicast de hoje nós recebemos o Leonardo Pinheiro, CRO da Clavis, para um papo direto ao ponto sobre como uma IA feita no Brasil resolve problemas do nosso cenário de cibersegurança. Falamos do Otto – a IA da Clavis –, de como ela nasceu de muita telemetria real de clientes e do porquê conhecer boleto, Pix, WhatsApp e a cadeia financeira nacional muda completamente o jogo. De quebra, confrontamos o mito do “100% seguro” e mostramos como risco, contexto e priorização guiam decisões melhores.Entramos a fundo na plataforma da Clavis (produto+serviço) e nos módulos que orbitam o Otto: gestão de vulnerabilidades, avaliação de fornecedores, correlação de eventos/EDR e validações em cloud. Discutimos quando automação brilha e quando ainda precisamos de gente experiente (ex.: pen test), além de como o Otto responde a perguntas de negócio (“qual meu score?”, “o que mitigar primeiro?”) e conecta tudo numa visão integrada.Também falamos de supply chain security, reputação e como decisões ruins de terceirização estouram no colo da sua marca. No final, tem um bloco sobre comunidade e carreira (SampaSec, Conecta 21, networking) e um respiro cultural com indicações.Links Importantes:- Leonardo Pinheiro - https://www.linkedin.com/in/leonardo-pinheiro-batista/- João Brito - https://www.linkedin.com/in/juniorjbn/- Assista ao FilmeTEArapia - https://youtu.be/M4QFmW_HZh0?si=HIXBDWZJ8yPbpflM- SampaSEC - https://www.linkedin.com/groups/9381855/?fbclid=PAZXh0bgNhZW0CMTEAAact9-j_AzTmFc136pGmO_GWesqvNdULEk-rMQSkGGSlFcpGCbyZLeElRcFVqg_aem_1W_jlM9Z0G5Q6BHoe76xLw- Kubicast 125 - https://www.youtube.com/watch?v=nG7sugocQsg- A vida de Chuck - https://www.imdb.com/pt/title/tt12908150/Hashtags#SegurancaDaInformacao #Ciberseguranca #InteligenciaArtificial #IA #Otto #Clavis #SupplyChainSecurity #PenTest #GestaoDeVulnerabilidades #LGPD #SOC #EDR #ThreatIntelligence #CloudSecurity #Compliance #PlataformaDeSeguranca #Kubernetes #DevOps #DevSecOps #Kubicast #Containers #GetupO Kubicast é uma produção da Getup, empresa especialista em Kubernetes e projetos open source para Kubernetes. Os episódios do podcast estão nas principais plataformas de áudio digital e no YouTube.com/@getupcloud.

Security risk assessments and power systems design take center stage in this episode with OMICRON OT cybersecurity expert Simon Rommer. He speaks with Jose Paredes, Regional Engineering Manager at H&MV Engineering, about integrating cybersecurity into design from the outset, bridging gaps between IoT and electrical engineering, and managing compliance, procurement, and latency. Jose stresses the value of strong partnerships and thorough risk assessments to meet today's evolving cybersecurity challenges.

How did a Wall Street-bound grad become a pioneer in counterterrorism and threat intelligence? In this episode, Josh Lefkowitz, CEO of Flashpoint, joins Ari to unpack that journey — and share critical insights from the frontlines of global threat monitoring.Josh shares how 9/11 transformed his career trajectory and catalyzed his entry into the national security world. Fast forward to today, Flashpoint supports over 800 global clients with intelligence spanning jihadist networks, cybercrime, and geopolitical threats.From the rise of AI-enabled fraud to North Korea's massive infiltration of the Fortune 500 via remote IT workers, Josh details the most urgent risks facing both public and private sectors. He explains how adversaries are blending AI, stolen data, and social engineering in increasingly sophisticated attacks—and why we're only in the early innings.You'll also hear about:The staggering rise of infostealer malware and its role in ransomwareHow Flashpoint blends scalable tech with human analysts to stay aheadWhy collaboration is now essential: one team, one fightThe game-changing Flashpoint–TRM integration that unites on- and off-chain intelligenceAs adversaries evolve, so must our defenses. This is a masterclass in intelligence, innovation, and what it takes to build security in real time.

Dawn Capelli, Head of OT-CERT at Dragos, unpacks the evolving risks to Operational Technology. From nation-state attacks on Ukraine's infrastructure to hacktivists targeting U.S. water systems, she explains the PIPEDREAM malware, the top five SANS critical OT controls, and how Dragos' OT-CERT program offers free resources to help organizations defend critical infrastructure now. Segment Resources: https://www.dragos.com/community/ This segment is sponsored by NowSecure. Visit https://cisostoriespodcast.com/nowsecure to learn more about them! Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-216

While our team is observing the Labor Day holiday in the US, we hope you will enjoy this episode of The Microsoft Threat Intelligence Podcast . New episodes airs on the N2K CyberWIre network every other Wednesday. In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is live from Black Hat 2025 with a special lineup of Microsoft security leaders and researchers. First, Sherrod sits down with Tom Gallagher, VP of Engineering and head of the Microsoft Security Response Center (MSRC). Tom shares how his team works with researchers worldwide, why responsible disclosure matters, and how programs like Zero Day Quest (ZDQ) are shaping the future of vulnerability research in cloud and AI security. He also announced the next iteration of ZTQ with $5 million up for grabs. Next, Sherrod is joined by Eric Baller (Senior Security Researcher) and Eric Olson (Principal Security Researcher) to unpack the fast-changing ransomware landscape. From dwell time collapsing from weeks to minutes, to the growing role of access brokers, they explore how attackers operate as organized ecosystems and how defenders can respond. Finally, Sherrod welcomes Travis Schack (Principal Security Researcher) alongside Eric Olson to examine the mechanics of social engineering. They discuss how attackers exploit urgency, trust, and human curiosity, why AI is supercharging phishing campaigns, and how defenders can fight back with both training and technology. In this episode you'll learn:     How MSRC partners with researchers across 59 countries to protect customers Why Zero Day Quest is accelerating vulnerability discovery in cloud and AI How ransomware dwell times have shrunk from days to under an hour Resources: View Sherrod DeGrippo on LinkedIn  Zero Day Quest — Microsoft Microsoft Security Response Center Blog Related Microsoft Podcasts:   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks      Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider   The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. Learn more about your ad choices. Visit megaphone.fm/adchoices

Das ist das KI-Update vom 29.08.2025 unter anderem mit diesen Themen: 44 Generalstaatsanwälte der USA warnen KI-Anbieter Anthropic und OpenAI testen sich gegenseitig WhatsApp bringt KI-Schreibhilfe für Kurznachrichten und Metas Superintelligenz-Labor verliert Top-Forscher an OpenAI Links zu allen Themen der heutigen Folge findet Ihr hier: https://heise.de/-10625505 https://www.heise.de/thema/KI-Update https://pro.heise.de/ki/ https://www.heise.de/newsletter/anmeldung.html?id=ki-update https://www.heise.de/thema/Kuenstliche-Intelligenz https://the-decoder.de/ https://www.heiseplus.de/podcast https://www.ct.de/ki Eine neue Folge gibt es montags, mittwochs und freitags ab 15 Uhr.

In this Risky Business News sponsor interview Tom Uren talks to Brett Winterford, Okta's VP of Threat Intelligence about FastPass. Brett explains what it is, how Okta uses it and why threat actors avoid it. Show notes

Global Threats, Deepfakes & Quantum Risk | DailyCyber 273 with Evgueni Erchov ~ Watch Now ~In this episode of DailyCyber, I'm joined by Evgueni Erchov, Sr. Director of Research & Threat Intelligence at Cypfer. With more than 25 years of experience in IT security, forensics, blockchain, and cybercrime investigations, Evgueni shares his perspective on the ever-evolving global cyber threat landscape.

Data alone does not persuade. For data-driven leaders, learning totranslate numbers into a compelling narrative is a critical skill. In thisepisode of Unspoken Security, host AJ Nash speaks with Salvatore Manzi, aleadership communications coach, about the strategies technical leaderscan use to create influence. Salvatore explains why leaders must learn tomake meaning over metrics to connect with teams, stakeholders, andcustomers.Salvatore shares practical frameworks to improve communication. Heintroduces the "You then me" principle, which prioritizes acknowledging the other person's view to build rapport. He also shows how using simplemetaphors and a little appreciation can make complex dataunderstandable. These techniques disarm a room before you need tocorrect someone or present a counter-argument, ensuring your message lands effectively.The conversation also covers imposter syndrome and the uniquecommunication hurdles women face in the tech industry. AJ and Salvatorediscuss the power of authenticity and the need for allies who activelyamplify other voices. They explore how simple shifts in body language andmindset can build the confidence needed to overcome these challenges and ensure your voice is heard.Send us a textSupport the show

At Black Hat USA 2025, Sean Martin, co-founder of ITSPmagazine, sat down with Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, to discuss the findings from the company's latest ransomware report. Over the past five years, the research has tracked how attack patterns, targets, and business models have shifted—most notably from file encryption to data theft and extortion.Brett explains that many ransomware groups now find it more profitable—and less risky—to steal sensitive data and threaten to leak it unless paid, rather than encrypt files and disrupt operations. This change also allows attackers to stay out of the headlines and avoid immediate law enforcement pressure, while still extracting massive payouts. One case saw a Fortune 50 company pay $75 million to prevent the leak of 100 terabytes of sensitive medical data—without a single file being encrypted.The report highlights variation in attacker methods. Some groups focus on single large targets; others, like the group “LOP,” exploit vulnerabilities in widely used file transfer applications, making supply chain compromise a preferred tactic. Once inside, attackers validate their claims by providing file trees and sample data—proving the theft is real.Certain industries remain disproportionately affected. Healthcare, manufacturing, and technology are perennial top targets, with oil and gas seeing a sharp increase this year. Many victims operate with legacy systems, slow to adopt modern security measures, making them vulnerable. Geographically, the U.S. continues to be hit hardest, accounting for roughly half of all observed ransomware incidents.The conversation also addresses why organizations fail to detect such massive data theft—sometimes hundreds of gigabytes per day over weeks. Poor monitoring, limited security staffing, and alert fatigue all contribute. Brett emphasizes that reducing exposure starts with eliminating unnecessary internet-facing services and embracing zero trust architectures to prevent lateral movement.The ransomware report serves not just as a data source but as a practical guide. By mapping observed attacker behaviors to defensive strategies, organizations can better identify and close their most dangerous gaps—before becoming another statistic in next year's findings.Learn more about Zscaler: https://itspm.ag/zscaler-327152Note: This story contains promotional content. Learn more.Guest:Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, | On LinkedIn: https://www.linkedin.com/in/brett-stone-gross/ResourcesLearn more and catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscalerLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, brett stone-gross, ransomware, data extortion, cyber attacks, zero trust security, threat intelligence, data breach, cyber defense, network security, file transfer vulnerability, data protection, black hat, black hat usa 2025, zscaler

In this episode of Unspoken Security, host AJ Nash welcomes Mark Freedman, Principal and CEO of Rebel Global Security, to discuss a major shift in the global threat landscape. The primary national security concern has moved from counter-terrorism to interstate strategic competition. This change requires a new security model, especially for the private sector.Mark explains that companies are now players on a geopolitical battlefield, facing sophisticated threats from nation-states. Yet, many organizations operate in silos. Legal teams track sanctions while cybersecurity teams react to technical threats. They often miss the strategic connection between the two, which creates significant vulnerabilities.To close these gaps, AJ and Mark explore the need for an integrated intelligence function within businesses. They discuss how even a single empowered person, tasked with understanding the geopolitical environment, can connect various teams. This strategic view helps companies build a more resilient and proactive defense in a complex world.Send us a textSupport the show

In this episode of Unspoken Security, host AJ Nash speaks with Dr. Peter Garraghan, CEO and CTO of Mindgard. They discuss the real-world security risks of artificial intelligence. Peter starts with a simple point: AI is just software, and software is easy to break. He urges businesses using AI to step back and truly understand its vulnerabilities.Peter draws parallels between the current AI boom and past technology cycles like cloud computing. While AI feels revolutionary, the security risks are not new. Threats like data poisoning and prompt injection are modern versions of classic cybersecurity problems. The danger is that AI's human-like interface makes it easy to anthropomorphize, causing users to overlook fundamental security flaws.To manage these risks, Peter advises companies to treat AI like any other software. This means applying the same rigorous security controls, testing protocols, and incident response playbooks. Instead of creating a separate process for AI, organizations should find the gaps in their current security posture and update them. This practical approach helps businesses secure AI systems effectively.Send us a textSupport the show

For episode 546 of the BlockHash Podcast, host Brandon Zemp is joined by Hugh Njemanze, Founder and President of Anomali. Hugh brings over 30 years of experience in enterprise software, having co-founded ArcSight and served as its CTO and EVP of R&D. He later led engineering for HP’s Enterprise Security Products group following ArcSight’s acquisition. Hugh has also served as an advisor at Kleiner Perkins and held senior roles at Verity and Apple, where he helped architect the Data Access Language (DAL). ⏳ Timestamps: 0:00 | Introduction1:03 | Who is Hugh Njemanze?4:28 | What is Anomali?9:12 | Anomali Products & ThreatStream18:23 | Evolution of AI in Security Operations20:28 | Anomali client use-cases24:15 | Future of Threat Intelligence31:30 | Anomali’s typical client32:35 | Anomali roadmap 202534:10 | Anomali website, socials & demos

Joining the podcast this week is Dmitry Bestuzhev, senior director of cyber threat intelligence (CTI) at Blackberry. He gives Petko an inside look into the key types of CTI and how the insights can be used to build context and determine response in specific circumstances, such as in the recent case of attempted targets at NATO. Dmitry also turns our attention to the risks posed by public charging stations - a ploy dubbed “Juice Jacking.”   Dmitry Bestuzhev, Senior Director CTI at BlackBerry Dmitry Bestuzhev is Senior Director, CTI (Cyber Threat Intelligence) at BlackBerry. Prior to BlackBerry, Dmitry was Head of Kaspersky's Global Research and Analysis Team for Latin America, where he oversaw the company's experts' anti-malware development work in the region. Dmitry has more than 20 years of experience in IT security across a wide variety of roles. His field of expertise covers everything from traditional online fraud to targeted high-profile attacks on financial and governmental institutions. His main focus in research is on producing Threat Intelligence reports on financially motivated targeted attacks. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e341

From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss threat intelligence. • For more on cybersecurity, visit us at https://cybersecurityventures.com

In this episode, DomainTools' Daniel Schwalbe is joined by Renee Burton (Infoblox), Raymond Dijkxhoorn (Surbl), and Peter Lowe (FIRST.org) to unpack the inaugural DomainTools Intelligence Report and what it reveals about DNS-based threats in 2024. The panel digs into evolving detection challenges, the pitfalls of domain scoring, the growing complexity of threat actor behavior, and why industry collaboration continues to lag. They explore topics like aging domains, TLD abuse, data sharing barriers, and the creative lengths bad actors go to avoid detection. Whether you're building threat intel tools or blocking domains at the edge, this conversation is a must-listen for anyone in DNS-based security.

Why does security awareness training so often fail? In this episode of Unspoken Security, host AJ Nash welcomes Living Security CEO Ashley M. Rose to discuss this common issue. They explore how compliance-driven, "check-the-box" training creates a false sense of security. This old model relies on vanity metrics and rituals instead of reducing actual human risk.Ashley presents a better way forward through human risk management. This modern strategy moves beyond simple phishing tests and integrates data from your existing security tools. It provides a full view of employee behavior to identify and address risks proactively. The goal is to make security training engaging and effective, not just another task to ignore.The conversation also covers the nuanced relationship between human risk management and insider threat programs. AJ and Ashley discuss how to empower employees and transform them from a potential liability into an organization's greatest security asset, creating a stronger, more resilient workforce.Send us a textSupport the show

Joining the podcast this week is Dmitry Bestuzhev, senior director of cyber threat intelligence (CTI) at Blackberry. He gives Petko an inside look into the key types of CTI and how the insights can be used to build context and determine response in specific circumstances, such as in the recent case of attempted targets at NATO. Dmitry also turns our attention to the risks posed by public charging stations - a ploy dubbed “Juice Jacking.”   Dmitry Bestuzhev, Senior Director CTI at BlackBerry Dmitry Bestuzhev is Senior Director, CTI (Cyber Threat Intelligence) at BlackBerry. Prior to BlackBerry, Dmitry was Head of Kaspersky's Global Research and Analysis Team for Latin America, where he oversaw the company's experts' anti-malware development work in the region. Dmitry has more than 20 years of experience in IT security across a wide variety of roles. His field of expertise covers everything from traditional online fraud to targeted high-profile attacks on financial and governmental institutions. His main focus in research is on producing Threat Intelligence reports on financially motivated targeted attacks. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e340

Cyber crime continues to grow each year, but should organizations give up fighting it? On this episode of Unspoken Security, host AJ Nash speaks with Robert Duncan from Netcraft, who argues the answer is absolutely not. Robert makes the case that fighting cyber crime is worth the effort, even when it feels like an endless battle.Robert challenges the common view that "whack-a-mole" tactics are pointless. He believes the key is changing the game from single-player to multiplayer whack-a-mole. By working with domain registrars, hosting providers, and government agencies, defenders can hit criminals at multiple points in their attack chain. This coordinated response makes cyber crime more expensive and less profitable for attackers.The conversation covers everything from traditional phishing to sophisticated pig butchering scams. Robert shares how Netcraft uses AI to engage with scammers and gather intelligence at scale. He also discusses the national security implications of cyber crime and why whole-of-government responses in countries like Australia and the UK show promise for reducing fraud rates.Send us a textSupport the show

Cyber threats are not static—and HITRUST knows assurance can't be either. That's why HITRUST's Michael Moore is leading efforts to ensure the HITRUST framework evolves in step with the threat environment, business needs, and the technologies teams are using to respond.In this episode, Moore outlines how the HITRUST Cyber Threat Adaptive (CTA) program transforms traditional assessment models into something far more dynamic. Instead of relying on outdated frameworks or conducting audits that only capture a point-in-time view, HITRUST is using real-time threat intelligence, breach data, and frameworks like MITRE ATT&CK and MITRE ATLAS to continuously evaluate and update its assessment requirements.The E1 and I1 assessments—designed for organizations at different points in their security maturity—serve as flexible baselines that shift with current risk. Moore explains that by leveraging CTA, HITRUST can add or update controls in response to rising attack patterns, such as the resurgence of phishing or the emergence of AI-driven exploits. These updates are informed by a broad ecosystem of signals, including insurance claims data and AI-parsed breach reports, offering both frequency and impact context.One of the key advantages Moore highlights is the ability for security teams to benefit from these updates without having to conduct their own exhaustive analysis. As Moore puts it, “You get it by proxy of using our frameworks.” In addition to streamlining how teams manage and demonstrate compliance, the evolving assessments also support conversations with business leaders and boards—giving them visibility into how well the organization is prepared for the threats that matter most right now.HITRUST is also planning to bring more of this intelligence into its assessment platform and reports, including showing how individual assessments align with the top threats at the time of certification. This not only strengthens third-party assurance but also enables more confident internal decision-making—whether that's about improving phishing defenses or updating incident response playbooks.From AI-enabled moderation of threats to proactive regulatory mapping, HITRUST is building the connective tissue between risk intelligence and real-world action.Note: This story contains promotional content. Learn more.Guest: Michael Moore, Senior Manager, Digital Innovation at HITRUST | On LinkedIn: https://www.linkedin.com/in/mhmoore04/Hosts:Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.com/Marco Ciappelli, Co-Founder at ITSPmagazine and Host of Redefining Society Podcast & Audio Signals Podcast | https://www.marcociappelli.com/______________________Keywords: sean martin, marco ciappelli, michael moore, hitrust, cybersecurity, threat intelligence, risk management, compliance, assurance, ai security, brand story, brand marketing, marketing podcast, brand story podcast______________________ResourcesVisit the HITRUST Website to learn more: https://itspm.ag/itsphitwebLearn more and catch more stories from HITRUST on ITSPmagazine: https://www.itspmagazine.com/directory/hitrustLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Host David Mauro interviews Jeremy Samide, CEO of Blackwired, about why hackers target you. We expose the latest dark web secrets, and the latest social engineering risks.  Find more about Blackwired here: https://www.blackwired.com/Send us a textGrowth without Interruption. Get peace of mind. Stay Competitive-Get NetGain. Contact NetGain today at 844-777-6278 or reach out online at www.NETGAINIT.com Have a Guest idea or Story for us to Cover? You can now text our Podcast Studio direct. Text direct (904) 867-4466

Shawn Loveland is the Chief Operating Officer of Resecurity. In this episode, he joins host Charlie Osborne to discuss artificial intelligence and cybercrime, including how the technology has impacted today's threat landscape, and more. The Power of Threat Intelligence, a Cybercrime Magazine podcast series brought to you by Resecurity, which offers real-time threat monitoring, dark web surveillance, and predictive analytics to identify risks before digital threat actors victimize your company and customers, ensuring your business remains secure. To learn more about our sponsor, visit https://resecurity.com

William Lyne of the UK's National Crime Agency joins us live at Infosecurity Europe to talk ransomware, AI threats, and the future of cybercrime disruption.When the UK's top cyber intelligence strategist sits down with you in London, you listen — and you hit record.At Infosecurity Europe 2025, the ITSPmagazine podcast team — Marco Ciappelli and Sean Martin — sat down with William Lyne, Deputy Director and Head of Cyber Intelligence at the UK's National Crime Agency (NCA). This is the guy who not only leads cyber strategy for the NCA, but has also represented the UK at the FBI in the U.S. and now oversees national-level ransomware disruption efforts. It's not just a conversation — it's a rare front-row seat into how one of the world's most serious crime-fighting agencies is tackling ransomware 3.0.The message? Ransomware isn't just a cyber issue. It's a societal one. And it's evolving faster than we're prepared for — unless we change the game.“It went from niche to national threat fast,” Lyne explains. “The tools were always there. It just took a few threat actors to stitch them together.”From banking malware to fully operational cybercrime-as-a-service ecosystems, Lyne walks us through how the underground economy has industrialized. Ransomware isn't just about tech — it's about access, scale, and business models. And most importantly, it's no longer limited to elite coders or closed-door Russian-speaking forums. The barrier to entry is gone, and the dark web is wide open for business.Sean brings up the obvious: “Why does this still feel like we're always reacting?”Lyne responds: “We've shifted. We're going after the ecosystem — the people, the infrastructure, the business model — not just the payload.” That includes disrupting ransomware-as-a-service, targeting marketplaces, and yes, investing in preemptive intelligence.Marco flips the script by comparing today's cyber landscape to something deeply human. “Extortion is nothing new — we've just digitalized it. This is human behavior, scaled by tech.”From there, the conversation takes a future-facing turn. Deepfakes, AI-powered phishing, the commoditization of generative tools — Lyne confirms it's all on their radar. But he's quick to note that cybercriminals aren't bleeding-edge innovators. “They adopt when the ROI is right. But AI-as-a-service? That's coming. And it will reshape how efficient — and damaging — these threats become.”And then the real insight lands:“You can't wait to be a victim to talk to law enforcement. We may already have access to the infrastructure. The earlier we hear from you, the better we can act — and fast.”That kind of operational openness isn't something you heard from law enforcement five years ago. It signals a cultural shift — one where collaboration is not optional, it's essential.William also highlights the NCA's partnerships with private sector firms, academia, and international agencies, including the Kronos operation targeting LockBit infrastructure. These kinds of collaborations prove that when information moves, so does impact.Why does this matter?Because while most cybersecurity media gets stuck in product buzzwords and vendor hype, this is the real stuff — how ransomware groups behave, how law enforcement thinks, and how society can respond. It's not theory. It's strategy, lived on the front lines. 

In this episode of Unspoken Security, host AJ Nash sits down with Jennifer Leggio, Chief Strategy Officer of W2 Communications, to discuss the unspoken challenges impacting career fulfillment. Jennifer shares her personal experiences with toxic work environments, imposter syndrome, and the struggle to balance ego and self-awareness. She highlights the importance of advocating for yourself while remaining empathetic to others' struggles.Jennifer introduces the concept of "self-energy," emphasizing the need to prioritize what's best for everyone, not just yourself. She also explores the impact of personal trauma on professional life and offers practical advice for building resilience. Jennifer emphasizes the value of self-care, including meditation and affirmations. She shares her personal "courage plan" framework to help listeners overcome obstacles and create a more fulfilling life.This episode challenges listeners to examine their behaviors and create a path toward greater self-awareness and personal growth, both personally and professionally.Send us a textSupport the show

Guest: Alex Pinto,  Associate Director of Threat Intelligence, Verizon Business, Lead the Verizon Data Breach Report Topics: How would you define “a cloud breach”? Is that a real (and different) thing?  Are cloud breaches just a result of leaked keys and creds? If customers are responsible for 99% of cloud security problems, is cloud breach really about a customer being breached? Are misconfigurations really responsible for so many cloud security breaches? How are we still failing at configuration? What parts of DBIR are not total “groundhog day”? Something about vuln exploitation vs credential abuse in today's breaches–what's driving the shifts we're seeing? DBIR Are we at peak ransomware? Will ransomware be here in 20 years? Will we be here in 20 years talking about it? How is AI changing the breach report, other than putting in hilarious footnotes about how the report is for humans to read and and is written by actual humans?  Resources: Video (LinkedIn, YouTube) Verizon DBIR 2025 EP222 From Post-IR Lessons to Proactive Security: Deconstructing Mandiant M-Trends EP205 Cybersecurity Forecast 2025: Beyond the Hype and into the Reality EP112 Threat Horizons - How Google Does Threat Intelligence EP223 AI Addressable, Not AI Solvable: Reflections from RSA 2025  

All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest Jason Steer, CISO, Recorded Future. In this episode We don't need more indicators Creating more work Generating actionable intelligence Design for what you can do Huge thanks to our sponsor, Recorded Future Every day, security teams face an impossible challenge: sorting through millions of threats, each potentially critical. But somewhere in that noise are the signals you can't afford to miss. Recorded Future's gives you the power to outpace AI-driven threats through intelligence tuned specifically to your needs, enabling you to act with precision. Their advanced AI detects patterns human eyes might miss, while their experts provide context that machines alone cannot. Visit recordedfuture.com to learn more about securing what matters to your business.

Forecast = Stormy with a chance of TikTok malware showers—exploit scoring systems hot, but patch management outlook remains partly cloudy. Welcome to Storm⚡️Watch! In this episode, we're diving into the current state of cyber weather with a mix of news, analysis, and practical insights. This week, we tackle a fundamental question: are all exploit scoring systems bad, or are some actually useful? We break down the major frameworks: **CVSS (Common Vulnerability Scoring System):** The industry standard for assessing vulnerability severity, CVSS uses base, temporal, and environmental metrics to give a comprehensive score. It's widely used but has limitations—especially since it doesn't always reflect real-world exploitability. **Coalition Exploit Scoring System (ESS):** This system uses AI and large language models to predict the likelihood that a CVE will be exploited in the wild. ESS goes beyond technical severity, focusing on exploit availability and usage probabilities, helping organizations prioritize patching with better accuracy than CVSS alone. **EPSS (Exploit Prediction Scoring System):** EPSS is a data-driven approach that estimates the probability of a vulnerability being exploited, using real-world data from honeypots, IDS/IPS, and more. It updates daily and helps teams focus on the most urgent risks. **VEDAS (Vulnerability & Exploit Data Aggregation System):** VEDAS aggregates data from over 50 sources and clusters vulnerabilities, providing a score based on exploit prevalence and maturity. It's designed to help teams understand which vulnerabilities are most likely to be actively exploited. **LEV/LEV2 (Likely Exploited Vulnerabilities):** Proposed by NIST, this metric uses historical EPSS data to probabilistically assess exploitation, helping organizations identify high-risk vulnerabilities that might otherwise be missed. **CVSS BT:** This project enriches CVSS scores with real-world threat intelligence, including data from CISA KEV, ExploitDB, and more. It's designed to help organizations make better patching decisions by adding context about exploitability. Next, we turn our attention to a troubling trend: malware distribution via TikTok. Attackers are using AI-generated videos, disguised as helpful software activation tutorials, to trick users into running malicious PowerShell commands. This “ClickFix” technique has already reached nearly half a million views. The malware, including Vidar and StealC, runs entirely in memory, bypassing traditional security tools and targeting credentials, wallets, and financial data. State-sponsored groups from Iran, North Korea, and Russia have adopted these tactics, making it a global concern. For employees, the takeaway is clear: never run PowerShell commands from video tutorials, and always report suspicious requests to IT. For IT teams, consider disabling the Windows+R shortcut for standard users, restrict PowerShell execution, and update security awareness training to include social media threats. We also highlight the latest from Censys, VulnCheck, runZero, and GreyNoise—industry leaders providing cutting-edge research and tools for vulnerability management and threat intelligence. Don't miss GreyNoise's upcoming webinar on resurgent vulnerabilities and their impact on organizational security. And that's a wrap for this episode! We will be taking a short break from Storm Watch for the summer. We look forward to bringing more episodes to you in the fall! Storm Watch Homepage >> Learn more about GreyNoise >>  

In this unfiltered episode of Unspoken Security, host A. J. Nash explores the looming threat quantum computing poses to our digital infrastructure with experts Robert Clyde, Managing Director of Clyde Consulting and Chair of crypto-security firm CryptoQuanti, and Jamie Norton, a Board Director at ISACA with extensive cybersecurity credentials. They cut through the technical jargon to explain how quantum computing fundamentally differs from classical computing and why its exponential processing power threatens to break current encryption standards."While current quantum computers operate at around 150 qubits, once they reach sufficient power, everything from banking transactions to secure communications could be compromised instantly," warns Robert during the discussion of "Q Day" — the moment when quantum computers become powerful enough to defeat public-key cryptography underpinning internet security.Despite the alarming scenario, the experts offer practical guidance on preparing for this threat. They outline how organizations should begin implementing post-quantum cryptography solutions developed by NIST, emphasizing that proactive preparation, not panic, is the critical response security professionals should adopt today. Listen to the full episode to understand the quantum threat and learn the concrete steps your organization should take now before Q Day arrives.Send us a textSupport the show

RSA 2025 revealed a shift: identity is now a primary threat vector in cloud security. In this episode, Jason Kikta breaks down the key takeaways from the conference—why identity has overtaken malware, how threat actors exploit service accounts and IDPs, and what this means for modern defense strategies. Plus, Jason shares observations on the evolving risk landscape and whether Black Hat will follow RSA's lead.Whether you're a CISO, CTO, or security architect, this episode is your briefing on where the industry is headed.

Can Generative AI Be Secured? Amazon's Chief Security Officer Weighs In   In this episode of Eye on AI, Amazon's Chief Security Officer Stephen Schmidt pulls back the curtain on how Amazon is using AI-powered cybersecurity to defend against real-world threats. From global honeypots to intelligent alarm systems and secure AI agent networks, Steve shares never-before-heard details on how Amazon is protecting both its infrastructure and your data in the age of generative AI.   We dive deep into: Amazon's MadPot honeypot network and how it tracks adversaries in 90 seconds The role of AI in threat detection, alarm triage, and code validation Why open-source vs. closed-source models are a real security debate The critical need for data privacy, secure LLM usage, and agent oversight Amazon's $5M+ Nova Trusted AI Challenge to battle adversarial code generation Whether you're building AI tools, deploying models at scale, or just want to understand how the future of cybersecurity is evolving—this episode is a must-listen.   Don't forget to like, subscribe, and turn on notifications to stay updated on the latest in AI, security, and innovation.     Stay Updated: Craig Smith on X:https://x.com/craigss Eye on A.I. on X: https://x.com/EyeOn_AI (00:00) Preview (00:52) Stephen Schmidt's Role and Background at Amazon (02:11) Inside Amazon's Global Honeypot Network (MadPot) (05:26) How Amazon Shares Threat Intel Through GuardDuty (08:06) Are Cybercriminals Using AI? (10:28) Open Source vs Closed Source AI Security Debate (13:09) What Is Amazon GuardDuty (17:44) How Amazon Protects Customer Data at Scale (20:18) Can Autonomous AI Agents Handle Security? (25:14) How Amazon Empowers SMBs with Agent-Driven Security (26:18) What Tools Power Amazon's Security Agents? (29:25) AI Security Basics (35:34) Securing AI-Generated Code (37:26) Are Models Learning from Our Queries? (39:44) Risks of Agent-to-Agent Data Sharing (42:08) Inside the $5M Nova Trusted AI Security Challenge (47:01) Supply Chain Attacks and State Actor Tactics (51:32) How Many True Adversaries Are Out There? (53:04) What Everyone Needs to Know About AI Security  

Cyber attacks against public safety agencies are rising, with 324 confirmed globally in 2024, including 25 complete system shutdowns. The Public Safety Threat Alliance, established by Motorola Solutions, is a cyber threat Information Sharing and Analysis Organization (ISAO) recognized by CISA that provides actionable intelligence to public safety agencies across the globe to improve their resilience and defense capabilities. Membership in the PSTA is open to all public safety agencies, and there is no cost to join for public sector organizations. In this episode of the Policing Matters podcast, part of a special report from Motorola Solutions Summit 2025, host Jim Dudley speaks with William DeCoste, STARS Program Manager and Telecommunications Engineer Manager with the Virginia State Police Communications Division and Jay Kaine, the Director of Threat Intelligence at Motorola Solutions. They tackle the direct effect cyber attacks can have on public safety agencies and the collaborative efforts underway to combat them. About our sponsor This episode of the Policing Matters podcast is sponsored by Motorola Solutions.

In this eye-opening episode of Unspoken Security, host AJ Nash welcomes notorious hacker and security expert Jayson E. Street to discuss why traditional security awareness training falls short. Jayson explains that most corporate security training is merely policy-driven compliance, not actual security education.Instead of focusing on checkbox exercises once a year, Jayson advocates for building situational awareness—a security mindset that extends beyond the workplace into everyday life. He shares practical strategies for gamifying security training, fostering a culture where employees feel like participants rather than targets, and creating year-round engagement through creative competitions.Through entertaining stories and candid insights from his experience as a simulated adversary for hire, Jayson challenges the industry's approach to security training and offers a refreshing perspective on how to make organizations genuinely more secure.Send us a textSupport the show

Three Buddy Problem - Episode 45: (The buddies are trapped in timezone hell with cross-continent travel this week). In the meantime, absorb this keynote presented by Juan Andres Guerrero-Saade (JAG-S) at CounterThreats 2023. It's a frank discussion on the role of cyber threat intelligence (CTI) during wartime and its importance in bridging information gaps between adversaries. Includes talk on the ethical challenges in CTI, questioning the impact of intelligence-sharing and how cyber operations affect real-world conflicts. He pointed to Ukraine and Israel as examples where CTI plays a critical, yet complicated, role. His message: cybersecurity pros need to be aware of the real-world consequences of their work and the ethical responsibility that comes with it. Acknowledgment: Credit for the audio goes to CyberThreat 2023, SANS Institute, NCSC, and SentinelOne. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

A jury orders NSO Group to pay $167 millions dollars to Meta over spyware allegations. CISA warns of hacktivists targeting U.S. ICS and SCADA systems. Researcher Micah Lee documents serious privacy risks in the TM SGNL app used by high level Trump officials. The NSA plans significant workforce cuts. Nations look for alternatives to U.S. cloud providers. A medical device provider discloses a cyberattack disrupting its ability to ship customer orders. The Panda Shop smishing kit impersonates trusted brands. Accenture's CFO thwarts a deepfake attempt. Our temporary intern Kevin Magee from Microsoft wraps up his reporting from the RSAC show floor.  Server room shenanigans, with romance, retaliation, and root access. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Wrapping up RSAC 2025, we're joined by our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Kevin brings the energy with a high-octane medley of interviews directly from the show floor, featuring sharp insights and bold ideas from some of cybersecurity's most influential voices. It's the perfect, fast-paced finale to our RSAC coverage—check out the show notes for links to all the guests featured! In this segment, you'll hear from Eoin Wickens, Director of Threat Intelligence of HiddenLayer, Jordan Shaw-Young, Chief of Staff for Security Services at BlueVoyant, Gil Barak, co-founder and CEO of Blink Ops, and Paul St Vil, VP of Field Engineering at Zenity. You can also catch Kevin on our Microsoft for Startups⁠ Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi⁠ of ⁠Cerby⁠, ⁠Travis Howerton⁠ of ⁠RegScale⁠, and ⁠Karl Mattson⁠ of ⁠Endor Labs⁠. Whether you are building your own startup or just love a good innovation story, listen and learn more here. Selected Reading Spyware-maker NSO ordered to pay $167 million for hacking WhatsApp (The Washington Post) CISA Warns of Hackers Attacking ICS/SCADA Systems in Oil and Natural Gas Companies (Cyber Security News) Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs (Micha Flee) NSA to cut up to 2,000 civilian roles as part of intel community downsizing' (The Record) NIST loses key cyber experts in standards and research (Cybersecurity Dive) A coherent European/non-US cloud strategy: building railroads for the cloud economy (Bert Hubert) Medical device giant Masimo says cyberattack is limiting ability to fill customer orders (The Record) New Chinese Smishing Kit Dubbed 'Panda Shop' Steal Google, Apple Pay & Credit Card Details (Cyber Security News) Accenture: What we learned when our CEO got deepfaked (Computing) IT Worker from Computacenter Let Girlfriend Into Deutsche Bank's Restricted Areas (GB Hackers) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Charles Henderson, who leads the cybersecurity services division at Coalfire, shares how the company is reimagining offensive and defensive operations through a programmatic lens that prioritizes outcomes over checkboxes. His team, made up of practitioners with deep experience and creative drive, brings offensive testing and exposure management together with defensive services and managed offerings to address full-spectrum cybersecurity needs. The focus isn't on commoditized services—it's on what actually makes a difference.At the heart of the conversation is the idea that cybersecurity is a team sport. Henderson draws parallels between the improvisation of music and the tactics of both attackers and defenders. Both require rhythm, creativity, and cohesion. The myth of the lone hero doesn't hold up anymore—effective cybersecurity programs are driven by collaboration across specialties and by combining services in ways that amplify their value.Coalfire's evolution reflects this shift. It's not just about running a penetration test or red team operation in isolation. It's about integrating those efforts into a broader mission-focused program, tailored to real threats and measured against what matters most. Henderson emphasizes that CISOs are no longer content with piecemeal assessments; they're seeking simplified, strategic programs with measurable outcomes.The conversation also touches on the importance of storytelling in cybersecurity reporting. Henderson underscores the need for findings to be communicated in ways that resonate with technical teams, security leaders, and the board. It's about enabling CISOs to own the narrative, armed with context, clarity, and confidence.Henderson's reflections on the early days of hacker culture—when gatherings like HoCon and early Def Cons were more about curiosity and camaraderie than business—bring a human dimension to the discussion. That same passion still fuels many practitioners today, and Coalfire is committed to nurturing it through talent development and internships, helping the next generation find their voice, their challenge, and yes, even their hacker handle.This episode offers a look at how to build programs, teams, and mindsets that are ready to lead—not follow—on the cybersecurity front.Learn more about Coalfire: https://itspm.ag/coalfire-yj4wNote: This story contains promotional content. Learn more.Guest: Charles Henderson, Executive Vice President of Cyber Security Services, Coalfire | https://www.linkedin.com/in/angustx/ResourcesLearn more and catch more stories from Coalfire: https://www.itspmagazine.com/directory/coalfireLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:charles henderson, sean martin, coalfire, red teaming, penetration testing, cybersecurity services, exposure management, ciso, threat intelligence, hacker culture, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

In this On Location Brand Story episode, Sean Martin speaks with Hugh Njemanze, Founder and CEO of Anomali, who has been at the center of cybersecurity operations since the early days of SIEM. Known for his prior work at ArcSight and now leading Anomali, Hugh shares what's driving a dramatic shift in how security teams access, analyze, and act on data.Anomali's latest offering—a native cloud-based next-generation SIEM—goes beyond traditional detection. It combines high-performance threat intelligence with agentic AI to deliver answers and take action in ways that legacy platforms simply cannot. Rather than querying data manually or relying on slow pipelines, the system dynamically spins up thousands of cloud resources to answer complex security questions in seconds.Agentic AI Meets Threat IntelligenceHugh walks through how agentic AI, purpose-built for security, breaks new ground. Unlike general-purpose models, Anomali's AI operates within a secure, bounded dataset tailored to the customer's environment. It can ingest a hundred-page threat briefing, extract references to actors and tactics, map those to the MITRE ATT&CK framework, and assess the organization's specific exposure—all in moments. Then it goes a step further: evaluating past events, checking defenses, and recommending mitigations. This isn't just contextual awareness—it's operational intelligence at speed and scale.Making Security More Human-CentricOne clear theme emerges: the democratization of security tools. With Anomali's design, teams no longer need to rely on a few highly trained specialists. Broader teams can engage directly with the platform, reducing burnout and turnover, and increasing organizational resilience. Managers and security leaders now shift focus to prioritization, strategic decision-making, and meaningful business conversations—like aligning defenses to M&A activity or reporting to the board with clarity on risk.Real-World Results and Risk InsightsCustomers are already seeing measurable benefits: an 88% reduction in incidents and an increase in team-wide tool adoption. Anomali's system doesn't just detect—it correlates attack surface data with threat activity to highlight what's both vulnerable and actively targeted. This enables targeted response, cost-effective scaling, and better use of resources.Learn more about Anomali: https://itspm.ag/anomali-bdz393Note: This story contains promotional content. Learn more.Guest: Hugh Njemanze, Founder and President at Anomali | https://www.linkedin.com/in/hugh-njemanze-603721/ResourcesLearn more and catch more stories from Anomali: https://www.itspmagazine.com/directory/anomaliLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, hugh njemanze, siem, cybersecurity, ai, threat intelligence, agentic ai, risk management, soc, cloud security, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More