Podcasts about threat research

While the N2K CyberWire team is observing Independence Day in the US, we thought you'd enjoy this episode of Threat Vector from our podcast network. Listen in and bust those cyber myths. In this episode of Threat Vector, David Moulton talks with Lisa Plaggemier, Executive Director of the National Cybersecurity Alliance. Lisa shares insights from this year's “Oh Behave!” report and dives into why cybersecurity habits remain unchanged—even when we know better. From password reuse to misunderstood AI risks, Lisa explains how emotion, storytelling, and system design all play a role in protecting users. Learn why secure-by-design is the future, how storytelling can reshape behavior, and why facts alone won't change minds. This episode is a must-listen for CISOs, security leaders, and anyone working to reduce human risk at scale. Resources: Kubikle: A comedy webseries about cybercriminals. Oh Behave! The Annual Cybersecurity Attitudes and Behaviors Report 2024 Join the conversation on our social media channels: Website:⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠ Threat Research:⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠ ⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠ Twitter:⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠ ⁠http://paloaltonetworks.com⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

AI models today have a 50% chance of successfully completing a task that would take an expert human one hour. Seven months ago, that number was roughly 30 minutes — and seven months before that, 15 minutes.These are substantial, multi-step tasks requiring sustained focus: building web applications, conducting machine learning research, or solving complex programming challenges.Today's guest, Beth Barnes, is CEO of METR (Model Evaluation & Threat Research) — the leading organisation measuring these capabilities.These highlights are from episode #217 of The 80,000 Hours Podcast: Beth Barnes on the most important graph in AI right now — and the 7-month rule that governs its progress, and include:Can we see AI scheming in the chain of thought? (00:00:34)We have to test model honesty even before they're used inside AI companies (00:05:48)It's essential to thoroughly test relevant real-world tasks (00:10:13)Recursively self-improving AI might even be here in two years — which is alarming (00:16:09)Do we need external auditors doing AI safety tests, not just the companies themselves? (00:21:55)A case against safety-focused people working at frontier AI companies (00:29:30)Open-weighting models is often good, and Beth has changed her attitude about it (00:34:57)These aren't necessarily the most important or even most entertaining parts of the interview — so if you enjoy this, we strongly recommend checking out the full episode!And if you're finding these highlights episodes valuable, please let us know by emailing podcast@80000hours.org.Highlights put together by Ben Cordell, Milo McGuire, and Dominic Armstrong

AI models today have a 50% chance of successfully completing a task that would take an expert human one hour. Seven months ago, that number was roughly 30 minutes — and seven months before that, 15 minutes. (See graph.)These are substantial, multi-step tasks requiring sustained focus: building web applications, conducting machine learning research, or solving complex programming challenges.Today's guest, Beth Barnes, is CEO of METR (Model Evaluation & Threat Research) — the leading organisation measuring these capabilities.Links to learn more, video, highlights, and full transcript: https://80k.info/bbBeth's team has been timing how long it takes skilled humans to complete projects of varying length, then seeing how AI models perform on the same work. The resulting paper “Measuring AI ability to complete long tasks” made waves by revealing that the planning horizon of AI models was doubling roughly every seven months. It's regarded by many as the most useful AI forecasting work in years.Beth has found models can already do “meaningful work” improving themselves, and she wouldn't be surprised if AI models were able to autonomously self-improve as little as two years from now — in fact, “It seems hard to rule out even shorter [timelines]. Is there 1% chance of this happening in six, nine months? Yeah, that seems pretty plausible.”Beth adds:The sense I really want to dispel is, “But the experts must be on top of this. The experts would be telling us if it really was time to freak out.” The experts are not on top of this. Inasmuch as there are experts, they are saying that this is a concerning risk. … And to the extent that I am an expert, I am an expert telling you you should freak out.Chapters:Cold open (00:00:00)Who is Beth Barnes? (00:01:19)Can we see AI scheming in the chain of thought? (00:01:52)The chain of thought is essential for safety checking (00:08:58)Alignment faking in large language models (00:12:24)We have to test model honesty even before they're used inside AI companies (00:16:48)We have to test models when unruly and unconstrained (00:25:57)Each 7 months models can do tasks twice as long (00:30:40)METR's research finds AIs are solid at AI research already (00:49:33)AI may turn out to be strong at novel and creative research (00:55:53)When can we expect an algorithmic 'intelligence explosion'? (00:59:11)Recursively self-improving AI might even be here in two years — which is alarming (01:05:02)Could evaluations backfire by increasing AI hype and racing? (01:11:36)Governments first ignore new risks, but can overreact once they arrive (01:26:38)Do we need external auditors doing AI safety tests, not just the companies themselves? (01:35:10)A case against safety-focused people working at frontier AI companies (01:48:44)The new, more dire situation has forced changes to METR's strategy (02:02:29)AI companies are being locally reasonable, but globally reckless (02:10:31)Overrated: Interpretability research (02:15:11)Underrated: Developing more narrow AIs (02:17:01)Underrated: Helping humans judge confusing model outputs (02:23:36)Overrated: Major AI companies' contributions to safety research (02:25:52)Could we have a science of translating AI models' nonhuman language or neuralese? (02:29:24)Could we ban using AI to enhance AI, or is that just naive? (02:31:47)Open-weighting models is often good, and Beth has changed her attitude to it (02:37:52)What we can learn about AGI from the nuclear arms race (02:42:25)Infosec is so bad that no models are truly closed-weight models (02:57:24)AI is more like bioweapons because it undermines the leading power (03:02:02)What METR can do best that others can't (03:12:09)What METR isn't doing that other people have to step up and do (03:27:07)What research METR plans to do next (03:32:09)This episode was originally recorded on February 17, 2025.Video editing: Luke Monsour and Simon MonsourAudio engineering: Ben Cordell, Milo McGuire, Simon Monsour, and Dominic ArmstrongMusic: Ben CordellTranscriptions and web: Katy Moore

SAN FRANCISCO — RSA Conference 2025 "Sixty percent of the attacks we're tracking target low-profile vulnerabilities—things like privilege escalation and security bypasses, not the headline-making zero days," says Douglas McKee, Executive Director of Threat Research at SonicWall. Speaking live from the show floor at RSA 2025, McKee outlined how SonicWall is helping partners prioritize threats that are actually being exploited, not just those getting attention. In a fast-paced conversation with Technology Reseller News publisher Doug Green, McKee unveiled SonicWall's upcoming Managed Prevention Security Services (MPSS). The offering is designed to help reduce misconfigurations—a leading cause of breaches—by assisting with firewall patching and configuration validation. SonicWall is also collaborating with CySurance to package cyber insurance into this new managed service, providing peace of mind and operational relief to MSPs and customers alike. “Over 95% of the incidents we see are due to human error,” McKee noted. “With MPSS, we're stepping in as a partner to reduce that risk.” McKee also previewed an upcoming threat brief focused on Microsoft vulnerabilities, revealing an 11% year-over-year increase in attacks. Despite attention on high-profile CVEs, SonicWall's data shows attackers often rely on under-the-radar vulnerabilities with lower CVSS scores. For MSPs, McKee shared a stark warning: nearly 50% of the organizations SonicWall monitors are still vulnerable to decade-old exploits like Log4j and Heartbleed. SonicWall's telemetry-driven insights allow MSPs to focus remediation on widespread, high-impact threats. SonicWall's transformation from a firewall vendor to a full-spectrum cybersecurity provider was on display at RSA Booth #6353 (North Hall), where the company showcased its SonicSensory MDR, cloud offerings, and threat intelligence. "We've evolved into a complete cybersecurity partner," McKee said. "Whether it's in the cloud or on-prem, we're helping MSPs and enterprises defend smarter." Visitors to the SonicWall booth were treated to live presentations and fresh coffee—while those not attending can explore SonicWall's insights, including its February 2024 Threat Report and upcoming threat briefs, at www.sonicwall.com.

Red models associated with AI technologies highlight real-world vulnerabilities and the importance of proactive security measures. It is vital to educate users about how to explore the challenges and keep AI systems secure. Today's guest is Dr. Aditya Sood. Dr. Sood is the VP of Security Engineering and AI Strategy at Aryaka and is a security practitioner, researcher, and consultant with more than 16 years of experience. He obtained his PhD in computer science from Michigan State University and has authored several papers for various magazines and journals. In this conversation, he will shed light on AI-driven threats, supply chain risks, and practical ways organizations can stay protected in an ever-changing environment. Get ready to learn how the latest innovations and evolving attack surfaces affect everyone from large companies to everyday users, and why a proactive mindset is key to staying ahead. Show Notes: [01:02] Dr. Sood has been working in the security industry for the last 17 years. He has a PhD from Michigan State University. Prior to Aryaka, he was a Senior Director of Threat Research and Security Strategy for the Office of the CTO at F5. [02:57] We discuss how security issues with AI are on the rise because of the recent popularity and increased use of AI. [04:18] The large amounts of data are convoluting how things are understood, the complexity is rising, and the threat model is changing. [05:14] We talk about the different AI attacks that are being encountered and how AI can be used to defend against these attacks. [06:00] Pre-trained models can contain vulnerabilities. [07:01] AI drift or model or concept drift is when data in the training sets is not updated. The data can be used in a different way. AI hallucinations also can create false output. [08:46] Dr. Sood explains several types of attacks that malicious actors are using. [10:07] Prompt injections are also a risk. [12:13] We learn about the injection mapping strategy. [13:54] We discuss the possibilities of using AI as a tool to bypass its own guardrails. [15:18] It's an arms race using AI to attack Ai and using AI to secure AI. [16:01] We discuss AI workload analysis. This helps to understand the way AI processes. This helps see the authorization boundary and the security controls that need to be enforced. [17:48] Being aware of the shadow AI running in the background. [19:38] Challenges around corporations having the right security people in place to understand and fight vulnerabilities. [20:55] There is risk with the data going to the cloud through the LLM interface. [21:47] Dr. Sood breaks down the concept of shadow AI. [23:50] There are also risks for consumers using AI. [29:39] The concept of Black Box AI models and bias being built into the particular AI. [33:45] The issue of the ground set of truth and how the models are trained. [37:09] It's a balancing act when thinking about the ground set of truth for data. [39:08] Dr. Sood shares an example from when he was researching for his book. [39:51] Using the push and pretend technique to trick AI into bypassing guardrails. [42:51] We talk about the dangers of using APIs that aren't secure. [43:58] The importance of understanding the entire AI ecosystem. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Aditya K Sood Aditya K Sood - LinkedIn Aditya K Sood - X Aryaka COMBATING CYBERATTACKS TARGETING THE AI ECOSYSTEM: Assessing Threats, Risks, and Vulnerabilities Empirical Cloud Security: Practical Intelligence to Evaluate Risks and Attacks Empirical Cloud Security: Practical Intelligence to Evaluate Risks and Attacks

We thought you might enjoy this episode of Threat Vector podcast from the N2K CyberWIre network as we continue our observance of Women's History Month. You can catch new episodes of Threat Vector every Thursday here and on your favorite podcast app. In this special Women's History Month episode of Threat Vector, host David Moulton speaks with four trailblazing women in cybersecurity who are shaping the industry: Kristy Friedrichs, Chief Partnerships Officer; Tanya Shastri, SVP of Product Management; Sama Manchanda, Consultant at Unit 42; and Stephanie Regan, Principal Technical Architect at Unit 42. They share their journeys into cybersecurity, discuss the challenges they faced, and offer insights on leadership, innovation, and mentorship. From AI-driven security to digital forensics, these women have made a lasting impact. Tune in to hear their advice for the next generation and why cybersecurity remains one of the most exciting and dynamic fields to be in today. Join the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: @paloaltonetworks Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

MWC25 has wrapped up – an annual convention about connectivity and mobility -- and so I'll play an interview with AT&T's John Wojewoda, Head of Global Roaming and Satellite, about the near future of using your smart phone to communicate over satellite when you can't reach cell towers (even video calls)Also from Barcelona, we learn all about HONOR's ambitious AI-related announcements, when I sit down with Matt Swider, Founder and Editor in Chief of The Shortcut, the no. 1 consumer tech Substack with more than a million followersIt's tax time, and so McAfee's Abhishek Karnik, Head of Threat Research, chats with me about the latest tax scam research and how to fight backThank you to Visa and SanDisk for your partnership on Tech It Out

While we are taking a publishing break to observe Washington's Birthday here in the United States, enjoy this primer on how to create a podcast from our partners at Palo Alto Networks direct from the CyberMarketingCon 2024. Podcasts have become vital tools for sharing knowledge and insights, particularly in technical fields like cybersecurity. "Threat Vector," led by David Moulton, serves as an essential guide through the complex landscape of cyber threats, offering expert interviews and in-depth analysis. In this session, David will discuss the process behind creating "Threat Vector," highlighting the challenges and rewards of developing a podcast that resonates with industry experts. Attendees will learn about the foundational elements of podcasting, from initial concept development to content creation and audience engagement. David's approach integrates his extensive background in storytelling, design, and strategic marketing, enabling him to tackle intricate cybersecurity topics and make them accessible to a broad audience. This session will dive into how to present intricate cybersecurity topics in an accessible and engaging manner and explore various techniques for producing compelling content and effective strategies for promoting a podcast to a wider audience. Join David and guest host David J. Ebner of Content Workshop for an informative discussion on using podcasts as a medium for education and influence in the cybersecurity field. This session is ideal for anyone interested in starting a podcast or enhancing their approach to cybersecurity communication. Join the conversation on our social media channels: Website: http://www.paloaltonetworks.com  Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/ YouTube: ⁠⁠⁠⁠@paloaltonetworks Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat Vector Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

Kevin O'Connor is the Director of Threat Research at Adlumin. In this episode, he joins host Heather Engel to explore the cybersecurity landscape for 2025, including the emerging threats that organizations must be ready to face, from advanced ransomware tactics to AI-driven attacks. Cyber Tide is a Cybercrime Magazine podcast series brought to you by Adlumin. Working to revolutionize the way organizations secure sensitive data, Adlumin finds the newest cracks being exploited and shines a light on correcting the issue in real-time, with expert guidance. To learn more about our sponsor, visit https://adlumin.com

DOGE's unchecked access to federal networks sparks major cybersecurity fears. Senator Hawley's AI ban targets China and raises free speech concerns. Apple service ticket portal vulnerability exposed millions of users' data. North Korean ‘FlexibleFerret' malware targets macos via job scams and fake zoom apps. February 2025 android security update fixes 48 vulnerabilities, including exploited zero-day. Grubhub data breach exposes customer and driver information. Abandoned cloud infrastructure creates major security risks. Texas to launch its own Cyber Command amid rising cyber threats. Dell PowerProtect vulnerabilities pose critical security risks. On our Threat Vector segment, David Moulton and his guests look at the potential dangers of DeepSeek. U.S. Government is quietly altering the Head Start database. And a moment of inspiration from a spacefaring poet. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment Artificial intelligence is advancing fast, but with innovation comes risk. In this segment of Threat Vector, host David Moulton sits down with Sam Rubin, SVP of Consulting and Threat Intelligence at Unit 42, and Kyle Wilhoit, Director of Threat Research, to explore the vulnerabilities of DeepSeek, a new large language model. To listen to the full discussion, please check out the episode here or on your favorite podcast app, and tune in to new episodes of Threat Vector by Palo Alto Networks every Thursday.  Selected Reading Musk's DOGE effort could spread malware, expose US systems to threat actors (CSO Online) As DOGE teams plug into federal networks, cybersecurity risks could be huge, experts say (The Record) Senator Hawley Proposes Jail Time for People Who Download DeepSeek (404 Media) Apple Service Ticket portal Vulnerability Exposes Millions of Users Data (Cyber Security News)  N. Korean ‘FlexibleFerret' Malware Hits macOS with Fake Zoom, Job Scams (Hackread) Google fixes Android kernel zero-day exploited in attacks (Bleeping Computer) GrubHub Data Breach - Customers Phone Numbers Exposed (Cyber Security News)  Here's all the ways an abandoned cloud instance can cause security issues (CyberScoop) Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks (Infosecurity Magazine) Multiple Dell PowerProtect Vulnerabilities Let Attackers Compromise System (Cyber Security News)  ‘Forbidden Words': Github Reveals How Software Engineers Are Purging Federal Databases (404 Media)  T-Minus Deep Space: Inspiration4 with Dr. Sian “Leo” Proctor. (T-Minus Deep Space podcast) Dr. Sian Proctor got her ticket to space after being selected for her poetry (Instagram)  2025 SpaceCom: Interview with Dr. Sian Proctor (YouTube)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Zero Trust World 2025, hosted by ThreatLocker, is set to bring together IT professionals, business leaders, and cybersecurity practitioners for three days of hands-on labs, insightful discussions, and expert-led sessions. Taking place in Orlando, Florida, from February 19-21, this year's event promises an expanded agenda with cutting-edge topics, interactive workshops, and a unique approach to cybersecurity education.The Growth of Zero Trust WorldNow in its fifth year, Zero Trust World continues to grow exponentially, increasing in size by roughly 50% each year. Kieran Human, Special Projects Engineer at ThreatLocker, attributes this rapid expansion to the rising demand for cybersecurity solutions and the company's own growth. More IT leaders are recognizing the necessity of a Zero Trust approach—not just as a security measure, but as a fundamental philosophy for protecting their organizations.What to Expect: Hands-On Learning and Key DiscussionsOne of the biggest draws of Zero Trust World is its focus on hands-on experiences. Attendees can participate in hacking labs designed to teach them how cyber threats operate from an attacker's perspective. These include interactive exercises using rubber duckies—USB devices that mimic keyboards to inject malicious commands—demonstrating how easily cybercriminals can compromise systems.For those interested in practical applications of security measures, there will be sessions covering topics such as cookie theft, Metasploit, Windows and server security, and malware development. Whether an attendee is an entry-level IT professional or a seasoned security engineer, there's something to gain from these hands-on labs.High-Profile Speakers and Industry InsightsBeyond the labs, Zero Trust World 2025 will feature a lineup of influential speakers, including former Nintendo of America President and CEO Reggie Fils-Aimé, Chase Cunningham (known as Dr. Zero Trust), and ThreatLocker CEO Danny Jenkins. These sessions will provide strategic insights on Zero Trust implementation, industry challenges, and innovative cybersecurity practices.One of the key sessions to look forward to is “The Dangers of Shadow IT,” led by Ryan Bowman, VP of Solution Engineering at ThreatLocker. Shadow IT remains a major challenge for organizations striving to implement Zero Trust, as unauthorized applications and devices create vulnerabilities that security teams may not even be aware of. Stay tuned for a pre-event chat with Ryan coming your way soon.Networking, Certification, and MoreZero Trust World isn't just about education—it's also a prime networking opportunity. Attendees can connect during daily happy hours, the welcome and closing receptions, and a comic book-themed afterparty. ThreatLocker is even introducing a new cybersecurity comic book, adding a creative twist to the conference experience.A major highlight is the Cyber Hero Program, which offers attendees a chance to earn certification in Zero Trust principles. By completing the Cyber Hero exam, participants can have the cost of their event ticket fully refunded, making this an invaluable opportunity for those looking to deepen their cybersecurity expertise.A Unique Capture the Flag ChallengeFor those with advanced cybersecurity skills, the Capture the Flag challenge presents an exciting opportunity. The first person to successfully hack a specially designed, custom-painted high-end computer gets to take it home. This competition is expected to draw some of the best security minds in attendance, reinforcing the event's commitment to real-world application of cybersecurity techniques.Join the ConversationWith so much to see and do, Zero Trust World 2025 is shaping up to be an essential event for IT professionals, business leaders, and security practitioners. Sean Martin and Marco Ciappelli will be covering the event live, hosting interviews with speakers, panelists, and attendees to capture insights and takeaways.Whether you're looking to enhance your security knowledge, expand your professional network, or experience hands-on cybersecurity training, Zero Trust World 2025 offers something for everyone. If you're attending, be sure to stop by the podcast area and join the conversation on the future of Zero Trust security.Guest: Kieran Human, Special Projects Engineer, ThreatLocker [@ThreatLocker | On LinkedIn: https://www.linkedin.com/in/kieran-human-5495ab170/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Zero Trust World 2025, hosted by ThreatLocker, is set to bring together IT professionals, business leaders, and cybersecurity practitioners for three days of hands-on labs, insightful discussions, and expert-led sessions. Taking place in Orlando, Florida, from February 19-21, this year's event promises an expanded agenda with cutting-edge topics, interactive workshops, and a unique approach to cybersecurity education.The Growth of Zero Trust WorldNow in its fifth year, Zero Trust World continues to grow exponentially, increasing in size by roughly 50% each year. Kieran Human, Special Projects Engineer at ThreatLocker, attributes this rapid expansion to the rising demand for cybersecurity solutions and the company's own growth. More IT leaders are recognizing the necessity of a Zero Trust approach—not just as a security measure, but as a fundamental philosophy for protecting their organizations.What to Expect: Hands-On Learning and Key DiscussionsOne of the biggest draws of Zero Trust World is its focus on hands-on experiences. Attendees can participate in hacking labs designed to teach them how cyber threats operate from an attacker's perspective. These include interactive exercises using rubber duckies—USB devices that mimic keyboards to inject malicious commands—demonstrating how easily cybercriminals can compromise systems.For those interested in practical applications of security measures, there will be sessions covering topics such as cookie theft, Metasploit, Windows and server security, and malware development. Whether an attendee is an entry-level IT professional or a seasoned security engineer, there's something to gain from these hands-on labs.High-Profile Speakers and Industry InsightsBeyond the labs, Zero Trust World 2025 will feature a lineup of influential speakers, including former Nintendo of America President and CEO Reggie Fils-Aimé, Chase Cunningham (known as Dr. Zero Trust), and ThreatLocker CEO Danny Jenkins. These sessions will provide strategic insights on Zero Trust implementation, industry challenges, and innovative cybersecurity practices.One of the key sessions to look forward to is “The Dangers of Shadow IT,” led by Ryan Bowman, VP of Solution Engineering at ThreatLocker. Shadow IT remains a major challenge for organizations striving to implement Zero Trust, as unauthorized applications and devices create vulnerabilities that security teams may not even be aware of. Stay tuned for a pre-event chat with Ryan coming your way soon.Networking, Certification, and MoreZero Trust World isn't just about education—it's also a prime networking opportunity. Attendees can connect during daily happy hours, the welcome and closing receptions, and a comic book-themed afterparty. ThreatLocker is even introducing a new cybersecurity comic book, adding a creative twist to the conference experience.A major highlight is the Cyber Hero Program, which offers attendees a chance to earn certification in Zero Trust principles. By completing the Cyber Hero exam, participants can have the cost of their event ticket fully refunded, making this an invaluable opportunity for those looking to deepen their cybersecurity expertise.A Unique Capture the Flag ChallengeFor those with advanced cybersecurity skills, the Capture the Flag challenge presents an exciting opportunity. The first person to successfully hack a specially designed, custom-painted high-end computer gets to take it home. This competition is expected to draw some of the best security minds in attendance, reinforcing the event's commitment to real-world application of cybersecurity techniques.Join the ConversationWith so much to see and do, Zero Trust World 2025 is shaping up to be an essential event for IT professionals, business leaders, and security practitioners. Sean Martin and Marco Ciappelli will be covering the event live, hosting interviews with speakers, panelists, and attendees to capture insights and takeaways.Whether you're looking to enhance your security knowledge, expand your professional network, or experience hands-on cybersecurity training, Zero Trust World 2025 offers something for everyone. If you're attending, be sure to stop by the podcast area and join the conversation on the future of Zero Trust security.Guest: Kieran Human, Special Projects Engineer, ThreatLocker [@ThreatLocker | On LinkedIn: https://www.linkedin.com/in/kieran-human-5495ab170/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

DeepSeek blames DDoS for recent outages. Hackers behind last year's AT&T data breach targeted members of the Trump family, Kamala Harris, and Marco Rubio's wife.The EU sanctions Russians for cyberattacks against Estonia. ENGlobal confirms personal information was taken in last year's ransomware attack. CISA issues a critical warning about a SonicWall vulnerability actively exploited. A large-scale phishing campaign exploits users' trust in PDF files and the USPS. Apple patches a zero-day affecting many of their products. A ransomware attack on an Ohio-based operator of skilled nursing and rehabilitation facilities affects over 70,000. President Trump has a tumultuous first week back in office. Our guest is Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. A nonprofit aims to clean up the AI industry's mess.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Bogdan Botezatu, Director, Threat Research and Reporting at Bitdefender, to discuss the dark market subculture and its parallels to holiday shopping. Check out Bitdefender's research on the topic here. Selected Reading DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge (SecurityWeek) DeepSeek FAQ (Stratechery) We tried out DeepSeek. It worked well, until we asked it about Tiananmen Square and Taiwan (The Guardian)  Hackers Mined AT&T Breach for Data on Trump's Family, Kamala Harris (404 Media) European Union Sanctions Russian Nationals for Hacking Estonia (SecurityWeek) ENGlobal Says Personal Information Accessed in Ransomware Attack (SecurityWeek) CISA Warns of SonicWall 0-day RCE Vulnerability Exploited in Wild (Cyber Security News) Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam (Security Boulevard) Amazon Prime Security Warning As Hackers Strike—What You Need To Know (Forbes)  Apple plugs exploited security hole in iOS, updates macOS (The Register) Nursing Home, Rehab Chain Says Hack Affects Nearly 70,000 (GovInfo Security) A Tumultuous Week for Federal Cybersecurity Efforts (Krebs on Security) Initiative Aims to Enable Ethical Coding LLMs (IEEE Spectrum) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by Ismael Valenzuela, VP of Threat Research & Intelligence, and Jacob Faires, Principal Threat Researcher, from Blackberry discussing the team's work on "LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign." In April 2024, BlackBerry uncovered a significant evolution of the LightSpy malware campaign, attributed to Chinese cyber-espionage group APT41. The newly introduced DeepData framework, a modular Windows-based surveillance tool, expands data theft capabilities with 12 specialized plugins for tasks like communication surveillance, credential theft, and system intelligence gathering. The campaign targets a wide range of communication platforms, including WhatsApp, Signal, and WeChat, with advanced techniques for monitoring and stealing sensitive information from victims across the Asia-Pacific region. The research can be found here: LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by Ismael Valenzuela, VP of Threat Research & Intelligence, and Jacob Faires, Principal Threat Researcher, from Blackberry discussing the team's work on "LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign." In April 2024, BlackBerry uncovered a significant evolution of the LightSpy malware campaign, attributed to Chinese cyber-espionage group APT41. The newly introduced DeepData framework, a modular Windows-based surveillance tool, expands data theft capabilities with 12 specialized plugins for tasks like communication surveillance, credential theft, and system intelligence gathering. The campaign targets a wide range of communication platforms, including WhatsApp, Signal, and WeChat, with advanced techniques for monitoring and stealing sensitive information from victims across the Asia-Pacific region. The research can be found here: LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign Learn more about your ad choices. Visit megaphone.fm/adchoices

While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, Threat Vector by Palo Alto Networks. See you in 2025! Announcement: We are pleased to share an exciting announcement about Cortex XDR at the top of our show. You can learn more here. Check out our episode on "Cyber Espionage and Financial Crime: North Korea's Double Threat" with Assaf Dahan, Director of Threat Research at Palo Alto Networks Cortex team. Join host David Moulton on Threat Vector, as he dives deep into the rapidly evolving XDR landscape with Allie Mellen, Principal Analyst at Forrester. With expertise in security operations, nation-state threats, and the application of AI in security, Allie offers an inside look at how XDR is reshaping threat detection and response. From tackling the SIEM market's current challenges to optimizing detection engineering, Allie provides invaluable insights into the people, processes, and tools central to an effective SOC. This episode offers listeners a thoughtful exploration of how to navigate today's complex threat landscape and separate XDR hype from reality. Perfect for cybersecurity professionals looking to stay ahead in the field, tune in to hear expert perspectives on the next steps in cybersecurity resilience. Ready to go deeper? Join Josh Costa, Director of Product Marketing, Allie Mellen, Principal Analyst at Forrester and David Moulton, Director of Content and Thought Leadership for Unit 42 as they discuss the State of XDR https://start.paloaltonetworks.com/State-of-XDR-with-Forrester.  Join the conversation on our social media channels: Website: http://www.paloaltonetworks.com  Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/ YouTube: ⁠⁠⁠⁠@paloaltonetworks Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat Vector Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

Pundits predict Trump will overhaul U.S. cybersecurity policy. Experts examine escalating cybersecurity threats facing the U.S. energy sector. Palo Alto Networks patches a pair of zero-days. Akira and SafePay ransomware groups claim dozens of new victims. A major pharmacy group is pressured to pay a $1.3 million ransomware installment. Threat actors are exploiting Spotify playlists and podcasts. An alleged Phobos ransomware admin has been extradited to the U.S. Rapper “Razzlekhan” gets 18 months in prison for her part in the Bitfinex cryptocurrency hack. On today's Threat Vector, David Moulton speaks with Assaf Dahan, Director of Threat Research at Palo Alto Networks' Cortex team, about the rising cyber threat from North Korea.  Swiss scammers send snail mail.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment On this segment of Threat Vector, host David Moulton speaks with Assaf Dahan, Director of Threat Research at Palo Alto Networks' Cortex team, about the rising cyber threat from North Korea. To hear the full conversation between David and Assaf, listen to Cyber Espionage and Financial Crime: North Korea's Double Threat, and catch new episodes of Threat Vector every Thursday on your favorite podcast app!  Selected Reading More Spyware, Fewer Rules: What Trump's Return Means for US Cybersecurity (WIRED) How to remove the cybersecurity gridlock from the nation's energy lifelines (CyberScoop) Palo Alto Patches Firewall Zero-Day Exploited in Operation Lunar Peek (SecurityWeek) SafePay ransomware: Obscure group uses LockBit builder, claims 22 victims (SC Media) Akira Ransomware Drops 30 Victims on Leak Site in One Day (SecurityWeek) Gang Shaking Down Pharmacy Group for Second Ransom Payment (GovInfo Security) Spotify abused to promote pirated software and game cheats (Bleeping Computer) Suspected Phobos Ransomware Admin Extradited to US (Infosecurity Magazine) Heather ‘Razzlekhan' Morgan sentenced to 18 months in prison, ending Bitfinex saga (The Record) Now Hackers Are Using Snail Mail In Cyber Attacks—Here's How (Forbes)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, Chris is joined by Gregory Richardson, Vice President and Global Advisory CISO at BlackBerry, and Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry. They address how AI is changing the threat landscape, why human defenders remain a key part of our cyber defenses, and the explain the AI standoff between cyber threat actors and cyber defenders.

This week, Chris is joined by Gregory Richardson, Vice President and Global Advisory CISO at BlackBerry, and Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry. They address how AI is changing the threat landscape, why human defenders remain a key part of our cyber defenses, and the explain the AI standoff between cyber threat actors and cyber defenders.

This week we are joined by Chester Wisniewski, Global Field CTO from Sophos X-Ops team, to discuss their work on "Crimson Palace returns: New Tools, Tactics, and Targets." Sophos X-Ops has observed a resurgence in cyberespionage activity, tracked as Operation Crimson Palace, targeting Southeast Asian government organizations. After a brief lull, Cluster Charlie resumed operations in September 2023, using new tactics such as web shells and open-source tools to bypass detection, re-establish access, and map target network infrastructure, demonstrating ongoing efforts to exfiltrate data and expand their foothold. The research can be found here: Crimson Palace returns: New Tools, Tactics, and Targets  Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of Trust Issues, host David Puner welcomes back Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, for a discussion covering the latest developments in generative AI and the emerging cyberthreats associated with it. Lavi shares insights on how machine identities are becoming prime targets for threat actors and discusses the innovative research being conducted by CyberArk Labs to understand and mitigate these risks. The conversation also touches on the concept of responsible AI and the importance of building secure AI systems. Tune in to learn about the fascinating world of AI security and the cutting-edge techniques used to protect against AI-driven cyberattacks.

Google and iVerify clash over the security implications of an Android app. CISA has issued a warning about a critical vulnerability in SolarWinds Web Help Desk. Ransomware attacks targeting industrial sectors surge. Microsoft is rolling out mandatory MFA for Azure. Banshee Stealer is a new macOS-targeted malware developed by Russian threat actors. A popular flight tracking website exposes users' personal and professional information. San Francisco goes after websites generating deepfake nudes. Daniel Blackford, Director of Threat Research at Proofpoint, joins us to discuss emerging tactics used by threat actors and trends in e-crime tied to nation states.  Scammers Use Google to Scam Google. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Daniel Blackford, Director of Threat Research at Proofpoint, joined us while he was out at Black Hat to discuss emerging tactics used by threat actors and trends in e-crime tied to nation states.  Selected Reading Google to remove app from Pixel devices following claims that it made phones vulnerable (The Record) Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App (WIRED) SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day (SecurityWeek) Microsoft Mandates MFA for All Azure Sign-Ins (Infosecurity Magazine) New Banshee Stealer macOS Malware Priced at $3,000 Per Month (SecurityWeek) Dragos reports resurgence of ransomware attacks on industrial sectors, raising likelihood of targeting OT networks (Industrial Cyber) CISA Releases Eleven Industrial Control Systems Advisories (CISA) FlightAware Exposed Pilots' and Users' Info (404 Media) AI-powered ‘undressing' websites are getting sued (The Verge) Dozens of Google products targeted by scammers via malicious search ads (Malwarebytes)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: AXRP Episode 34 - AI Evaluations with Beth Barnes, published by DanielFilan on July 28, 2024 on The AI Alignment Forum. YouTube link How can we figure out if AIs are capable enough to pose a threat to humans? When should we make a big effort to mitigate risks of catastrophic AI misbehaviour? In this episode, I chat with Beth Barnes, founder of and head of research at METR, about these questions and more. Topics we discuss: What is METR? What is an "eval"? How good are evals? Are models showing their full capabilities? Evaluating alignment Existential safety methodology Threat models and capability buffers METR's policy work METR's relationship with labs Related research Roles at METR, and following METR's work Daniel Filan: Hello everybody. In this episode I'll be speaking with Beth Barnes. Beth is the co-founder and head of research at METR. Previously, she was at OpenAI and DeepMind, doing a diverse set of things, including testing AI safety by debate and evaluating cutting-edge machine learning models. In the description, there are links to research and writings that we discussed during the episode. And if you're interested in a transcript, it's available at axrp.net. Well, welcome to AXRP. Beth Barnes: Hey, great to be here. What is METR? Daniel Filan: Cool. So, in the introduction, I mentioned that you worked for Model Evaluation and Threat Research, or METR. What is METR? Beth Barnes: Yeah, so basically, the basic mission is: have the world not be taken by surprise by dangerous AI stuff happening. So, we do threat modeling and eval creation, currently mostly around capabilities evaluation, but we're interested in whatever evaluation it is that is most load-bearing for why we think AI systems are safe. With current models, that's capabilities evaluations; in future that might be more like control or alignment evaluations. And yeah, [the aim is to] try and do good science there, be able to recommend, "Hey, we think if you measure this, then you can rule out these things. You might be still concerned about this thing. Here's how you do this measurement properly. Here's what assumptions you need to make," this kind of thing. Daniel Filan: Gotcha. So, mostly evaluations. But it sounded like there was some other stuff as well, like threat modeling you mentioned. Beth Barnes: Yeah. We also do policy work recommending things in the direction of responsible scaling policies. So, saying what mitigations are needed based on the results of different evaluations and roughly how labs or governments might construct policies around this, how evals-based governance should work roughly. Daniel Filan: Okay. So, should I think of it as roughly like: you're an evaluations org, you want to evaluate AIs, there's some amount of threat modeling which goes into "what evaluations should we even care about making?", there's some amount of policy work on the other end [about] "okay, if we do this evaluation, how should people think about that? What should people do?" And it's sort of inputs to and outputs of making of evals. Is that a fair…? Beth Barnes: Yeah. What is an "eval"? Daniel Filan: Cool. So, if it centers around evals, what counts as an evaluation rather than a benchmark or some other ML technique that spits out a number at the end? Beth Barnes: Yeah, I mean I guess the word itself isn't that important. What we're trying to do is that: we have specific threat models in mind and we're trying to construct some kind of experiment you could do, a measurement you could run, that gives you as much information as possible about that threat model or class of threat models. Generic ML benchmarks don't necessarily have a specific goal for what you're measuring, or you might have a goal for measuring something that's more like a particular type of abstract ability or something. Whereas we'...

Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of MITRE ATT&CK with CyberWire Hash Table guests Frank Duff, Tidal Cyber's Chief Innovation Officer, Amy Robertson, MITRE Threat Intelligence Engineer and ATT&CK Engagement lead, and Rick Doten, Centene's VP of Information Security. References: Amy L. Robertson, 2024. ATT&CK 2024 Roadmap  [Essay]. Medium. Blake E. Strom, Andy Applebaum, Doug P. Miller, Kathryn C. Nickels, Adam G. Pennington, Cody B. Thomas, 2018. MITRE ATT&CK: Design and Philosophy [Historical Paper]. MITRE. Eric Hutchins, Michael Cloppert, Rohan Amin, 2010. Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains [Historic Paper]. Lockheed Martin Corporation. Nick Selby, 2014. One Year Later: The APT1 Report [Essay]. Dark Reading. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Rick Howard, 2020. Intrusion kill chains: a first principle of cybersecurity.  [Podcast]. The CyberWire. Rick Howard, 2022. Kill chain trifecta: Lockheed Martin, ATT&CK, and Diamond. [Podcast]. The CyberWire. Rick Howard, 2020. cyber threat intelligence (CTI) (noun) [Podcast]. Word Notes: The CyberWire. Kevin Mandia, 2014. State of the Hack: One Year after the APT1 Report [RSA Conference Presentation]. YouTube. SAHIL BLOOM, 2023. The Blind Men & the Elephant [Website]. The Curiosity Chronicle. Sergio Caltagirone, Andrew Pendergast, and Christopher Betz. 05 July 2011. The Diamond Model of Intrusion Analysis. Center for Cyber Threat Intelligence and Threat Research.[Historical Paper] Staff, n.d. Home Page [Website]. Tidal Cyber. Learn more about your ad choices. Visit megaphone.fm/adchoices

Ismael Valenzuela, Vice President Threat Research & Intelligence, from Blackberry Threat Research and Intelligence team is discussing their work on "Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors Leveraging Cross-Platform Programming Languages." BlackBerry has identified Transparent Tribe (APT36), a Pakistani-based advanced persistent threat group, targeting India's government, defense, and aerospace sectors from late 2023 to April 2024, using evolving toolkits and exploiting web services like Telegram and Google Drive. Evidence such as time zone settings and spear-phishing emails with Pakistani IP addresses supports their attribution, suggesting alignment with Pakistan's interests. The research can be found here: Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors Leveraging Cross-Platform Programming Languages Learn more about your ad choices. Visit megaphone.fm/adchoices

Ismael Valenzuela, Vice President Threat Research & Intelligence, from Blackberry Threat Research and Intelligence team is discussing their work on "Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors Leveraging Cross-Platform Programming Languages." BlackBerry has identified Transparent Tribe (APT36), a Pakistani-based advanced persistent threat group, targeting India's government, defense, and aerospace sectors from late 2023 to April 2024, using evolving toolkits and exploiting web services like Telegram and Google Drive. Evidence such as time zone settings and spear-phishing emails with Pakistani IP addresses supports their attribution, suggesting alignment with Pakistan's interests. The research can be found here: Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors Leveraging Cross-Platform Programming Languages Learn more about your ad choices. Visit megaphone.fm/adchoices

Amit Malik, Director of Threat Research at Uptycs, is sharing their work on "New Threat Detected: Inside Our Discovery of the Log4j Campaign and Its XMRig Malware." The Uptycs Threat Research Team has discovered a large-scale Log4j campaign involving over 1700 IPs, aiming to deploy XMRig cryptominer malware. This ongoing operation was initially detected through the team's honeypot collection, prompting an in-depth analysis of the campaign. The research says "The JNDI plugin is particularly useful to attackers because it allows them not only to fetch the values of environment variables in the target system but also to freely define the URL and protocol resource for the JNDI network connection." The research can be found here: New Threat Detected: Inside Our Discovery of the Log4j Campaign and Its XMRig Malware

Amit Malik, Director of Threat Research at Uptycs, is sharing their work on "New Threat Detected: Inside Our Discovery of the Log4j Campaign and Its XMRig Malware." The Uptycs Threat Research Team has discovered a large-scale Log4j campaign involving over 1700 IPs, aiming to deploy XMRig cryptominer malware. This ongoing operation was initially detected through the team's honeypot collection, prompting an in-depth analysis of the campaign. The research says "The JNDI plugin is particularly useful to attackers because it allows them not only to fetch the values of environment variables in the target system but also to freely define the URL and protocol resource for the JNDI network connection." The research can be found here: New Threat Detected: Inside Our Discovery of the Log4j Campaign and Its XMRig Malware Learn more about your ad choices. Visit megaphone.fm/adchoices

Episode Topic: Welcome to an insightful episode of PayPod. We get into the evolving landscape of fraud prevention and cybersecurity with Armen Najarian, the Chief Marketing Officer of Sift. The conversation delves into Armen's unique career journey, from opening a coffee shop to becoming a key player in the tech world. They explore how Sift uses AI-powered technology to combat the impact of blockchain technology and online fraud prevention on the industry. Armen shares insights on various types of fraud, including social engineering attacks like pig butchering and romance scams, and how businesses can protect themselves and their customers. Lessons You'll Learn: Listeners will gain a comprehensive understanding of the latest trends and challenges in fraud prevention. Armen Najarian discusses the importance of scalability in fraud detection and how adaptive machine-learning models help keep up with evolving threats. He also highlights the role of blockchain technology in fraud prevention, emphasizing its potential to enhance transparency and trust in financial transactions. Additionally, Armen offers practical advice for consumers on protecting their personal data and maintaining good cybersecurity hygiene. This episode provides valuable knowledge for both industry professionals and everyday users looking to stay informed about cybersecurity and fraud prevention. About Our Guest: Armen Najarian is the Chief Marketing Officer of Sift, a leading company in AI-powered fraud prevention. With a diverse background that includes accounting, entrepreneurship, and a successful transition into the tech industry, Armen brings a wealth of experience to the conversation. At Sift, he oversees marketing and also holds the title of GM of Threat Research, a role that combines his expertise in marketing with his passion for cybersecurity. Armen's journey from running a coffee shop to leading efforts in fraud prevention is both inspiring and informative, offering listeners a unique perspective on the importance of adaptability and continuous learning in one's career. Topics Covered: The episode covers a range of topics, including the significance of blockchain technology and fraud prevention in today's digital landscape. Armen Najarian explains how Sift uses AI and machine learning to detect and prevent fraudulent activities in real time. The discussion also touches on the various forms of social engineering attacks, such as pig butchering and romance scams, highlighting the sophisticated methods used by fraudsters. Other topics include the importance of consumer awareness and the growing need for skilled professionals in the cybersecurity field.

Douglas McKee, Executive Director, Threat Research at SonicWall, recently evaluated the company's telemetry data and found the most widespread network attacks to small businesses (SMBs) today are older vulnerabilities. In light of this data, prioritization is a critically important factor for today's CISOs who are asked to manage and prioritize risk. In this podcast, Douglas will talk about: The Top 5 threats impacting SMBs today and how old they are The methodology used to assemble this data How to prioritize those threats The importance of ongoing patch management The tactics used by attackers How SMBs can better utilize MSPs to help develop a better security posture About SonicWall Capture Labs SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

In honor of Women's History Month, please enjoy this episode of the Palo Alto Networks Unit 42's Threat Vector podcast featuring host David Moulton's discussion with Jacqueline Wudyka about the SEC's Cybersecurity Law. In this episode of Threat Vector, we dive deep into the new SEC cybersecurity regulations that reshape how public companies handle cyber risks. Legal expert and Unit 42 Consultant Jacqueline Wudyka brings a unique perspective on the challenges of defining 'materiality,' the enforcement hurdles, and the impact on the cybersecurity landscape.  Whether you're a cybersecurity professional, legal expert, or just keen on understanding the latest in cyber law, this episode is packed with insights and strategies for navigating this new terrain. Tune in to stay ahead in the world of cybersecurity compliance! If you're interested to learn more about Unit 42's world-class visit https://www.paloaltonetworks.com/unit42 Join the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

In honor of Women's History Month, please enjoy this episode of the Palo Alto Networks' Unit 42 podcast, Threat Vector, featuring David Moulton's discussion with Wendi Whitmore about the evolving threat landscape. In this conversation, David Moulton from Unit 42 discusses the evolving threat landscape with Wendi Whitmore, SVP of Unit 42. Wendi highlights the increasing scale, sophistication, and speed of cyberattacks, with examples like the recent Clop ransomware incident, and emphasizes that attackers, including nation-state actors and cybercriminals, are leveraging AI, particularly generative AI, to operate faster and more effectively, especially in social engineering tactics. To protect against these threats, businesses must focus on speed of response, automated integration of security tools, and operationalized capabilities and processes. The conversation underscores the importance of staying vigilant and leveraging technology to defend against the rapidly changing threat landscape. Theat Group Assessments https://unit42.paloaltonetworks.com/category/threat-briefs-assessments/ Please share your thoughts with us for future Threat Vector segments by taking our ⁠brief survey⁠. Join the conversation on our social media channels: Website: ⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠ Threat Research: ⁠⁠https://unit42.paloaltonetworks.com/⁠⁠ Facebook: ⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠ LinkedIn: ⁠⁠https://www.linkedin.com/company/unit42/⁠⁠ YouTube: ⁠⁠@PaloAltoNetworksUnit42⁠⁠ Twitter: ⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠ About Threat Vector Unit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42's unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape. PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

In this sponsored standalone episode I speak with Ismael Valenzuela, VP of Threat Research and Intelligence at Blackberry Cylance. We discuss: Modern Threat Intelligence The shifting attention of attackers GenAI attacks How defenders are adapting to AI attacks And many other topics Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Fun fact:  There are more vulnerabilities and exploits below the OS layer than above it! CPUs, BIOS, Firmware, embedded Linux, FPGAs, UEFI, PXE...  The list goes on an on.  What are we supposed to do about that? Allan asked Yuriy to come down to the 'Ranch to discuss this issue with him.  Yuriy is CEO at Eclypsium, member of the Forbes Technology Counsel, Founder of the open source CHIPSEC project, former head of Threat Research at McAfee, form Senior Principle Engineer at Intel…  He is uniquely qualified to discuss these issues. Full DISCLAIMER: Allan is CISO at Eclypsium.  Note that he asked Yuriy to come on the show, not the other way around.  Nobody knows this space like Yuriy and his team. Allan asks Yuriy about: The history of CPU exploits Unauthorized code in chips in network gear The various hacks available at this layer The role of SBOM in all this The open source CHIPSEC project It's an eye-opening show to say the least. Y'all be good now!

The current state of cybersecurity and the looming threats warrant serious attention. In this Brand Story episode of "Reflections from 2023", Nadav Avital, Head of Threat Research at Imperva, sheds intriguing light on this cyber landscape.Avital outlines prominent threats of 2023, highlighting the prevalence of distinct attacks such as supply chain and distributed denial of service attacks, and business logic attacks. He emphasizes that, to navigate the evolving threat landscape effectively, it is vital to look backward to look forward.Cyberattacks have presented consequential impacts on organizations, from monetary losses to operational disruption, and even reputational damage. For instance, Avital mentions how ransomware attacks and denial of service attacks have left businesses grappling with restoring systems, ransom payments and downtime, citing examples from real-life scenarios drawn from his observations.Imperva's Threat Research team takes on the monumental task of monitoring, analyzing, and protecting against these cyber threats. They utilize open-source intelligence, deep web resources and data from deployed sensors and customer networks. This multifaceted intelligence gets productized and integrated into Imperva's solutions, ensuring customers can focus on their businesses rather than worrying about cyber threats.However, the battle against cyber threats extends beyond just protective measures. Raising awareness through communication plays a crucial role in helping the broader business and cybersecurity community understand and tackle these threats. The sharing of research findings through various channels such as blogs, newsletters and reports, helps impart invaluable knowledge, equipping readers with the necessary context and understanding of the evolving threat landscape.Imperva's forward-thinking approach in harnessing different intelligence resources to create protective solutions demonstrates their unrivaled expertise in the realm of cybersecurity. As Avital pointed out, it's not solely about using advanced techniques for quality attacks but also about creatively using existing ones.As cyber threats continue to evolve, it's paramount for organizations and cybersecurity professionals to stay abreast of these trends. Resources and research made available by teams like Imperva's Threat Research serve as a goldmine of intelligence information commanding our attention. Make cybersecurity a priority, leverage resources at your disposal and stay a step ahead of threats. Connect with the Imperva Threat Research team and be part of their mission to secure cyberspace. Imperva's journey into innovations and solutions is one worth following and learning from as we continue moving forward in this cyber landscape. Note: This story contains promotional content. Learn more.Guest: Nadav Avital, Head of Threat Research at Imperva [@Imperva]On Linkedin | https://www.linkedin.com/in/nadav-avital-a508244/On YouTube | https://www.youtube.com/channel/UCH5blYEvvzUcWD7ApRVP9YgResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988Imperva Threat Research: https://www.imperva.com/cyber-threat-index/threat-research/Catch more stories from Imperva at https://www.itspmagazine.com/directory/impervaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

As we approach the next season, threat actors will be keeping a close eye on dating apps. These apps have become a prime target for threat actors due to the size of the market expanding to over 300 million users and the rich information stored in these apps.  Today's guests are Jason Kent and Will Glazier. Jason is a hacker-in-residence at Cequence Security. He has a diverse information security, networking, and IT background and a generous level of knowledge for most pieces of the IT spectrum including firewalls, security architecture, security controls, and security infrastructure. Will Glazier is the Head of Threat Research at Cequence Security where they protect some of the world's largest brands from sophisticated bot attacks and threats against the public facing APIs. Will has a background in fraud abuse and prevention as well as building threat intelligence systems.   Show Notes: [1:18] - Jason and Will share their backgrounds and current roles at Cequence Security. [5:24] - As common as scams and fraud are, even Jason and Will have personal experience with them. [7:39] - Dating app attacks are particularly hard because they prey on vulnerable people. There are so many cases, that there should not be shame around talking about it. [9:32] - The first red flag is when someone you are talking to on a dating app tries to get you over to texting or another app. [11:37] - In any given month, the amount of malicious API transactions that Cequence is blocking is in the billions. [13:52] - Fake accounts are constantly made but not as heavily used as taken over accounts. [16:08] - Scammers are now paying for premium accounts to appear more legitimate and the investment pays off when they scam someone. [18:11] - There are tools people can buy to make all accounts look real through automation. [19:29] - It is essential that people in a fraud department can trust the information and push it out to Cequence. [22:04] - Some organizations will pay a ransom to decrease the time wasted and money lost. In their eyes, the money lost to pay the ransom isn't as much. [26:11] - Margins are getting tighter for the bad guys. [30:31] - The infrastructure that scammers use varies. There are some that are really well known at Cequence and some that are more difficult. [32:51] - It is easier to take out one big player than to take out hundreds of small ones. [36:03] - There are human and political pressures that make things more challenging for security. [38:07] - Romance scammers are employing new tactics and switching them up. [39:48] - If you put too much trust in the platform that it makes you trust the random person you're talking to, take a step back. [42:40] - Take a look online for things that have been done by scammers historically, especially if you are new to dating apps. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Cequence Security Website

In this episode, Host Ron Eddings, discusses new tactics of adversaries with Director of Threat Research at Sysdig, Michael Clark. Michael digs into the cloud and shares trends about the AMBERSQUID operation and how to protect yourself from potential container-based threats.   Impactful Moments 00:00 - Welcome 01:20 - Introducing guest Michael Clark 03:09 - Finding AMBERSQUID 06:46 - Mining and Monitoring AWS Services 10:47 - Defending Against AMBERSQUID 14:03 - The Speed of Container-Based Threats 18:13 - The Costs of Freejacking 23:08 - Attribution & The Future Threat 26:30 - CIEMs Like You Have Secrets   Links: Connect with Michael Clark: https://www.linkedin.com/in/michaelclarkinpa/ Check out Sysdig's Threat Research: https://sysdig.com/threat-research/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

In this episode of CISO Tradecraft, host G Mark Hardy talks to Kevin O'Connor, the Director of Threat Research at Adlumin. They discuss the importance of comprehensive cybersecurity for Small to Medium-sized Businesses (SMBs), including law firms and mid-sized banks. The conversation explores the complexities of managing security infrastructures, the role of managed security service providers, and the usefulness of managed detection and response systems. The discussion also delves into the increasing threat of ransomware and the critical importance of managing data vulnerabilities and providing security awareness training. Big Thanks to our Sponsor: Adlumin - https://adlumin.com/ Transcripts: https://docs.google.com/document/d/1V_qkMFdGC4NRLCG-80gcsiSA8ikT8SwP Youtube: https://youtu.be/diCZfWWB3z8   Chapters 00:12 Introduction and Sponsor Message 01:42 Guest Introduction: Kevin O'Connor 02:29 Discussion on Cybersecurity Roles and Challenges 03:20 The Importance of Defense in Cybersecurity 04:23 The Role of Managed Security Services for SMBs 07:26 The Cost and Staffing Challenges of In-House SOCs 14:41 The Value of Managed Security Services for Legal Firms 16:30 The Threat Landscape for Small and Mid-Sized Banks 18:19 The Difference Between Compliance and Security 20:08 Understanding the Reality of Cybersecurity 20:45 The Challenges of Building IT Infrastructure 21:08 Outsourcing vs In-house Security Management 21:55 The Importance of Understanding Your Data 22:43 Security Operations Center vs Security Operations Platform 24:21 The Role of Managed Detection and Response 24:54 The Importance of Quick Response in Security 28:07 The Threat of Ransomware and Data Breaches 34:31 The Role of Pen Testing in Cybersecurity 36:33 The Growing Threat of Ransomware 38:28 The Importance of Security Awareness Training 40:42 The Role of Incident Response and Forensics 42:11 Final Thoughts on Cybersecurity

John Wilson, Senior Fellow, Threat Research at Fortra, joins to discuss email impersonation attacks which found that nearly 99% of these threats can be classified as business email compromise. Dave and Joe share some listener follow up from Terry, who writes in with some comments on episode 262 regarding cybersecurity jargon used. Joe's story comes from a listener this week, this individual writes in sharing the horror story he had to deal with when him and his wife ended up on a target list for scammers. Dave's story follows Elon Musk and Joanna Gaines, co-host of the HGTV show "Fixer Upper," and how they are selling a scam device that claims to lower your electricity bills. Our catch of the day comes from listener William, who writes in sharing an email he received from the"Tampa International Airport Police Department Florida," saying they want to release his fund with the service of DHL Courier Company. Links to the stories: Worst fake "power saver" plug yet Better Business Bureau Elon Musk Energy Saving Device: The Scam You Need to Know About Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Arstechnica is reporting that identity and authentication management provider Okta has been hit by another breach.Deep Instinct's Threat Research team has identified a new campaign from the “MuddyWater” group. Google is warning of multiple threat actors sharing a public proof-of-concept exploit that leverages its Calendar service to host command-and-control infrastructure.BlackBerry Research and Intelligence Team has found a wiper variant that targets Windows systems being deployed by hacktivists in support of Hamas.

Guest: Chloe Messdaghi, Head of Threat Research, Protect AIOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/chloe-messdaghiOn Twitter | https://twitter.com/ChloeMessdaghiOn LinkedIn | https://www.linkedin.com/in/chloemessdaghiOn Instagram | https://www.instagram.com/chloemessdaghi/Website | https://www.securebychloe.com__________________________SponsorsAre you interested in sponsoring an ITSPmagazine Channel?

Guest: Chloe Messdaghi, Head of Threat Research, Protect AIOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/chloe-messdaghiOn Twitter | https://twitter.com/ChloeMessdaghiOn LinkedIn | https://www.linkedin.com/in/chloemessdaghiOn Instagram | https://www.instagram.com/chloemessdaghi/Website | https://www.securebychloe.com__________________________SponsorsAre you interested in sponsoring an ITSPmagazine Channel?

In an era where global spending on cybersecurity solutions is forecasted to surpass $200 billion in 2023, and nearly $300 billion by 2026, the persistence of cyberattacks is a baffling paradox. More perplexing is the fact that phishing attacks constitute more than 90% of these cyber incursions. To dissect the reasons behind this incongruity and chart a viable way forward, I spoke with Max Gannon, Vice President of Threat Research at Cofense, a company that stands at the forefront of anti-phishing solutions. Max Gannon offers an eye-opening perspective that challenges conventional cybersecurity wisdom. He argues that the overreliance on technology to solve phishing problems is a fundamental flaw in how organizations approach security. Despite the sophistication of machine learning algorithms and threat detection systems, technology alone is unable to fully understand the human behaviors and decision-making processes that often lead to successful phishing attacks. This brings us to another pivotal point made by Max: the underestimated value of Security Awareness Training (SAT). In a digital culture where checking boxes often substitutes for comprehensive understanding, SAT programs can sometimes be reduced to a perfunctory exercise. Max emphasizes the necessity of evolving these programs into continuous educational experiences that adapt to ever-changing threat landscapes. Integrating human intelligence into cybersecurity strategy is not just an add-on; it's imperative. According to Max, human intelligence can catch the nuances and intricacies that often evade machine-led security measures. Organizations can leverage both human and machine capabilities with a more foolproof defense mechanism by having a more integrative approach. During our conversation, we also explored the current state of the cyber threat landscape, highlighting the limitations of current email security measures. Max notes that even the most advanced technologies can fall prey to sophisticated social engineering attacks, making up 98% of social engineering attacks according to some statistics. We also delved into the future of cybersecurity, examining potential strategies and solutions that organizations can adopt to stay one step ahead of increasingly inventive and aggressive cyber adversaries. This engaging dialogue with Max Gannon is a conversation and a call to organizations to rethink their cybersecurity strategies. As phishing remains a ubiquitous threat, the insights from Max offer a robust framework for reinforcing organizational cybersecurity measures. I highly recommend tuning into this enlightening discussion to learn how to fortify your defenses in an ever-volatile cyber world.

The Monthly Threat Report by Hornetsecurity brings you monthly insights into M365 security trends, email-based threats, and commentary on current events in the cybersecurity space. This edition of the Monthly Threat Report focuses on data from the month of September 2023.   The cybersecurity landscape is ever-evolving, and this month is no exception. Andy and Umut will be analysing the latest types of email threats. Unsurprisingly, the Entertainment and Mining industries continue to be the bullseye for malicious actors. Over the past 30 days, these sectors have borne the brunt of cyberattacks. Meanwhile, Microsoft remains in the spotlight for all the wrong reasons, as security incidents continue to plague the tech giant. This raises questions about the company's security culture and its ability to safeguard its vast user base.  Tune in for more details!  Timestamps: (2:37) – Email Threat Numbers for the data period.  (4:18) – File Types used for the delivery of malicious payloads.  (7:39) – What are the top targeted industry verticals?  (11:19) – What were the most impersonated brands during the last month?  (21:15) – Microsoft's Continued Security Issues  (31:19) – Vulnerabilities in libwebp  Episode Resources: Full Monthly Threat Report - October 2023 Andy and Paul Discuss Microsoft Security Problems

Tune in to the latest #FortiGuardLabs Outbreak Alert as Watch as #Fortinet's Jonas Walker explains the Agent Tesla Malware Outbreak detailing the Microsoft Office vulnerabilities for exploitation, Spyware used to steal credentials and Telemetries showing active detection and prevention by the FortiGuard services. Learn more in the full Outbreak Alert: https://www.fortiguard.com/outbreak-alert/agent-tesla-malware-attack?utm_source=social&utm_medium=youtube-org&utm_campaign=sprinklr More about FortiGuard Labs: https://www.fortinet.com/fortiguard/labs?utm_source=social&utm_medium=youtube-org&utm_campaign=sprinklr Read the latest in threat research: https://www.fortinet.com/blog/threat-research?utm_source=social&utm_medium=youtube-org&utm_campaign=sprinklr

The Monthly Threat Report by Hornetsecurity brings you monthly insights into M365 security trends, email-based threats, and commentary on current events in the cybersecurity space.  In today's episode with Yvonne Bernard – CTO at Hornetsecurity, we are analyzing data from the month of August 2023.  During the episode, Andy and Yvonne explore the overall threat trends including:   The most common malicious file types used to deliver payloads, with HTML files taking the lead  The decline of malicious PDF and archive files, likely due to the disruption of Qakbot.   The industries that were most targeted over the past month as well as some brands that cybercriminals are impersonating in phishing attacks.  The impact of the FBI's disruption of Qakbot.  The Storm-0558 breach.  A French government agency and a software vendor in the gaming space both had breaches that accounted for the PII of roughly 14 million individuals being stolen by threat actors.  Timestamps: (3:22) – General threat trends for this month's data period  (7:11) – What were the most used file types used for malicious payloads during the data period?  (10:10) – What are the most targeted industries for this data period?  (12:04) – The most impersonated brands from this month's report  (16:52) – Commentary on the FBI's disruption of the Qakbot Botnet  (22:54) – An update on the Microsoft Storm-0558 breach  (33:46) – Data breaches account for 14 million lost records  Episode Resources: Full Monthly Threat Report - September 2023 EP07: A Discussion and Analysis of Qakbot  Security Awareness Service Andy on LinkedIn, Twitter, Mastadon  Yvonne on LinkedIn 

Don Smith is the Vice President of Threat Research at Secureworks. In this episode, he joins host Steve Morgan to discuss CISOs and the boardroom, including what organizations need to know. Secureworks is a leader in cybersecurity providing best-in-class solutions and threat intelligence that reduces risk, optimizes IT and security investments, and fills security team talent gaps. To learn more about our sponsor, visit https://secureworks.com

While generative AI offers powerful tools for cyber defenders, it's also enabled cyber attackers to innovate and up the ante when it comes to threats such as malware, vulnerability exploitation and deep fake phishing. All this and we're still just in the early days of the technology. In this episode, CyberArk Labs' Vice President of Cyber Research Lavi Lazarovitz, discusses with host David Puner the seismic shift generative AI is starting to bring to the threat landscape – diving deep into offensive AI attack scenarios and the implications for cyber defenders. 

Tito: CEO and Founder of HiddenLayer, securing organizations building or using machine learning models Previously VP of Engineering at Qualys Previously Senior Director of Data Science at Agari Previously Director of Threat Research at Cylance when they were hit by a model inference attack back in 2019 Fun fact: The HiddenLayer co-founders have worked together for the last five years! Check out the episode for our conversation about real-world attacks against machine learning models, the current state of AI security capabilities including monitoring and scanning, and the market appetite for this tooling. https://hiddenlayer.com/ https://github.com/Azure/counterfit https://incidentdatabase.ai/