Podcasts about threatlocker

Doug and Rob Allen talk about Identity, EDR, Your Great Aunt Ida Meets some hot firefighters, and more. Segment Resources: Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools: https://thehackernews.com/2026/04/qilin-and-warlock-ransomware-use.html This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-591

Police clean ups SocGholish-infected sites tied to Evil Corp Klue OAuth breach linked to Icarus Salesforce data theft attacks Warner warns of CISA cuts, staffing gaps in letter to acting chief  Get the show notes here: https://cisoseries.com/cybersecurity-news-police-clean-wordpress-sites-klue-oauth-breach-warners-cisa-warnings/ Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now: How do we enable innovation without creating unnecessary risk? That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision. ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do. That's why ThreatLocker is proud to support Cyber Security Headlines. Because security works best when innovation and control move together.  

This week's Department of Know is hosted by Rich Stroffolino, with guests Arif Hameed, CISO, C&R Software; Adam Palmer, CISO, First Hawaiian Bank; Jon Collins, Field CTO, GigaOm; and Jack Leidecker, EVP, CSO, Gainsight. Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now: How do we enable innovation without creating unnecessary risk?   That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision.   ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do.   That's why ThreatLocker is proud to support Cyber Security Headlines. Because security works best when innovation and control move together.

Doug and Rob Allen talk about Identity, EDR, Your Great Aunt Ida Meets some hot firefighters, and more. Segment Resources: Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools: https://thehackernews.com/2026/04/qilin-and-warlock-ransomware-use.html This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/swn-591

Doug and Rob Allen talk about Identity, EDR, Your Great Aunt Ida Meets some hot firefighters, and more. Segment Resources: Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools: https://thehackernews.com/2026/04/qilin-and-warlock-ransomware-use.html This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-591

Doug and Rob Allen talk about Identity, EDR, Your Great Aunt Ida Meets some hot firefighters, and more. Segment Resources: Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools: https://thehackernews.com/2026/04/qilin-and-warlock-ransomware-use.html This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/swn-591

Anthropic tells G7 to cooperate Fortinet VPN leak exposes credentials Crypto Clipper abuses reviews, narrators, and comments Get the show notes here: https://cisoseries.com/cybersecurity-news-anthropic-tells-g7-to-cooperate-fortinet-vpn-leak-exposes-credentials-crypto-clipper-abuses-reviews/ Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now: How do we enable innovation without creating unnecessary risk? That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision. ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do. That's why ThreatLocker is proud to support Cyber Security Headlines. Because security works best when innovation and control move together.  

Athena coalition looks to secure open source Estonia to quarantine Russian email domains Malicious package wave hits Arch Linux Get the show notes here: https://cisoseries.com/cybersecurity-news-athena-coalition-estonias-quarantine-arch-hit-with-malware/  Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now: How do we enable innovation without creating unnecessary risk? That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision. ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do. That's why ThreatLocker is proud to support Cyber Security Headlines. Because security works best when innovation and control move together.  

On the Tech for Business podcast, Collin (Manager of Solutions Engineering at ThreatLocker) and Nate (Director of Cybersecurity at CIT) discuss how to build cybersecurity awareness and secure habits earlier—especially in K–12 and universities—based on Colin's dark web presentations showing frequent compromises in education. They explore generational shifts as kids adopt internet-connected devices earlier, the need to normalize fundamentals like password management, passphrases, password managers, and MFA/2FA (even for gaming accounts), and the growing importance of social engineering and spotting AI deepfakes. The group debates who should own curriculum standards, notes North Dakota's requirement for at least one computer science or cybersecurity course to graduate, and considers “digital citizenship,” parent responsibility, and the role of schools, industry, and regulation. They also discuss improving workplace onboarding and training through better access controls and aptitude-based, personalized education.00:00 Meet the Guests00:46 Why Youth Cyber Matters03:53 Campus Reality Check05:56 Kids Tech Skills Gap08:33 Gaming as Security Hook10:51 Curriculum Needs Updating13:26 Digital Citizenship Debate15:12 Parents Schools and Equity17:34 Regulation and Age Checks21:45 Core Fundamentals to Teach22:18 Passphrases Basics22:40 Deepfakes And Social Engineering24:26 Social Media Risks For Kids25:53 Spotting Tech Skill Gaps27:25 Curiosity As A Tech Signal28:42 Parenting Misinformation Lessons30:23 Rethinking Security Training33:17 Tools Over Awareness Alone36:15 Aptitude Tests And Personalization40:24 Curriculum And Who Decides41:08 Big Tech Shaping Education43:51 Wrap Up And Next Episode

Cyber leaders defend Anthropic's banned models FBI disrupts massive phishing service 1Password acquires Apono Get the show notes here: https://cisoseries.com/cybersecurity-news-anthropic-models-defended-massive-phishing-service-shuttered-1password-acquires-apono/ Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now: How do we enable innovation without creating unnecessary risk? That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision. ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do. That's why ThreatLocker is proud to support Cyber Security Headlines. Because security works best when innovation and control move together.  

Feds require Anthropic to ban 'foreign national' access to Fable, Mythos Maine disables data breach notification portal after fake disclosures ShinyHunters extorts universities through exploiting an unpatched Oracle flaw Get the show notes here: Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now: How do we enable innovation without creating unnecessary risk? That's the challenge behind cloud adoption. Behind AI. Behind automation. And behind every major technology decision. ThreatLocker helps organizations take a Zero Trust approach to that challenge—giving them greater control over what can execute, what can access their environment, and what users and applications are allowed to do. That's why ThreatLocker is proud to support Cyber Security Headlines. Because security works best when innovation and control move together.  

ThreatLocker's APAC director of operations, Emile Barakat, joins Cyber Daily's David Hollingworth to discuss what makes the Essential Eight so essential, the federal government's budget spend on cyber security, and the Australian outlook on cyber crime and why it happens here. This week on the Cyber Uncut podcast, Cyber Daily deputy editor David Hollingworth speaks with Emile Barakat, the head of cyber security firm ThreatLocker's operations in the Asia-Pacific region. ThreatLocker – and its boss, Danny Jenkins – is a big fan of Australia's Essential Eight cyber security standard, but what really makes that tick, and why is it so important? The pair discuss just why it's one of the gold standards of cyber protection and why other countries should take note. Then it's time to consider this year's budget and the role of government in securing businesses, economies, and consumers in a world of growing cyber threats. Finally, Hollingworth and Barakat get to grips with the local threat landscape and the human challenges of cyber security. "Typically, an organisation will run security awareness training every quarter. Some will do it less frequently, unfortunately," Barakat says. "Even with that training, you'll see compromises and, at times, the same employees make the same mistakes." Enjoy, The Cyber Uncut team

ThreatLocker's APAC director of operations, Emile Barakat, joins Cyber Daily's David Hollingworth to discuss what makes the Essential Eight so essential, the federal government's budget spend on cyber security, and the Australian outlook on cyber crime and why it happens here. This week on the Cyber Uncut podcast, Cyber Daily deputy editor David Hollingworth speaks with Emile Barakat, the head of cyber security firm ThreatLocker's operations in the Asia-Pacific region. ThreatLocker – and its boss, Danny Jenkins – is a big fan of Australia's Essential Eight cyber security standard, but what really makes that tick, and why is it so important? The pair discuss just why it's one of the gold standards of cyber protection and why other countries should take note. Then it's time to consider this year's budget and the role of government in securing businesses, economies, and consumers in a world of growing cyber threats. Finally, Hollingworth and Barakat get to grips with the local threat landscape and the human challenges of cyber security. "Typically, an organisation will run security awareness training every quarter. Some will do it less frequently, unfortunately," Barakat says. "Even with that training, you'll see compromises and, at times, the same employees make the same mistakes." Enjoy, The Cyber Uncut team  

All links and images can be found on CISO Series This week's episode is hosted by David Spark, producer of CISO Series and Andy Ellis, principal of Duha. Joining is our sponsored guest, Danny Jenkins, CEO, ThreatLocker. In this episode: Permission creep at machine speed The pattern we keep calling a mistake Stop authenticating the human Vibe coded out of existence A huge thanks to our sponsor, ThreatLocker ThreatLocker delivers Zero Trust Network Access and Zero Trust Cloud Access that verifies both user and device before granting access to specific applications. No broad access, nothing exposed, and no reliance on credentials alone. It's a smarter way to control access and reduce risk. Learn more at ThreatLocker.com/CISO.

Show Summary:    Mudita Khurana — Tech Lead at Airbnb and the person who always says, “I got this” No Password Required Season 7: Episode 6 - Mudita Khurana   Mudita Khurana is a Tech Lead for Automated Tooling and Vulnerability Management at Airbnb, where she focuses on building modular, scalable security systems in an era of rapidly evolving AI threats. Before Airbnb, she spent nearly a decade in security roles across Accenture, Meta, and PwC, making bold career pivots along the way, including turning down a PwC return offer to join Facebook's product security team. In this episode, Mudita shares her journey from a family of doctors in India to Carnegie Mellon and into the heart of Big Tech security. She discusses what it means to thrive as a non-traditional engineer in a deeply technical field, why she stepped back from management to get closer to the work, and how she thinks about building security tooling that won't be obsolete in three months. Jack Clabby and co-host Kayley Melton, recording live from Tampa B-Sides at the University of South Florida, talk with Mudita about imposter syndrome, AI's curveballs for security teams, leadership without a leadership title, and the importance of community in staying on top of a field that never stops moving. She also reflects on what great mentorship looks like early in a career and why clarity, ownership, and consistency are the leadership qualities she keeps coming back to. In the Lifestyle Polygraph, Mudita firmly plants her flag in the Harry Potter universe as Hermione, explains why Deadpool doesn't qualify as a superhero, debates gym vs. nature as a reset strategy, and reveals her dream remote work base: a high-altitude Buddhist mountain town in the Himalayas.   Follow Mudita on LinkedIn: https://www.linkedin.com/in/muditakhurana/     In this episode: Mudita shares her unconventional path into cybersecurity, highlighting the importance of mentorship and curiosity (0:25 - 1:37) The significance of mentorship, especially Vandana Verma, in her career development (2:26 - 4:00) Transition from management to technical IC roles and why staying close to technical work matters (9:29 - 10:23) The influence of her education at Carnegie Mellon and how it broadened her problem-solving skills (6:23 - 7:41) Navigating imposter syndrome and embracing challenges as growth opportunities (3:26 - 5:29) How AI is changing cybersecurity strategies—building modular, layered systems for agility (15:31 - 16:26) The importance of community, trust, and consensus in cybersecurity decision-making (17:06 - 17:47) Mudita's favorite places for remote work and balancing planning with spontaneity in travel (23:01 - 24:13) Her personal approach to wellness, exercise, and resets during busy days (21:32 - 22:36) Her unique perspective on superhero characters, favorite places, and cultural roots (18:54 - 19:36, 25:19 - 26:21) Timestamp Highlights: (00:25) Mudita's 10-year journey into cybersecurity starting from India (02:26) Mentorship's critical role in her growth and her admiration for Vandana Verma (09:29) Transition from management back to technical roles and why staying close to the work matters (15:31) How AI fosters layered, modular security systems for faster adaptation (17:06) The importance of community and trusted information sources in security (21:32) Reset routines—gym versus nature hikes—and staying grounded during busy days (25:19) Leh, Ladakh: Mudita's ideal remote work location nestled in Himalayan beauty Resources & Links: Vandana Verma - Influential mentor in cybersecurity ThreatLocker - Supporter of this podcast Cyber Florida – The Mother Ship

This week, hosts of N2K CyberWire ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ alongside ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are discussing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. They're also joined by special guest Kieran Human, Lead Cybersecurity Engineer at ThreatLocker . Dave's story is on an FBI warning that the Silent Ransom Group is escalating its extortion tactics by combining phishing and fake IT support calls with in-person visits, where attackers may physically enter offices to plug malicious devices into company computers. Joe's story is on a listener-submitted case from Australia where attackers used a phishing email to silently install legitimate remote-access software, hijack a dental practice's email system, and launch a large-scale phishing campaign that bypassed many traditional security controls. Maria's story is on a California mother who lost $5,000 after scammers used what appeared to be her daughter's voice in a fake kidnapping call, highlighting the growing threat of AI-powered voice cloning scams. Our Catch of the Day comes from a text scam that took an unexpected turn when the recipient fired back with a response the scammer definitely wasn't prepared for. Resources and links to stories: FBI warns of in-person data theft attacks from extortion gang California Mom Loses More Than $5,000 in Voice Scam After Receiving Fake Call from Her Daughter Alleging She Was Kidnapped ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

All links and images can be found on CISO Series We think of cybersecurity as a discipline. But when do ideas like best practices and NIST frameworks change into a system of belief? Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Davi Ottenheimer, principal, Flying Penguin. Joining is Joshua Copeland, director of security, Crescendo. In this episode: Tools, not religion The case for structured discipline The management problem underneath Fix the damn holes A huge thanks to our sponsor, ThreatLocker ThreatLocker delivers Zero Trust Network Access and Zero Trust Cloud Access that verifies both user and device before granting access to specific applications. No broad access, nothing exposed, and no reliance on credentials alone. It's a smarter way to control access and reduce risk. Learn more at ThreatLocker.com/CISO.

It started with a fake car listing on eBay.What looked like a simple online scam quietly grew, over more than a decade, into one of the most sophisticated cybercrime operations the FBI had ever traced. Custom malware. Opsec off the charts. Fleets of infected computers mining cryptocurrency for someone else. Millions of dollars siphoned from victims who had no idea.This is the story of Bayrob and the three men from Romanian who were behind it. And the long, strange road that led American investigators to their door.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This show is sponsored by Meter, the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that's built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com.This show is sponsored by Maze. Maze uses AI agents to triage and remediate cloud vulnerabilities by figuring out what's actually exploitable, not just what's theoretically risky. They remove the noise, prioritize vulns that matter, and manage remediation, so your team stops wasting time on meaningless vulns. Visit MazeHQ.com/darknet for more information.Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more.This episode is sponsored by Chainguard. Chainguard builds container images the right way — minimal, hardened, and built from source every single day. We're talking images with zero known CVEs, designed from the ground up for production. No bloat. No mystery packages. No 2 a.m. patching marathons because some transitive dependency lit up your dashboard. Stop patching images that are insecure. Start shipping clean. Head to chainguard.dev to see how secure your software supply chain can really be.

Interview with Rob Allen from Threatlocker This week, Rob Allen from Threatlocker is with us to discuss the importance of EDR and MDR visibility. We discuss some real world attacks and anecdotes where EDR was able to save the day when threats were missed by other controls. Topic: Do the basics, they said. Easier said than done. Guillaume and Adrian discuss the futility of attempting to do all the foundational work standards, best practices, and regulations expect of organizations. Adrian has given up. Fortunately, Guillaume has some excellent advice and hope to share on this front. The weekly enterprise news Finally, in the enterprise security news, a really interesting vibe check funding acquisitions the verizon DBIR we give a tutorial on how to leak AWS keys on github OH NEVERMIND, SOMEONE AT CISA ALREADY MADE THE TUTORIAL agents versus agents exploitbench the vulnpocalypse robot dogs are SO EASY to take out, we don't need to be too scared of them yet All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-460

Interview with Rob Allen from Threatlocker This week, Rob Allen from Threatlocker is with us to discuss the importance of EDR and MDR visibility. We discuss some real world attacks and anecdotes where EDR was able to save the day when threats were missed by other controls. Topic: Do the basics, they said. Easier said than done. Guillaume and Adrian discuss the futility of attempting to do all the foundational work standards, best practices, and regulations expect of organizations. Adrian has given up. Fortunately, Guillaume has some excellent advice and hope to share on this front. The weekly enterprise news Finally, in the enterprise security news, a really interesting vibe check funding acquisitions the verizon DBIR we give a tutorial on how to leak AWS keys on github OH NEVERMIND, SOMEONE AT CISA ALREADY MADE THE TUTORIAL agents versus agents exploitbench the vulnpocalypse robot dogs are SO EASY to take out, we don't need to be too scared of them yet All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-460

Interview with Rob Allen from Threatlocker This week, Rob Allen from Threatlocker is with us to discuss the importance of EDR and MDR visibility. We discuss some real world attacks and anecdotes where EDR was able to save the day when threats were missed by other controls. Topic: Do the basics, they said. Easier said than done. Guillaume and Adrian discuss the futility of attempting to do all the foundational work standards, best practices, and regulations expect of organizations. Adrian has given up. Fortunately, Guillaume has some excellent advice and hope to share on this front. The weekly enterprise news Finally, in the enterprise security news, a really interesting vibe check funding acquisitions the verizon DBIR we give a tutorial on how to leak AWS keys on github OH NEVERMIND, SOMEONE AT CISA ALREADY MADE THE TUTORIAL agents versus agents exploitbench the vulnpocalypse robot dogs are SO EASY to take out, we don't need to be too scared of them yet All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-460

Interview with Rob Allen from Threatlocker This week, Rob Allen from Threatlocker is with us to discuss the importance of EDR and MDR visibility. We discuss some real world attacks and anecdotes where EDR was able to save the day when threats were missed by other controls. Topic: Do the basics, they said. Easier said than done. Guillaume and Adrian discuss the futility of attempting to do all the foundational work standards, best practices, and regulations expect of organizations. Adrian has given up. Fortunately, Guillaume has some excellent advice and hope to share on this front. The weekly enterprise news Finally, in the enterprise security news, a really interesting vibe check funding acquisitions the verizon DBIR we give a tutorial on how to leak AWS keys on github OH NEVERMIND, SOMEONE AT CISA ALREADY MADE THE TUTORIAL agents versus agents exploitbench the vulnpocalypse robot dogs are SO EASY to take out, we don't need to be too scared of them yet All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-460

Cisco issues 10.0 Secure Workload admin flaw warning Spammers abuse internal Microsoftonline account Google's surge in Chrome vulnerability announcements Get the show notes here: https://cisoseries.com/cybersecurity-news-ciscos-10-0-vulnerability-microsoft-email-spammed-chrome-vulnerability-surge/ Thanks to our episode sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

This week's Department of Know is hosted by Rich Stroffolino, with guests Kathleen Mullin, former CISO, MyCareGorithm, and Nick Espinosa, host, Deep Dive Radio Show. Missed the live show? Check it out on YouTube. The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com. Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.  

GitHub breach via VS Code extension Shai-Hulud wave compromises 600 npm packages Huawei attack behind Luxembourg telecom crash Get the show notes here: https://cisoseries.com/cybersecurity-news-github-vs-code-extension-breach-shai-hulud-npm-package-compromise-huawei-luxembourg-telecom-link/ Thanks to our episode sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-448

Microsoft disrupts malware-signing-as-a-service Critical flaw found in industrial robot OS CISA admin leaks keys Get the show notes here: https://cisoseries.com/cybersecurity-news-microsoft-hits-fox-tempest-robotics-os-flaw-cisa-admins-leaks-keys/  Thanks to our episode sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Show Notes: https://securityweekly.com/bsw-448

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-448

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Show Notes: https://securityweekly.com/bsw-448

Linus Torvalds not into AI bug hunters 7-Eleven hit with ransom demand MENA runs new cybercrime op Get the show notes here: https://cisoseries.com/cybersecurity-news-linus-torvalds-talks-ai-bug-hunters-7-eleven-ransom-demand-menas-new-cybercrime-op/ Thanks to our episode sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

Grafana GitHub token breach leads to extortion attempt Microsoft rejects Azure vulnerability report, researcher disputes decision Funnel Builder flaw actively exploited to steal payment data Get the show notes here: https://cisoseries.com/cybersecurity-news-grafan-github-extortion-microsoft-rejects-azure-report-funnel-builder-flaw/ Thanks to our episode sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

ThreatLocker takes an opinionated approach to Zero Trust. The company, our sponsor for today’s episode, starts with application control. It uses endpoint software that runs on PCs and servers to allow or deny applications to run. It can also monitor and control the behavior of allowed applications. ThreatLocker has extended its platform to include network... Read more »

All links and images can be found on CISO Series This week's episode is hosted by David Spark, producer of CISO Series and Mike Johnson, CISO, Rivian. Joining is Jean-Paul Calabio, vp and CISO, Grainger. In this episode: Scanning the map isn't securing the territory CFOs don't fund faith What your AI inherits Nobody owns the gap Thanks to Jonathan Waldrop, CISO, Acoustic for providing our "What's Worse" scenario. A huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

If you have to ditch your entire appsec strategy because you expect 2026 to bring more vulns more quickly, then you probably didn't have a good strategy in the first place. Rob Allen shares how the mentality of "assume breach" doesn't have to be a defeatist attitude and can instead be a way to change a catastrophic breach into a more contained one. We also talk about proactive security and what an "avoid breach" attitude could look like, including how to apply the macro lessons of default deny and network isolation to writing secure code. Resources https://www.threatlocker.com/blog/the-claude-mythos-preview-proves-now-is-the-time-for-zero-trust?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=claudemythosaswq226&utmcontent=claudemythosasw-&utm_term=podcast https://www.threatlocker.com/capabilities/zero-trust-network-access?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=ztnaq226&utmcontent=ztna-&utm_term=podcast https://www.threatlocker.com/capabilities/zero-trust-cloud-access?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=ztcaq226&utmcontent=ztca-&utm_term=podcast This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-382

ThreatLocker takes an opinionated approach to Zero Trust. The company, our sponsor for today’s episode, starts with application control. It uses endpoint software that runs on PCs and servers to allow or deny applications to run. It can also monitor and control the behavior of allowed applications. ThreatLocker has extended its platform to include network... Read more »

If you have to ditch your entire appsec strategy because you expect 2026 to bring more vulns more quickly, then you probably didn't have a good strategy in the first place. Rob Allen shares how the mentality of "assume breach" doesn't have to be a defeatist attitude and can instead be a way to change a catastrophic breach into a more contained one. We also talk about proactive security and what an "avoid breach" attitude could look like, including how to apply the macro lessons of default deny and network isolation to writing secure code. Resources https://www.threatlocker.com/blog/the-claude-mythos-preview-proves-now-is-the-time-for-zero-trust?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=claudemythosaswq226&utmcontent=claudemythosasw-&utm_term=podcast https://www.threatlocker.com/capabilities/zero-trust-network-access?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=ztnaq226&utmcontent=ztna-&utm_term=podcast https://www.threatlocker.com/capabilities/zero-trust-cloud-access?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=ztcaq226&utmcontent=ztca-&utm_term=podcast This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/asw-382

If you have to ditch your entire appsec strategy because you expect 2026 to bring more vulns more quickly, then you probably didn't have a good strategy in the first place. Rob Allen shares how the mentality of "assume breach" doesn't have to be a defeatist attitude and can instead be a way to change a catastrophic breach into a more contained one. We also talk about proactive security and what an "avoid breach" attitude could look like, including how to apply the macro lessons of default deny and network isolation to writing secure code. Resources https://www.threatlocker.com/blog/the-claude-mythos-preview-proves-now-is-the-time-for-zero-trust?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=claudemythosaswq226&utmcontent=claudemythosasw-&utm_term=podcast https://www.threatlocker.com/capabilities/zero-trust-network-access?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=ztnaq226&utmcontent=ztna-&utm_term=podcast https://www.threatlocker.com/capabilities/zero-trust-cloud-access?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=ztcaq226&utmcontent=ztca-&utm_term=podcast This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-382

No Password Required: No Password Required: Next Gen - Ep. 2 - Tim Kircher From Freshman Stress to Cyber Success:  Formula 1, Pickleball, and hacking in Real life In this episode of No Password Required: Next Gen, Yazzel Corona interviews Tim Kircher, a cybersecurity student at USF and member of the Security Operations Center Apprenticeship Program at Cyber Florida. Tim shares how his fascination with technology first sparked his interest in cybersecurity. From networking advice and navigating the chaos of a cybersecurity education,  Tim keeps it real, giving us all the tips about what it takes to get started successfully in the field. He talks about why communication skills matter just as much as technical ability in the age of AI and automation, and how taking things “one day at a time” helped shape his journey. Outside of cyber mode, Tim is a huge pickleball and Formula 1 fan, leading to fun conversations about cyber pit crews, movie hacking scenes, and why Mercedes would absolutely be his dream team. From defensive cyber operations to teamwork and leadership, Tim's story is all about staying curious, building connections, and finding your path in cybersecurity. Follow Tim on LinkedIn: https://www.linkedin.com/in/tim-kircher/ Chapters:  00:00 — Introduction 00:30 — Discovering Cybersecurity   00:54 — Advice for Freshman Cybersecurity Students   01:47 — Formula 1 & Cybersecurity 02:10 — Which F1 Team Would Be Vulnerable?   02:28 — Building the Ultimate Cybersecurity Pit Crew 03:01 — Hollywood Hacking vs. Real-Life Hacking 03:22 — Final Advice for Future Cybersecurity Professionals 04:01 — Toasting to the Future Follow Tim on LinkedIn: https://www.linkedin.com/in/tim-kircher/ Presented by ThreatLocker

Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that work Hacking trains and getting arrested You can be an adult if you have a mustache cPanel is being exploited Pro-Iran group takes down Ubuntu Anthropic's new security solution Safe AI Agents and other lies People still use screensavers? CISA and operating for weeks or months in isolation Paramiko issues fixes Find security research Copy/Fail and AI slop debate ESP32 simulator Spotting vibe coded malware Fast16 - Stuxnet before Stuxnet Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-925

All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Rob Allen. In this episode: The vulnerable stack Changing the structural economics Change the terrain The cost-benefit equation A huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that work Hacking trains and getting arrested You can be an adult if you have a mustache cPanel is being exploited Pro-Iran group takes down Ubuntu Anthropic's new security solution Safe AI Agents and other lies People still use screensavers? CISA and operating for weeks or months in isolation Paramiko issues fixes Find security research Copy/Fail and AI slop debate ESP32 simulator Spotting vibe coded malware Fast16 - Stuxnet before Stuxnet Show Notes: https://securityweekly.com/psw-925

Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that work Hacking trains and getting arrested You can be an adult if you have a mustache cPanel is being exploited Pro-Iran group takes down Ubuntu Anthropic's new security solution Safe AI Agents and other lies People still use screensavers? CISA and operating for weeks or months in isolation Paramiko issues fixes Find security research Copy/Fail and AI slop debate ESP32 simulator Spotting vibe coded malware Fast16 - Stuxnet before Stuxnet Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-925

For six years, Sophos fought a secret cyber war against a state-backed hacking group targeting its firewalls. This forced Sophos to drastically change tactics to properly secure their firewalls.Was it ethical? Was it effective? They disrupted nine zero-day attacks, exposed who was hacking them, and forced the hackers to change tactics. But at what cost?You have to listen to one of the most audacious corporate cyber defenses ever conducted.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This show is sponsored by Meter, the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that's built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com.Support for this show comes from Drata. Drata is the trust management platform that uses AI-driven automation to modernize governance, risk, and compliance, helping thousands of businesses stay audit-ready and scale securely. Learn more at drata.com/darknetdiaries.Sources https://news.sophos.com/en-us/2024/10/31/pacific-rim-timeline/ https://www.justice.gov/archives/opa/pr/seven-hackers-associated-chinese-government-charged-computer-intrusions-targeting-perceived https://www.fbi.gov/wanted/cyber/guan-tianfeng

All links and images can be found on CISO Series This week's episode is hosted by David Spark, producer of CISO Series and Michelle Wilson, CISO, Movement Mortgage. Joining is sponsored guest Rob Allen, chief product officer, ThreatLocker. This show was recorded in front of a live audience at ThreatLocker's conference, Zero Trust World 2026. In this episode: Risk as a daily habit AI agents talking to AI agents The code on the lock Words that shape decisions A huge thanks to our sponsor, ThreatLocker ThreatLocker makes Zero Trust practical. With Default Deny, Ringfencing, and Elevation Control, CISOs get real control that's easy to manage and built to scale. Stop threats before they execute and reduce operational noise without adding complexity. See how simple prevention can be at ThreatLocker.com/CISO.

In the streets of the Dominican Republic, a new economy thrives in the shadows. It's built not on tourism or sugar, but on stolen data. They call them tarjeteros. And they are making a lot of money from stolen credit cards. This is a story about one group of tarjeteros who came to the US, and let loose on New York city.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This show is sponsored by Maze. Maze uses AI agents to triage and remediate cloud vulnerabilities by figuring out what's actually exploitable, not just what's theoretically risky. They remove the noise, prioritize vulns that matter, and manage remediation, so your team stops wasting time on meaningless vulns. Visit MazeHQ.com/darknet for more information.Support for this show comes from Privacy.com. Privacy allows you to create anonymous debit cards instantly to use for online shopping. Visit privacy.com/darknet to get a special offer.

NIST struggles with an NVD backlog. Cisco and Splunk ship critical patches. Researchers flag a systemic flaw in Anthropic's MCP. ShinyHunters leak 13.5 million McGraw Hill accounts. Cargo theft goes cyber. A Tennessee hospital breach hits 337,000 patients. Two Americans are sentenced in a North Korean fake-IT-worker scheme. Our guest is Rob Allen, Chief Product Officer at ThreatLocker, describing security gaps addressed by zero trust. OpenAI lets security teams take off the training wheels.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment we are joined by Rob Allen, Chief Product Officer at ThreatLocker, security gaps addressed by zero trust. If you enjoyed this conversation check out the full interview here. Selected Reading NIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities (Infosecurity Magazine) Cisco says critical Webex Services flaw requires customer action (Bleeping Computer) Splunk Enterprise Update Patches Code Execution Vulnerability (SecurityWeek) Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads (Infosecurity Magazine) Data breach at edtech giant McGraw Hill affects 13.5 million accounts (Bleeping Computer) Freight Hacker Wields Code-Signing Service to Evade Defenses (GovInfo Security) Data Breach at Tennessee Hospital Affects 337,000 (SecurityWeek) US nationals behind DPRK IT worker 'laptop farm' sent to prison (Bleeping Computer) OpenAI Launches GPT-5.4 Cyber And It's Built Specifically for Defenders (TechGlow) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

What if there was a device which gave you endless movies and TV shows without ads? Ok great sign me up! In this episode we interview “D3ada55”, who found such a device, but as she gazed into it, she discovered it gazing back at her.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This episode is sponsored by Meter, the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that's built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com.This episode is sponsored by Exaforce. Exaforce was created to handle the complete security operations workflow - detect, triage, investigate, respond. Exabots autonomously manage every stage, eliminating gaps between alert and action that slow down traditional security operations. And how it works is simple too: the exabots ingest all security data and then semantically connects it to understand the full context of security events and how they relate to each other. Learn more at exaforce.com/darknet-diaries.

Bill Thompson is a retired U.S. Army Chief Warrant Officer and the founder and CEO of Spartan Forge, a company that develops AI-powered mapping and predictive tools for hunting.www.youtube.com/@spartanforgeaiwww.spartanforge.ai Perplexity: Download the app or ask Perplexity anything at https://pplx.ai/rogan. Visit https://ketone.com/Rogan for 30% OFF, or find Ketone-IQ at Target nationwide. Visit https://ThreatLocker.com/JRE to learn more Learn more about your ad choices. Visit podcastchoices.com/adchoices

Michael Jai White is an actor, director, writer, and martial artist. His latest film, “Oscar Shaw,” is available to stream on digital platforms.www.youtube.com/@RealMichaelJaiWhitewww.patreon.com/MichaelJaiWhitewww.michaeljaiwhite.com Perplexity: Download the app or ask Perplexity anything at https://pplx.ai/rogan. Visit https://ThreatLocker.com/JRE to learn more Learn more about your ad choices. Visit podcastchoices.com/adchoices